On 12.03.13 23:46, Daniel Kahn Gillmor wrote: > Hi Enigmail folks-- > > The message i'm writing right now is not signed by me (please inspect > the source to verify). However, when viewed in enigmail, I believe it > will have a "Good signature" header if you already have my key. > > This is because i've attached another e-mail from me below, and that > e-mail itself is signed. that is, this message has a message/rfc822 > subpart that itself contains a PGP/MIME-signed message. > > Using the enigmail UI, i see no way to distinguish which part of the > message is actually the signed part.
Confirmed. > This seems to be a serious message verification/authenticity concern. > If anyone is unclear on the risk and is willing to volunteer, i'd be > willing to craft a bogus message to you from your own e-mail. just send > me a PGP/MIME-signed message, and i'll send you back a different message > "from yourself" that appears to be signed by you. I agree > I'm not sure how enigmail can address this issue -- i think there will > need to be some sort of UI change, but i'm not sure what the options are. > > One thought would be to refuse to process PGP/MIME signatures of > sub-parts (only process PGP/MIME if the message body itself is > content-type multipart/signed, but i suspect that would break many > common arrangements (e.g. this and other mailing lists make the whole > message itself multipart/mixed, put the multipart/signed original > message body as subpart, and then append a text/plain footer part). > > Some other MUAs (e.g. notmuch) do not have this problem because their > signature verification indicators are bound directly to the part of the > e-mail that is signed. > > Any suggestions for how to address this? Displaying the signature is one thing. This could be done e.g. using this approach: the message in the header says something like "a part of the message is signed, click 'Details' for more info" but the signature itself is not shown. However, how do you distinguish this case from a normal embedded message, like those produced by mailman? In other words, in both cases I have several message parts, and only one part is signed. This could be the significant content, but it could also be just a single space character. I have attached such a message to demonstrate this. -Patrick
--- Begin Message ---
signature.asc
Description: OpenPGP digital signature
--- End Message ---
_______________________________________________ enigmail-users mailing list [email protected] https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
