On Sun, Sep 14, 2014 at 1:13 AM, Wei Chuang <[email protected]> wrote:
> > > On Sat, Sep 13, 2014 at 10:54 AM, Werner Koch <[email protected]> wrote: > >> On Fri, 12 Sep 2014 19:48, [email protected] said: >> >> > 1) S/MIME doesn't fully protect users mail envelope metadata. For >> example >> > the recipient and envelope-sender must be visible to the intermediate >> SMTP >> >> If you want that, it is easy to put the messaqge into a message/rfc822 >> mail container and use faked subject and other mailer header. >> > > Right I agree that there is a RFC5751 sec 3.1 ( > http://tools.ietf.org/html/rfc5751#page-18 ) that mentions the > message/rfc822, but unless I'm missing something one still has to specify > the intended recipient, and a return path. Even if the body and most > headers were wrapped hence private, an adversary could still find the > sender/recipient information very useful. > > Another issue albeit a small one with message/rfc822, was what to do if > the headers conflicted between the outer and inner messages. > Just wanted to point out that wrapping using message/rfc822 may have problems. In another thread regarding DMARC damage, one proposed mitigation is also to wrap the message but was noted that this could open the recipient to phishing attacks due to mishandling of headers by the recipients MUA. See http://www.ietf.org/mail-archive/web/ietf/current/msg89601.html John Levine suggested there using other options for mitigating against DMARC. In the S/MIME context I don't think that's possible to avoid wrapping if one wants to protect the headers, so work will have to be done to prevent opening a phishing vector. -Wei > > -Wei > > >> >> >> Salam-Shalom, >> >> Werner >> >> -- >> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. >> >> >
_______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
