Shibboleth 2.2.0 released

Recently a new paper "Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML" was published by Don Davis (see http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html\)

As our goal for Shibboleth is security and even more security, it was necessary to plug flaws mentioned in the paper. In short, if secure data (PGP in our case) is transferred over insecure media (SMTP), it is possible to substitute outer layer. The cure is: ``when signing and encryption are combined, the inner crypto layer must somehow depend on the outer layer, so as to reveal any tampering with the outer layer''.

Now all outgoing mail which is PGP signed by Shibboleth has headers included in the signed body.

To achieve this, pgp-sign-outgoing field in group configs was extended with values 'top' ('yes' is a synonim) and 'bottom' which specify place where headers should appear in the signed body.

Also there is global pgp-sign-outgoing which resides in shibboleth.conf file. It can have same range of values as in group config and is used for private mail (that one which is not sent to some defined group) and can be overriden by group config.

Generally Shibboleth mailing list software is targeted to any audience of users. It is designed to hide user identity as much as possible by means of address standartization. However till to this moment in some cases there was some particular kind of address leakage, namely, free mailers advertisements, which gave hints to guessing original user's identity.

From the other hand mailer adverts add additional load to a server running Shibboleth, which is also not always desirable.

So now, with Shibboleth 2.2.0, it it possible to define a regular expression to destroy such ads.