Unsigned text in message

OpenPGP addon for Mozilla Thunderbird

Brought to you by: pbrunschwig

#349 Unsigned text in message

Status: invalid

Owner: nobody

Labels: None

Found in Version: 1.7.2

Severity: Major

Thunderbird version:

GnuPG version:

Operating System: All

Fixed in version: ---

Cc: nobody

Updated: 2014-10-19

Created: 2014-10-17

Creator: Sylvestre Ledru

Private: No

With Enigmail 1.7.2, some unsigned text is being added the email (This is an OpenPGP/MIME signed message (RFC 4880 and 3156)).

Header:

Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="7Iv8OgrfTnRVfpvoj000MHsXphNdcLvhD"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--7Iv8OgrfTnRVfpvoj000MHsXphNdcLvhD
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

This breaks some verification tools (Debian key check mailing list for example).

It would be nice to disable this text to be added.

Discussion

Ludwig Hügelschäfer - 2014-10-17

The text "This is an OpenPGP/MIME signed message (RFC 4880 and 3156)" is a courtesy to non PGP/MIME aware mailers, so they can actually see some content explaining the two "attachments". Other mailers are doing something similar. All PGP/MIME aware mailers will simply ignore this line.

Why does this break the Debian key check mailing list?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2014-10-18

No, this doesn't break signature. The signed data starts with the line following "--7Iv8OgrfTnRVfpvoj000MHsXphNdcLvhD" and ends with the next occurrence of " --7Iv8OgrfTnRVfpvoj000MHsXphNdcLvhD". Anything outside is not part of the signed data and perfectly OK.

Whatever breaks the signature; it's certainly not something outside the signed data.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Patrick Brunschwig - 2014-10-18

status: open --> invalid
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Don Armstrong - 2014-10-18

The problem is that you're including non-signed text in the message, which means that the entire message is not signed, only the signed subpart is. Debian mailing lists (for example), reject messages to signed-only mailing lists which contain unsigned parts.

There should at least be an option to disable this feature.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ludwig Hügelschäfer - 2014-10-19

The whole message is never signed. All header lines - which are much more important than the "This is an OpenPGP/MIME..." line - are never signed. There is simply no standard specifiying how this should be done. So, its very easy to send a message to those lists with completely spoofed "To", "From", "Date" and "Subject" header lines to demonstrate the nonsense of not accepting non-signed parts.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Don Armstrong - 2014-10-19

Yes, it's true that you can spoof headers. This is a well known problem with PGP/MIME, and I'm not aware of a good solution for it. But it's well within the mailing list's authority to rip out all of the headers sent to it by the client; it's much more difficult to figure out what bits of the non-signed body are appropriate to ignore.

I personally disagree with the reasoning for including the text, but having an option to disable it will resolve both halves of this issue.

Without it, we'll just continue telling people that they cannot use enigmail to send messages to Debian mailing lists which require signing. [My only personal stake in this is trying to eliminate the couple of times I've had to track down this problem.]

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.