Re: [exim] accepting email authenthicating on GPG/PGP signat…

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: exim-users
Subject: Re: [exim] accepting email authenthicating on GPG/PGP signature
* on the Tue, Apr 08, 2014 at 10:41:11PM +0100, Klaus Ethgen wrote:

>> Write a simple script which can handle the verification, and invoke it
>> via ${run...} in the ACL hooked up to the DATA command, to be run after
>> "CRLF.CRLF" is received and before the response is sent.
>
> This is not that simple. What if the mail is signed _and_ encrypted?
> Usually the encryption is done outside and the signature is inside.


That is not correct. With PGP, we always sign the ciphertext. We don't
encrypt signed plaintext. (*)

> Another problem is for mime signatures that can include several
> multipart parts. Inline signatures are easy but seldom seen today.


Mail::GnuPG is a very simple Perl module that will handle openpgp
operations on multipart MIME emails. A Perl script to verify such
an email would probably be about half a dozen lines of code.

(*) If we signed *then* encrypted, then it would allow attacks such as:

1.) You send me a signed email that is encrypted with my public key. I
decrypt, re-encrypt with somebody elses public key and forward on to
them. Now it looks like you sent the message to them instead of me.

2.) You send a signed but unencrypted email to somebody. I intercept
and encrypt it with their public key and forward on. Now they think
the message was encrypted along the entire path, but it wasn't.

-- 
Mike Cardwell  https://grepular.com https://emailprivacytester.com
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4