From nobody Wed May  1 12:29:18 2019
Return-Path: <HeikoStamer@gmx.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40D3A120025 for <openpgp@ietfa.amsl.com>; Wed,  1 May 2019 12:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zzEmVFCaE3me for <openpgp@ietfa.amsl.com>; Wed,  1 May 2019 12:29:15 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5840712008D for <openpgp@ietf.org>; Wed,  1 May 2019 12:29:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1556738952; bh=0XL7HIdwuSHQNZdQJwoHz5MmPsAOyq+xQBKOLFyHzkQ=; h=X-UI-Sender-Class:To:From:Subject:Date; b=YP8JDE2xx58ynYfBT8/U6tSpnZioh7KpJqSkC80C7rver63oDfcALKKPmIY+4m+49 qvaFOprlDaX4Y09biLvjFiX6F9BtpyBphgVXd7dxPR4GBByGfdlD3wCGJyF+QhuVpQ vKC6rr+XPNLuuXNfEICZB04DJhwHmZcXjSpV6Fug=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.30] ([80.132.239.73]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MiJZO-1gscF73QgQ-00fU2K for <openpgp@ietf.org>; Wed, 01 May 2019 21:29:11 +0200
To: OpenPGP WG <openpgp@ietf.org>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQlSGVpa28gU3Rh bWVyIDxoZWlrby5zdGFtZXJAcG9zdGVvLmRlPohiBBMRAgAiAhsDAh4BAheABQJTnH9pBgsJ CAcDAgYVCAIJCgsEFgIDAQAKCRBPWE64+yvhT4n9AJwNsUcN5bx9/gtUs4LMmqBcePkQKwCf Y4FmM1D4rmTWsHQ1NRgsiqQhc265Aw0EN1gq2RAMAK4ZTZJZeaOmjIYhf9QfN7rQ6iXEF20r OG8NkeHLVLPw02t2QjejO5g4zGQplktPD+JCKBU1B/DL7l8BTDopofw4+fAierJ6C4jo/AbS pArZxaVJNkOVNbwHYPdCmO3yxieeMYQgYoZvtkBSA4OZZh2xLfmi3IRBPRSf+REiqPJBy9aA 0f7634vKldTG7R4PR2UP+THjpM/2SpNiyv/y9ZaEPYn3zHRkWsUw3xAMIiE73Hen6o/J9KIB 2e4jiI3VFiwq0LaKRv5whzltjKydGi2zVqcDLc93lDxsW2OXPE89GH3S/9irlEz/ciBuxtLT MMjSV3OeV34Mid7Muz8RE6whOaZteuEgAcLxONxe3FZHeG2cUuciCZDdFqDRtB6w0XhjltdI ZzD8zHBZyboRfBxubtRzriTxjFcxjI3L5df9uLWjuvkl0fSYpQV5dMX1Yus2kXiMHKUeTVE0 NtHqSnozzu88l6D+dCHX0i1BDFgkZi70oGEEaEW0NQgDItOdNwADBQv/a0d7nasV4JW9mjtF nlJDL9pyXHuGc+y9vfJNdy+DlzuHB44vtl+yH9ecTdpxE7RgB8ZvQvEwUmV+keBw+5NkR3ms +AnPrwZxwAIE/DxnwyBAQETkf9SIBH8cz0BCYQ37B+N4OW/pkYSWadjn2Bgi4IZRWyrDmnAI KwsGzfGUxPIKI3AMcRFFqjdhMaFo3L2GwJ2o0dBxd1LN0Xo6298ydcjrtAbKI1xuNXBfBAeU YCzGjg7cUw6XXfyjU5rTQkxKTu13xsKUwCnse7jOvDnfdNnYC+n7o4WNQBDhTiF0QMZ482ba FtCKcqdQJ3fQ9uioh1kOZirhJJ40xtYrDLcS3H9rQZff0X+CeOa94EdJYYYH7BIpysrfJ9c1 cxrg5brzeb9ofWaxLQvRIXBubbDtd0AunQMJXTfXHUmgYCdzSZVyy1tUzso1QacI4D0PhRIo euP8ihlWhqnHRv5tY8Ue18uFybaVIOWrsXXjQOVBUvXFmYCc9ykvJcyYSadLYkJliEYEGBEC AAYFAjdYKtkACgkQT1hOuPsr4U9xEwCeKB7jHvmUrWnuxsqx2Flvq2/gIk8AoKkOpGf2jud+ 8uWi5c1ohHWeuLtz
Message-ID: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net>
Date: Wed, 1 May 2019 21:29:09 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:lX57sEbei/mju4oeuXtGqXo2otbPMHIBM6z44CUA2a/rcbO6dVI zccbdAk4P+5Ypjh+62LFLmUk1zc5Vjmanrg3J7E1C5yyKrhva1FyT/4veEIzFyc/na3BFcU G1wIC1MiNfLMFhJE+7trOWwhKB0B9oetMW4Uf65wk0Y3LsVeBjRhGnqaRw1Vc7wmc8thuou yRoIpKhAsl8+l7km6NLtg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:sPh5Kg/17+c=:s1fV2UO2r6i7DZh5dNWRX+ lPrx/V84HIutfoQlEOl9Zs7p48bcL/9T0PvSJ6T9aS5d0B8+dyrvx9heRZm//k8AWjxQifgSk LHM+lYN1N9+IVeQ6WOcSCMOlhblCdyRMHdwVVxQ5TFv413e9xmU4rsIDVJoQeUQvUINT7oQ6r 1m1cir4jStKDAHQQ9INBe0HpnU5kk3TjJTdu7w1cdpWLfMtGHCDjsRmOgZndg71YktHxPzpce S6ypk07vVCWLHCKnRtnn79hc6TsFx0Avc/KIfPpkAoYHeXjK6TMyspSFas7e772QE5PA4h2wp O3E6h+HGC6X9N6848QpzjkjTU7K/EF66gB9a4lL77uvGVTiDdtMfoBtBTjRk2lrvOriFq2CFm lvaQzPSuMrt/+zR/dduvG7g7jBd2XtJYNNPAg9Eg+FnjBlSKFwOVah8hizJ187VdkdPBS4CDN PqDoZUK5mwAmctIzoswSf829mCTTL/w5FC97BoHAXswGhSft+v6SKrYab2SMa2vMgTusNAx7f 4TuiTTTN+ahQknLHMzZj2O+cfNA2fQySIAlIqOd8sU60q0VSqYy51D9+xRn67kKsJZFCtalJ6 C8KPDAc4pLttWExdlpKZxB6Ci/YvQ04ikrHi/9+IHMvp8z1RcEKDom0/qahXQr5KaEn7dvxQ3 BN1zK7pu2dh+0AcQkcNj2atJGugUBd81KctXhlyg2U5NwNF9wsZeHBdWw6ugGYD3An5KOagCk hP2NA1eyTLn1C/5LOTQZ0SbLYM/HRNkFgz0lgRAaetWzdCVxSaAYMyO2MEF2H4JTAWdC3d4nu p0ptqLND+NjtIdy3X88A30fQ4jLjDEoBLnsnS1uhXz9Z779l68jmfJeUfgsI/auosdJ00FTb/ MwoNl4hvgKsCL3TS7Q3JXZVPFeWV/Ze/kDB1yva9jX86x3GuZ9+gBrDPz7XVvVWY6Vyar1mX7 bTKTjitTI7w==
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/A4JjKEKve9zIvTiFLKIyPZnnEXg>
Subject: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 May 2019 19:29:17 -0000

Dear friends of OpenPGP,

regarding compution of v5 signatures we have the following lines
in section 5.2.4 of the current draft RFC 4880bis-06:

  "a eight-octet big-endian number that is the length of the
   hashed data from the Signature packet stopping right before the
   0x05, 0xff octets."

I am wondering why a number of eight-octet size is used here. The
biggest field, AFAIS i.e. the hashed subpacket data area, is limited
by the included two-octet hashed subpacket length. So why 64 bit?

=2D-
Heiko


From nobody Wed May  1 23:36:01 2019
Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A802F12017E for <openpgp@ietfa.amsl.com>; Wed,  1 May 2019 23:35:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bqR35zjTrazu for <openpgp@ietfa.amsl.com>; Wed,  1 May 2019 23:35:45 -0700 (PDT)
Received: from mail.dasr.de (mail.dasr.de [217.69.77.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77D83120052 for <openpgp@ietf.org>; Wed,  1 May 2019 23:35:45 -0700 (PDT)
Received: from p57b22663.dip0.t-ipconnect.de ([87.178.38.99] helo=grit.huenfield.org.walfield.org) by mail.dasr.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.86_2) (envelope-from <neal@walfield.org>) id 1hM5Jm-00020K-Mp; Thu, 02 May 2019 06:35:42 +0000
Date: Thu, 02 May 2019 08:35:42 +0200
Message-ID: <877eb9wegx.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: Heiko Stamer <HeikoStamer@gmx.net>
Cc: OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net>
References: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.8 EasyPG/1.0.0 Emacs/24.5 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Wd0uRL-FIZ64ovAA8cefT4-0RY4>
Subject: Re: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 06:35:48 -0000

Hi Heiko,

On Wed, 01 May 2019 21:29:09 +0200,
Heiko Stamer wrote:
> regarding compution of v5 signatures we have the following lines
> in section 5.2.4 of the current draft RFC 4880bis-06:
> 
>   "a eight-octet big-endian number that is the length of the
>    hashed data from the Signature packet stopping right before the
>    0x05, 0xff octets."
> 
> I am wondering why a number of eight-octet size is used here. The
> biggest field

I don't know about this.

> , AFAIS i.e. the hashed subpacket data area, is limited
> by the included two-octet hashed subpacket length. So why 64 bit?

Actually, the MPIs can be larger.  They take up the remainder of the
packet.  In practice, the MPIs are just a few kilobytes today, but
with post-quantum crypto, they could get very large.

:) Neal


From nobody Thu May  2 09:35:09 2019
Return-Path: <HeikoStamer@gmx.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A19B012043B for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 09:35:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h4aIPK-8uZ5X for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 09:35:06 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C1D012044C for <openpgp@ietf.org>; Thu,  2 May 2019 09:35:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1556814901; bh=j5lnz02IEnHObIASpRuCzsdyerVXFfXRMLhnCuYpruY=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=Dbj2FLfXhSN+GN7gvF1UXCc19jZ0U8zsssSR/Gc4SvnCruiEQQm5mZJ6Byq8emqry yJkdESnm5NHIre6YfBEB5mSS3RSghnAy/478WSvl5ZWrZgPSn0tqyT4hsGsOCXgWS8 RS31dKfcF/V2szMGZCkaZ+ttWTDeJKJ2Ddo0xIJY=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.30] ([80.132.239.73]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MV67y-1hE5TP0kVi-00S612 for <openpgp@ietf.org>; Thu, 02 May 2019 18:35:01 +0200
To: openpgp@ietf.org
References: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net> <877eb9wegx.wl-neal@walfield.org>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQlSGVpa28gU3Rh bWVyIDxoZWlrby5zdGFtZXJAcG9zdGVvLmRlPohiBBMRAgAiAhsDAh4BAheABQJTnH9pBgsJ CAcDAgYVCAIJCgsEFgIDAQAKCRBPWE64+yvhT4n9AJwNsUcN5bx9/gtUs4LMmqBcePkQKwCf Y4FmM1D4rmTWsHQ1NRgsiqQhc265Aw0EN1gq2RAMAK4ZTZJZeaOmjIYhf9QfN7rQ6iXEF20r OG8NkeHLVLPw02t2QjejO5g4zGQplktPD+JCKBU1B/DL7l8BTDopofw4+fAierJ6C4jo/AbS pArZxaVJNkOVNbwHYPdCmO3yxieeMYQgYoZvtkBSA4OZZh2xLfmi3IRBPRSf+REiqPJBy9aA 0f7634vKldTG7R4PR2UP+THjpM/2SpNiyv/y9ZaEPYn3zHRkWsUw3xAMIiE73Hen6o/J9KIB 2e4jiI3VFiwq0LaKRv5whzltjKydGi2zVqcDLc93lDxsW2OXPE89GH3S/9irlEz/ciBuxtLT MMjSV3OeV34Mid7Muz8RE6whOaZteuEgAcLxONxe3FZHeG2cUuciCZDdFqDRtB6w0XhjltdI ZzD8zHBZyboRfBxubtRzriTxjFcxjI3L5df9uLWjuvkl0fSYpQV5dMX1Yus2kXiMHKUeTVE0 NtHqSnozzu88l6D+dCHX0i1BDFgkZi70oGEEaEW0NQgDItOdNwADBQv/a0d7nasV4JW9mjtF nlJDL9pyXHuGc+y9vfJNdy+DlzuHB44vtl+yH9ecTdpxE7RgB8ZvQvEwUmV+keBw+5NkR3ms +AnPrwZxwAIE/DxnwyBAQETkf9SIBH8cz0BCYQ37B+N4OW/pkYSWadjn2Bgi4IZRWyrDmnAI KwsGzfGUxPIKI3AMcRFFqjdhMaFo3L2GwJ2o0dBxd1LN0Xo6298ydcjrtAbKI1xuNXBfBAeU YCzGjg7cUw6XXfyjU5rTQkxKTu13xsKUwCnse7jOvDnfdNnYC+n7o4WNQBDhTiF0QMZ482ba FtCKcqdQJ3fQ9uioh1kOZirhJJ40xtYrDLcS3H9rQZff0X+CeOa94EdJYYYH7BIpysrfJ9c1 cxrg5brzeb9ofWaxLQvRIXBubbDtd0AunQMJXTfXHUmgYCdzSZVyy1tUzso1QacI4D0PhRIo euP8ihlWhqnHRv5tY8Ue18uFybaVIOWrsXXjQOVBUvXFmYCc9ykvJcyYSadLYkJliEYEGBEC AAYFAjdYKtkACgkQT1hOuPsr4U9xEwCeKB7jHvmUrWnuxsqx2Flvq2/gIk8AoKkOpGf2jud+ 8uWi5c1ohHWeuLtz
Message-ID: <948453e5-48f5-959c-3951-2d643d046d57@gmx.net>
Date: Thu, 2 May 2019 18:34:58 +0200
MIME-Version: 1.0
In-Reply-To: <877eb9wegx.wl-neal@walfield.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:oPHwmrxQvmnmmraiTAshKKmP0ADq970LG5G4wKHqTGBZZnQTNw5 VJAeClyaz5ZewKbkf96dzcJS3zP3X49Vge1a0fibB9gbqY97yjIjRN8WfQteEFueWirxEIC 6u1LApPUxIQwDgayhV837yKfSyYP6Y/Y4hVPlyGE12okQAQeWAL761nEHR7d7/xii8juB3i 0QGAI8kT/z4zeZ1KkXlyA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:mksswuTeXvw=:BUHwOONg/0GVgTxOOHFMAl UgDdoFaTBqPD+TOciFsEU7eoA4wTmoPpZsibqKVCz+IQ9Axc0UHVWuPWaWMqm7IURzz+vMcS3 ND0b4ClTpc2WoJydar6GmHtsqhaRC/q86lR+y7baQaWCZLQsgqbG3RHLlFwO6d88lfltUEOZl ibGHseqcaC8Y7N4lmWeqRVn2GBX6Ry++HbLLZfR4dDX22E5Go9XZbZ9gZRdIIK4PP/dFKv/JF 1zrj1Rcbhj+kJdKdQBtFpzzZLLT9flnVH/oaKtF90thGv+sxdW1UwVn6IWWZn0UlOoGuy73dM mhpD16bVfdsqrDpBFJr3LQZu8W0tz/XeYevY2/hSNOw0Pe/UB/MnIs2GUO8LnorFZby+lVmRP /vmTo3GGwEqtArY4Az3Zrb8imYUyD/y2CTMTufGU6PpQE/eT4z8QCOQ9LF0CiYXkG5XT1FOQF iSNE9InoGJ6varT2dQKV6S14X915GGrDYaqPdNker9smrGtqe0GRItPNtFp3lthNgHFguP6Pc 5B1P2bsHnyt+Kh27H4QjRLSa7JjQjeL0j2ortY3WeaizuOkhMZp+bpbm3eCEyh2LqIQ0nXm6W RJBLvC29BsoVLXrrVS9QY5Mow1zY3BUNrGjAvADfAdYDrA8CQW+/dFde0p4QLNWBrqeDXLBaZ khWTcQsi/e4A+HIXsL2jtmRFI1ntWyALzZc+ecCL9RqKzXivHJovH+zPS47UYAlYICK5GA5EK Nw2zSZfsZlP5FUdNeBRWbExZz+QVjMUWG/8WulMZf1KNr47AFfLlHQeGgATnzVZB3tluWK51O I8xR8F1c/P+Rd5yThv2EiJoLg8sp/j0EooZTA6+bNRG4iGnZC7hhNzlzzj9ISWhMxK012rr7B kfz0v+2n85qaaL1DRzV0fTvAHGIJRJeabCXcgeV3kCkLhio6/VTKfS+TGaYjYESby0mqfUM97 heCke6/SwpA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Bnkodl956g_u8WKyH5S7bPiyK84>
Subject: Re: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 16:35:09 -0000

Hi Neal,

On 02 May 2019 08:35, Neal H. Walfield wrote:

> Actually, the MPIs can be larger.  They take up the remainder of the
> packet.  In practice, the MPIs are just a few kilobytes today, but
> with post-quantum crypto, they could get very large.

However, according to the current description these fields are not
included in the computation of the hash and thus large MPIs (except
those included e.g. by Embedded Signature subpackets in the hashed
subpacket area) should not increase this specific 64-bit counter.
Where I am wrong?

=2D-
Heiko


From nobody Thu May  2 10:15:14 2019
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93969120489 for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 10:15:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level: 
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I2IOlhoEE9Bl for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 10:15:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41645120124 for <openpgp@ietf.org>; Thu,  2 May 2019 10:15:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org;  s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+j67aR5jngB7t2XBpAPP2XRSaby17xhp/LCTZDIIg0I=; b=cET+gylG7hVE26R7nbTImA0J92 oR9O3qd9I2IuYZMlRTx8STX3PGaK4dpk2Pmurdy/X5/8hi+wlYSXFjsRfqGXrehdOoUVdwa76onnV D9dJhvXTs146EzsZxSLCUCWrF5ow1kusN83UfBf1hcT0t9CHyrm66BCg96PB/aYMQ8sY=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1hMFIa-0008Mg-PG for <openpgp@ietf.org>; Thu, 02 May 2019 19:15:08 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1hMFHa-0007uJ-6F; Thu, 02 May 2019 19:14:06 +0200
From: Werner Koch <wk@gnupg.org>
To: Heiko Stamer <HeikoStamer@gmx.net>
Cc: OpenPGP WG <openpgp@ietf.org>
References: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Heiko Stamer <HeikoStamer@gmx.net>, OpenPGP WG <openpgp@ietf.org>
Date: Thu, 02 May 2019 19:13:51 +0200
In-Reply-To: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net> (Heiko Stamer's message of "Wed, 1 May 2019 21:29:09 +0200")
Message-ID: <87r29g6apc.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=World_Health_Organization_DOE_AOL_TOS_LEETAC_BROMURE_Euskadi_ta=Aska"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/eht-3g12uZv8njJg9e27oGcfQKo>
Subject: Re: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 17:15:13 -0000

--=World_Health_Organization_DOE_AOL_TOS_LEETAC_BROMURE_Euskadi_ta=Aska
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Hello!

On Wed,  1 May 2019 21:29, HeikoStamer@gmx.net said:
> I am wondering why a number of eight-octet size is used here. The
> biggest field, AFAIS i.e. the hashed subpacket data area, is limited
> by the included two-octet hashed subpacket length. So why 64 bit?

That seems to be a misunderstanding.  The original patch from Brian
(9b846b7e from 2017-02-13) had this text:

  V5 signatures instead hash in a ten-octet trailer: the version of the
  Signature packet, i.e., 0x05; 0xFF; and an eight-octet, big-endian
  number that is the length of the hashed data from the Signature packet
  (note that this number does not include these final ten octets).

He might have extended the counter to eight octets to better distinguish
a V5 signature form a V4 signature.  Reading this I falsely concluded
that the 32 bit counter of a V4 signature might overflow and thus added

  The four-octet big-endian number is considered to be an unsigned
  integer modulo 2^32.

to the V4 signature desciption.  Obviously we both missed that a 32 bit
counter is sufficient for a a max of 2*2^16+something octets.


Shalom-Salam,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=World_Health_Organization_DOE_AOL_TOS_LEETAC_BROMURE_Euskadi_ta=Aska
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCXMslUQAKCRD/gK6dHew1
jZXIAQDutjr4YSdRL6F5JKYdCd0GoUfF0JFh/yX3aYVS+YboAQEAgMYPiUp+hU/0
vaURR8QW/G1Zkj9pGX+Ha9klKS7xYwo=
=UTwi
-----END PGP SIGNATURE-----
--=World_Health_Organization_DOE_AOL_TOS_LEETAC_BROMURE_Euskadi_ta=Aska--


From nobody Thu May  2 15:27:50 2019
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E52151200BA for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 15:27:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level: 
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=+y2selga; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=meViTfsB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UkqknTn4b6Pt for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 15:27:47 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF82F1200A1 for <openpgp@ietf.org>; Thu,  2 May 2019 15:27:46 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;  d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt;  s=2019; t=1556836065; h=from : to : subject : in-reply-to  : references : date : message-id : mime-version :  content-type : from;  bh=2sOj4B0a6POL0f/qtic2wwU2YQzBteJg8Fcg1kHUVSA=;  b=+y2selgapBko9zkK4MmfcHwzhrqvn9/6XScR4oUk56Jq3kX8Ta5vmqqK 8Q1mGp8ggbj3UdW1o+Cm1u4rYK55BQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net;  i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1556836065;  h=from : to : subject : in-reply-to : references : date :  message-id : mime-version : content-type : from;  bh=2sOj4B0a6POL0f/qtic2wwU2YQzBteJg8Fcg1kHUVSA=;  b=meViTfsBMrdAdZhpiSTo6EIDxMKuaIs6EFnDWR9GYuju/GME9Vtv1mjN AwsX65pSMBNt7zby+TQ69T7UC1YJVZOs5BbN4g26Tw/hncNrVZsI7g28yW a+M/yvvBC8e/GH0pJgljYPFs0+Po3A1GhC+KnBVD6QEkoz5kCroH2c8thA cUiLfAdP4B2bFo5qwTfc/eV/Vkif4RYWsIcuiF047BNbGYAbXvEJ+jkgpA m11RfhvFJ38kXv5rlUUZoSiBESzAK2EDHsgqpKjHJXub/y7WcTqeavL+Ip B6y110VowuGJXtK+KTCYrVMxYlMqIQ7fkXBgLcMZhK6KV7zaFg92uQ==
Received: from fifthhorseman.net (unknown [IPv6:2001:470:1f07:60d:4864:1fff:fe17:5aa8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 5FD71F99D; Thu,  2 May 2019 18:27:44 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id A96602015C; Thu,  2 May 2019 18:27:39 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
In-Reply-To: <20190425091133.ayz4wyxzfe3xwdwf@earth.li>
References: <87sgvh1ugy.fsf@wheatstone.g10code.de> <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net> <871s1tyvkl.fsf@wheatstone.g10code.de> <20190425091133.ayz4wyxzfe3xwdwf@earth.li>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Thu, 02 May 2019 18:27:39 -0400
Message-ID: <87sgtwo5k4.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/4oTqIQoqvga4v_EfOm_ZbzCjH4E>
Subject: Re: [openpgp] v5 sample key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 22:27:49 -0000

--=-=-=
Content-Type: text/plain

On Thu 2019-04-25 10:11:33 +0100, Jonathan McDowell wrote:
> A move to easily enable key material > 2^16 bytes seems to be in
> conflict with dkg's work on trying to reinvigorate the usefulness of key
> servers + the suggestion to limit key material packets to < 8383 bytes.

For existing OpenPGP key types, i do hope that sane implementations will
keep to the limits i've suggested in
draft-dkg-openpgp-abuse-resistant-keystore.  But i think Werner's change
to 4-octet length representation during fingerprint and signature
calculations is intended to allow for significantly larger keys if there
are any post-quantum algorithms that need it.

If we get to a world where PQ keys of that size are necessary, the
guidance on abuse-resistant keystores will need to be updated to
accommodate the new algorithms, of course.  But presumably any
cryptographically-validating keystore will need significantly more work
to implement the PQ algorithms, so a change to those suggested limits is
pretty minor in comparison -- not too big a deal.

And to be clear: this isn't mandating a 4 octet length on the wire for
all keys -- keys in transport can still use OpenPGP's weird
packed-type-length encoding and shave off a couple bytes that way when
they're aiming for smallness.  We're only talking about 4 octets in RAM
when calculating the key fingerprint or the signature, right?

so i agree with Jonathan that it's not tightly aligned with the work to
set forward simple guidance for abuse-resistant keystores, but i don't
think it's in direct conflict with it either, and i support the move to
a 4-octet length in fingerprint and signature calculations for v5.

     --dkg

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTJDm02IAobkioVCed2GBllKa5f+AUCXMtu2wAKCRB2GBllKa5f
+LNIAP9o7AyBIFzC095GhlgYloZPWIe98VQk0yxxSd0Y8JxaZwD/bP9Ezwcvocni
WAshRXz5RAtiyS3nPxCDTsRofqY03Qs=
=tXz7
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Thu May  2 16:52:35 2019
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC30412068B for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 16:52:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001,  URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dTamqu-o-7-p for <openpgp@ietfa.amsl.com>; Thu,  2 May 2019 16:52:26 -0700 (PDT)
Received: from injection.crustytoothpaste.net (injection.crustytoothpaste.net [192.241.140.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E542120691 for <openpgp@ietf.org>; Thu,  2 May 2019 16:52:26 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:ace5:84c6:6a15:3d32]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by injection.crustytoothpaste.net (Postfix) with ESMTPSA id 443E360100; Thu,  2 May 2019 23:52:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crustytoothpaste.net; s=default; t=1556841143; bh=6SSfZQeapGiqBV2qreaGtFgV+wsEukny879xoBjIeuA=; h=Date:From:To:Subject:References:Content-Type:Content-Disposition: In-Reply-To:From:Reply-To:Subject:Date:To:CC:Resent-Date: Resent-From:Resent-To:Resent-Cc:In-Reply-To:References: Content-Type:Content-Disposition; b=gDEwiJZXkiGfXwQLxkG2kpMoM69EPP7RfvQxsBPDXN47ud5OCUbsxt2LN0aSp3OFX vt/mK9P5jlfDFH+vEkG6+PGrgDj00DEChETTKIkZeOSkwSqB7tERm4DnV/y87RmxAw UhuvomexfucAv5PolCQvbmUcJPWEyiFU2SdCIIruYhixFwQinUQkXbkRICofPnfgeF WNUg7auZI3ptAbrD19NxXg9Dq/vCu1PAO9cKMUcuLOLd1otnWNufX8ZFg1q00QiGqY zvFgjZzztPvgiQ2YTEG3FeciH9ZLfaD+Xn8IpI/w4F0UeQkQmBc1RBFuvQfZoMRbDS a4SJ4HRW/2SI2IVWrb9sefx1Vmtru5djT3eAFbTVbL1W2hVzP4w2pMdNY/BNwH5oCK X2nk3ZzOTEcgGDAufnXq60rSEdVzzlVbUzD6svyC/xg2kydv9hbJn0i7vDA8Xok6yK NEzZV/WQfaVtyjbcHn2/3/t55SvZQFncSi4iqbi8Y4gbfrBz0GH
Date: Thu, 2 May 2019 23:52:19 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Heiko Stamer <HeikoStamer@gmx.net>, OpenPGP WG <openpgp@ietf.org>
Message-ID: <20190502235219.GF202237@genre.crustytoothpaste.net>
References: <cdf3ec1d-25b5-0244-459d-11774c22b161@gmx.net> <87r29g6apc.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="MZf7D3rAEoQgPanC"
Content-Disposition: inline
In-Reply-To: <87r29g6apc.fsf@wheatstone.g10code.de>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.19.0-4-amd64)
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Scanned-By: MIMEDefang 2.79 on 127.0.1.1
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/t7KX_u4gF6TiBuAypKWBmqSi89o>
Subject: Re: [openpgp] Question on computing v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 23:52:34 -0000

--MZf7D3rAEoQgPanC
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 02, 2019 at 07:13:51PM +0200, Werner Koch wrote:
> On Wed,  1 May 2019 21:29, HeikoStamer@gmx.net said:
> > I am wondering why a number of eight-octet size is used here. The
> > biggest field, AFAIS i.e. the hashed subpacket data area, is limited
> > by the included two-octet hashed subpacket length. So why 64 bit?
>=20
> That seems to be a misunderstanding.  The original patch from Brian
> (9b846b7e from 2017-02-13) had this text:
>=20
>   V5 signatures instead hash in a ten-octet trailer: the version of the
>   Signature packet, i.e., 0x05; 0xFF; and an eight-octet, big-endian
>   number that is the length of the hashed data from the Signature packet
>   (note that this number does not include these final ten octets).
>=20
> He might have extended the counter to eight octets to better distinguish
> a V5 signature form a V4 signature.  Reading this I falsely concluded
> that the 32 bit counter of a V4 signature might overflow and thus added
>=20
>   The four-octet big-endian number is considered to be an unsigned
>   integer modulo 2^32.
>=20
> to the V4 signature desciption.  Obviously we both missed that a 32 bit
> counter is sufficient for a a max of 2*2^16+something octets.

Yes, I think I overlooked that. The goal was to avoid using a four-octet
length for the length of the actual data in a binary or text document
signature, but I misread and didn't realize that this is the length of
the signature packet, not the length of the data to be signed.
--=20
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204

--MZf7D3rAEoQgPanC
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.2.15 (GNU/Linux)

iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlzLgrIACgkQv1NdgR9S
9otsEw//WrGuAYzVJHQ8xKN8Jk9optE2LsNLpBkIqKmWqI/8kp2Z9HR+ay0qRS2l
7g5j58ml4dWSKSgMYF4J545kWCUJATBN7hg29y0pi7AsKdfm8IlUsRMQK3/glYLE
CsuJR5Vx6rqVat4UrsDLvnpUq9NpYXPdKg0H5yEKd3GRaaPItUo9VmhSzl+acoIU
o3knUiXfUeH38gh5ipD06lxPEoBWPRo2nSLWcgrNubutRkfIXnPtcdHBheJszd+5
qOdi/1VxpUbdjPAzcvTNYDPF0Jk9dtNGHxnGboH6UlhkkZBLywrR1txkC2Aaawv+
vIi1cN3UpcAlMnb+CzNawmSivomfz8SnRoUK6uFu+bQaRxPMQRW7HhaXMHhN37OE
GmcdqQ85DqkDPjuXhTbBXtC4E1L+0sNGx373DntHq+iw5XbtSiAgIMfszNeGipzg
Byykt/Vf/zHhW2xvPZsXTD7OIliwS1QyBCVgg1rx4G00Gm9RPdVqnO0iHAiSeWIS
iR83ZHdg3bS5F6aNQWl0lpTnkhOlqhCCk6opsC70GL7kMv+XSqunQLBUyfH5CX09
AwdAHdE40opfN22v7Qcy9IQDQDiRrQKsAabU6hUaTPTLXmYb9aYIb/1lX7cDHBmx
1FL5MuFSHimvM8u0g0mzID2JSze7Cx11HfJKjjFKNgoNg7c/0tk=
=ST7B
-----END PGP SIGNATURE-----

--MZf7D3rAEoQgPanC--


From nobody Fri May  3 03:05:16 2019
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A69611200E5 for <openpgp@ietfa.amsl.com>; Fri,  3 May 2019 03:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level: 
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oeuCzdiVTmBn for <openpgp@ietfa.amsl.com>; Fri,  3 May 2019 03:05:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9754C12006D for <openpgp@ietf.org>; Fri,  3 May 2019 03:05:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org;  s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pSJsoZ8UYtdIevzH7i1wVeWfTF5a6oN7jhtWxSak83g=; b=JgIPWUWqyUqFeTa7aO/q6I3sFY eJhJ5u3ZHgohM/QrDnT/QquiMTTYKLvzOTI8g4MWCUqaR7NfcoYY/Uie9hiS5AdnaJmZYOuSPuf9u EJ1w8yGwmT8fm6xvNtG9N2CVgiML5U4juVqRbPZAmwkHE971Yv62sGWA8HJ6yDx91l4g=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1hMV41-0008Ep-1y for <openpgp@ietf.org>; Fri, 03 May 2019 12:05:09 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1hMV0D-0002Ko-3k; Fri, 03 May 2019 12:01:13 +0200
From: Werner Koch <wk@gnupg.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: Jonathan McDowell <noodles@earth.li>,  openpgp@ietf.org
References: <87sgvh1ugy.fsf@wheatstone.g10code.de> <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net> <871s1tyvkl.fsf@wheatstone.g10code.de> <20190425091133.ayz4wyxzfe3xwdwf@earth.li> <87sgtwo5k4.fsf@fifthhorseman.net>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
Date: Fri, 03 May 2019 12:01:07 +0200
In-Reply-To: <87sgtwo5k4.fsf@fifthhorseman.net> (Daniel Kahn Gillmor's message of "Thu, 02 May 2019 18:27:39 -0400")
Message-ID: <87d0kz6en0.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Merlin_Standoff_GIGN_Fort_Hancock_Locks_Information_Terrorism_world="; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SUxp2zgJwhB0o4ntSq2bR0cPbo0>
Subject: Re: [openpgp] v5 sample key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 10:05:14 -0000

--=Merlin_Standoff_GIGN_Fort_Hancock_Locks_Information_Terrorism_world=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu,  2 May 2019 18:27, dkg@fifthhorseman.net said:

> to 4-octet length representation during fingerprint and signature
> calculations is intended to allow for significantly larger keys if there
> are any post-quantum algorithms that need it.

Right, that is the required change to allow the addition of PQ algos to
OpenPGP.

> they're aiming for smallness.  We're only talking about 4 octets in RAM
> when calculating the key fingerprint or the signature, right?

Right.  Snippet from code for fingerprint hashing:

  if (is_v5)
    {
      gcry_md_putc ( md, 0x9a );     /* ctb */
      gcry_md_putc ( md, n >> 24 );  /* 4 byte length header */
      gcry_md_putc ( md, n >> 16 );
      gcry_md_putc ( md, n >>  8 );
      gcry_md_putc ( md, n       );
      gcry_md_putc ( md, pk->version );
    }
  else
    {
      gcry_md_putc ( md, 0x99 );     /* ctb */
      gcry_md_putc ( md, n >> 8 );   /* 2 byte length header */
      gcry_md_putc ( md, n );
      gcry_md_putc ( md, pk->version );
    }


Salam-Shalom,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=Merlin_Standoff_GIGN_Fort_Hancock_Locks_Information_Terrorism_world=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCXMwRYwAKCRD/gK6dHew1
jRKZAQDmX4Mc9GVtvDWJaNxYGl6Z4mAw3ZdC8GPvnafzNDvtIgD7Bu7fT/vSb0YW
Z/zGIBXyyyMfFXZPj716hjMPQhxGOg4=
=Coul
-----END PGP SIGNATURE-----
--=Merlin_Standoff_GIGN_Fort_Hancock_Locks_Information_Terrorism_world=--


From nobody Fri May  3 14:29:47 2019
Return-Path: <Neil_Hunsperger@symantec.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5849120165 for <openpgp@ietfa.amsl.com>; Fri,  3 May 2019 14:29:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level: 
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symantec.com header.b=BP8rF4iQ; dkim=pass (1024-bit key) header.d=symantec.com header.b=uQQn7BVh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1OcFKuHwB2ay for <openpgp@ietfa.amsl.com>; Fri,  3 May 2019 14:29:44 -0700 (PDT)
Received: from asbsmtoutape01.symantec.com (asbsmtoutape01.symantec.com [155.64.138.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0857B12015E for <openpgp@ietf.org>; Fri,  3 May 2019 14:29:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=Symantec.com; s=2; c=relaxed/simple; q=dns/txt; i=@Symantec.com; t=1556918982; x=2420832582; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=4SirwfC4j43/ILIB6B/LGnHLqsbpJD9tRdn6odimjzY=; b=BP8rF4iQL3BnveeKGsiJwrz9TVlqAZ1zIkd0LJsOIf5gIJKn1uRsnw4Oqg1k9q1p Wc7FNcY/X4r116W8c+wVwHIAtyQ/gFoAYLJX/VaTuDLPESZu0RrVD9IlcxZnfd2V GnuqlNIF9DnTuHHQgV0Z/xsQx4/VVtUSS7pxupFvZf0=;
Received: from asbsmtmtaapi01.symc.symantec.com (asb1-f5-symc-ext-prd-snat10.net.symantec.com [10.90.75.10]) by asbsmtoutape01.symantec.com (Symantec Messaging Gateway) with SMTP id 9D.72.02630.6C2BCCC5; Fri,  3 May 2019 21:29:42 +0000 (GMT)
X-AuditID: 0a5af819-f0d569e000010a46-53-5cccb2c67fea
Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (asb1-f5-symc-ext-prd-snat2.net.symantec.com [10.90.75.2]) by asbsmtmtaapi01.symc.symantec.com (Symantec Messaging Gateway) with SMTP id FE.98.52441.5C2BCCC5; Fri,  3 May 2019 21:29:42 +0000 (GMT)
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 3 May 2019 14:29:41 -0700
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (10.44.128.10) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Fri, 3 May 2019 14:29:41 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symantec.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uUIx6bGUbbSq0trIQtH2FgCugisy7RT/srwyYZDcLaM=; b=uQQn7BVhBkJ3t0ZzBqcEUe3gaooe4WueU7v49QKNwQM9HRE8eO1rCPzNL+R26UTZGl5sWwjBj0gMlvRhck8uxKaNFvAXfzqqlmfBJ9WDQJCEZIWQvA3XGi6xxYofHfEw5Y58+4kQpHDzWGTfMIELIa7f4B1AE23D59VwrIpfUkc=
Received: from BY5PR16MB3302.namprd16.prod.outlook.com (10.255.163.81) by BY5PR16MB3143.namprd16.prod.outlook.com (10.255.160.221) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1856.11; Fri, 3 May 2019 21:29:40 +0000
Received: from BY5PR16MB3302.namprd16.prod.outlook.com ([fe80::58d9:baf6:b6b8:1fd2]) by BY5PR16MB3302.namprd16.prod.outlook.com ([fe80::58d9:baf6:b6b8:1fd2%3]) with mapi id 15.20.1856.012; Fri, 3 May 2019 21:29:40 +0000
From: Neil Hunsperger <Neil_Hunsperger@symantec.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [EXT] Re: [openpgp] AEAD Chunk Size
Thread-Index: AQHU5WIewi6VyTVun0K++o+ommhfzqYhj1CAgAAKeQCAAFc1gIAAZl+AgAA6vgCAAAdygIAAe5wAgABdpICAAV29gIAAVE6AgBjfVACAAZOuAIACtaqAgAdBgQeAEJPn4A==
Date: Fri, 3 May 2019 21:29:39 +0000
Message-ID: <BY5PR16MB33027DD1629691D48EECE1A9E9350@BY5PR16MB3302.namprd16.prod.outlook.com>
References: <87mumh33nc.wl-neal@walfield.org> <878swzp4fb.fsf@europa.jade-hamburg.de> <E65F6E9D-8B0B-466D-936B-E8852F26E1FF@icloud.com> <87d0m9hl62.wl-neal@walfield.org> <FEE9711C-3C64-493C-8125-89696B882E0A@icloud.com> <2di2bK8m-7HtDeoUEH9oPqs-bL-IKSE0CjkgFShPMLOlUyeDBVkVGApdjnIpS6YRAeKU3ibGCZCtwLden-N6zK5W4fqIghRGDa5dU720nEs=@protonmail.com> <73739F8A-5E9F-4277-B053-FDD2E8D81B17@icloud.com> <cc75QwJwTIffqLK7fzZ3A2Pw1Vb3_lkhSHfYRPyASZcxceG2c0Cpbld529WsXosP7X9x4agikpGD4dVTXK8iaRkblS9Jokv1tD2TceQBbyE=@protonmail.com> <18FF6D9C-B285-406E-A344-E6362646DE68@icloud.com> <YMBMgZGGCSQb4Bnp9xRFkBfOn-I97FrycqHK4NvuHUkgtmL6_UaumtHJwJc-4nbmACSHrA4CWqEeLMDUuoVFMq0Vc6M0fwO8G40Mq1heEgI=@protonmail.com> <uIkPmRBGfmyVi5QPuVeXkm02_Y_zfPUWPWCsZtDHyjFaFbNOY8mJyUK42pm80AJ-_-jf-ut1xPK_SMkjGDgrL4cT4BcAbeaBQvSYhqFoD7U=@protonmail.com> <875zr5ywd7.fsf@wheatstone.g10code.de>
In-Reply-To: <875zr5ywd7.fsf@wheatstone.g10code.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Neil_Hunsperger@symantec.com; 
x-originating-ip: [155.64.23.33]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e4c7bb13-cca0-4941-3d18-08d6d00e733a
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:BY5PR16MB3143; 
x-ms-traffictypediagnostic: BY5PR16MB3143:
x-microsoft-antispam-prvs: <BY5PR16MB3143CE0AA7684D0D6FA0A24FE9350@BY5PR16MB3143.namprd16.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 0026334A56
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(366004)(136003)(346002)(376002)(396003)(199004)(189003)(5640700003)(5660300002)(71190400001)(71200400001)(86362001)(2501003)(14454004)(14444005)(73956011)(6506007)(76116006)(256004)(6436002)(11346002)(486006)(446003)(476003)(2906002)(2351001)(52536014)(26005)(102836004)(229853002)(305945005)(6916009)(186003)(68736007)(478600001)(55016002)(10290500003)(316002)(6116002)(74316002)(53936002)(72206003)(9686003)(3846002)(76176011)(8936002)(7736002)(25786009)(1730700003)(66556008)(66446008)(64756008)(66946007)(66476007)(8676002)(81166006)(99286004)(81156014)(66066001)(80792005)(6246003)(7696005)(33656002)(9010500006); DIR:OUT; SFP:1101; SCL:1; SRVR:BY5PR16MB3143; H:BY5PR16MB3302.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; 
received-spf: None (protection.outlook.com: symantec.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: q1CTusOVrwgJrsTBUbUSPKMgzV2lqkR8NLeWyjb1XfH1grCN5WHKPs35EA64nW2ZgH+OtnBFZ1Xytv8gqfMVIRH4/4YehfWIt++/uH03T9JUG7BsfMdQtXFerr/7eviajsNeJ2YDULqPeSIB9CHjT7wt4WqXLtCixmvZUJ8AcxS/I3+jbtXqpiGvN6F2Pd3okfycwpRqSEF4KvAC5SN8QSCxA77F+xsCihSfln5qLyrYJXgk0YBVqASB53tmNW/tzMbE9iIIUslzJNaFq/H5FjwzuwI8v63V29zn+WoSFCRS0GVZ6GpBLj7C8jrfexEUWdd1BksqJhiAC4PAlp7I9dqrtdahFO4oWfuNsaV0M/e3696ONMkNd/g/Wyh5bQvbi+z9OnKzkK2tHxXHE0Qoj8Lzd80o6z1dm97+eaZlS+M=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: e4c7bb13-cca0-4941-3d18-08d6d00e733a
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 May 2019 21:29:39.8978 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR16MB3143
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFupgleLIzCtJLcpLzFFi42LhivLm0j226UyMwZ5JXBYN/x6yOzB6LFny kymAMYrLJiU1J7MstUjfLoEro+0Vd8F/gYoDLxayNTBe4O1i5OSQEDCR+N32mbGLkYtDSOAz o8SPFYuZYRLLrz9nhUh8Z5Roa5jBBOEcYZS429bEDOG8YJQ4//sYC4jDIjCBWaLn7g82iMxk JonbZ+5BTX7IKPHkyGQWkMlsQJPXTm9jArFFBDQl+nYsZwOxhQUMJJ7c28sMETeU6Jj0EKpm EqPE3/s1IDaLgIpE254/YHN4BWIkmj6vhTrqC5vE10d32UESnALGEgdXXAJrZhQQk/h+ag2Y zSwgLnHryXwmiPcEJJbsOQ/1qqjEy8f/WCHq4yXaXk+FiitIHJ7dwg5hy0pcmt/NCGH7Stzp ng8OAAmBC4wSc6/OYINIaEksvX4MaBAHkJ0t8fS/F0RYTeLz0ytQM2Ukzjd8ZoLo3cgm8ef/ c6YJjAazkNwHYetILNj9iQ3C1pZYtvA18yywpwUlTs58wrKAkWUVo0JicVJxbkl+aUliQaqB oV5xZW4yiEgEpo5kveT83E2M4PTxQ3IH45ETPocYBTgYlXh41dafiRFiTSwDqjzEKMHBrCTC G/fxVIwQb0piZVVqUX58UWlOavEhRmkOFiVxXquJQCmB9MSS1OzU1ILUIpgsEwenVAMj6wfV Ryf+snqVS6rZLNDjeBmWvKh0zZtFt4XZu72+/viX9/vuy8+73nywCfM8qmV3fkIo5xzron1K zh9f77I8p3g8Upd15qdrlgln9GLypvK93Scdf8N1/bubp6brievK2eVrfZg7oe7W7DTeyk8Z 80zWpMwt8nl94dj7hTFsj4tkpqzo6qkTV2Ipzkg01GIuKk4EAORxxTQbAwAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrNIsWRmVeSWpSXmKPExsXCFeXNpHts05kYg8u/WC0a/j1kd2D0WLLk J1MAYxSXTUpqTmZZapG+XQJXRtsr7oL/AhUHXixka2C8wNvFyMkhIWAisfz6c9YuRi4OIYHv jBJtDTOYIJwjjBJ325qYIZwXjBLnfx9jAXFYBCYwS/Tc/cEGkZnMJHH7zD1GCOcho8STI5NZ QCazAU1eO72NCcQWEdCU6NuxnA3EFhYwkHhyby8zRNxQomPSQ6iaSYwSf+/XgNgsAioSbXv+ gM3hFYiRaPq8FuqoL2wSXx/dZQdJcAoYSxxccQmsmVFATOL7qTVgNrOAuMStJ/OZIN4TkFiy 5zwzhC0q8fLxP1aI+niJttdToeIKEodnt7BD2LISl+Z3M0LYvhJ3uueDA0BC4AKjxNyrM9gg EloSS68fAxrEAWRnSzz97wURVpP4/PQK1EwZifMNn5kgejeySfz5/5wJpF5IIFVi+wx1iBo5 iVW9D1kmMOrMQnI2hK0jsWD3JzYIW1ti2cLXzLPAYSEocXLmE5YFjCyrGBUSi5OKc0tySxIT CzINDPWKK3OTQUQiMG0k6yXn525iBKeO32I7GA/88TnEKMDBqMTD+0LrTIwQa2IZUOUhRmkO FiVx3s0xX6KFBNITS1KzU1MLUovii0pzUosPMTJxcEo1MFb0uvn846/yfXLj9Jrt3lW3J3xN aWfcHl/f0zqziGkb/4kNSqYJZwt/zwi/2H5fWDT/t5HV/8+7ub6qTMr4ZKx39+/9GT8LL0vd 3VW4T1vdiP/+K9UzjJwnksI0/1ZJzzOexS/eOW9vyZFnneeOlmZOvHKWT6h45Yp9HGon+25/ veB274/T5mlKLMUZiYZazEXFiQCkwABe/gIAAA==
X-CFilter-Loop: ASB04
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/lMB89sd0fjvwc65s6mYnGEZE3Bo>
Subject: Re: [openpgp] [EXT] Re:  AEAD Chunk Size
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 21:29:46 -0000

> From: openpgp <openpgp-bounces@ietf.org> On Behalf Of Werner Koch
> Sent: Tuesday, April 23, 2019 1:11 AM
> I am not sure about the context.  Are you talking about the partial lengt=
h encoding or about the AEAD chunk size, a modification of AEAD to allow de=
tection of transmission errors before the end of the data?

Is the disconnect between Werner and many of those replying just whether it=
's meaningful to have 3 security levels instead of 2?

Level 1: The receiver verified the signature computed over all the data. Th=
e data is from Alice.
Level 2: The receiver verified AEAD chunks but not the signature. The data =
is a prefix of data sent by someone who had the decryption key to that data=
.
Level 3: The receiver verified neither AEAD chunks nor the signature. The d=
ata could be from anyone. It could be from your friend Alice, but modified =
by Eve in a way that compromises its confidentiality.

If one's threat model lumps levels #2 and #3 into one "untrusted" bucket, t=
hen AEAD is purely a convenience mechanism.

If one's threat model aims to protect downstream code that is robust agains=
t RCE attacks but weak against information disclosure attacks, then AEAD ch=
unks provide measurable security.

> For all other purposes I propose to use a different protocol on top of Op=
enPGP a (e.g MIME) and not to overload OpenPGP with unneeded stuff.

I think we can let people rely on OpenPGP to differentiate above levels #2 =
and #3 without making the OpenPGP protocol any more complicated. The maximu=
m size for chunks just needs to be "small-ish": the value this thread was t=
rying to define.

-Neil

Aside: An even safer way to use AEAD would be to sign something derived fro=
m the decryption key and place that signature before the AEAD Encrypted Dat=
a Packet. Thus when a library streams out checked AEAD chunks, those chunks=
 are known to be prefixes of a message that Alice sent. This is the stronge=
st security guarantee possible with a pure streaming interface. I think it =
would only be useful in an environment where unsigned data is always reject=
ed. And this would complicate the spec!


From nobody Sat May  4 04:08:18 2019
Return-Path: <albrecht.dress@arcor.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEE6D1203D0 for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 04:08:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.22
X-Spam-Level: 
X-Spam-Status: No, score=-3.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XMgYymDg_Qti for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 04:08:14 -0700 (PDT)
Received: from mx009.vodafonemail.xion.oxcs.net (mx009.vodafonemail.xion.oxcs.net [153.92.174.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91A2D120044 for <openpgp@ietf.org>; Sat,  4 May 2019 04:08:14 -0700 (PDT)
Received: from vsmx002.vodafonemail.xion.oxcs.net (unknown [192.168.75.192]) by mta-6-out.mta.xion.oxcs.net (Postfix) with ESMTP id 7ECE1D9B152 for <openpgp@ietf.org>; Sat,  4 May 2019 11:08:12 +0000 (UTC)
Received: from deneb.localdomain (unknown [89.0.134.38]) by mta-6-out.mta.xion.oxcs.net (Postfix) with ESMTPA id 500B2199C3A for <openpgp@ietf.org>; Sat,  4 May 2019 11:08:10 +0000 (UTC)
Date: Sat, 04 May 2019 13:08:05 +0200
From: Albrecht =?iso-8859-1?b?RHJl3w==?= <albrecht.dress@arcor.de>
To: openpgp@ietf.org
In-Reply-To: <20190430122932.GD1456@zeromail.org> (from ilf@zeromail.org on Tue Apr 30 14:29:32 2019)
Autocrypt: addr=albrecht.dress@arcor.de; prefer-encrypt=mutual; keydata=mQENBFZ eB1EBCADhnPQMF2jqSiftx8rmkJ042TTo5Dj5zI89g4Ea2rNGrk70GT+g0wVg1r2ZdWNN3/BM+Hu rm/uKqhlj20peqmpbmAdR2R3avztfAdi0XK1wIyMKzER4z2ieo8mY2yZdcrTtjL/P92RHpHMqpIT xZBTk5p+TH02LdRgibBglcmc+gN8pF0ZMmMsbGT4J9ytyWXR7xvh+JCBN0NRhn8+Rz315bnKZPpG kbKaWwfQUsLwlRalLB2Tvc0nNIoTl1RPBHLIVdR/X4fVg3JJqqfzhJqshmd52PP3oHqNqgPMjHMu vGGQfIOWHifaZxKPyvS9AD+dMFZLFsW6J6Hgfm4YEJ3wtABEBAAG0KEFsYnJlY2h0IERyZcOfIDx hbGJyZWNodC5kcmVzc0BhcmNvci5kZT6JATkEEwECACMFAlZeCZQCGwMHCwkIBwMCAQYVCAIJCgs EFgIDAQIeAQIXgAAKCRDqQ877M5uDOk1nCADWLGh61nwMVCi5YiaqbzM4Ap7cSLc8+5OPml1cl9E zOKiwZZ06fP671EzUirJUxLJgMRieFJWVCUoB/q/VcGeyoHsvmFgqYCjkMFjXEfs7us8AU9ZSqZk ljh3zp+JcGXnNsga7GwIti6d8wNRJILxnH5FLLfHHxcLG0Sri5ObF1eQQO45u2xDadXs7hM88T00 holFAYUAd2LEvOsJdZfzXMjp0ygJ0CXAmzRrVGFOvP1ZGlY82xZhSX1w/+zB+6J56Pm2+LGXxK7q OTb0VFch8ywtieTafgwv+6dOpYWdRG03z6wveFLZ+ESwrOlgTYT7VgRuxPgdjWYuIWc0K3OkJuQE NBFZeCr0BCADiOO0bCOVjlRxS9oLXRYj2FALktwINuI14kPYH0dJOsEa+iK5FpV5gksuFFQPFCAn QInTbR06JXpExoVTebyaqFG95jYr9BEDlxAq12ztJUNYB6L2Uk8UhTzJ7T9RvVUE6UOTyHg4Qlhr xMr/WIBJTOgJLx0+PYX57eW8iFIkCutSQiyoL4TaQ6+FPOTqvbWfoghumtovDC3JErWvvOEEJohk 5/iN3/9nDwaUp7Z9sELsjxXXUe/BTAPprq31onioFHBpvfPg1LpzqkJtEqsRfFG3JxEPM1mOxT9a qCysZoHz+/Q9DOLJNIrht7gEna8bfWq96opp1YkXx84MDDGydABEBAAGJAj4EGAECAAkFAlZeCr0 CGwIBKQkQ6kPO+zObgzrAXSAEGQECAAYFAlZeCr0ACgkQTKlvDmfn2fiNcQf8DDH/OZUITKpNZDr 3/2RYoN63bFKeXqjsEKgUaKn1PoYTDNbpDQe9YfYAH1MP1jbvUsvl7iYo5sOk+0cLXNVEPWVLoMZ 5aapNhDX1coDh0fLMiGfvvoWALMkbSCLifYBJRBMx4u5MSzo9SiFRCnD2ZhaATKZZomopP/tjeON XoX4jrvN17jCswb9tv+luwaoYTLHeWKxXY3CIJTEuhq/6TVq1AfrTx2pfQDzO+hp996kzClVw+yF ol7LGd0gVapJ9z1FnmmEr7hgb+aT+nexEdkBav6L3+AEky19Oma8LbHrM7MCRgORKtmVXsGWE0kS BHMhjf926e+WP9yEvuJ5p77H/B/9jKylBKwezvvIuBHKNitk/0qwUECbpkN8gfRm/mfBGMQvuES/ /D2UZrr++CwdmpHPxrFOWz+hvwO6/K1wy9XpUbkhkzsyA4jZ+aPFZdTKAegMUHjClbapMZxZOoRg Cl2CupTNQf316mYUXB81m4pAdy1MCnLwf2s4h0WoI4Q2zhHOsqrB23TIQTgW61D0JtqCY4DjeuWd C80/3AtJNI4E4+vfhucTWKTib++IblagSNg7nyacRoehVJch79NVrOhKFrioo+p331VTiBzRXnhM 3YG07fQlGYdA6AwYlP22PAEvAI5wn5PG+lPkHmHVvz3QLoUzAS9PEUzXvlYPMyobhuQENBFZeDEs BCADNOXu0rM1UVZ5y/Fb1Uklcmujc/MgoLzANUISqonfX3TKiVnpvmaKcQMZ29xsk3mt4osv+1Ne hhGWoVorlSUGVWFrghwumPPxgb5WRAVE4NjaUMvtjZyXsHA/Uj7Q+WAvUgNeSbT6CkZRliH/eaXb 9pZf6j05tDm15ABAWMj9SEdaZQwQcEDZujDbrUa/oxx10ePyGFhpEuoha6yU0C6Fc6KG6jy5J5Lb bR7RrA/OEPhtRpRVnv7qdLyIZtwJUPNXz7JXTrm43sGjJLF3zjmTVJhrnCXp00Nhq4ydIdWqxokn RNmEJ3qj0Heeb+jHWr9pcEGBW6FuRtS/WxIWSIit/ABEBAAGJAR8EGAECAAkFAlZeDEsCGwwACgk Q6kPO+zObgzq/jAgAv4qOMbN4qud+5wtJCMCv3QkqHY2WUXqM8sj3rHyc15U+FzGOmjQNxOIJw7y t5Epws/hyVPEp0lc6qPMvTeZng3lANNfPVBvIL3FuUTcGgc3KOx2gnB7ZpVG0baNSziqMZbHXjUW S8e2ub9YiH3n5gSW6Oq1veG0eNLatFpvwB4g7kfsyD6J88/iRfuFDkY6ANcfy4pfeuBl9XeO4EvN c7E0a7Ki036042gdoAF4MrbEMqFCIQHID0jlqzc1i8WcjxkwC5YqfrJVzp4PROpEaMNP8tEKqKxK 4V5CFqfHjGlijRD4FIfJtU/GzeMLnzsVqmKtPtfDfpmwDc1n+gDJI27kBDQRWXgdRAQgA2nEFM3Z jewnmly96ehVLLZJxJxv773b3hWKIEBBw1QF5Hk7Qwd3OQnxr0IjCuop0eiTdRhymPsVLaoMMOwO +ckScbiIUwQELP4MG2Qmzv48wLq/kML2q/Y5+scwqTYG0yLbmV/XD4gp0GuQuSujp+8oFbqC+XF5 YloYxHxEvOS8YGkbJ0T9SRtTMNChdy3g/9bHZQdAWFLIU4ivffKwXQRgqWkybF+td1SCiNTrEkSE tfkdt9A4BYQ41byb/v2YBZhLBV1/LCrf9R25c4SIGP/LAngSEfJFhb8ecTAIKJpvPFxRWBHKNcTJ r4MqzCjQDsUDPZdN1SNhQF/jDkZUDDwARAQABiQEfBBgBAgAJBQJWXgdRAhsMAAoJEOpDzvszm4M 69OYH/AhfWKr6/+Ru43U9QAcodMcGIT9YBu9Q7jZdhtmJiHhukMcn4OZt7JX+UJO3QYyXupJPdkH EF/YqaH4wzu02b5n9ImX0hybVw++v5yCNqpFEtd3ZjbvOJgWNIDWFJ8mA1VFR3JVlWGtnv78bvr9 IPu44u1Qt//BPOtIFe2EG9+mmZkLhlBWezvt1CvZeadQg7KbFhuZHNOk48XSX1sBn9d3rcbskt37 5EygunPI7o2qEVEZ9WSvqUPTprnf9/C/DIk9iV4BdoVfHW+HExqwlVXKBYlJQdMGGZuvZyIq6GYE +VKXw55mTxkF9wZQ9hwaUoaQ+gMqhnwAZnJSlJipnlpa5AQ0EV8LO/QEIAIoQPU9cCKg8aNpQDlD 8q9SjICjrjj+4pzHvm6WjwbCcQZzeJdUP8E3E4/c1TllTyzmAoeyyEeIy4iGt0/kwk1WwhxlVadH sUTmT3D0ypkOpovHUQAhkLuy8TzUwTIgDx+aQnueUX96FCHgVfPKn0IY6vIUev/A3/21+ecpOSQK AYmT4m359p+Z9t+FEdt2yYATW+8vZiechlm9+3Of/pjOSuhqQBz5XuE0/qomiCYvmVzuyWsg735/ eNKQVd2dV6BQ+KS9g+6nVo0yMlT8PAgf/1HYkNDlPkgV1wOl1kre6/MxvASbEluSlR23rEN3BbwV mVSrOYudmzuNx85hdpHcAEQEAAYkBHwQYAQgACQUCV8LO/QIbIAAKCRDqQ877M5uDOmnrCACNONu FyVSqZpdJmJ49BTDVr3DNSJFZJbKEZ+AqQyOS0BiELtrwhCikkNWZzNbnrXv4effGq0orxSWNmop JC5/aHfypEmJnLKE4dljTXlzMJKPagO30GUayalCu08OXL5J0MoItkDxj+i6WIOvLw8G1xhEcX7h aQ/+6a8cC1CUaV+q8PCU/+3K2bxBkL58zHzNpg2JjtRC7nVlPRHkplUyZpCLe4OEOvW7l4i5z6+F Qvxw+8a/9dWTW6UGyMLwWbP3HZJbeyLbLIPfmii3qKzMbqj2kJM0zV0C70vI64Ic+mHk0SPL0vM5 ljPbzLZddiZeKgK2O5fMPpyJpYWcxHj7a
Message-Id: <C2WACNF3.MOCHGZ6J.7IZQNCE5@MLE345G6.3RBRPUGZ.GY2PV6G2>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=PGP-SHA512; protocol="application/pgp-signature"; boundary="=-R8hA2VO41D6D6uFRuXoo"
X-VADE-STATUS: LEGIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ESsR4qbSDX8zsbqcKvANTSTH81Y>
Subject: Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2019 11:08:17 -0000

--=-R8hA2VO41D6D6uFRuXoo
Content-Type: text/plain; charset=UTF-8; DelSp=Yes; Format=Flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

thanks a lot for your great work!

Just an additional question regarding the =E2=80=9CGPG Api=E2=80=9D attacks=
 =E2=80=93 can we assume that all applications using gpgme (like Balsa, <ht=
tps://pawsa.fedorapeople.org/balsa/>) to talk to gpg are not vulnerable reg=
arding this attack class, as the lib handles cases G1 and G2 properly?

Thanks,
Albrecht.

On 30.04.19 14:29, ilf wrote:
> https://github.com/RUB-NDS/Johnny-You-Are-Fired
> https://raw.githubusercontent.com/RUB-NDS/Johnny-You-Are-Fired/master/pap=
er/johnny-fired.pdf=

--=-R8hA2VO41D6D6uFRuXoo
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEEcCEPemLFTtyGf4zATKlvDmfn2fgFAlzNcpUACgkQTKlvDmfn
2fjnlggAvnqhe5M6cgUgz3g4VZjdxrDqKMnSIB4DPUNSiViWnjcDMOPoGDutqCIX
LheBgfUjOTn7gsWRBEfgN0pjw1KXKbpQC8I+ZErhaDmpRQsTkIH+G6547hQceOhw
ErNxhRPTlDwXLfuktyTYwk9Clk4i8S2swvcaFgiNHT3izpC0LbY/ws30BqUlPxxt
Zal/G/tj9JiAHTEK+zNBIU2Sm3chIZkURNxayToBVxGo2cifkPRdbXo3Dz1mCx44
UtgF+7veZLLvwSEculfbyzt+sZO55zDHc7rokrUIZ9snBacppao2j5wp2oec7m55
HPZ5dKqLOA+3OJ6Z45fwWH1l+7F0aw==
=u8er
-----END PGP SIGNATURE-----

--=-R8hA2VO41D6D6uFRuXoo--


From nobody Sat May  4 07:10:17 2019
Return-Path: <albrecht.dress@arcor.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C95021200B9 for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 07:10:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.62
X-Spam-Level: 
X-Spam-Status: No, score=-1.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fmK4jU-sI7KL for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 07:10:12 -0700 (PDT)
Received: from vsmx011.vodafonemail.xion.oxcs.net (vsmx011.vodafonemail.xion.oxcs.net [153.92.174.89]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D13412002E for <openpgp@ietf.org>; Sat,  4 May 2019 07:10:11 -0700 (PDT)
Received: from vsmx003.vodafonemail.xion.oxcs.net (unknown [192.168.75.197]) by mta-5-out.mta.xion.oxcs.net (Postfix) with ESMTP id 1A4C23E0AAC for <openpgp@ietf.org>; Sat,  4 May 2019 14:10:10 +0000 (UTC)
Received: from deneb.localdomain (unknown [89.0.134.38]) by mta-7-out.mta.xion.oxcs.net (Postfix) with ESMTPA id E075A300771 for <openpgp@ietf.org>; Sat,  4 May 2019 14:10:07 +0000 (UTC)
Date: Sat, 04 May 2019 16:10:02 +0200
From: Albrecht =?iso-8859-1?b?RHJl3w==?= <albrecht.dress@arcor.de>
To: openpgp@ietf.org
In-Reply-To: <20190430122932.GD1456@zeromail.org> (from ilf@zeromail.org on Tue Apr 30 14:29:32 2019)
Autocrypt: addr=albrecht.dress@arcor.de; prefer-encrypt=mutual; keydata=mQENBFZ eB1EBCADhnPQMF2jqSiftx8rmkJ042TTo5Dj5zI89g4Ea2rNGrk70GT+g0wVg1r2ZdWNN3/BM+Hu rm/uKqhlj20peqmpbmAdR2R3avztfAdi0XK1wIyMKzER4z2ieo8mY2yZdcrTtjL/P92RHpHMqpIT xZBTk5p+TH02LdRgibBglcmc+gN8pF0ZMmMsbGT4J9ytyWXR7xvh+JCBN0NRhn8+Rz315bnKZPpG kbKaWwfQUsLwlRalLB2Tvc0nNIoTl1RPBHLIVdR/X4fVg3JJqqfzhJqshmd52PP3oHqNqgPMjHMu vGGQfIOWHifaZxKPyvS9AD+dMFZLFsW6J6Hgfm4YEJ3wtABEBAAG0KEFsYnJlY2h0IERyZcOfIDx hbGJyZWNodC5kcmVzc0BhcmNvci5kZT6JATkEEwECACMFAlZeCZQCGwMHCwkIBwMCAQYVCAIJCgs EFgIDAQIeAQIXgAAKCRDqQ877M5uDOk1nCADWLGh61nwMVCi5YiaqbzM4Ap7cSLc8+5OPml1cl9E zOKiwZZ06fP671EzUirJUxLJgMRieFJWVCUoB/q/VcGeyoHsvmFgqYCjkMFjXEfs7us8AU9ZSqZk ljh3zp+JcGXnNsga7GwIti6d8wNRJILxnH5FLLfHHxcLG0Sri5ObF1eQQO45u2xDadXs7hM88T00 holFAYUAd2LEvOsJdZfzXMjp0ygJ0CXAmzRrVGFOvP1ZGlY82xZhSX1w/+zB+6J56Pm2+LGXxK7q OTb0VFch8ywtieTafgwv+6dOpYWdRG03z6wveFLZ+ESwrOlgTYT7VgRuxPgdjWYuIWc0K3OkJuQE NBFZeCr0BCADiOO0bCOVjlRxS9oLXRYj2FALktwINuI14kPYH0dJOsEa+iK5FpV5gksuFFQPFCAn QInTbR06JXpExoVTebyaqFG95jYr9BEDlxAq12ztJUNYB6L2Uk8UhTzJ7T9RvVUE6UOTyHg4Qlhr xMr/WIBJTOgJLx0+PYX57eW8iFIkCutSQiyoL4TaQ6+FPOTqvbWfoghumtovDC3JErWvvOEEJohk 5/iN3/9nDwaUp7Z9sELsjxXXUe/BTAPprq31onioFHBpvfPg1LpzqkJtEqsRfFG3JxEPM1mOxT9a qCysZoHz+/Q9DOLJNIrht7gEna8bfWq96opp1YkXx84MDDGydABEBAAGJAj4EGAECAAkFAlZeCr0 CGwIBKQkQ6kPO+zObgzrAXSAEGQECAAYFAlZeCr0ACgkQTKlvDmfn2fiNcQf8DDH/OZUITKpNZDr 3/2RYoN63bFKeXqjsEKgUaKn1PoYTDNbpDQe9YfYAH1MP1jbvUsvl7iYo5sOk+0cLXNVEPWVLoMZ 5aapNhDX1coDh0fLMiGfvvoWALMkbSCLifYBJRBMx4u5MSzo9SiFRCnD2ZhaATKZZomopP/tjeON XoX4jrvN17jCswb9tv+luwaoYTLHeWKxXY3CIJTEuhq/6TVq1AfrTx2pfQDzO+hp996kzClVw+yF ol7LGd0gVapJ9z1FnmmEr7hgb+aT+nexEdkBav6L3+AEky19Oma8LbHrM7MCRgORKtmVXsGWE0kS BHMhjf926e+WP9yEvuJ5p77H/B/9jKylBKwezvvIuBHKNitk/0qwUECbpkN8gfRm/mfBGMQvuES/ /D2UZrr++CwdmpHPxrFOWz+hvwO6/K1wy9XpUbkhkzsyA4jZ+aPFZdTKAegMUHjClbapMZxZOoRg Cl2CupTNQf316mYUXB81m4pAdy1MCnLwf2s4h0WoI4Q2zhHOsqrB23TIQTgW61D0JtqCY4DjeuWd C80/3AtJNI4E4+vfhucTWKTib++IblagSNg7nyacRoehVJch79NVrOhKFrioo+p331VTiBzRXnhM 3YG07fQlGYdA6AwYlP22PAEvAI5wn5PG+lPkHmHVvz3QLoUzAS9PEUzXvlYPMyobhuQENBFZeDEs BCADNOXu0rM1UVZ5y/Fb1Uklcmujc/MgoLzANUISqonfX3TKiVnpvmaKcQMZ29xsk3mt4osv+1Ne hhGWoVorlSUGVWFrghwumPPxgb5WRAVE4NjaUMvtjZyXsHA/Uj7Q+WAvUgNeSbT6CkZRliH/eaXb 9pZf6j05tDm15ABAWMj9SEdaZQwQcEDZujDbrUa/oxx10ePyGFhpEuoha6yU0C6Fc6KG6jy5J5Lb bR7RrA/OEPhtRpRVnv7qdLyIZtwJUPNXz7JXTrm43sGjJLF3zjmTVJhrnCXp00Nhq4ydIdWqxokn RNmEJ3qj0Heeb+jHWr9pcEGBW6FuRtS/WxIWSIit/ABEBAAGJAR8EGAECAAkFAlZeDEsCGwwACgk Q6kPO+zObgzq/jAgAv4qOMbN4qud+5wtJCMCv3QkqHY2WUXqM8sj3rHyc15U+FzGOmjQNxOIJw7y t5Epws/hyVPEp0lc6qPMvTeZng3lANNfPVBvIL3FuUTcGgc3KOx2gnB7ZpVG0baNSziqMZbHXjUW S8e2ub9YiH3n5gSW6Oq1veG0eNLatFpvwB4g7kfsyD6J88/iRfuFDkY6ANcfy4pfeuBl9XeO4EvN c7E0a7Ki036042gdoAF4MrbEMqFCIQHID0jlqzc1i8WcjxkwC5YqfrJVzp4PROpEaMNP8tEKqKxK 4V5CFqfHjGlijRD4FIfJtU/GzeMLnzsVqmKtPtfDfpmwDc1n+gDJI27kBDQRWXgdRAQgA2nEFM3Z jewnmly96ehVLLZJxJxv773b3hWKIEBBw1QF5Hk7Qwd3OQnxr0IjCuop0eiTdRhymPsVLaoMMOwO +ckScbiIUwQELP4MG2Qmzv48wLq/kML2q/Y5+scwqTYG0yLbmV/XD4gp0GuQuSujp+8oFbqC+XF5 YloYxHxEvOS8YGkbJ0T9SRtTMNChdy3g/9bHZQdAWFLIU4ivffKwXQRgqWkybF+td1SCiNTrEkSE tfkdt9A4BYQ41byb/v2YBZhLBV1/LCrf9R25c4SIGP/LAngSEfJFhb8ecTAIKJpvPFxRWBHKNcTJ r4MqzCjQDsUDPZdN1SNhQF/jDkZUDDwARAQABiQEfBBgBAgAJBQJWXgdRAhsMAAoJEOpDzvszm4M 69OYH/AhfWKr6/+Ru43U9QAcodMcGIT9YBu9Q7jZdhtmJiHhukMcn4OZt7JX+UJO3QYyXupJPdkH EF/YqaH4wzu02b5n9ImX0hybVw++v5yCNqpFEtd3ZjbvOJgWNIDWFJ8mA1VFR3JVlWGtnv78bvr9 IPu44u1Qt//BPOtIFe2EG9+mmZkLhlBWezvt1CvZeadQg7KbFhuZHNOk48XSX1sBn9d3rcbskt37 5EygunPI7o2qEVEZ9WSvqUPTprnf9/C/DIk9iV4BdoVfHW+HExqwlVXKBYlJQdMGGZuvZyIq6GYE +VKXw55mTxkF9wZQ9hwaUoaQ+gMqhnwAZnJSlJipnlpa5AQ0EV8LO/QEIAIoQPU9cCKg8aNpQDlD 8q9SjICjrjj+4pzHvm6WjwbCcQZzeJdUP8E3E4/c1TllTyzmAoeyyEeIy4iGt0/kwk1WwhxlVadH sUTmT3D0ypkOpovHUQAhkLuy8TzUwTIgDx+aQnueUX96FCHgVfPKn0IY6vIUev/A3/21+ecpOSQK AYmT4m359p+Z9t+FEdt2yYATW+8vZiechlm9+3Of/pjOSuhqQBz5XuE0/qomiCYvmVzuyWsg735/ eNKQVd2dV6BQ+KS9g+6nVo0yMlT8PAgf/1HYkNDlPkgV1wOl1kre6/MxvASbEluSlR23rEN3BbwV mVSrOYudmzuNx85hdpHcAEQEAAYkBHwQYAQgACQUCV8LO/QIbIAAKCRDqQ877M5uDOmnrCACNONu FyVSqZpdJmJ49BTDVr3DNSJFZJbKEZ+AqQyOS0BiELtrwhCikkNWZzNbnrXv4effGq0orxSWNmop JC5/aHfypEmJnLKE4dljTXlzMJKPagO30GUayalCu08OXL5J0MoItkDxj+i6WIOvLw8G1xhEcX7h aQ/+6a8cC1CUaV+q8PCU/+3K2bxBkL58zHzNpg2JjtRC7nVlPRHkplUyZpCLe4OEOvW7l4i5z6+F Qvxw+8a/9dWTW6UGyMLwWbP3HZJbeyLbLIPfmii3qKzMbqj2kJM0zV0C70vI64Ic+mHk0SPL0vM5 ljPbzLZddiZeKgK2O5fMPpyJpYWcxHj7a
Message-Id: <Y4GLJDBK.25MFNAVP.JR7XXY2J@A35DREMG.O2ZDLWN5.AWQ4LWN6>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=PGP-SHA512; protocol="application/pgp-signature"; boundary="=-TL6mlXQnbWyUouAo8ZRF"
X-VADE-STATUS: LEGIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SKclvRGw9kan13GSsP66NlHHKEc>
Subject: Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2019 14:10:15 -0000

--=-TL6mlXQnbWyUouAo8ZRF
Content-Type: text/plain; charset=UTF-8; DelSp=Yes; Format=Flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

On 30.04.19 14:29, ilf wrote:
> https://github.com/RUB-NDS/Johnny-You-Are-Fired

While testing the MUA Balsa <https://pawsa.fedorapeople.org/balsa/> using t=
he proof-of-concept messages provided on Github, I noticed that many (most?=
 all?) of the RFC 3156 message parts are not recognised by it.  Looking at =
the message source (e.g. =E2=80=9CAttack Class 'MIME', Test 'M1' (PGP/MIME)=
=E2=80=9D), it appears that the header

   Content-Type: multipart/signed; boundary=3D"BOUNDARY"; protocol=3D"appli=
cation/pgp-signature"

is missing the =E2=80=9Cmicalg=E2=80=9D parameter.  However, RFC 3156, sect=
. 5 states that

> OpenPGP signed messages are denoted by the "multipart/signed" content typ=
e, described in [RFC1847]

which defines in sect. 2.1

> Required parameters: boundary, protocol, and micalg

Consequently, Balsa (and maybe other MUA's, too) simply ignores such multip=
art/signed parts as they don't comply with the standard.

Did you omit the parameter intentionally, i.e. did I miss something interpr=
eting the standards (typically, the value is never used), or are these proo=
f-of-concept messages broken?

Thanks in advance,
Albrecht.=

--=-TL6mlXQnbWyUouAo8ZRF
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEEcCEPemLFTtyGf4zATKlvDmfn2fgFAlzNnToACgkQTKlvDmfn
2fgxmQf/f4MpnUsEARZ1ONUNLOm7VgJeae15TfN6hb5cNtqoaa9UC5mxA6zVyUc0
iUpB9ljArMHwrDIPEBBdZkPULRxFHyZomUPOjPbrsi4gjdehC8CKTxsJLcD3pgkv
mXSnm8gwp1K/GiLswKxLfAyeOgW0/OacWYqo7UzuUmAEzQ3UxNaLE/Qfgqjyh7Hc
GZTC3Ezn6Z926dX0dBCwBDV2DL7viGrbvsUvU0LgQMVUGjB1Mq7m+HItx1LZiXsx
COTpheWe0zVYljx4etXTcXl0w3RJTCZO5OC3aHoK1ofiVmoeyCwpdmMWymcquUDO
209Qwx1WraGbVASR9jyTdN368ziFaA==
=vtKk
-----END PGP SIGNATURE-----

--=-TL6mlXQnbWyUouAo8ZRF--


From nobody Sat May  4 12:49:06 2019
Return-Path: <marcus.brinkmann@ruhr-uni-bochum.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DAD5120325 for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 12:49:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level: 
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ruhr-uni-bochum.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCTIGHhCU3kX for <openpgp@ietfa.amsl.com>; Sat,  4 May 2019 12:49:01 -0700 (PDT)
Received: from out3.mail.ruhr-uni-bochum.de (out3.mail.ruhr-uni-bochum.de [IPv6:2a05:3e00:8:1001::8693:359b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B94BE12002F for <openpgp@ietf.org>; Sat,  4 May 2019 12:49:01 -0700 (PDT)
Received: from mx3.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by out3.mail.ruhr-uni-bochum.de (Postfix mo-ext) with ESMTP id 44xKLx2FFCz8SF3 for <openpgp@ietf.org>; Sat,  4 May 2019 21:48:57 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ruhr-uni-bochum.de; s=mail-2017; t=1556999337; bh=rBmd/Lajsej0xilCaaMsd4BGcYgkCCZq94R7Id2EBSw=; h=Subject:To:References:From:Date:In-Reply-To:From; b=DPbcCg7iX0HuhU+ldPjdnLEJAbIDwoJrErA1H/0u65InfzyVFD61D1f+fKfLql5M6 p/L28PcOpQoWFx3ut0I1CnBNDD0gTZKeBXvGa+CGcrOzHBXT59v1TVwuwKYzHk6yXJ rdBEF95fNnmJR6WqZjCgr33O5RLn70g1DvlCkUJw=
Received: from out3.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by mx3.mail.ruhr-uni-bochum.de (Postfix idis) with ESMTP id 44xKLx0p5Vz8SCK for <openpgp@ietf.org>; Sat,  4 May 2019 21:48:57 +0200 (CEST)
X-Envelope-Sender: <marcus.brinkmann@ruhr-uni-bochum.de>
X-RUB-Notes: Internal origin=IPv6:2a05:3e00:c:1001:5054:ff:fe37:b9e4
Received: from mail1.mail.ruhr-uni-bochum.de (mail1.mail.ruhr-uni-bochum.de [IPv6:2a05:3e00:c:1001:5054:ff:fe37:b9e4]) by out3.mail.ruhr-uni-bochum.de (Postfix mi-int) with ESMTP id 44xKLw5PHkz8SCW for <openpgp@ietf.org>; Sat,  4 May 2019 21:48:56 +0200 (CEST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.100.2 at mx3.mail.ruhr-uni-bochum.de
Received: from [192.168.142.139] (p5B049F18.dip0.t-ipconnect.de [91.4.159.24]) by mail1.mail.ruhr-uni-bochum.de (Postfix) with ESMTPSA id 44xKLw5HWqzyvZ for <openpgp@ietf.org>; Sat,  4 May 2019 21:48:56 +0200 (CEST)
To: openpgp@ietf.org
References: <C2WACNF3.MOCHGZ6J.7IZQNCE5@MLE345G6.3RBRPUGZ.GY2PV6G2>
From: Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
Openpgp: preference=signencrypt
Message-ID: <4824e694-ec28-29fb-75a4-3ad4f8efe2b5@ruhr-uni-bochum.de>
Date: Sat, 4 May 2019 21:48:56 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <C2WACNF3.MOCHGZ6J.7IZQNCE5@MLE345G6.3RBRPUGZ.GY2PV6G2>
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.99.4 at mail1.mail.ruhr-uni-bochum.de
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/uSSw9jY-wXo_hk9Af-fpro91DVM>
Subject: Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 May 2019 19:49:04 -0000

Yes, GPGME does not conflate the status and logging output stream, and
thus is not vulnerable to this attack.

On 5/4/19 1:08 PM, Albrecht Dreß wrote:
> Hi,
> 
> thanks a lot for your great work!
> 
> Just an additional question regarding the “GPG Api” attacks – can we
> assume that all applications using gpgme (like Balsa,
> <https://pawsa.fedorapeople.org/balsa/>) to talk to gpg are not
> vulnerable regarding this attack class, as the lib handles cases G1 and
> G2 properly?
> 
> Thanks,
> Albrecht.
> 
> On 30.04.19 14:29, ilf wrote:
>> https://github.com/RUB-NDS/Johnny-You-Are-Fired
>> https://raw.githubusercontent.com/RUB-NDS/Johnny-You-Are-Fired/master/paper/johnny-fired.pdf
> 
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
> 

-- 
Dipl.-Math. Marcus Brinkmann

Lehrstuhl für Netz- und Datensicherheit
Ruhr Universität Bochum
Universitätsstr. 150, Geb. ID 2/461
D-44780 Bochum

Telefon: +49 (0) 234 / 32-25030
http://www.nds.rub.de/chair/people/mbrinkmann


From nobody Mon May  6 04:52:00 2019
Return-Path: <marcus.brinkmann@ruhr-uni-bochum.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE11A120153 for <openpgp@ietfa.amsl.com>; Mon,  6 May 2019 04:51:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level: 
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ruhr-uni-bochum.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GJQz1tJW8ofl for <openpgp@ietfa.amsl.com>; Mon,  6 May 2019 04:51:56 -0700 (PDT)
Received: from out1.mail.ruhr-uni-bochum.de (out1.mail.ruhr-uni-bochum.de [134.147.53.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C02CB120150 for <openpgp@ietf.org>; Mon,  6 May 2019 04:51:55 -0700 (PDT)
Received: from mx1.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by out1.mail.ruhr-uni-bochum.de (Postfix mo-ext) with ESMTP id 44yLgv710gz4w8Q for <openpgp@ietf.org>; Mon,  6 May 2019 13:52:11 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ruhr-uni-bochum.de; s=mail-2017; t=1557143532; bh=pCScND5N+Ug0Nl7LIlgfr28aGRxxTsZ2bHZ+yv8kFpM=; h=Subject:To:References:From:Date:In-Reply-To:From; b=MFujBpVW9nOKYu0RJ9t53UrUiMhwzo3TWzvuCLeF9P8+1gut0/PP/d1SBJs0gutF0 LmxCZYBE+659dJEJb7BVH7fIUDqR8fHk3zVDUlXiiWC8oADixZ6jiaLR+edYb0hZMi 7FTKDvnOn34SYzwPB7BcBIzU899ygZSJEDrJoJ08=
Received: from out1.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by mx1.mail.ruhr-uni-bochum.de (Postfix idis) with ESMTP id 44yLgv5jVzz4wLM for <openpgp@ietf.org>; Mon,  6 May 2019 13:52:11 +0200 (CEST)
X-Envelope-Sender: <marcus.brinkmann@ruhr-uni-bochum.de>
X-RUB-Notes: Internal origin=134.147.42.227
Received: from mail1.mail.ruhr-uni-bochum.de (mail1.mail.ruhr-uni-bochum.de [134.147.42.227]) by out1.mail.ruhr-uni-bochum.de (Postfix mi-int) with ESMTP id 44yLgv4VBWz4w8Q for <openpgp@ietf.org>; Mon,  6 May 2019 13:52:11 +0200 (CEST)
Received: from [192.168.1.107] (phoneyspot-457.nds.ruhr-uni-bochum.de [134.147.159.61]) by mail1.mail.ruhr-uni-bochum.de (Postfix) with ESMTPSA id 44yLgW1s94zynK for <openpgp@ietf.org>; Mon,  6 May 2019 13:51:51 +0200 (CEST)
To: openpgp@ietf.org
References: <Y4GLJDBK.25MFNAVP.JR7XXY2J@A35DREMG.O2ZDLWN5.AWQ4LWN6>
From: Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
Openpgp: preference=signencrypt
Autocrypt: addr=marcus.brinkmann@ruhr-uni-bochum.de; keydata= mQINBFZU6WABEADoVonKbB/tV0v25cm39DaSZyN7it70RhTZHLESbpDiHCwiAMi74MK/HB/q VR9LZDkTDF1x5xUnxxMHa2rpxO329dlk5dQFq1iELxIC/yBCEh5HMLT5MkWqwb8UkINYpaFU csQdPvdC2RzZ4Wt5/xX/6mvSnA4g7hSmUKwIiDX6489Fj5jHK3i0UQFnzKty3O7mqSbedTHs ym2q6fPcIlEOvU6unzxJRK4bgfW2NBM6aMqgLeQkKYIkd1Q/OXEWCXC4hQJepak+n34ChIrV RRHIBJ0GHRkEgHQgQUqPLS0fJlMYCaSZFmOAaqmigxVn1ErG3jTnFQPbPkfE5SCssFP2grNV N1ikJzOEpBLYA/4pOaJzSnZ0xx9aKPdUsyBksKmCsLQNiRt4ZTNFpJ2DJ8NbXYAFkrcu15og lrB//CVQj3CfkzUbpyfcwJHAho1K6XaPybI14znuorTJF3ml0qDd3XDkcmnF58s4hfvGHQtz +CEW+85gUF+T9jKLpwNGcNdBhbvdE6d3cSbR7dXeZsxiA4AmqqEhH6SnVmkSqmhX4+k6RksE MrHJnzefTyA4kXIR2QvD60nZXqta35VhhCzIcpkUpxcwABBR7C8nCxiGV7wNmGECgHv+Zl/O hQhWF1Ld1G93xCg7D+Nz0RerRdwtBOUatmCp+2HRTcRXNOW8jQARAQABtDZNYXJjdXMgQnJp bmttYW5uIDxtYXJjdXMuYnJpbmttYW5uQHJ1aHItdW5pLWJvY2h1bS5kZT6JAjgEEwECACIF AlZU6WACGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEIiwjVpXtiFAHDUP/0PuDwhn Cyn7b2S7Lrn0BBmi3LOS4ioalCZkV6BenkXydeGwJ9CVVix9WEbiLzCz/DHfvz97l/T9lxcM bACc1tX5a+qvqydzKd2eXFnVdH1JaihqdhG7sWYi22H1uWSyWbHd3rBZaDAts5Qialdg+WC0 kHh9pkmmlUE3BIkTaIOA9k4J93hz4QDOEO7xjB9XMOIRuasZ0lOOPraezS/pKLaQHlzPJZfo QEGL3ndn8U1FXZgR2DWhGtbClEvLaNXJ7RYhIlCeEwCwsTuGg48iDYC0+phvj/nwhZV60+Eb lR4Kux4DjY65s4Rp4kIzh51PRE+bLHtULPx1x9X1x5ZekYQdgwf6doBIIauARZFaxI6dt3i+ HSMjpga3k2Xn5iCaf6NeG1J2bh9sEAH7nntibOOp4sT8YR2SiQ5ab8PnDkydwbghUZcJ39a/ CZnN3f1RFeRX6d3zbfULPsf7o0LM/IvNKFvBoVzVb3AVYdhe5FNOE0DfhOe8lpE88ofu+es6 ECGumfR8UEcQc/O4dSyprngxZjjEdgdo5KqUkCEeGM8lVp+EFcmtLME3uqFhsUihk3YfF9Ni vZ0/0ZcLsmMp3zCZ9wS6HWr2UTkYrgc7Nr3YBClDs9W/jurcSPMmpwwhq2ycWaMMMPqULS4c U2vhGKh6JDPqfIfXFQIfhiVwCMx1uQINBFZU6WABEAC3meKoeQn4r37Z1WCvl/lRVgwYLIEw GX94WCZODxPPEy2zTWStj45yv1ZrSI0HyAqssZzXPelOFJzlM8M+iccxIMRgjnnGJJR0YqYU draf1Z2YQk/x2WjYNUg0blChdyeqwBhLAQKtnPOKkTPZBBGzPjsS+JeB8yN5r4vouFGMG+Cm YFUy4oCmcmuUrdLm9NlzM5ituyTJsPG9CDO834e4qlZsNW/yEzyPsYDW0PxJxgEe/WjLsDJ0 aiwaDhBpR8/i2FfEUTGXl+6wvdXR9lhddBoiUCVlNRu9jiKVxv2JVJepcZa9B/atJwcsDAkZ JgnjP0qRybixx/wo14KromgWVBGwpZ89sFEgZF6HcxPMKuWtieIORzs9kb0jpMFi1hW9xi60 UBHikrpDG9MnwA35d1lg/9kUlrF1nqTnyoz43UxntlgQejl6JcBR2Poaaib3ZtCR34yxslFz 4znXBermA2eEvusEmjYJlxPWozW18grbSYUr1tCmjvKZAIMrspVx37+WSm/4fy8Mq9iqhkIw eFQM10GL+fRQOGJTpSY/KiGxmkaTPtj9iaovJOcGAjUzzreGhi4toIrWWULPNKS6vuV4VgMB F4XxIcVqC9I43yzJ6/cYciwL9bxoWQ4EpHuIG3sewvOWbceeDO9j9DRSd9E6GX67NzrruDPX Ooge2QARAQABiQIfBBgBAgAJBQJWVOlgAhsMAAoJEIiwjVpXtiFAHBwP/3x5953X/1jR2Aeg R6oHSF0HAD8kMnKLP5cwLqrOzUpCwqzFGBCbYdvxrWG106jyvcZdUvtBSGd8n1FuE2WrpQrK gNjdRG65cN2kduk/w66Oq57EqSuO/r6OnadG9hgVZ1YP/QUsL6n4oF7coD0CJiH98UyLw1yP 3Em1ONX8ditvMVHNudVC1VoEN1BFjIX9VWqWoU843vPct9wKi6jLYHHAX3UpnEJtfqLHCj55 4s+0yhMhoaAIfNQZWU9iKzldM6Y0j8DJ/YBSThhw9S/TX7mClhXArJ/iPJSr6FPhlQMMcZRQ aSiQu1gDL76I5G03SkBWCnXbSpeNtTeMiSpsA58c8rpr2T4giCiV29FPgEj4We2/jBrBcwWA /XjSLE2RNOnF2G65dVxHAlaCc84lC2+bh9kVU+Tb+9YDWfHyNO+pNk/Lpaef2Kg6ScKmte6+ wVkWQZFTU8mgkHZqFvQk29RnV02phRTM0ryvWWldNgf3vzztS3iyD3GrJCPcxjm24cAflp+7 JfQ4qV/ec598k++HI4r3SfmSFKFcsxh+073p+oVjs5kIHxM0SExdjKewLOE3BKQYjn1r17xW XogKlIGbTEluQ4Odyh4n88/iA8ZLNPKjvjno7UuwBsZyJxdaTOXlQYt+ZRZNfIBSWqv0U9fY tp9qPuy4vCfkycCucIgO
Message-ID: <205956b6-c676-98e9-294e-e8a604927fb1@ruhr-uni-bochum.de>
Date: Mon, 6 May 2019 13:49:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.0
MIME-Version: 1.0
In-Reply-To: <Y4GLJDBK.25MFNAVP.JR7XXY2J@A35DREMG.O2ZDLWN5.AWQ4LWN6>
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.99.4 at mail1.mail.ruhr-uni-bochum.de
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/cND1EMRfSkCr7UD1lqCJafuZjuA>
Subject: Re: [openpgp] Spoofing OpenPGP and S/MIME Signatures in Emails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 May 2019 11:51:59 -0000

On 5/4/19 4:10 PM, Albrecht Dreß wrote:
> On 30.04.19 14:29, ilf wrote:
>> https://github.com/RUB-NDS/Johnny-You-Are-Fired
> 
> While testing the MUA Balsa <https://pawsa.fedorapeople.org/balsa/>
> using the proof-of-concept messages provided on Github, I noticed that
> many (most? all?) of the RFC 3156 message parts are not recognised by
> it.  Looking at the message source (e.g. “Attack Class 'MIME', Test 'M1'
> (PGP/MIME)”), it appears that the header
> 
>   Content-Type: multipart/signed; boundary="BOUNDARY";
> protocol="application/pgp-signature"
> 
> is missing the “micalg” parameter.  However, RFC 3156, sect.. 5 states that
> 
>> OpenPGP signed messages are denoted by the "multipart/signed" content
>> type, described in [RFC1847]
> 
> which defines in sect. 2.1
> 
>> Required parameters: boundary, protocol, and micalg
> 
> Consequently, Balsa (and maybe other MUA's, too) simply ignores such
> multipart/signed parts as they don't comply with the standard.
> 
> Did you omit the parameter intentionally, i.e. did I miss something
> interpreting the standards (typically, the value is never used), or are
> these proof-of-concept messages broken?

This is just because these are minimal test cases developed by hand.
Adding the parameter should be fine.

Thanks for your additional testing!  For everybody else: Albrecht posted
the test results on the balsa mailing list:
https://mail.gnome.org/archives/balsa-list/2019-May/msg00000.html

Thanks,
Marcus

-- 
Dipl.-Math. Marcus Brinkmann

Lehrstuhl für Netz- und Datensicherheit
Ruhr Universität Bochum
Universitätsstr. 150, Geb. ID 2/461
D-44780 Bochum

Telefon: +49 (0) 234 / 32-25030
http://www.nds.rub.de/chair/people/mbrinkmann


From nobody Thu May  9 05:48:38 2019
Return-Path: <juga@riseup.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4959B120041 for <openpgp@ietfa.amsl.com>; Thu,  9 May 2019 05:48:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level: 
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=riseup.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iYL4gscl6dfO for <openpgp@ietfa.amsl.com>; Thu,  9 May 2019 05:48:34 -0700 (PDT)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 515F412001E for <openpgp@ietf.org>; Thu,  9 May 2019 05:48:34 -0700 (PDT)
Received: from bell.riseup.net (bell-pn.riseup.net [10.0.1.178]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id DC7C71A0A87 for <openpgp@ietf.org>; Thu,  9 May 2019 05:48:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1557406113; bh=wNMR+WKjbzlWTQh9S21O6aLx803+qFrVr+QEnM+VsHk=; h=To:From:Subject:Date:From; b=RFyLWfoO3HM3al4FKER6810qvh2L+w/Y6kbnUITpGp1HZsh02XecO7s/2z6zMn4Sg vkR6ILllpOpCllnjtitd1dJUa/KtP7GdiFVjAHfITNuDuzq9Vy22W+2sAEW0zjzRmX A5QGfJBaCZa1jZFsCn9+AlHyHpXwS1A4uT965NdY=
X-Riseup-User-ID: 860BF8B74CD344A9D2A3ABA1900BE2E7FA1DBD0E3F8797FEE8E23A1983D37298
Received: from [127.0.0.1] (localhost [127.0.0.1]) by bell.riseup.net (Postfix) with ESMTPSA id E9F7A2245D5 for <openpgp@ietf.org>; Thu,  9 May 2019 05:48:32 -0700 (PDT)
To: openpgp@ietf.org
From: juga <juga@riseup.net>
Openpgp: url=gpg --keyserver hkp://jirk5u4osbsr34t5.onion --recv-key juga@riseup.net
Autocrypt: addr=juga@riseup.net; prefer-encrypt=mutual; keydata= xsFNBFONpUkBEADCZKJs2sXSK2qEvIquZKnt16LCsg61kacKX9MGdbrfB/xxrjx9tcU6fCFd C5//4OwI+sT/E41LrwpV8cehVtoAtmwyUK+/LC3XLbK8m8XSp8/ghOBnm2jlI0z9FVqfHuiv cfd6v7C2xSkqu2TvzdavBetHgPtJwrZ1zK5suQY4ww+48C2GvyqwJR1CMjJq2mz5CEa3mh7N vwqnSxM8Oh1ptSiRbkGR36GF5rt2w2fbFv143fqvquNi+T0P/VWjFk7DZA4d6yhiiM3zb3IL I3TOlgZT2oyjAqq5DTU5evS1VYq9zugT5xvvFQ473M2le3uSr5wPhj4kXkDAgbaHOxinBfR4 ldT3yDJ63mDq1nxxhBfoDx6EP/8gard04aow1zFw8USUS18wloV5/XMnGZX4vYFpKfPYxOSw CFyXXPxGkeIqZ7A1kuUJnvnsfFs+FzPor0EkaKHV88HB/XFwupgc1h4EhmDcEAQJGh8wgjrN A/xLH6tiv08VSC6wtS1BfOQsaRoA32/rQAusoZ5uzwk1C4WJlJ6RkBf/XWIFt9T+22gl8rAP 6MGTFGzq1Wnvfp54ih16+B3tyrH1rjfo2TSHzJypdOJElhjxi2RxLGD3UBOrmjm2nxqWYEE/ syQRWaTs7UTXQ83veLs0exIKzr31nUHuYIqkCITPHVTywHJ4FwARAQABzRIgPGp1Z2FAcmlz ZXVwLm5ldD7CwZcEEwEKAEECGwMFCwkIBwMFFQoJCAsFFgMCAQACHgECF4ACGQEWIQQtqB0B RVw6ADIZiFDzBUR6+AbUawUCWyEqRgUJCXS4fQAKCRDzBUR6+AbUa4RYD/4tTqJcgypxdiQW 7tiXoYdPMM2tBlhBrJPY3BbcWoKpuRiREW/NSAoSPN+zPN89CKy9ziyDkDeBZ+s3vJ45bfin ePif5aqiaSOnNEWmw8DimfKtHp4P+D5iJcV5GeSNvi4RKV/CYy1uxpeWRZJ2WNYxahjPAPge IrFQ+LRtsaely+fYPFGk5IWlhEdqlCjjqMR7PRn9wbMATobbirvZO4eZO+p9vraDcCSZ7mt9 GkL0Cgyz+KqSgh/Fxg+W0Wz+NKkWDVnNjUsY6iUXl+TKnk1kRFvo6iwAQkAThfqA7zf+8KQz NihDXJLvrYKXdlC0o+kFZhLQJzYXRH6suRHjPEBSg0pmMzLKLddTf2xtTKbBPvmJAJ+Fg04i FR0y49gQ91VN24YS8WtGJv6CH8TBzcj+o1zwmtSy444sShrB6K5DzVzHpf9hjlFJloLTGkPw Fz7ThjIn3K31wYwIcDST5sDaIQPaoyEPFJRZv9/OUR87PnZaw/cjhkzqA1a9jokzRhgHc/gv WAAkcOvJBqjQSmFXvJY97IDCa2GxpsE2EQglTpG7XIb9rVDNcvfh97y/3ENYxXkvWczEkg3y fbt9DaoLiexdXqzdcJIrTuVyfFiz/EhV94SAYmT7Mz1g4cBg3gAjQwOZmCeaBOrIP/rz92l5 8DVbJ1oVc6PIQeBKaX8GEc7AzQRbjMi9AQwApH7DuXc/hkDFu+G+dQnr8HRPHQhQgRi/jufh vBYHeqaZ4VzRG3BJTVlzCnOTnH7Fgoric51Zh3yD4FFvhgvyYTgS1usRibKA/rZPzy/+Ot19 tFXGj5esPgsQMW5//B1YM2CxKZSRV51y3BWCbPncvEbdwA+XNxSWTlgF0RqHyUetHAkuX3x0 AtVXP5qSsvbOW864KlzqTjOwZVyYgEpxZBGBNZ+fczYLXBvsmpxCKBWmTOW2EpVzVNEPgGAW oZlm6J8wBJzRJu9iR/tKojWwm5rZwwe2S67LxHi022Jo1aSeWL1eAPm8FmVhFyAqAvVFrykD DtfP2y10Gtw+iXFWtbKSKIUKJxQsP22RTHSVBenuFHbE/AYxrOeN39El14rBBwk1vUfD0JBo VtEc2cfvCy0AngIb3RR1B0jdKS/vAG+m69ltNc5yfGVi61mGsaluZ0bajBj4kIFhFGnISGKA uuKwLpXu8FUu2gFuwi13FK0YZlz1Ual7UzELdl1ATDZxABEBAAHCwXwEGAEKACYWIQQtqB0B RVw6ADIZiFDzBUR6+AbUawUCW4zIvQIbIAUJAXVxlQAKCRDzBUR6+AbUa/OeEACsJp5g0ctx b34P+u59UQS/CpzflIJE+RcmdQr4EtNE3LoSLQf7IdRygr+zjRv7oB8gbnzMZvZ5TkHUFVAP HXcYwzK+gCXMMQQhwXgXEqQOsTJIHKogXZqIUZVDPcNZH5HTL6KemSF+Kk5u9hvHiJHupSzA sDLEFNfWMMr9QDYDAnGoxrn1fHJQdZQyYZQUZYbwE/Q7b5ImayihxbkpXj1zFzmc4NVjHhxk 1kLy5bSeluDqsBtd6CDYgbNZ4MMtdeDKOtkgMsAnmQQKs0ejFewYYlgLSwcFpLvRxQH2YLcJ Fx6qfjZFgmWNWlY7eRM3PxToVkIoeTXXXtwRFJRpGcUDPk5cEg0x0f/65UmvSvXaDuRgj4Cx 6RV75u/uvj7O7KHhS/nf5poQU1cQplSczp/qcu9/Rw5Exjix8+OTJN8O+hhl2Lec4qF6veYh 5WG7+aLLamhxZS5Nr39mgDX479r4uawxi/yS9JgLZrQZKBKlIxxKV5aBatePLg8SRT0G/HtK T8CWlmMUW/1Bkv4WAD0f9p1tyyVNW0Kn8VrJq6nIa+Kakp/cgdUlY9rZYSM6E/12KwY1sGZm naEV/8FaBTEeh4eur0OuY/DrQgUsAXdhpS2eqNr5hwaZqXNPZPnX4ropo4DVNfALYsL6ebME b+JcsKIg7L5zfR1wla3yT/Bqg8LB8wQYAQoAJhYhBC2oHQFFXDoAMhmIUPMFRHr4BtRrBQJb jMrSAhsCBQkBdW/UAIEJEPMFRHr4BtRrdiAEGRYKAB0WIQReKwnjtGckC35u/P9Mj5CXZKMU IQUCW4zK0gAKCRBMj5CXZKMUITx5AQCSb0rFrCpGRg+x2fSAV8GLcl0LzNZfm5AIfVKp3uUS HAEAmmNjuBle9ddmROf9ce63y4XvQiqMIQCWLYQYrsoR6w01Mw//bgPzXrCmb5cPUeFYKGQs vek+/j7SGuFGi+WzR94i/rqnk7+Ffk7muyq3Oo8h1/6Xd2/OiS80EmksrEYFjNYLMtUkpZLc e7cTI/KgSARDzX2FKRfG3Zp76ttLxsGfGM2cIKAIR2z9flZEdaTFMK8jJ1MNSe5JYf84xKW4 k6vWUscKcuhowSJLwROHceTtbgmyOyVyJipwrHrjiySt3rmK9lublfGH62Y1RHBziSYGhxsN pqunC4JbnThe9GlGPG3wGZWxYMf8ynuSwiEWN07uZvD59KL0pHds5dSHd1r1oTuMIzO5F+6H M503s1kVznkz9PdsjXj5ELKM1ZE2CA73QkiAi+Qwnx23t/Z0KSD17fX2alKKftzKh+tWQWfM AqKe1vsyWUDxe9BAteU/gC2mmAR5zaNywaXUMgltRKIHwuo5T8GD4CpSjhIM1n4NZ1UqqzK9 //2sDVhEWWG9MfJWgC6r+WeVq9lgUjImzgdK03H/fv4GCDxkVQIT0d98S3hXn3QE82o1D2SD zDtPL1wQU1hSWcCw8kJRuXD7vbs+cu2LsGqu8RmTs48hDrWKlNLEn60AR4NEvRotyw+/PPMv DhcS91aVi79s1e1RnKnw8SPTRZgiyQRbMsA1zKyoSYigY8TXP12wPymwr6N0/wwWzfZWK8bu zrwZ12uN8A8DIfDCwXwEGAEKACYWIQQtqB0BRVw6ADIZiFDzBUR6+AbUawUCW4zK+gIbDAUJ AXVvuwAKCRDzBUR6+AbUawn2D/9CH31khRKmjA4MTJ7LF1lPFvme7UWjFHP7mJSv9EDXgZUW YWtN7N06GhA6rdKWrk0pMZ2h01wmvpQM7UdPwIP/BbiDjFBiXK+ux0FHzKR1c2rzhuq4Mmrv kFV4eqTtqj1tT/eXFHq6QWmSjDeZRsn84poC5fzm3ZWuIYOjOgDWIBDIZz2uz9737pr7HfIx KWI5UWyjddR0xk5th2pMkFTjjJk+1I2rHEUSaOAURA23DDr8rhQ0Y1cp9ef9iJyhmx36pO2t 3HNkfRLI+wOopsCLHRDF+nRZzTFHLPiBOi7OKru3yrD/z1axcjXuT8VKDLOoVJ3QQLTPmiCZ 6G7lgAZEDb5tMAKB4YDQJ3+V3u3aLxfLks5qQwX3r1NSTewl5j7wrd3bOtR1rdmXJ9YCJGRm KxHOHKoz3IbD5XERgHKfppk6ZyDfjYqeE1RtauB+uFM/wb718Prt3l8Z3dASXM679C1ZZn6S 77myQSRKqW14kLLLQOln76nDcI4pye9y3+n4IyAqGy5wNa8SlSet/t+XIzMqgpxgVWSEIVPN gdegH07dJC5x6SXdkJZfk5yG6vlSqAq9zrLCpfrAJfosnPCQpfilQTOaQfxuyH+JEj/DFKDw h0ZnTpzWhsNXw9X4lW+/isXQGvllb2+clD7V2BlgIWZ0FER+fM06O0WWLM5Jlg==
Message-ID: <5ee04d6e-1039-e9d8-f9c5-8907910ec75a@riseup.net>
Date: Thu, 09 May 2019 12:48:00 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/6TxZc2dQFLKXtS0Hzmrk963EteE>
Subject: [openpgp] Question on WKD, Key Discovery
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 12:48:36 -0000

Hi,

The last version of the draft [0] states:

  Only if the required sub-domain does not exist, they SHOULD
  fall back to the direct method.

Should implementations fall back to the direct method on any error
trying to fetch the key with the advanced method and not just when the
sub-domain doesn't exist?.

I can think of situations where an organization is migrating to the
advanced method and the sub-domain exists, but for example, they don't
have a valid certificate for the sub-domain yet or they haven't created
the file system structure yet.

Wouldn't be better to still try to fetch a key with the direct method
than not returning any key?.

Maybe there're good reasons to don't do this, that i'm unaware of.

Thanks,
juga.


[0]
https://datatracker.ietf.org/doc/html/draft-koch-openpgp-webkey-service-07#section-3.1


From nobody Thu May  9 06:51:26 2019
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57A301200DB for <openpgp@ietfa.amsl.com>; Thu,  9 May 2019 06:51:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-LESOyURYB2 for <openpgp@ietfa.amsl.com>; Thu,  9 May 2019 06:51:23 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCE971200C1 for <openpgp@ietf.org>; Thu,  9 May 2019 06:51:23 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 450FB20227zL5s; Thu,  9 May 2019 15:51:22 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1557409882; bh=Kb4qWmi4JFETe8h/KJqJ9hezD/CtQZfH8RZNY1xrFKo=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=m6g7HXtkzDhX6/9HkXW+1Z8Woh46GaFyPBsd/0/wbNrmgZWr+X0+NiMXdqXnMPc28 bB6/YZVahhVlXBt4p9ZoO26+nDIxWlYuJ4S8ZwbGIID6+auG35Cew30sqy4LqpiM1I geWINC9uYjLy9yhQVCZJ//131BVZJ1tUuSn0s8hE=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id O-ljTFRkzWNn; Thu,  9 May 2019 15:51:20 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Thu,  9 May 2019 15:51:20 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 88EB85C853; Thu,  9 May 2019 09:51:19 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 88EB85C853
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 7FD8F43A0D6F; Thu,  9 May 2019 09:51:19 -0400 (EDT)
Date: Thu, 9 May 2019 09:51:19 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: juga <juga@riseup.net>
cc: openpgp@ietf.org
In-Reply-To: <5ee04d6e-1039-e9d8-f9c5-8907910ec75a@riseup.net>
Message-ID: <alpine.LRH.2.21.1905090949590.21050@bofh.nohats.ca>
References: <5ee04d6e-1039-e9d8-f9c5-8907910ec75a@riseup.net>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/PYmqkGGqOVbzcjlXCsOB9pKD1LY>
Subject: Re: [openpgp] Question on WKD, Key Discovery
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 13:51:25 -0000

On Thu, 9 May 2019, juga wrote:

> The last version of the draft [0] states:
>
>  Only if the required sub-domain does not exist, they SHOULD
>  fall back to the direct method.
>
> Should implementations fall back to the direct method on any error
> trying to fetch the key with the advanced method and not just when the
> sub-domain doesn't exist?.

The SHOULD there is tricky. Unless you are using DNSSEC, the question
of "does a domain not exist" is very vulnerable to spoofing by an
attacker.

Paul


From nobody Wed May 22 00:40:19 2019
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 202241200B1 for <openpgp@ietfa.amsl.com>; Wed, 22 May 2019 00:40:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001,  URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=K2gTLNJD; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=4n/I+vvT
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lWVRggXET_mu for <openpgp@ietfa.amsl.com>; Wed, 22 May 2019 00:40:15 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C350212004B for <openpgp@ietf.org>; Wed, 22 May 2019 00:40:15 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;  d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt;  s=2019; t=1558510814; h=from : to : subject : date :  message-id : mime-version : content-type : from;  bh=pnuAvxvznI79NJeKT3HYwMegg0FRhFymuwqw9L4xoFs=;  b=K2gTLNJDMdOQKXPLc4dGCVvLrbkL4qVSFHYfShLmOVB1wmEI7ofNgZxK uxNS5RzilMOfP5vFe+bxftj9EFzyCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net;  i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1558510814;  h=from : to : subject : date : message-id : mime-version  : content-type : from;  bh=pnuAvxvznI79NJeKT3HYwMegg0FRhFymuwqw9L4xoFs=;  b=4n/I+vvTZY3qyOJbXhkhXjzWLAtFAj3h0ylJTgPhuIhE3oJaGXk6uhZq /roQDjg3wr2i2KvTA50yL5W95/gsvEH+ngxZ/QEx4JhcZYcQGnvhmoU7q5 qiFJSNjtbGK3VAZ1XuaItPmFtssIhDeoEkTg5nk8ExaB8NIYGSDM0T5dak xmJ23/QJ0DctFdDQy5TD/jnDhVO36HqKHfeQcnLw7SbsuQUhnvLkF9n72w 4vVricYy7w9B3QQFV68WvkeGLSvctmeZzVZtFAAqDkvnxFLih9ys6Sp27f ev4EEByrIjzmrMxCnffGqN3K9nnvdmnQ+iaqH8v61z/wY4Tn9R3LdA==
Received: from fifthhorseman.net (unknown [IPv6:2001:470:1f07:60d:4864:1fff:fe17:5aa8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 63B19F99D for <openpgp@ietf.org>; Wed, 22 May 2019 03:40:13 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id BDDBB201EE; Wed, 22 May 2019 03:40:10 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Wed, 22 May 2019 03:40:10 -0400
Message-ID: <87blzv7x9h.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/OTwKwP6PoSl5l8qgyh3NADclZdI>
Subject: [openpgp] PGP/MIME message mangling
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 May 2019 07:40:18 -0000

--=-=-=
Content-Type: text/plain

Hi people interested in OpenPGP and PGP/MIME--

I think anyone who has worked with PGP/MIME messages has seen some MTAs
break message structure or formatting in ways that make it difficult or
impossible to perform the correct cryptographic operations on the
message according to the specs.

The fact that the mangling MTA may not be operated by the party whose
message it is mangling makes it rather difficult to report the problem
and get it fixed.  That difficulty is exacerbated by not having a clear
reference for the problem.

Additionally, when some of those manglings become widespread or common,
some implementers craft workarounds based on examples of the
misbehavior.  But often these workarounds are ad-hoc or private -- they
aren't subject to review from the community, and they are tucked away in
code that isn't particularly visible, leading many implementers to
stumble upon similar problems independently and try to work around them
on their own.

I've just published a new draft that aims to collect examples of these
manglings, and recommendations about sensible ways to handle them safely
if you encounter them:

    https://tools.ietf.org/html/draft-dkg-openpgp-pgpmime-message-mangling-00

Only one particular mangling is fully fleshed out in the -00 release
(I've named it "Mixed up" encryption), but a few more are pointed at in
TODOs.

If you have any examples of mangled messages sitting around -- in your
implementation's test suite, in your pile of bugs-to-be-reported, please
think of this draft as a place to collect them, as well as a place to
document how to most effectively work around these failures as they are
encountered by a friendly MUA.

My preferred goal, of course, is to get the MTAs to stop mangling
messages.  If this draft can be used as a reference for that kind of bug
report ("Your MTA appears to be mangling messages according to section
X.Y of this draft"), great!  But even if we succeed in fixing existing
implementations, mangled messages may linger indefinitely in archives,
so having a reference for how to deal with them safely will hopefully be
useful.

I welcome comments and feedback here on the list, and pull requests or
open issues at
https://gitlab.com/dkg/draft-openpgp-pgpmime-message-mangling

I hope this is useful work!

  --dkg

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTJDm02IAobkioVCed2GBllKa5f+AUCXOT82gAKCRB2GBllKa5f
+NpDAPwMaXWx292wmWLD/vVNL0hScf2DTm5ZoHevDAQyh7Y7FAEArSooBbntAjFk
EAYyJF/7zcBICFjfruALT5KaYG/O+gE=
=E8CB
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Thu May 23 10:37:07 2019
Return-Path: <albrecht.dress@arcor.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 587DC120099 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 10:37:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.621
X-Spam-Level: 
X-Spam-Status: No, score=-1.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0cogIvyJvMXY for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 10:37:02 -0700 (PDT)
Received: from vsmx012.vodafonemail.xion.oxcs.net (vsmx012.vodafonemail.xion.oxcs.net [153.92.174.90]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D58A41200B3 for <openpgp@ietf.org>; Thu, 23 May 2019 10:37:00 -0700 (PDT)
Received: from vsmx004.vodafonemail.xion.oxcs.net (unknown [192.168.75.198]) by mta-8-out.mta.xion.oxcs.net (Postfix) with ESMTP id A73C3F34E79 for <openpgp@ietf.org>; Thu, 23 May 2019 17:36:57 +0000 (UTC)
Received: from deneb.localdomain (unknown [89.0.144.201]) by mta-8-out.mta.xion.oxcs.net (Postfix) with ESMTPA id 7555919AD91 for <openpgp@ietf.org>; Thu, 23 May 2019 17:36:55 +0000 (UTC)
Date: Thu, 23 May 2019 19:36:34 +0200
From: Albrecht =?iso-8859-1?b?RHJl3w==?= <albrecht.dress@arcor.de>
To: openpgp@ietf.org
In-Reply-To: <87blzv7x9h.fsf@fifthhorseman.net>
Autocrypt: addr=albrecht.dress@arcor.de; prefer-encrypt=mutual; keydata=mQENBFZ eB1EBCADhnPQMF2jqSiftx8rmkJ042TTo5Dj5zI89g4Ea2rNGrk70GT+g0wVg1r2ZdWNN3/BM+Hu rm/uKqhlj20peqmpbmAdR2R3avztfAdi0XK1wIyMKzER4z2ieo8mY2yZdcrTtjL/P92RHpHMqpIT xZBTk5p+TH02LdRgibBglcmc+gN8pF0ZMmMsbGT4J9ytyWXR7xvh+JCBN0NRhn8+Rz315bnKZPpG kbKaWwfQUsLwlRalLB2Tvc0nNIoTl1RPBHLIVdR/X4fVg3JJqqfzhJqshmd52PP3oHqNqgPMjHMu vGGQfIOWHifaZxKPyvS9AD+dMFZLFsW6J6Hgfm4YEJ3wtABEBAAG0KEFsYnJlY2h0IERyZcOfIDx hbGJyZWNodC5kcmVzc0BhcmNvci5kZT6JATkEEwECACMFAlZeCZQCGwMHCwkIBwMCAQYVCAIJCgs EFgIDAQIeAQIXgAAKCRDqQ877M5uDOk1nCADWLGh61nwMVCi5YiaqbzM4Ap7cSLc8+5OPml1cl9E zOKiwZZ06fP671EzUirJUxLJgMRieFJWVCUoB/q/VcGeyoHsvmFgqYCjkMFjXEfs7us8AU9ZSqZk ljh3zp+JcGXnNsga7GwIti6d8wNRJILxnH5FLLfHHxcLG0Sri5ObF1eQQO45u2xDadXs7hM88T00 holFAYUAd2LEvOsJdZfzXMjp0ygJ0CXAmzRrVGFOvP1ZGlY82xZhSX1w/+zB+6J56Pm2+LGXxK7q OTb0VFch8ywtieTafgwv+6dOpYWdRG03z6wveFLZ+ESwrOlgTYT7VgRuxPgdjWYuIWc0K3OkJuQE NBFZeCr0BCADiOO0bCOVjlRxS9oLXRYj2FALktwINuI14kPYH0dJOsEa+iK5FpV5gksuFFQPFCAn QInTbR06JXpExoVTebyaqFG95jYr9BEDlxAq12ztJUNYB6L2Uk8UhTzJ7T9RvVUE6UOTyHg4Qlhr xMr/WIBJTOgJLx0+PYX57eW8iFIkCutSQiyoL4TaQ6+FPOTqvbWfoghumtovDC3JErWvvOEEJohk 5/iN3/9nDwaUp7Z9sELsjxXXUe/BTAPprq31onioFHBpvfPg1LpzqkJtEqsRfFG3JxEPM1mOxT9a qCysZoHz+/Q9DOLJNIrht7gEna8bfWq96opp1YkXx84MDDGydABEBAAGJAj4EGAECAAkFAlZeCr0 CGwIBKQkQ6kPO+zObgzrAXSAEGQECAAYFAlZeCr0ACgkQTKlvDmfn2fiNcQf8DDH/OZUITKpNZDr 3/2RYoN63bFKeXqjsEKgUaKn1PoYTDNbpDQe9YfYAH1MP1jbvUsvl7iYo5sOk+0cLXNVEPWVLoMZ 5aapNhDX1coDh0fLMiGfvvoWALMkbSCLifYBJRBMx4u5MSzo9SiFRCnD2ZhaATKZZomopP/tjeON XoX4jrvN17jCswb9tv+luwaoYTLHeWKxXY3CIJTEuhq/6TVq1AfrTx2pfQDzO+hp996kzClVw+yF ol7LGd0gVapJ9z1FnmmEr7hgb+aT+nexEdkBav6L3+AEky19Oma8LbHrM7MCRgORKtmVXsGWE0kS BHMhjf926e+WP9yEvuJ5p77H/B/9jKylBKwezvvIuBHKNitk/0qwUECbpkN8gfRm/mfBGMQvuES/ /D2UZrr++CwdmpHPxrFOWz+hvwO6/K1wy9XpUbkhkzsyA4jZ+aPFZdTKAegMUHjClbapMZxZOoRg Cl2CupTNQf316mYUXB81m4pAdy1MCnLwf2s4h0WoI4Q2zhHOsqrB23TIQTgW61D0JtqCY4DjeuWd C80/3AtJNI4E4+vfhucTWKTib++IblagSNg7nyacRoehVJch79NVrOhKFrioo+p331VTiBzRXnhM 3YG07fQlGYdA6AwYlP22PAEvAI5wn5PG+lPkHmHVvz3QLoUzAS9PEUzXvlYPMyobhuQENBFZeDEs BCADNOXu0rM1UVZ5y/Fb1Uklcmujc/MgoLzANUISqonfX3TKiVnpvmaKcQMZ29xsk3mt4osv+1Ne hhGWoVorlSUGVWFrghwumPPxgb5WRAVE4NjaUMvtjZyXsHA/Uj7Q+WAvUgNeSbT6CkZRliH/eaXb 9pZf6j05tDm15ABAWMj9SEdaZQwQcEDZujDbrUa/oxx10ePyGFhpEuoha6yU0C6Fc6KG6jy5J5Lb bR7RrA/OEPhtRpRVnv7qdLyIZtwJUPNXz7JXTrm43sGjJLF3zjmTVJhrnCXp00Nhq4ydIdWqxokn RNmEJ3qj0Heeb+jHWr9pcEGBW6FuRtS/WxIWSIit/ABEBAAGJAR8EGAECAAkFAlZeDEsCGwwACgk Q6kPO+zObgzq/jAgAv4qOMbN4qud+5wtJCMCv3QkqHY2WUXqM8sj3rHyc15U+FzGOmjQNxOIJw7y t5Epws/hyVPEp0lc6qPMvTeZng3lANNfPVBvIL3FuUTcGgc3KOx2gnB7ZpVG0baNSziqMZbHXjUW S8e2ub9YiH3n5gSW6Oq1veG0eNLatFpvwB4g7kfsyD6J88/iRfuFDkY6ANcfy4pfeuBl9XeO4EvN c7E0a7Ki036042gdoAF4MrbEMqFCIQHID0jlqzc1i8WcjxkwC5YqfrJVzp4PROpEaMNP8tEKqKxK 4V5CFqfHjGlijRD4FIfJtU/GzeMLnzsVqmKtPtfDfpmwDc1n+gDJI27kBDQRWXgdRAQgA2nEFM3Z jewnmly96ehVLLZJxJxv773b3hWKIEBBw1QF5Hk7Qwd3OQnxr0IjCuop0eiTdRhymPsVLaoMMOwO +ckScbiIUwQELP4MG2Qmzv48wLq/kML2q/Y5+scwqTYG0yLbmV/XD4gp0GuQuSujp+8oFbqC+XF5 YloYxHxEvOS8YGkbJ0T9SRtTMNChdy3g/9bHZQdAWFLIU4ivffKwXQRgqWkybF+td1SCiNTrEkSE tfkdt9A4BYQ41byb/v2YBZhLBV1/LCrf9R25c4SIGP/LAngSEfJFhb8ecTAIKJpvPFxRWBHKNcTJ r4MqzCjQDsUDPZdN1SNhQF/jDkZUDDwARAQABiQEfBBgBAgAJBQJWXgdRAhsMAAoJEOpDzvszm4M 69OYH/AhfWKr6/+Ru43U9QAcodMcGIT9YBu9Q7jZdhtmJiHhukMcn4OZt7JX+UJO3QYyXupJPdkH EF/YqaH4wzu02b5n9ImX0hybVw++v5yCNqpFEtd3ZjbvOJgWNIDWFJ8mA1VFR3JVlWGtnv78bvr9 IPu44u1Qt//BPOtIFe2EG9+mmZkLhlBWezvt1CvZeadQg7KbFhuZHNOk48XSX1sBn9d3rcbskt37 5EygunPI7o2qEVEZ9WSvqUPTprnf9/C/DIk9iV4BdoVfHW+HExqwlVXKBYlJQdMGGZuvZyIq6GYE +VKXw55mTxkF9wZQ9hwaUoaQ+gMqhnwAZnJSlJipnlpa5AQ0EV8LO/QEIAIoQPU9cCKg8aNpQDlD 8q9SjICjrjj+4pzHvm6WjwbCcQZzeJdUP8E3E4/c1TllTyzmAoeyyEeIy4iGt0/kwk1WwhxlVadH sUTmT3D0ypkOpovHUQAhkLuy8TzUwTIgDx+aQnueUX96FCHgVfPKn0IY6vIUev/A3/21+ecpOSQK AYmT4m359p+Z9t+FEdt2yYATW+8vZiechlm9+3Of/pjOSuhqQBz5XuE0/qomiCYvmVzuyWsg735/ eNKQVd2dV6BQ+KS9g+6nVo0yMlT8PAgf/1HYkNDlPkgV1wOl1kre6/MxvASbEluSlR23rEN3BbwV mVSrOYudmzuNx85hdpHcAEQEAAYkBHwQYAQgACQUCV8LO/QIbIAAKCRDqQ877M5uDOmnrCACNONu FyVSqZpdJmJ49BTDVr3DNSJFZJbKEZ+AqQyOS0BiELtrwhCikkNWZzNbnrXv4effGq0orxSWNmop JC5/aHfypEmJnLKE4dljTXlzMJKPagO30GUayalCu08OXL5J0MoItkDxj+i6WIOvLw8G1xhEcX7h aQ/+6a8cC1CUaV+q8PCU/+3K2bxBkL58zHzNpg2JjtRC7nVlPRHkplUyZpCLe4OEOvW7l4i5z6+F Qvxw+8a/9dWTW6UGyMLwWbP3HZJbeyLbLIPfmii3qKzMbqj2kJM0zV0C70vI64Ic+mHk0SPL0vM5 ljPbzLZddiZeKgK2O5fMPpyJpYWcxHj7a
Message-Id: <CHLTLFPH.TL5TCWHM.LCNOWPQQ@S45ASV2L.XI727DVU.G2JBJDE2>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=PGP-SHA512; protocol="application/pgp-signature"; boundary="=-5wUnScgmqFYxvHFA0L2U"
X-VADE-STATUS: LEGIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0VXJJz3eb0qLG43hv09qzXLiGM4>
Subject: Re: [openpgp] PGP/MIME message mangling
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2019 17:37:07 -0000

--=-5wUnScgmqFYxvHFA0L2U
Content-Type: text/plain; charset=UTF-8; DelSp=Yes; Format=Flowed
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Am 22.05.19 09:40 schrieb(en) Daniel Kahn Gillmor:
> I've just published a new draft that aims to collect examples of these ma=
nglings, and recommendations about sensible ways to handle them safely if y=
ou encounter them:

This will be very helpful IMHO!

> If you have any examples of mangled messages sitting around -- in your im=
plementation's test suite, in your pile of bugs-to-be-reported, please thin=
k of this draft as a place to collect them, as well as a place to document =
how to most effectively work around these failures as they are encountered =
by a friendly MUA.

For multipart/signed, the signature may be broken by MTA (and POP3) transac=
tions if any line in the data stream starts with a period (=E2=80=9C.=E2=80=
=9D, ASCII 0x2e) character.  In this case, RFC 5321, Sect. 4.5.2 and RFC 19=
39, Sect. 3, require that the period is doubled for the transmission, which=
 the receiving party shall remove.  If it fails to do so, obviously the sig=
nature is broken.  The workaround is to just remove the extra period.

Actually, a message I sent to this list (<https://mailarchive.ietf.org/arch=
/msg/openpgp/SKclvRGw9kan13GSsP66NlHHKEc>) reached my mailbox with /exactly=
/ this error =E2=80=93 in the line containing =E2=80=9C[=E2=80=A6]RFC 3156,=
 sect. 5 states that[=E2=80=A6]=E2=80=9D the period has been doubled.  I ve=
rified with some test messages that neither my provider's MTA nor my POP cl=
ient produces the issue=E2=80=A6

Best,
Albrecht.=

--=-5wUnScgmqFYxvHFA0L2U
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEEcCEPemLFTtyGf4zATKlvDmfn2fgFAlzm2iIACgkQTKlvDmfn
2fhzMwf+Ko6dizy0gzc3lf1qXUAF0SKJy/c793jj+S/A8TSq73CWVjINovd/pSP4
TNQRplqSiMtRM8f+cZt4gMsik9EzQej+xhpsGWDTbv8eRn+EtQPtrf8LOUFnRBrT
MM+tnsxFWGOG9nTui7tFCnN2TJN2DHFXa5aaXX8nXWOXtvkJxy0JoahBGTyX1YPw
8yxWwmmeHsH+koXhcoXtIKYSzsN0lhBz6Orjal7YQFcqKjdYnf4jeJ0cRwaqArTc
PP7fGufiSRF4owHDHR9RHiBEeFZaRrxTTwlaS/RrbHYB8BQeTHV3HkrMWQ+cDCWl
NXIinH7K5nSw7Uv84KViAyiYOsaiWg==
=QWB8
-----END PGP SIGNATURE-----

--=-5wUnScgmqFYxvHFA0L2U--


From nobody Thu May 23 12:27:36 2019
Return-Path: <HeikoStamer@gmx.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DA74120110 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 12:27:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2iVh6xBTn4rE for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 12:27:33 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88B551200FF for <openpgp@ietf.org>; Thu, 23 May 2019 12:27:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1558639650; bh=kYKg9Im5r1HQbKcu50xY0uBK7DHGhNiYQR32/WNUpsE=; h=X-UI-Sender-Class:To:From:Subject:Date; b=QI/zY/XLpyNuuWPN4KwMTzDZbTVoGSWr6x3h1Cg7FSvXibzEYD7aMlnRtTRFdmhDA RhGr6NfK8SsWAHajdkD5W0RDPovEu67GMaNepR6oTPoDhaddczd9lGnLyZidryjHd6 GNymbdKeyMfLqP2Wt6CkA71KXRjzNrUw0udJgmtk=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.30] ([80.132.227.94]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MGyxX-1hPAXa3pER-00E9M9 for <openpgp@ietf.org>; Thu, 23 May 2019 21:27:30 +0200
To: OpenPGP WG <openpgp@ietf.org>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQlSGVpa28gU3Rh bWVyIDxoZWlrby5zdGFtZXJAcG9zdGVvLmRlPohiBBMRAgAiAhsDAh4BAheABQJTnH9pBgsJ CAcDAgYVCAIJCgsEFgIDAQAKCRBPWE64+yvhT4n9AJwNsUcN5bx9/gtUs4LMmqBcePkQKwCf Y4FmM1D4rmTWsHQ1NRgsiqQhc265Aw0EN1gq2RAMAK4ZTZJZeaOmjIYhf9QfN7rQ6iXEF20r OG8NkeHLVLPw02t2QjejO5g4zGQplktPD+JCKBU1B/DL7l8BTDopofw4+fAierJ6C4jo/AbS pArZxaVJNkOVNbwHYPdCmO3yxieeMYQgYoZvtkBSA4OZZh2xLfmi3IRBPRSf+REiqPJBy9aA 0f7634vKldTG7R4PR2UP+THjpM/2SpNiyv/y9ZaEPYn3zHRkWsUw3xAMIiE73Hen6o/J9KIB 2e4jiI3VFiwq0LaKRv5whzltjKydGi2zVqcDLc93lDxsW2OXPE89GH3S/9irlEz/ciBuxtLT MMjSV3OeV34Mid7Muz8RE6whOaZteuEgAcLxONxe3FZHeG2cUuciCZDdFqDRtB6w0XhjltdI ZzD8zHBZyboRfBxubtRzriTxjFcxjI3L5df9uLWjuvkl0fSYpQV5dMX1Yus2kXiMHKUeTVE0 NtHqSnozzu88l6D+dCHX0i1BDFgkZi70oGEEaEW0NQgDItOdNwADBQv/a0d7nasV4JW9mjtF nlJDL9pyXHuGc+y9vfJNdy+DlzuHB44vtl+yH9ecTdpxE7RgB8ZvQvEwUmV+keBw+5NkR3ms +AnPrwZxwAIE/DxnwyBAQETkf9SIBH8cz0BCYQ37B+N4OW/pkYSWadjn2Bgi4IZRWyrDmnAI KwsGzfGUxPIKI3AMcRFFqjdhMaFo3L2GwJ2o0dBxd1LN0Xo6298ydcjrtAbKI1xuNXBfBAeU YCzGjg7cUw6XXfyjU5rTQkxKTu13xsKUwCnse7jOvDnfdNnYC+n7o4WNQBDhTiF0QMZ482ba FtCKcqdQJ3fQ9uioh1kOZirhJJ40xtYrDLcS3H9rQZff0X+CeOa94EdJYYYH7BIpysrfJ9c1 cxrg5brzeb9ofWaxLQvRIXBubbDtd0AunQMJXTfXHUmgYCdzSZVyy1tUzso1QacI4D0PhRIo euP8ihlWhqnHRv5tY8Ue18uFybaVIOWrsXXjQOVBUvXFmYCc9ykvJcyYSadLYkJliEYEGBEC AAYFAjdYKtkACgkQT1hOuPsr4U9xEwCeKB7jHvmUrWnuxsqx2Flvq2/gIk8AoKkOpGf2jud+ 8uWi5c1ohHWeuLtz
Message-ID: <cd586797-390f-210b-5d09-35ea8625319e@gmx.net>
Date: Thu, 23 May 2019 21:27:27 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K1:K0PlQnxjaN4nN+O+YlGrgI/7DdgwuNBIh/hDdoCEklKnlUemKun 93BmPTls5JCrCO9030eWGnUciNQXfiJka3hV3lYlrZMz/rPMJc/lkQlKae2Xc6ZGPXIsufk pU6R9uyTMLYI4i8Gw1Qn3X3Sl4t2FUHqP0gxGjxIg6st5aH8jPgEbejwHe86xu3WMNplFqY FT5pp4s3WA8TZMHtT9JGQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:ezt8dtJegLA=:fTMjSKy+umZEX3nURgO6y+ bJ+r4i+mKRYGB+XohOYkvvYspfbW+BsmFGfeSeRydBfcKriPIu5rIiWHEFlqRGohURtyojol/ zjjib09gVCEE0/oQK1A9hZB8BwXPhqFW0Vj71lCe0SfVmFR50IFwnohR+9TNQHQWk8+Yo/DTA fdV12mIzWonblUyCglV3irfyg0jtuuRKet/QYBNIahq31AweE1vmYU8c5gmq6VGymtPcqcVxB OocJ91sFKu0DUau0yljU0l2K6Sdk0DCypI4+YrBXW6+JtuE4H71Cq1m559o675y6/O+RTR+VL 43MqsvL8Pwv99DWYVRwjQ4iEavcYV+D04S1sbiEF5sLxi6fRsoJ29ZSHHcpLVsG9UaGTqkuKJ UZXqTb5xgzc8mIwcOJOWQIldLUD4MrAS4PQxW3dO7Ed06V77dHV4vzC2Dq4/uoCuOHG0vEIQ+ 8NY/miTeRTBePRJkYQQapfNR19uUNHSCJB/0IZJ2jKiCek1GYDh3YndMa2wVz2v+bDEjVonux iO6//ahbGjj5Kw4ftIrjjxt1uyegjc7hTuvBa6UMn5rRgRdPWknTQm185Y/GQ7ArPca90ek27 RLLitoXeNj/NJ0AvfzM7qo2jEvGBQKptxya7DaAJ5e+nzFQzjwsaCWyiEkVkuAtXfTLHQIISe EcJDhqRvWtb7Cmd0qEwm9w01vgOnQJaNmNsEWQ1rvmnEXq/3feYYEeUfNIpNipDaqziQYVmQY gExtGbeOT1ENXB/gBlGFLxVUISuE89z6vDs/hyafk1vW/oVPg4UYkjFbvVXprWMe9u8kiE2gL q/L8HKH9cyqEkQ73jEOUaRt0bvy/0SBfLhIysTU2OqZl+ED3Ivc/vxJKTJrPRjPoUeURTWS98 Yoaabjv4ybydjlgKnCVZUWQb0cBsdpHrlfuiGvarxR87DrcJUbkwIR7H8YsG7eULGPSZivlMR GLwk2MENe1Yj5icP/AYcijJlFJvZz4gS5/t0neECnH6cjsTUIcrv8
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Sr24wk7OlpulLnUo4-LtOYZAPjg>
Subject: [openpgp] Minor fixes for RFC 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2019 19:27:35 -0000

Dear editors of draft-ietf-openpgp-rfc4880bis,

some months ago I've opened this merge request:
https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/15

Unfortunately, the most recent version 07 of the draft does not contain
those almost only editorial changes. Are there any objections?

Bests regards,
Heiko.


From nobody Thu May 23 20:31:11 2019
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BD7B120108 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 20:31:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=G/OpJD63; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=r+WVGG1f
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TXshTix00dG6 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 20:31:08 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CA0E1200E6 for <openpgp@ietf.org>; Thu, 23 May 2019 20:31:07 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple;  d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt;  s=2019; t=1558668666; h=from : to : subject : in-reply-to  : references : date : message-id : mime-version :  content-type : from;  bh=1RiLGuheVyK9zCW72lYdjO+gOIiOME1UizRVe8lcsKc=;  b=G/OpJD63yoCNQhFti8qUoXVZo/KJPLssJAzZdzbRCxxMQQxN+EJ1LDEc KuCtYgY6dG4yeyQ13thXV1STk88pCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net;  i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1558668666;  h=from : to : subject : in-reply-to : references : date :  message-id : mime-version : content-type : from;  bh=1RiLGuheVyK9zCW72lYdjO+gOIiOME1UizRVe8lcsKc=;  b=r+WVGG1fmiYOVdXxLTyNAC+CqacAG1SZUAi1JmOk3zV6I8oaErdQCDLj arI/TtcfgANwSSMbKECIPZ093Gtf2Z9vjo1TbUGg9WLEA7dY4AlDOTJmXX vr67ylAUPY86m4UO5xIYJy97kBiXk0hRAHMPsXXpfO0RXPXQg8xPYjl3wq yGV771ZZ2zZXQxzygAxDv7Zl8l5Zw38wRJvHDnDjpLsipT7ZrQBgHsw4zT hiR1ChWcNQPxoutGWIrDv7wFNfT5Ia6owJG7aC68TQhGCXjjgxy8hDgsM6 7pAv1tndk0cL+eRpeJoXD7KwEnslDkq+fFFMvWIqQmjCmP+BCTGb6w==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id D3E6AF99F; Thu, 23 May 2019 23:31:05 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 0C1A22076C; Thu, 23 May 2019 23:30:57 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Albrecht =?utf-8?Q?Dre=C3=9F?= <albrecht.dress@arcor.de>, openpgp@ietf.org
In-Reply-To: <CHLTLFPH.TL5TCWHM.LCNOWPQQ@S45ASV2L.XI727DVU.G2JBJDE2>
References: <CHLTLFPH.TL5TCWHM.LCNOWPQQ@S45ASV2L.XI727DVU.G2JBJDE2>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Thu, 23 May 2019 23:30:56 -0400
Message-ID: <87pno85y1b.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/wD8aB_rH4hbN2skdB-_tC0yAWOU>
Subject: Re: [openpgp] PGP/MIME message mangling
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 03:31:10 -0000

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Thu 2019-05-23 19:36:34 +0200, Albrecht Dre=C3=9F wrote:
> For multipart/signed, the signature may be broken by MTA (and POP3)
> transactions if any line in the data stream starts with a period (=E2=80=
=9C.=E2=80=9D,
> ASCII 0x2e) character.  In this case, RFC 5321, Sect. 4.5.2 and RFC
> 1939, Sect. 3, require that the period is doubled for the
> transmission, which the receiving party shall remove.  If it fails to
> do so, obviously the signature is broken.  The workaround is to just
> remove the extra period.
>
> Actually, a message I sent to this list
> (<https://mailarchive.ietf.org/arch/msg/openpgp/SKclvRGw9kan13GSsP66NlHHK=
Ec>)
> reached my mailbox with /exactly/ this error =E2=80=93 in the line contai=
ning
> =E2=80=9C[=E2=80=A6]RFC 3156, sect. 5 states that[=E2=80=A6]=E2=80=9D the=
 period has been doubled.  I
> verified with some test messages that neither my provider's MTA nor my
> POP client produces the issue=E2=80=A6

Thanks, Albrecht!  This is exactly the kind of stuff I'm looking for.

I've just added a "Doubled Dots" subsection to the draft at
https://gitlab.com/dkg/draft-openpgp-pgpmime-message-mangling that is a
copy of the first paragraph above as a placeholder, and a sample
clearsigned message with and without the mangling applied.

If you are up for proposing more detailed text, i'd be happy to take
recommendations, either as git merge requests or here on the mailing
list.

I think the remediation you proposed needs to be fleshed out a little
bit for robustness, though -- for example, you don't want to just remove
double-dots on every message that contains them.  You only want to try
removing doubled dots if you find them in the message *and* the message
signature does not validate.  Then you can try validating the message
with the doubled dots removed, and if so, use the repaired message.

Thinking with an implementer's hat on, and the worst-case scenario
paranoia that goes with it, i wonder how many iterations one should try
to apply such a repair operation before giving up and accepting that the
message doesn't have a good signature?

        --dkg

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTJDm02IAobkioVCed2GBllKa5f+AUCXOdlcAAKCRB2GBllKa5f
+Ed7AQCKYEF3rMMVImfL3rwhldkh0u/d708bL70tTv9eGkMcvAEAvsY8thMo0lyp
zsxvPt7aMYrr/5i6Lc5hjVLN2lPoYgc=
=o2v3
-----END PGP SIGNATURE-----
--=-=-=--


From nobody Thu May 23 23:30:15 2019
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AF95120088 for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 23:30:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level: 
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yZLAYO9wtZSS for <openpgp@ietfa.amsl.com>; Thu, 23 May 2019 23:30:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8794120047 for <openpgp@ietf.org>; Thu, 23 May 2019 23:30:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org;  s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=K273PkHXSOPqkKWi5a0rwfqmoePA8KrMP8Jusz+LOXw=; b=XFynDXM8iQFKbXHM/uDW7tywlQ +u0DTMXRkMvb4omhAE7XGFZlRpgm1PLs4FIKZYBp9PnM7zb11DI/Ar7XGtTG8gacrZnpwlcwkDUhf 2b8JtGXIl1JC/cnqiuWD1GrfY8KK818j2iC/qIzGziT3AXUg5ZrbknILSfwXXA3uY6R4=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1hU3iT-00028j-BI for <openpgp@ietf.org>; Fri, 24 May 2019 08:30:09 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1hU3ds-00025D-6c; Fri, 24 May 2019 08:25:24 +0200
From: Werner Koch <wk@gnupg.org>
To: Heiko Stamer <HeikoStamer@gmx.net>
Cc: OpenPGP WG <openpgp@ietf.org>
References: <cd586797-390f-210b-5d09-35ea8625319e@gmx.net>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Heiko Stamer <HeikoStamer@gmx.net>, OpenPGP WG <openpgp@ietf.org>
Date: Fri, 24 May 2019 08:25:12 +0200
In-Reply-To: <cd586797-390f-210b-5d09-35ea8625319e@gmx.net> (Heiko Stamer's message of "Thu, 23 May 2019 21:27:27 +0200")
Message-ID: <87a7fc5pyv.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=FLiR_high_security_eavesdropping_Black-Ops_Deaths_ISEC_cybercash_CDC"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Qr0DPK1T2MyY1j9soZVeRshMpqY>
Subject: Re: [openpgp] Minor fixes for RFC 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 06:30:13 -0000

--=FLiR_high_security_eavesdropping_Black-Ops_Deaths_ISEC_cybercash_CDC
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 23 May 2019 21:27, HeikoStamer@gmx.net said:

> some months ago I've opened this merge request:
> https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/15

Sorry, I missed them because I usually check only the ticked mails here
from the ML.  I'll add them for the next revision.

> Unfortunately, the most recent version 07 of the draft does not contain
> those almost only editorial changes. Are there any objections?

I don't think so.  I had to get out a new revision to avoid an expired
I-D.


Shalom-Salam,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=FLiR_high_security_eavesdropping_Black-Ops_Deaths_ISEC_cybercash_CDC
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCXOeOSAAKCRD/gK6dHew1
jexjAQCnHJoyODpwMcPxM3pBLfTSC2fz2x7wbIXl4xdlK7hnCwD/fZDxtkhhsy1E
Je4yX33LuqNmbmxOkWMaTRfV1C4e9wU=
=FET6
-----END PGP SIGNATURE-----
--=FLiR_high_security_eavesdropping_Black-Ops_Deaths_ISEC_cybercash_CDC--


From nobody Fri May 31 00:42:29 2019
Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9EFE212008D for <openpgp@ietfa.amsl.com>; Fri, 31 May 2019 00:42:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=my.amazin.horse
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4CvsgpaRLqQ for <openpgp@ietfa.amsl.com>; Fri, 31 May 2019 00:42:27 -0700 (PDT)
Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B8FC112001B for <openpgp@ietf.org>; Fri, 31 May 2019 00:42:26 -0700 (PDT)
Received: from localhost (tmo-120-49.customers.d1-online.com [80.187.120.49]) by mail.mugenguild.com (Postfix) with ESMTPSA id 8A71E5FB1D for <openpgp@ietf.org>; Fri, 31 May 2019 09:42:23 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my.amazin.horse; s=mail; t=1559288543; bh=/YvBl+AYKZgSw/ASNtdNFiWkAqwuzVUSVXBD7v8OdeI=; h=Date:From:To:Subject:Autocrypt:From; b=dKuv8ixFQ42XmGtPzOyahL8ekNX5N8Sv2mSygi1a+8YtGPoGNDjUd/iF0XSHqh66H rjL7xxIQBnr4JGzsB2PeB069J3qezsgE3MKnqwjydKN6xovXiUwjw4iEXDqmZ40C9h Mil5BftLsNBIbfh7p5f1Iz3foTGrbgdGI3YXGD3c=
Message-Id: <3LBKVNEMXC3DV.3JS3W5ZE7TFEZ@my.amazin.horse>
Date: Fri, 31 May 2019 09:42:21 +0200
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Vincent Breitmoser <look@my.amazin.horse>
To: openpgp@ietf.org
Cc: 
Autocrypt: addr=look@my.amazin.horse; keydata=mQINBFAB3UABEADCyB/vbIBA3m1Bwc yjTieEMLySwYgt54EQ2hglOocdtIhqC+b05t6sLSkwx2ukxrU2cegnCBkdyF/FZ/+Et638CUEBbf 4bjplwpt2IPLazQgjkwjMuhz0OcYDpMhwimTvh3mIl+0wzpOts6mEmMw0QZdl3RXvIW+NSynOn7q mz/fAv4Htt6lv2Ka0s6R2voyi+5U7CcIqizPad5qZVn2uxmovcFreTzFt6nk37ZbbTfvA3e5F0bR RQeH3viT5XxpJF4Y76v/Ua+5N3Kd18K0sX85rD1G7cmxR2CZ5gW1X24sDqdYZdDbf10N39UIwjJH PTeuVMQqry792Ap0Etyj135YFCE0loDnZYKvy2Y1i0RuEdTUIonIHrLhe2J0bXQGbQImHIyMgB9/ lva8D+yvy2gyf2vjRhmJEEco7w9FdzP7p3PhKrUiTjRsjHw8iV8LOCFx9njZOq9mism9ZZ16tZpx 9mXOf11HcH1RtVuyyQRS/4ytQPzwshXdSDDW6Btkmo9AbZQKC54/hSyzpp3Br2T2xDH7ecnonDB/ jv8rWuKXSTbX3xWAIrNBNDcTYaNe4jkms4HF7jJE19eRlqsXMMx6Fxvrh4TtKICwJYJ3AUmXrK3X Ti/mjqYfJ1fpBn54rWs8nhSR1fuZPD+aMlcP8BDUPlNKPKtj0DGSh3/VlnnwARAQABtClWaW5jZW 50IEJyZWl0bW9zZXIgPGxvb2tAbXkuYW1hemluLmhvcnNlPokCOAQTAQIAIgUCVTNZmgIbAwYLCQ gHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQe9GDIN6t+hHcVg//aeiijNqsQ3pjbFQn3VvND7hNfJ vrVcLZ+U4kOzXPF818aVdOnDyNXyE17vBDDcvaZ730sCsZIRZJ3KhUJ+nPvdttKjUIGLARmx+pA3 Jl3IIv2uLtOb3I0TMuyfIGJVGF+q10/CeDMKVjKlmyOVrR0opkel+KEoN7VLq3Hf3zPKENO1HBgp LHeP31tlb9cgs+u4o2wLrVe9myHbuFBW7EjWbSvdz2zliwbsFeFVLMNcWrKAU0GkkiH69SgnwmXU RkhGma4L27GLtkHHufsxfbcPqPtmtCttsGZU4EmrghGUqVyDOxnn8ZqybzLrRfpin+OCIX+aHJz5 r2L8qtrP0LorNMX3Gopd26vfhNvq/wq8xk++bW1R5FmkaUhx9h+DhO2ybcg7p/E8JHc8zrWv+bb3 0o9lkrOaU8GxXrgtb1cjtbb+MxFvjm0Elw7MSZDG7sF/APFU6cwuIA9Nai/OGAUCSt/W2ecS8Zox cWWbGSEiDvjtEctkpmHjfVuGoL34966Olm41VdH+NjgoSYUJKx4Mty8DRcZxdyoXll84LvDkEEYK ZqOIACsJf8CDFvUkmhXc+moCj15Yxtj3/RslRVEiOUyrpDwB72zWcZG8YnzoyGxhcRIc/gFejO/y SI8bzCpYngeuTb5NjFG+ChGiInHbQcFeHBlaHtKi2o/B5axIO5Ag0EVDvOgQEQALJby/ztliToGE u1lslvWQUQ6teKZVUQ7hy9bM4N83G0AGLatUBHtY6PkJBe4XkIw3sK7LoFCV2W4GSt4zWp9l+kG3 /J8Ow7EFjN0F7DrCg0M0lMg9dQz9jYSoBR8skaH3BRzCq9AKIVKV94poL/G65289L7zKDHoZnnyF qbBtedYZir0SZx+kiouZ1qnmxRPaYmH2fkuiuvYEAyzLDLYM8F5gQhdZM4YVtuvSICYPet0z4CDi JX/vZmDi3AzzoEVaKeAM/0H9f9Ni547J2+8dZSllgTrA+fq0aMJVScAObIxTAQtEq0DoNBzPpVrm W10b4bmgePrAvNkifqSr5StymSBgwvoeW6GrJiyN4XhoLOadZzwgjqioR1nXw5tXtrr5sYdkZ06b 1WWHkxtu1hFTdLC7RYNxY07ytLNM+C2lplCwCwlWB7RwI9BL1Dhre4kv8uaaX2Gksaq9mDf9MSDW qQ0TJ/RAiwMGmFrzBEYI1J2Oyeshi/dqW4/OiZAukOIlxOnt6u8zU2KL6Qjxqqna0oTbS4Zv3fRd YkuUCL6CDEJdkuRAiW+Gw+lKcMjXqApEqixhaDkoB/kwtu+2gIFTzAxMfwFN1YtNc0kJZWnFkGIW MrrwTcOwAFzlFz7wn/EyMFtg+ERcqMX0+olXDwM8MODI2+BzulPuEDEteCw09hABEBAAGJAh8EGA ECAAkFAlQ7zoECGwwACgkQe9GDIN6t+hFjuQ//UQyg49f8TytUYQaBb8R0UfI+KhQFs1Nsz2z8a3 0CD1MeiHHYWdAcomVvTkg4g5LbnYHVDrj/XagY3FN/AIE97usFbsTG+rsWAOLi7N2dN2ehWZ634k MvrgyC9uTiOdkw31+B8K5MpyySgD8e6SAzRfiu06/bcQOUyJifw8Hudpj9by4uyGhSH+kHu4afrp OduUighbsGFtcuRwwQ/w/oSk68XvPUgiOQWMZh/pVoXdFyFvrt/hgArCi8dfy5UPK58nl7jPnu/I uQXrJ50nNAFIIxPVeo2/B83KAnEZPU+qWZsdba0V+FIIQQVizLtQFMuJJk4/UTAOfJ2tBpQ9PADX 6/scqDE7unXNWdxcHTjK7KmWjXC8CyhGOx8V/rb7Ial4mZo4cTED6SNlO7dV1XYwnSctL2HCYNM3 RUe4eJ7JWuu7/Nbf6yip2eq7BQKZ9hAH/se/OSZNYsEkZ4pxUc8W5U3uAZImUwC6L74SM0jBZIuD mQhOYX6sZZ6urIn/MYlj4/hqSBFS4vTK7nXRLmtr7+5T5U5srVseUiYc+l9pu9/XD8zGIu+M2xEd 41NwP44GDQTQm0bFljRv5fSblwmi56YHPFQUIh2RZNX3kOJgeyQ3enw5uY+7ocKRVP38hpnffliL lJcO6TtHWnElS3pACbTQM0RHJox3zqU3q6K3c=
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Q8r290CK3mDhFBi3epX_F9zBn1Q>
Subject: [openpgp] Privacy-preserving Transferable Public Keys
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 May 2019 07:42:29 -0000

Hey folks,

following up on dkg's thoughts about abuse-resistant keyservers, I would like to
bring up the related topic of support for privacy-preserving updates of
transferable public keys (TPKs) in OpenPGP itself.

Summarizing the status quo: An OpenPGP TPK is structured as a primary key
packet, followed by a bunch of user id, subkey and signature packets. These
packets flexibly allow the primary key to bind semantics to itself, adding or
revoking signing and encryption keys, as well as self-stated designations
(particularly email addresses).

The composability of this data structure supports merging two versions of the
same TPK, which allows primary keys to update these semantics about themselves
by publishing new packets.

However, despite this flexibility, there are shortcomings for the use case of
distributing these updates in a privacy-preserving way:

1. A TPK must consist of a primary key, followed by at least one UserID.
Strictly speaking there doesn't have to be a signature on that User ID, but in
practice OpenPGP implementations commonly consider TPKs that carry no UserID (or
no signed UserID) as invalid.

2. The relationship between signatures and their subkeys or UserID packets is
implicit in the structure of the TPK: A signature always relates to the latest
preceding user id or subkey.

3. Some semantics that relate to the primary key itself are placed in the
signatures of UserID packets. Among others, this affects capability flags for
the primary key and possible expiry dates.

Each of these points impact the practicability of privacy-preserving TPK
updates. Specifically, it would be nice to:

A) Distribute updates to subkeys and the primary key (expiry, revocation, etc),
without revealing the key's UserIDs.

B) Distribute updates to UserIDs (expiry, revocation, etc) without revealing the
UserID itself.

C) Create, distribute, and use keys without attaching UserIDs or other
designation metadata at all

Some of these shortcomings can be addressed by changing behavior of
implementations, some of them could be addressed by cleverly reusing existing
mechanisms, and some require new mechanisms altogether. Some of that is partly
done in dkg's "abuse resistant keyserver" document, recently on this list.
However, conventions and "clever reuse" beside the spec increases the volume of
"de facto" standardization in implementations, and bloats the amount of implicit
knowledge required to achieve interoperability.

I would really like to see these consideration addressed in the spec somehow.
If we can't get that done (being only cautiously hopeful that we can), it would
still be useful to gather insight from folks on this list on how these
shortcomings could best be addressed by implementations in the futue.

I'll leave it at this outline of the problem domain in this mail, but will
follow up with thoughts on solutions soon.

 - V


From nobody Fri May 31 05:27:23 2019
Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17BC11200B2 for <openpgp@ietfa.amsl.com>; Fri, 31 May 2019 05:27:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level: 
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nujnu216BQy7 for <openpgp@ietfa.amsl.com>; Fri, 31 May 2019 05:27:20 -0700 (PDT)
Received: from mail.dasr.de (mail.dasr.de [217.69.77.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF75B1200A1 for <openpgp@ietf.org>; Fri, 31 May 2019 05:27:19 -0700 (PDT)
Received: from p54b1e8be.dip0.t-ipconnect.de ([84.177.232.190] helo=chu.huenfield.org.walfield.org) by mail.dasr.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.86_2) (envelope-from <neal@walfield.org>) id 1hWgcu-0002gW-84; Fri, 31 May 2019 12:27:17 +0000
Date: Fri, 31 May 2019 14:27:15 +0200
Message-ID: <875zpqg670.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: Vincent Breitmoser <look@my.amazin.horse>
Cc: openpgp@ietf.org
In-Reply-To: <3LBKVNEMXC3DV.3JS3W5ZE7TFEZ@my.amazin.horse>
References: <3LBKVNEMXC3DV.3JS3W5ZE7TFEZ@my.amazin.horse>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?ISO-8859-4?Q?Goj=F2?=) APEL/10.8 EasyPG/1.0.0 Emacs/24.5 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/eiEwNC2SVtEgNFRRcM0NtZEepWM>
Subject: [openpgp] Optional User IDs
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 May 2019 12:27:22 -0000

At Fri, 31 May 2019 09:42:21 +0200,
Vincent Breitmoser wrote:
> However, despite this flexibility, there are shortcomings for the use case of
> distributing these updates in a privacy-preserving way:
> 
> 1. A TPK must consist of a primary key, followed by at least one UserID.
> Strictly speaking there doesn't have to be a signature on that User ID, but in
> practice OpenPGP implementations commonly consider TPKs that carry no UserID (or
> no signed UserID) as invalid.

My understanding is that this restriction has been lifted from 4880bis
for V4 keys.  Specifically, Section 12.1 now makes User IDs optional:

  Primary-Key
     [Revocation Self Signature]
     [Direct Key Signature...]
     [User ID [Signature ...] ...]

  https://datatracker.ietf.org/doc/draft-ietf-openpgp-rfc4880bis/?include_text=1

Whereas in 4880, this reads:

  Primary-Key
      [Revocation Self Signature]
      [Direct Key Signature...]
       User ID [Signature ...]
      [User ID [Signature ...] ...]

  https://tools.ietf.org/html/rfc4880#section-12.1

As I understand it, this change comes from merging
draft-atkins-openpgp-device-certificates, which says:

   The description in RFC 4880 requires a User ID.  Implementors of
   this specification can loosen that requirement such that an
   augmented V4 device certificate looks like the following sequence
   (no longer requiring a User ID packet):

   https://datatracker.ietf.org/doc/draft-atkins-openpgp-device-certificates/?include_text=1,

:) Neal