On 05/14/2018 09:45 AM, Werner Koch wrote:> The topic of that paper is that HTML is used as a back channel to create > an oracle for modified encrypted mails. It is long known that HTML > mails and in particular external links like <img href="tla.org/TAG"/> > are evil if the MUA actually honors them (which many meanwhile seem to > do again; see all these newsletters). Due to broken MIME parsers a > bunch of MUAs seem to concatenate decrypted HTML mime parts which makes > it easy to plant such HTML snippets.
The full details appear to be out [1]. If I read it correctly, it also has another attack, no longer based on user agents concatenating HTML mime parts, but also based on CFB gadgets. Which, here, looks like a flaw in the OpenPGP specification indeed (and thus GnuPG's implementation of it), and not in MUAs? [1] https://efail.de/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users