Re: Inline-encryption, encryption failure when storing sent mails

Subject: Re: Inline-encryption, encryption failure when storing sent mails

Date: Tue, 18 Feb 2014 13:31:58 -0500

Cc:

On Tue 2013-08-20 13:03:27 -0400, Daniel Kahn Gillmor wrote:
> I've been meaning to write this up more cleanly, but a summary here will
> have to do for now:
>
> The MIME Content-Type header for an inline-PGP-signed e-mail message is
> not signed.  This means that an attacker can replay a signed message
> while undetectably changing the Content-Type.  One example of such an
> attack is to leave the base Content-Type as text/plain but to switch
> charsets -- the same bytestream can then be interpreted differently.

I've finally written this up, with a demonstration.  I'm hosting it here
for now:

   https://dkg.fifthhorseman.net/notes/pgp-inline-harmful/

i hope this is useful for future discussions about inline PGP.

Please let me know if you see any problems with the text or if you have
any questions.

   --dkg

part-000.sig (application/pgp-signature)

Previous message (by thread): Re: Inline-encryption, encryption failure when storing sent mails

Thread:

Simon Hirscher—Inline-encryption, encryption failure when storing sent mails [inbox, unread]
- David Bremner—Re: Inline-encryption, encryption failure when storing sent mails [inbox, unread]
  - Simon Hirscher—Re: Inline-encryption, encryption failure when storing sent mails [inbox, unread]
  - Daniel Kahn Gillmor—Re: Inline-encryption, encryption failure when storing sent mails [inbox, signed, unread]
    - Daniel Kahn Gillmor—Re: Inline-encryption, encryption failure when storing sent mails [inbox, signed, unread]