Open Bug 1688863 Opened 4 months ago Updated 3 months ago

When encrypting mails using OpenPGP, please use the 'combined method'

Categories

(MailNews Core :: Security: OpenPGP, defect)

defect

Tracking

(Not tracked)

UNCONFIRMED

People

(Reporter: justus, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0

Steps to reproduce:

Send an email encrypted using OpenPGP.

Actual results:

Resulting mail used 'RFC 1847 Encapsulation' (see https://tools.ietf.org/html/rfc3156#section-6.1).

Expected results:

Resulting mail uses the 'combined method' (see https://tools.ietf.org/html/rfc3156#section-6.2).

This is the preferred method of constructing mails encrypted with OpenPGP. It has several advantages:

  1. It fixes a security problem called surreptitious forwarding (see https://theworld.com/~dtd/sign_encrypt/sign_encrypt7.html) in combinationo with the proposed 'intended recipient subpacket' (see https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10#section-5.2.3.29).
  2. It is more robust, because the signature is computed over the content of the literal data packet contained in the OpenPGP message, where as with the encapsulation method it is computed over the content of the mime node, subject to mime parsing.
  3. It is much simpler to generate and consume.
Component: Untriaged → Security: OpenPGP
Product: Thunderbird → MailNews Core

Thunderbird 78 supports the combined use of internal RNP and external GnuPG.

Expert users may configure a secret key managed by GnuPG.

If this is done, all signing operations will be routed through GnuPG. However, because Thunderbird always uses its internal mechanisms for public key management, we always use the internal RNP library to encrypt.

This means that we must technically be able to use a two phase approach to create signed and encrypted messages. The nesting was the obvious approach to do that.

We currently always use the two step approach, even when doing both operations using RNP, for consistency.

You need to log in before you can comment on or make changes to this bug.