Re: [openpgp] PGP/MIME message mangling
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 24 May 2019 03:31 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BD7B120108 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 20:31:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=G/OpJD63; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=r+WVGG1f
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TXshTix00dG6 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 20:31:08 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CA0E1200E6 for <openpgp@ietf.org>; Thu, 23 May 2019 20:31:07 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1558668666; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=1RiLGuheVyK9zCW72lYdjO+gOIiOME1UizRVe8lcsKc=; b=G/OpJD63yoCNQhFti8qUoXVZo/KJPLssJAzZdzbRCxxMQQxN+EJ1LDEc KuCtYgY6dG4yeyQ13thXV1STk88pCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1558668666; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=1RiLGuheVyK9zCW72lYdjO+gOIiOME1UizRVe8lcsKc=; b=r+WVGG1fmiYOVdXxLTyNAC+CqacAG1SZUAi1JmOk3zV6I8oaErdQCDLj arI/TtcfgANwSSMbKECIPZ093Gtf2Z9vjo1TbUGg9WLEA7dY4AlDOTJmXX vr67ylAUPY86m4UO5xIYJy97kBiXk0hRAHMPsXXpfO0RXPXQg8xPYjl3wq yGV771ZZ2zZXQxzygAxDv7Zl8l5Zw38wRJvHDnDjpLsipT7ZrQBgHsw4zT hiR1ChWcNQPxoutGWIrDv7wFNfT5Ia6owJG7aC68TQhGCXjjgxy8hDgsM6 7pAv1tndk0cL+eRpeJoXD7KwEnslDkq+fFFMvWIqQmjCmP+BCTGb6w==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id D3E6AF99F; Thu, 23 May 2019 23:31:05 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 0C1A22076C; Thu, 23 May 2019 23:30:57 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Albrecht Dreß <albrecht.dress@arcor.de>, openpgp@ietf.org
In-Reply-To: <CHLTLFPH.TL5TCWHM.LCNOWPQQ@S45ASV2L.XI727DVU.G2JBJDE2>
References: <CHLTLFPH.TL5TCWHM.LCNOWPQQ@S45ASV2L.XI727DVU.G2JBJDE2>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Thu, 23 May 2019 23:30:56 -0400
Message-ID: <87pno85y1b.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/wD8aB_rH4hbN2skdB-_tC0yAWOU>
Subject: Re: [openpgp] PGP/MIME message mangling
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 03:31:10 -0000
On Thu 2019-05-23 19:36:34 +0200, Albrecht Dreß wrote: > For multipart/signed, the signature may be broken by MTA (and POP3) > transactions if any line in the data stream starts with a period (“.”, > ASCII 0x2e) character. In this case, RFC 5321, Sect. 4.5.2 and RFC > 1939, Sect. 3, require that the period is doubled for the > transmission, which the receiving party shall remove. If it fails to > do so, obviously the signature is broken. The workaround is to just > remove the extra period. > > Actually, a message I sent to this list > (<https://mailarchive.ietf.org/arch/msg/openpgp/SKclvRGw9kan13GSsP66NlHHKEc>) > reached my mailbox with /exactly/ this error – in the line containing > “[…]RFC 3156, sect. 5 states that[…]” the period has been doubled. I > verified with some test messages that neither my provider's MTA nor my > POP client produces the issue… Thanks, Albrecht! This is exactly the kind of stuff I'm looking for. I've just added a "Doubled Dots" subsection to the draft at https://gitlab.com/dkg/draft-openpgp-pgpmime-message-mangling that is a copy of the first paragraph above as a placeholder, and a sample clearsigned message with and without the mangling applied. If you are up for proposing more detailed text, i'd be happy to take recommendations, either as git merge requests or here on the mailing list. I think the remediation you proposed needs to be fleshed out a little bit for robustness, though -- for example, you don't want to just remove double-dots on every message that contains them. You only want to try removing doubled dots if you find them in the message *and* the message signature does not validate. Then you can try validating the message with the doubled dots removed, and if so, use the repaired message. Thinking with an implementer's hat on, and the worst-case scenario paranoia that goes with it, i wonder how many iterations one should try to apply such a repair operation before giving up and accepting that the message doesn't have a good signature? --dkg
- [openpgp] PGP/MIME message mangling Daniel Kahn Gillmor
- Re: [openpgp] PGP/MIME message mangling Albrecht Dreß
- Re: [openpgp] PGP/MIME message mangling Daniel Kahn Gillmor