ding mailing list software corrupts PGP/MIME mail?

ding mailing list software corrupts PGP/MIME mail?

[Simon Josefsson]

[-- Attachment #1: Type: text/plain, Size: 607 bytes --]

On gnu.emacs.gnus it was pointed out that PGP/MIME with signatures
(the '-- ' kind of signature) doesn't work properly and some posts on
this list was given as examples.  Since the list software seem to have
have changed recently, I'm sending this to see whether it is indeed
the case.

The problem: Gnus encodes the signature delimiter '-- ' with QP as
=2D-=20, as is required by RFC 2440, but it is changed into '--=20'
(or similar) by some software, thus destroying the PGP signature.
Let's see if the following delimiter is trashed too (it left my system
via SMTP encoded as =2D-=20):

-- 

[-- Attachment #2: Type: application/pgp-signature, Size: 354 bytes --]

Re: ding mailing list software corrupts PGP/MIME mail?

[Xavier Maillard]

[-- Attachment #1: Type: text/plain, Size: 1070 bytes --]

<#secure method=pgpmime mode=sign>
On 18 avr 2003, Simon Josefsson said:

>  On gnu.emacs.gnus it was pointed out that PGP/MIME with signatures
>  (the '-- ' kind of signature) doesn't work properly and some posts on
>  this list was given as examples.  Since the list software seem to
>  have have changed recently, I'm sending this to see whether it is
>  indeed the case.
>  
>  The problem: Gnus encodes the signature delimiter '-- ' with QP as
>  =2D-=20, as is required by RFC 2440, but it is changed into '--=20'
>  (or similar) by some software, thus destroying the PGP signature.
>  Let's see if the following delimiter is trashed too (it left my
>  system via SMTP encoded as =2D-=20):

Hmm the only thing I can see from your message is that PGG failed to
recognizez your signature (marked as Failed) but I can't say it is
general cuz' I've already seen other PGG signed messages with signature
before.

zeDek
-- 
http://www.gnusfr.org -- French Gnus user site

Anti-war disclaimer:
	"Bombing for peace is like fucking for virginity"

[-- Attachment #2: Type: application/pgp-signature, Size: 188 bytes --]

Re: ding mailing list software corrupts PGP/MIME mail?

[Jochen Küpper]

[-- Attachment #1: Type: text/plain, Size: 1221 bytes --]

On Fri, 18 Apr 2003 19:18:59 +0200 Simon Josefsson wrote:

Simon> The problem: Gnus encodes the signature delimiter '-- ' with QP as
Simon> =2D-=20, as is required by RFC 2440, but it is changed into '--=20'
Simon> (or similar) by some software, thus destroying the PGP signature.
Simon> Let's see if the following delimiter is trashed too (it left my system
Simon> via SMTP encoded as =2D-=20):

On Sat, 19 Apr 2003 09:21:54 +0200 Xavier Maillard wrote:

Xavier> <#secure method=pgpmime mode=sign>

You seem to have two #secure directives in your mail.

Xavier> Hmm the only thing I can see from your message is that PGG
Xavier> failed to recognizez your signature (marked as Failed) but I
Xavier> can't say it is general cuz' I've already seen other PGG
Xavier> signed messages with signature before.

If you look at the raw message (C-u g) you can see what Simon is
talking about, I believe.

Then I see "- - = 2 0" (without the spaces), as expected by Simon in
his original posting.

Greetings,
Jochen
-- 
Einigkeit und Recht und Freiheit                http://www.Jochen-Kuepper.de
    Liberté, Égalité, Fraternité                GnuPG key: CC1B0B4D
        Sex, drugs and rock-n-roll

[-- Attachment #2: Type: application/pgp-signature, Size: 185 bytes --]

Re: ding mailing list software corrupts PGP/MIME mail?

[Simon Josefsson]

Xavier Maillard <zedek@gnu-rox.org> writes:

> <#secure method=pgpmime mode=sign>
> On 18 avr 2003, Simon Josefsson said:
>
>>  On gnu.emacs.gnus it was pointed out that PGP/MIME with signatures
>>  (the '-- ' kind of signature) doesn't work properly and some posts on
>>  this list was given as examples.  Since the list software seem to
>>  have have changed recently, I'm sending this to see whether it is
>>  indeed the case.
>>  
>>  The problem: Gnus encodes the signature delimiter '-- ' with QP as
>>  =2D-=20, as is required by RFC 2440, but it is changed into '--=20'
>>  (or similar) by some software, thus destroying the PGP signature.
>>  Let's see if the following delimiter is trashed too (it left my
>>  system via SMTP encoded as =2D-=20):
>
> Hmm the only thing I can see from your message is that PGG failed to
> recognizez your signature (marked as Failed) but I can't say it is
> general cuz' I've already seen other PGG signed messages with signature
> before.

Do you have a Message-Id?  I haven't seen any PGP/MIME signed messages
with the signature delimiter encoded properly as =2D-=20 on this list
since the mailing list change, but I only looked at a few messages.

Re: ding mailing list software corrupts PGP/MIME mail?

[Simon Josefsson]

Jochen Küpper <jochen@jochen-kuepper.de> writes:

> If you look at the raw message (C-u g) you can see what Simon is
> talking about, I believe.
>
> Then I see "- - = 2 0" (without the spaces), as expected by Simon in
> his original posting.

This is what I got too.  Is the mailing list admin reading the list?
I'm cc:ing it to be sure.  See
http://article.gmane.org/gmane.emacs.gnus.general/51606 for the entire
thread.

Re: ding mailing list software corrupts PGP/MIME mail?

[Jason L Tibbitts III]

>>>>> "SJ" == Simon Josefsson <jas@extundo.com> writes:

SJ> This is what I got too.  Is the mailing list admin reading the
SJ> list? I'm cc:ing it to be sure. 

Yes, I'm reading.  Yes, I'm looking into it.

 - J<

Re: ding mailing list software corrupts PGP/MIME mail?

[Jochen Küpper]

[-- Attachment #1: Type: text/plain, Size: 710 bytes --]

On Sat, 19 Apr 2003 12:24:40 +0200 Simon Josefsson wrote:

>> Then I see "- - = 2 0" (without the spaces), as expected by Simon in
>> his original posting.

Simon> This is what I got too.  Is the mailing list admin reading the list?
Simon> I'm cc:ing it to be sure.  See
Simon> http://article.gmane.org/gmane.emacs.gnus.general/51606 for the entire
Simon> thread.

AFAICT this issue is not solved yet. Is anybody working on it? Any
progress? Can we expect this to be fixed sometime soon?

Greetings,
Jochen
-- 
Einigkeit und Recht und Freiheit                http://www.Jochen-Kuepper.de
    Liberté, Égalité, Fraternité                GnuPG key: CC1B0B4D
        Sex, drugs and rock-n-roll

[-- Attachment #2: Type: application/pgp-signature, Size: 185 bytes --]

Re: ding mailing list software corrupts PGP/MIME mail?

[Jason L Tibbitts III]

>>>>> "Jochen" == Jochen Küpper <jochen@jochen-kuepper.de> writes:

Jochen> AFAICT this issue is not solved yet. Is anybody working on it?

Yes, I'm working on it.  I have a fix which I'm currently testing, but
it will need much more testing before I can even think of putting it
into production.  Even then, I have doubts about whether it would be
sufficient, or about whether it's even a good idea to allow messages
to go out without a complete decode/scrub/encode cycle in this age of
broken mail client software.

Can someone point me to the exact standard that says it is illegal to
encode the signature separator to "--=20".  Someone mentioned RFC2440,
but it doesn't include any mention at all of signature separators,
quoted-printable encoding or the string "--" in a relevant context.

 - J<

Re: ding mailing list software corrupts PGP/MIME mail?

[Simon Josefsson]

Jason L Tibbitts III <tibbs@math.uh.edu> writes:

>>>>>> "Jochen" == Jochen Küpper <jochen@jochen-kuepper.de> writes:
>
> Jochen> AFAICT this issue is not solved yet. Is anybody working on it?
>
> Yes, I'm working on it.  I have a fix which I'm currently testing, but
> it will need much more testing before I can even think of putting it
> into production.  Even then, I have doubts about whether it would be
> sufficient, or about whether it's even a good idea to allow messages
> to go out without a complete decode/scrub/encode cycle in this age of
> broken mail client software.
>
> Can someone point me to the exact standard that says it is illegal to
> encode the signature separator to "--=20".  Someone mentioned RFC2440,
> but it doesn't include any mention at all of signature separators,
> quoted-printable encoding or the string "--" in a relevant context.

RFC 3156 section 3 contains the argument why Gnus encodes the trailing
blank of '-- ' signatures.  (RFC 3156 doesn't cover plain OpenPGP
messages, but the argument about gateways are still valid.)

RFC 2440 section 7.1 contains the reason why Gnus escapes leading '-'.
(If we let the OpenPGP implementation escape it, using the dash escape
algorithm, the output is not backwards compatible with RFC 1991, which
didn't describe dash escaping.  And we want to support PGP 2.x.)

3.  Content-Transfer-Encoding restrictions

   Multipart/signed and multipart/encrypted are to be treated by agents
   as opaque, meaning that the data is not to be altered in any way [2],
   [7].  However, many existing mail gateways will detect if the next
   hop does not support MIME or 8-bit data and perform conversion to
   either Quoted-Printable or Base64.  This presents serious problems
   for multipart/signed, in particular, where the signature is
   invalidated when such an operation occurs.  For this reason all data
   signed according to this protocol MUST be constrained to 7 bits (8-
   bit data MUST be encoded using either Quoted-Printable or Base64).
   Note that this also includes the case where a signed object is also
   encrypted (see section 6).  This restriction will increase the
   likelihood that the signature will be valid upon receipt.

   Additionally, implementations MUST make sure that no trailing
   whitespace is present after the MIME encoding has been applied.

      Note: In most cases, trailing whitespace can either be removed, or
      protected by applying an appropriate content-transfer-encoding.
      However, special care must be taken when any header lines - either
      in MIME entity headers, or in embedded RFC 822 headers - are
      present which only consist of whitespace: Such lines must be
      removed entirely, since replacing them by empty lines would turn
      them into header delimiters, and change the semantics of the
      message.  The restrictions on whitespace are necessary in order to
      make the hash calculated invariant under the text and binary mode
      signature mechanisms provided by OpenPGP [1].  Also, they help to
      avoid compatibility problems with PGP implementations which
      predate the OpenPGP specification.

      Note: If any line begins with the string "From ", it is strongly
      suggested that either the Quoted-Printable or Base64 MIME encoding
      be applied.  If Quoted-Printable is used, at least one of the
      characters in the string should be encoded using the hexadecimal
      coding rule.  This is because many mail transfer and delivery
      agents treat "From " (the word "from" followed immediately by a
      space character) as the start of a new message and thus insert a
      right angle-bracket (>) in front of any line beginning with
      "From " to distinguish this case, invalidating the signature.

   Data that is ONLY to be encrypted is allowed to contain 8-bit
   characters and trailing whitespace and therefore need not undergo the
   conversion to a 7bit format, and the stripping of whitespace.

      Implementor's note: It cannot be stressed enough that applications
      using this standard follow MIME's suggestion that you "be
      conservative in what you generate, and liberal in what you
      accept."  In this particular case it means it would be wise for an
      implementation to accept messages with any content-transfer-
      encoding, but restrict generation to the 7-bit format required by
      this memo.  This will allow future compatibility in the event the
      Internet SMTP framework becomes 8-bit friendly.

7.1. Dash-Escaped Text

   The cleartext content of the message must also be dash-escaped.

   Dash escaped cleartext is the ordinary cleartext where every line
   starting with a dash '-' (0x2D) is prefixed by the sequence dash '-'
   (0x2D) and space ' ' (0x20). This prevents the parser from
   recognizing armor headers of the cleartext itself. The message digest
   is computed using the cleartext itself, not the dash escaped form.

   As with binary signatures on text documents, a cleartext signature is
   calculated on the text using canonical <CR><LF> line endings.  The
   line ending (i.e. the <CR><LF>) before the '-----BEGIN PGP
   SIGNATURE-----' line that terminates the signed text is not
   considered part of the signed text.

   Also, any trailing whitespace (spaces, and tabs, 0x09) at the end of
   any line is ignored when the cleartext signature is calculated.