Encrypt to Bcc should be allowed
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(Not tracked)
People
(Reporter: se, Unassigned)
References
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:80.0) Gecko/20100101 Firefox/80.0
Steps to reproduce:
I have for as long as I can remember (more than a decade) sent encrypted messages to my own sender address as a Bcc.
Trying to continue this practice with Thunderbird 78 did not work.
Actual results:
The mail was not sent and I was asked to either remove the Bcc or change it into a CC.
Expected results:
With Thunderbird+Enigmail a warning was shown for Bcc recipients, since their identities are revealed in the message due to the way PGP works.
Since I know what I'm doing (sending the Bcc to me just for verification of the correct encryption result as sent to the actual recipients) I'm very annoyed by now being forced to use CC or not receive an actual copy via the MTA.
At least for the case that a Bcc is identical with the sender (and encrypt to self is active), there is absolutely no reason to deny the Bcc.
But even in other cases the existence of the Bcc recipient may be exposed to all other receivers without any violation of confidentiality. This can only be decided by the sender and that was the case with Thunderbird+Enigmail: The warning about the consequences of sending encrypted messages to Bcc recipients (with encryption for them) let the user decide whether this was acceptable or not.
Another possible solution might be to send to Bcc recipients, but to not include their public keys in the encryption process. If Sender and Bcc recipient are identical or if the Bcc recipient is in possession of the private key of one of the To/CC recipients, the message can be decoded. But in that case no information about the Bcc recipient is leaked via the PGP key data included in the message.
I consider this a defect since it voids a feature that was present in Enigmail.
|
||
Updated•5 years ago
|
|
||
Comment 1•5 years ago
|
||
(In reply to Stefan Eßer from comment #0)
Since I know what I'm doing (sending the Bcc to me just for verification of the correct encryption result as sent to the actual recipients) I'm very annoyed by now being forced to use CC or not receive an actual copy via the MTA.
Bcc and cc doesn't really make a difference in what you get. And since PGP reveals the metadata you don't really get any advantage by using it over cc.
You may know what you're doing. But I think you'd be hard pressed to find 0.1% of users who would understand the implications.
|
||
Comment 2•5 years ago
|
||
I think sending BCC to the sender address of the email is the one address that we allow to be used?
You sure it isn't working?
|
|
||
Comment 3•5 years ago
|
||
I just tested and it works for me
|
Reporter | |
Comment 4•5 years ago
|
||
It does not work for me, just tested, screen dump of the "OpenPGP Alert" available per mail on request (seems I cannot upload any attachments to this report ...)
Message text:
OpenPGP Alert
BCC (blind copy) recipients cannot be used when sending an encrypted message. To send this encrypted message, either remove the BCC recipients or move them to the CC field.
PS: Just noticed Kai's mail address and sent him a mail with the screen dump as an attachment ...
|
|
Reporter | |
Comment 5•5 years ago
|
||
My mistake: I had valid mail addresses for the same mail account in From: and Bcc:, but one was the abridged alias of the full name and I cannot expect Thunderbird to recognize them as one account (even though the PGP keys indicate that this is one identity with multiple mail addresses using the same key).
It might be possible to widen the test for sender and Bcc to consider the PGP key information (associated mail addresses) instead of comparing From and Bcc fields for identity, but since it is simple to have the pre-configured sender and bcc addresses match, the extra complexity does not appear to be appropriate to me.
Description
•