Re: [openpgp] A way to securely define cleartext signature charset

[Andre Heinecke <aheinecke@intevation.de>]

Hi Jon, Neil,

thanks for your comments!

On Monday, September 10, 2018 4:53:03 PM CEST Jon Callas wrote:
> > On Sep 10, 2018, at 11:23 AM, Neil Hunsperger 
<Neil_Hunsperger=40symantec.com@dmarc.ietf.org> wrote:
> > I'll add a data point. Some years back, the PGP Desktop product added an 
unsigned "Charset" header to its ASCII armor. The result looked like this:

That would also be an option. I don't prefer it because it would be unsigned 
but it would already help with usability issues.

> And for what it’s worth, section 6.2 of RFC 4880 says:
> 
>      - "Charset", a description of the character set that the plaintext
>      is in.  Please note that OpenPGP defines text to be in UTF-8.  An
>       implementation will get best results by translating into and out
>      of UTF-8.  However, there are many instances where this is easier
>       said than done.  Also, there are communities of users who have no
>       need for UTF-8 because they are all happy with a character set
>       like ISO Latin-5 or a Japanese character set.  In such instances,
>       an implementation MAY override the UTF-8 default by using this
>       header key.  An implementation MAY implement this key and any
>       translations it cares to; an implementation MAY ignore it and
>       assume all text is UTF-8.

There is indeed very little definition in this section,...

>  However, there are many instances where this is easier
>  said than done. 

And that is the problem. E.g. a webmailer in which you paste UTF-8 Text, then 
the webmailer sees that it can encode that message as latin 1 and sends it as 
latin 1. Now on the receiving side you have a content-type saying "latin 1" 
but the message was actually signed in UTF-8. And so you have to "try" 
multiple charsets if you whish to verify the message (as it could also be 
signed as latin1).
 
> All those MAYs are there because of the real world considerations. 

Well, my proposed change would be optional. Without the "Charset" in the 
message an implementation would fallback to the "do what you want" guessing 
game with all these MAYs :-)

> People still use JIS all over the place, for example, and this allows them
> to mark their text and have it work correctly. (That’s why we put it in both
> the standard and software. The examples of Latin-5 and JIS were real.) On 
> the other hand, there was a completely reasonable objection that there are
> not only silly character sets that one could make up (nods to the computer
> language “Whitespace”), and real-world issues of what happens when the
> diehard Latin-5 people start sending messages to the diehard JIS people, and
> the resulting N^2 testing matrix.

I'm not sure if you say that we should not add standardized way to define the 
charset for cleartext signatures or that we should?

I don't really see the problem of either silly character sets or Latin-5 / JIS 
messages. As long as It can be converted to the display charset / for passage 
through the openpgp engine it should be ok.

> Thus, this section lets an implementation throw its hands up in the air and
> scream wherever and whenever it wants, while giving a decent way to
> clearsign Japanese text.

Yeah, but from a usability standpoint I do not like guessign, screaming and 
failing if it can be avoided at all :-).


Best Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner