S/MIME vulnerability
"Hal Finney" <hal@finney.org> Tue, 03 September 2002 19:06 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA09736 for <openpgp-archive@lists.ietf.org>; Tue, 3 Sep 2002 15:06:33 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id g83IoOI25285 for ietf-openpgp-bks; Tue, 3 Sep 2002 11:50:24 -0700 (PDT)
Received: from finney.org (226-132.adsl2.netlojix.net [207.71.226.132]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g83IoN225281 for <ietf-openpgp@imc.org>; Tue, 3 Sep 2002 11:50:23 -0700 (PDT)
Received: (from hal@localhost) by finney.org (8.11.6/8.11.6) id g83Inva21220 for ietf-openpgp@imc.org; Tue, 3 Sep 2002 11:49:57 -0700
Date: Tue, 03 Sep 2002 11:49:57 -0700
From: Hal Finney <hal@finney.org>
Message-Id: <200209031849.g83Inva21220@finney.org>
To: ietf-openpgp@imc.org
Subject: S/MIME vulnerability
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
There is a report out recently indicating that Microsoft Outlook has a major S/MIME security vulnerability. See http://online.securityfocus.com/archive/1/290107/2002-08-31/2002-09-06/0 or http://www.theregus.com/content/4/26172.html. It is the same bug which was publicized a few weeks ago regarding SSL site certificates. Although at the time Microsoft claimed that the problem was restricted to IE, it turns out that Outlook is affected too. Basically the Microsoft software fails to distinguish which keys are meant to be signers of other keys. Essentially, all keys are trusted as signers, if those keys are signed by other valid keys. The effect is that virtually any key can be used to sign another. The S/MIME world uses X.509 certificates, of course, and so what it means is that if you have a cert from Verisign, say, then you can create certs on any key with any name you like, and the Microsoft software will believe them. Outlook will accept a signed message from one of these bogus certs and will display the signer name (which you created and can be anything you want) as valid, without any warnings or error indications. The Bugtraq article says, > As it stands, there is virtually no difference between signed and unsigned > email in Outlook. Unless carefully inspected, signed email in Outlook is > essentially meaningless. This also applies to any signed email received > over the past 5+ years. This is a very serious security vulnerability to have gone so long without being detected. Hal Finney
- S/MIME vulnerability Hal Finney