|
|
@ -11,11 +11,11 @@ pi: [toc, sortrefs, symrefs, comments] |
|
|
|
|
|
|
|
author: |
|
|
|
{::include ../shared/author_tags/hernani_marques.mkd} |
|
|
|
#::include ../shared/author_tags/claudio_luck.mkd} |
|
|
|
#{::include ../shared/author_tags/claudio_luck.mkd} |
|
|
|
#{::include ../shared/author_tags/bernie_hoeneisen.mkd} |
|
|
|
|
|
|
|
normative: |
|
|
|
MIMESEC: RFC1847 |
|
|
|
# MIMESEC: RFC1847 |
|
|
|
RFC2119: |
|
|
|
PGPMIME: RFC3156 |
|
|
|
OpenPGP: RFC4880 |
|
|
@ -23,7 +23,8 @@ normative: |
|
|
|
RFC5322: |
|
|
|
RFC7435: |
|
|
|
SMIME: RFC5751 |
|
|
|
RFC5652: |
|
|
|
# RFC5652: |
|
|
|
# I-D.melnikov-iana-reg-forwarded: |
|
|
|
I-D.birk-pep: |
|
|
|
I-D.marques-pep-handshake: |
|
|
|
I-D.marques-pep-rating: |
|
|
@ -35,20 +36,19 @@ informative: |
|
|
|
# RFC7258: |
|
|
|
# RFC7942: |
|
|
|
# RFC8280: |
|
|
|
RFC8551: |
|
|
|
# RFC8551: |
|
|
|
# I-D.marques-pep-email: |
|
|
|
I-D.birk-pep-trustwords: |
|
|
|
I-D.melnikov-iana-reg-forwarded: |
|
|
|
I-D.pep-keysync: |
|
|
|
|
|
|
|
usenix.defective-sgn-enc: |
|
|
|
target: https://www.usenix.org/legacy/publications/library/proceedings/usenix01/full_papers/davis/davis_html/index.html |
|
|
|
title: "Defective Sign Encrypt in S/MIME, PKCS7, MOSS, PEM, PGP, and XML. 65-78" |
|
|
|
author: |
|
|
|
- |
|
|
|
ins: Don Davis |
|
|
|
name: Don Davis |
|
|
|
date: 2001 |
|
|
|
# usenix.defective-sgn-enc: |
|
|
|
# target: https://www.usenix.org/legacy/publications/library/proceedings/usenix01/full_papers/davis/davis_html/index.html |
|
|
|
# title: "Defective Sign Encrypt in S/MIME, PKCS7, MOSS, PEM, PGP, and XML. 65-78" |
|
|
|
# author: |
|
|
|
# - |
|
|
|
# ins: Don Davis |
|
|
|
# name: Don Davis |
|
|
|
# date: 2001 |
|
|
|
|
|
|
|
|
|
|
|
{::include ../shared/references/isoc-btn.mkd} |
|
|
@ -870,64 +870,21 @@ and the transport message. Note that the encrypted data in the |
|
|
|
"Container" entity is hereby represented in cleartext for a better |
|
|
|
overview. |
|
|
|
|
|
|
|
{::include artwork/msg-diagram-1.mkd} |
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-1.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
|
|
|
|
{: #pEp_F_1 title="Email Message Wrapping" artwork-align="center" } |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-2.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include artwork/msg-diagram-2.mkd} |
|
|
|
+==Container===========+ |
|
|
|
& EntHdr K & |
|
|
|
& & |
|
|
|
& +-Outer----------+ & |
|
|
|
& | Hdrs O | & |
|
|
|
& | To:, Cc: | & |
|
|
|
& | Subject: S | & |
|
|
|
& | | & |
|
|
|
& | { EntHdr P } | & |
|
|
|
& | +-Inner------+ | & +--Transport-----------------+ |
|
|
|
& | | Hdrs P | | & | Hdrs T | |
|
|
|
& | | To:, Cc: | | & | To:, Cc: | |
|
|
|
& | | Subject: S | | & | Subject: pEp | |
|
|
|
& | | | | | | |
|
|
|
& | | Original | | \ | { EntHdr C } | |
|
|
|
& | | Msg | | \ | { } | |
|
|
|
& | +------------+ | & \ | { Content-Type: } | |
|
|
|
& | | & \ { multipart/encrypted } | |
|
|
|
& | { EntHdr K } | & \ { } | |
|
|
|
& | +------------+ | & \ +==Container===========+ | |
|
|
|
& | | PubKeys | | & | \ //////////////////////& | |
|
|
|
& | +------------+ | & | \ /////////////////////& | |
|
|
|
& | | & | \ ////////////////////& | |
|
|
|
& / : / & | & \ ///////////////////& | |
|
|
|
& | : | & | &/ \ //////////////////& | |
|
|
|
& +----------------+ & | &// \ /////////////////& | |
|
|
|
& & | &/// \ ////////////////& | |
|
|
|
+======================+ | &//// \ ///////////////& | |
|
|
|
| &///// \ //////////////& | |
|
|
|
| &////// \ /////////////& | |
|
|
|
+-Outer----------+ | &/////// ////////////& | |
|
|
|
| Hdrs O | | &//////////////////////& | |
|
|
|
| | | &//////////////////////& | |
|
|
|
| { EntHdr P } | | &//////////////////////& | |
|
|
|
+-Inner------+ | +-Inner------+ | | &//////////////////////& | |
|
|
|
| Hdrs P | | | Hdrs P | | | &//////////////////////& | |
|
|
|
| To:, Cc: - - -/ | | To:, Cc: | | -----------------> //////////& | |
|
|
|
| Subject: S | | | Subject: S | | | &//////////////////////& | |
|
|
|
| | ---->| | | | | &//////////////////////& | |
|
|
|
| Original | | | Original | | | &//////////////////////& | |
|
|
|
| Msg | | | Msg | | | +======================+ | |
|
|
|
+------------+ | +------------+ | | | |
|
|
|
| | +----------------------------+ |
|
|
|
| { EntHdr K } | |
|
|
|
| +------------+ | |
|
|
|
| | PubKeys | | |
|
|
|
| +------------+ | |
|
|
|
| | |
|
|
|
| | |
|
|
|
/ : / |
|
|
|
| : | |
|
|
|
+----------------+ |
|
|
|
{: #pEp_F_3 title="Email Message Wrapping (Combined)" artwork-align="center" } |
|
|
|
|
|
|
|
|
|
|
@ -939,7 +896,11 @@ Content-Disposition) |
|
|
|
|
|
|
|
The "Container" Entity in the Transport message contains |
|
|
|
|
|
|
|
{::include artwork/msg-diagram-3.mkd} |
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-3.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
|
|
|
|
The application of {{SMIME}} results in a MIME entity of type |
|
|
@ -1066,8 +1027,12 @@ as an attachment. |
|
|
|
|
|
|
|
In its simplest form, such an email looks like the following: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-0.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Please note that also unencrypted pEp emails SHALL carry an |
|
|
|
X-pEp-Version header. |
|
|
|
|
|
|
@ -1173,23 +1138,39 @@ with pEp in message format 1 had the following structure: |
|
|
|
An example of a pEp-Message-Format-1 in its old form, which is |
|
|
|
NOT RECOMMENDED to be used anymore looks the following: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-1_old.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
There, decrypting the PGP encrypted text/plain element yields a text |
|
|
|
like the following; most obviously, the intended subject line |
|
|
|
is now visible: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-1-text-payload.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
The newer PEF_1 format, which is also considered pEp's compatibility format |
|
|
|
towards non-pEp clients, looks the following: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-1_old.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Decrypting the enclosed "msg.msc" part yields the following: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Note that in either case, the actual subject's value is encrypted in |
|
|
|
the very first text/plain MIME part under a multipart/mixed MIME node. |
|
|
|
|
|
|
@ -1223,8 +1204,12 @@ an 7bit octet stream with a filename "msg.asc", to be disposed inline. The |
|
|
|
subject is encrypted and in the "X-pEp-Version" header format version "2.0" |
|
|
|
SHALL be announced: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-2.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Decrypting "msg.asc" SHALL yield a multipart/mixed structure, with three |
|
|
|
elements: (1) a text part indicating this is the encapsulated message, (2) |
|
|
|
the actual RFC/822 message (with varying complexity) and (3) the transferable |
|
|
@ -1232,15 +1217,23 @@ sender's public key in ASCII-armored format. |
|
|
|
|
|
|
|
An unwrapped example looks like this: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-0.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
#### Example PEF-2: pEp to non-pEp {#pef-2-ex1-compat} |
|
|
|
|
|
|
|
From the outside, the exactly same wire format is visible as in {{pef-2-ex1}}, |
|
|
|
that is: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-2.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
The decrypted "msg.asc" octet stream also is a multipart/mixed Content-Type, |
|
|
|
but immediately exposes the MIME content part(s), with the transferable |
|
|
|
sender's public key at the very end. There's no full email encapsulation, |
|
|
@ -1248,8 +1241,12 @@ such that only the Subject header field gets protected by default. |
|
|
|
|
|
|
|
Concretly, that "msg.asc" element, when decrypted, looks like the following: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
## pEp-Email-Format-2.1 {#pef-2-1} |
|
|
|
|
|
|
|
\[\[ TBD: Explain guarantees and diff to PEF-2. \]\] |
|
|
@ -1260,12 +1257,20 @@ Concretly, that "msg.asc" element, when decrypted, looks like the following: |
|
|
|
|
|
|
|
\[\[ TBD: Add description. \]\] |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Unwrapping the "msg.asc" multipart/encrypted MIME part, yields this: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-1.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
#### Example PEF-2-1: pEp to pEp (support version 2.0) {#pef-2-1-ex2} |
|
|
|
|
|
|
|
Please note that when the receiving peer was registered as being only |
|
|
@ -1274,11 +1279,19 @@ essence is a PEF-2-0 format. |
|
|
|
|
|
|
|
On the wire, no difference is visble to example {{pef-2-1-ex1}} above: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
The "msg.asc" part, on the other hand, looks like this: |
|
|
|
|
|
|
|
{::inlucde examples/msg-part-decrypted-pef-2-1_compat-2-0.mkd} |
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-1_compat-2-0.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
Please note that this basically is a PEF-2-0 format, but with the additional |
|
|
|
pEp-specific headers for the wrapped RFC 822 message. |
|
|
@ -1291,13 +1304,21 @@ PEF-2-0. |
|
|
|
On the wire, PEF-2-1 is identical to {{pef-2}} except X-pEp-Version being set |
|
|
|
to version 2.1 instead of 2.0. |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
The "msg.asc", when decrypted, looks exactly the same as in |
|
|
|
{{pef-2-ex1-compat}}: |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
<!-- TBD: Rework |
|
|
|
|
|
|
|
|
|
|
@ -1487,7 +1508,11 @@ considered when rendering messages: |
|
|
|
| | Signed, no key | No | MODIFICATION_DETECTED | |
|
|
|
| | Bad signature | No | SIGNATURE_DOES_NOT_MATCH | |
|
|
|
|
|
|
|
{::include artwork/msg-rendering.mkwd} |
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{:#:include artwork/msg-rendering.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
For cases where Messages appear unsigned: e.g., signed with a private key |
|
|
|
there's no public key for, or with a bad signature, pEp's Privacy Status SHALL |
|
|
@ -1643,8 +1668,12 @@ trust management: |
|
|
|
As color code changes for an identity, it is also applied to future |
|
|
|
Messages to/from this identity. |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
{::include ../shared/ascii-arts/basic-msg-flow.mkd} |
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd} |
|
|
|
|
|
|
|
\[\[ TODO: Add more of what is specific to email \]\] |
|
|
|
|
|
|
|
## Privacy Status |
|
|
@ -1755,7 +1784,6 @@ This document has no actions for IANA. |
|
|
|
|
|
|
|
{::include ../shared/text-blocks/implementation-status.mkd} |
|
|
|
|
|
|
|
|
|
|
|
# Acknowledgements |
|
|
|
|
|
|
|
Special thanks go to Krista Bennett and Volker Birk for the reference |
|
|
|