|
|
|
@ -11,11 +11,11 @@ pi: [toc, sortrefs, symrefs, comments]
|
|
|
|
|
|
|
|
|
|
author:
|
|
|
|
|
{::include ../shared/author_tags/hernani_marques.mkd}
|
|
|
|
|
#::include ../shared/author_tags/claudio_luck.mkd}
|
|
|
|
|
#{::include ../shared/author_tags/claudio_luck.mkd}
|
|
|
|
|
#{::include ../shared/author_tags/bernie_hoeneisen.mkd}
|
|
|
|
|
|
|
|
|
|
normative:
|
|
|
|
|
MIMESEC: RFC1847
|
|
|
|
|
# MIMESEC: RFC1847
|
|
|
|
|
RFC2119:
|
|
|
|
|
PGPMIME: RFC3156
|
|
|
|
|
OpenPGP: RFC4880
|
|
|
|
@ -23,7 +23,8 @@ normative:
|
|
|
|
|
RFC5322:
|
|
|
|
|
RFC7435:
|
|
|
|
|
SMIME: RFC5751
|
|
|
|
|
RFC5652:
|
|
|
|
|
# RFC5652:
|
|
|
|
|
# I-D.melnikov-iana-reg-forwarded:
|
|
|
|
|
I-D.birk-pep:
|
|
|
|
|
I-D.marques-pep-handshake:
|
|
|
|
|
I-D.marques-pep-rating:
|
|
|
|
@ -35,20 +36,19 @@ informative:
|
|
|
|
|
# RFC7258:
|
|
|
|
|
# RFC7942:
|
|
|
|
|
# RFC8280:
|
|
|
|
|
RFC8551:
|
|
|
|
|
# RFC8551:
|
|
|
|
|
# I-D.marques-pep-email:
|
|
|
|
|
I-D.birk-pep-trustwords:
|
|
|
|
|
I-D.melnikov-iana-reg-forwarded:
|
|
|
|
|
I-D.pep-keysync:
|
|
|
|
|
|
|
|
|
|
usenix.defective-sgn-enc:
|
|
|
|
|
target: https://www.usenix.org/legacy/publications/library/proceedings/usenix01/full_papers/davis/davis_html/index.html
|
|
|
|
|
title: "Defective Sign Encrypt in S/MIME, PKCS7, MOSS, PEM, PGP, and XML. 65-78"
|
|
|
|
|
author:
|
|
|
|
|
-
|
|
|
|
|
ins: Don Davis
|
|
|
|
|
name: Don Davis
|
|
|
|
|
date: 2001
|
|
|
|
|
# usenix.defective-sgn-enc:
|
|
|
|
|
# target: https://www.usenix.org/legacy/publications/library/proceedings/usenix01/full_papers/davis/davis_html/index.html
|
|
|
|
|
# title: "Defective Sign Encrypt in S/MIME, PKCS7, MOSS, PEM, PGP, and XML. 65-78"
|
|
|
|
|
# author:
|
|
|
|
|
# -
|
|
|
|
|
# ins: Don Davis
|
|
|
|
|
# name: Don Davis
|
|
|
|
|
# date: 2001
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{::include ../shared/references/isoc-btn.mkd}
|
|
|
|
@ -870,64 +870,21 @@ and the transport message. Note that the encrypted data in the
|
|
|
|
|
"Container" entity is hereby represented in cleartext for a better
|
|
|
|
|
overview.
|
|
|
|
|
|
|
|
|
|
{::include artwork/msg-diagram-1.mkd}
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-1.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{: #pEp_F_1 title="Email Message Wrapping" artwork-align="center" }
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-2.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include artwork/msg-diagram-2.mkd}
|
|
|
|
|
+==Container===========+
|
|
|
|
|
& EntHdr K &
|
|
|
|
|
& &
|
|
|
|
|
& +-Outer----------+ &
|
|
|
|
|
& | Hdrs O | &
|
|
|
|
|
& | To:, Cc: | &
|
|
|
|
|
& | Subject: S | &
|
|
|
|
|
& | | &
|
|
|
|
|
& | { EntHdr P } | &
|
|
|
|
|
& | +-Inner------+ | & +--Transport-----------------+
|
|
|
|
|
& | | Hdrs P | | & | Hdrs T |
|
|
|
|
|
& | | To:, Cc: | | & | To:, Cc: |
|
|
|
|
|
& | | Subject: S | | & | Subject: pEp |
|
|
|
|
|
& | | | | | |
|
|
|
|
|
& | | Original | | \ | { EntHdr C } |
|
|
|
|
|
& | | Msg | | \ | { } |
|
|
|
|
|
& | +------------+ | & \ | { Content-Type: } |
|
|
|
|
|
& | | & \ { multipart/encrypted } |
|
|
|
|
|
& | { EntHdr K } | & \ { } |
|
|
|
|
|
& | +------------+ | & \ +==Container===========+ |
|
|
|
|
|
& | | PubKeys | | & | \ //////////////////////& |
|
|
|
|
|
& | +------------+ | & | \ /////////////////////& |
|
|
|
|
|
& | | & | \ ////////////////////& |
|
|
|
|
|
& / : / & | & \ ///////////////////& |
|
|
|
|
|
& | : | & | &/ \ //////////////////& |
|
|
|
|
|
& +----------------+ & | &// \ /////////////////& |
|
|
|
|
|
& & | &/// \ ////////////////& |
|
|
|
|
|
+======================+ | &//// \ ///////////////& |
|
|
|
|
|
| &///// \ //////////////& |
|
|
|
|
|
| &////// \ /////////////& |
|
|
|
|
|
+-Outer----------+ | &/////// ////////////& |
|
|
|
|
|
| Hdrs O | | &//////////////////////& |
|
|
|
|
|
| | | &//////////////////////& |
|
|
|
|
|
| { EntHdr P } | | &//////////////////////& |
|
|
|
|
|
+-Inner------+ | +-Inner------+ | | &//////////////////////& |
|
|
|
|
|
| Hdrs P | | | Hdrs P | | | &//////////////////////& |
|
|
|
|
|
| To:, Cc: - - -/ | | To:, Cc: | | -----------------> //////////& |
|
|
|
|
|
| Subject: S | | | Subject: S | | | &//////////////////////& |
|
|
|
|
|
| | ---->| | | | | &//////////////////////& |
|
|
|
|
|
| Original | | | Original | | | &//////////////////////& |
|
|
|
|
|
| Msg | | | Msg | | | +======================+ |
|
|
|
|
|
+------------+ | +------------+ | | |
|
|
|
|
|
| | +----------------------------+
|
|
|
|
|
| { EntHdr K } |
|
|
|
|
|
| +------------+ |
|
|
|
|
|
| | PubKeys | |
|
|
|
|
|
| +------------+ |
|
|
|
|
|
| |
|
|
|
|
|
| |
|
|
|
|
|
/ : /
|
|
|
|
|
| : |
|
|
|
|
|
+----------------+
|
|
|
|
|
{: #pEp_F_3 title="Email Message Wrapping (Combined)" artwork-align="center" }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -939,7 +896,11 @@ Content-Disposition)
|
|
|
|
|
|
|
|
|
|
The "Container" Entity in the Transport message contains
|
|
|
|
|
|
|
|
|
|
{::include artwork/msg-diagram-3.mkd}
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
# {::include artwork/msg-diagram-3.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The application of {{SMIME}} results in a MIME entity of type
|
|
|
|
@ -1066,8 +1027,12 @@ as an attachment.
|
|
|
|
|
|
|
|
|
|
In its simplest form, such an email looks like the following:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-0.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Please note that also unencrypted pEp emails SHALL carry an
|
|
|
|
|
X-pEp-Version header.
|
|
|
|
|
|
|
|
|
@ -1173,23 +1138,39 @@ with pEp in message format 1 had the following structure:
|
|
|
|
|
An example of a pEp-Message-Format-1 in its old form, which is
|
|
|
|
|
NOT RECOMMENDED to be used anymore looks the following:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-1_old.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
There, decrypting the PGP encrypted text/plain element yields a text
|
|
|
|
|
like the following; most obviously, the intended subject line
|
|
|
|
|
is now visible:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-1-text-payload.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
The newer PEF_1 format, which is also considered pEp's compatibility format
|
|
|
|
|
towards non-pEp clients, looks the following:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-1_old.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Decrypting the enclosed "msg.msc" part yields the following:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Note that in either case, the actual subject's value is encrypted in
|
|
|
|
|
the very first text/plain MIME part under a multipart/mixed MIME node.
|
|
|
|
|
|
|
|
|
@ -1223,8 +1204,12 @@ an 7bit octet stream with a filename "msg.asc", to be disposed inline. The
|
|
|
|
|
subject is encrypted and in the "X-pEp-Version" header format version "2.0"
|
|
|
|
|
SHALL be announced:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-2.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Decrypting "msg.asc" SHALL yield a multipart/mixed structure, with three
|
|
|
|
|
elements: (1) a text part indicating this is the encapsulated message, (2)
|
|
|
|
|
the actual RFC/822 message (with varying complexity) and (3) the transferable
|
|
|
|
@ -1232,15 +1217,23 @@ sender's public key in ASCII-armored format.
|
|
|
|
|
|
|
|
|
|
An unwrapped example looks like this:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-0.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
#### Example PEF-2: pEp to non-pEp {#pef-2-ex1-compat}
|
|
|
|
|
|
|
|
|
|
From the outside, the exactly same wire format is visible as in {{pef-2-ex1}},
|
|
|
|
|
that is:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-2.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
The decrypted "msg.asc" octet stream also is a multipart/mixed Content-Type,
|
|
|
|
|
but immediately exposes the MIME content part(s), with the transferable
|
|
|
|
|
sender's public key at the very end. There's no full email encapsulation,
|
|
|
|
@ -1248,8 +1241,12 @@ such that only the Subject header field gets protected by default.
|
|
|
|
|
|
|
|
|
|
Concretly, that "msg.asc" element, when decrypted, looks like the following:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
## pEp-Email-Format-2.1 {#pef-2-1}
|
|
|
|
|
|
|
|
|
|
\[\[ TBD: Explain guarantees and diff to PEF-2. \]\]
|
|
|
|
@ -1260,12 +1257,20 @@ Concretly, that "msg.asc" element, when decrypted, looks like the following:
|
|
|
|
|
|
|
|
|
|
\[\[ TBD: Add description. \]\]
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Unwrapping the "msg.asc" multipart/encrypted MIME part, yields this:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-1.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
#### Example PEF-2-1: pEp to pEp (support version 2.0) {#pef-2-1-ex2}
|
|
|
|
|
|
|
|
|
|
Please note that when the receiving peer was registered as being only
|
|
|
|
@ -1274,11 +1279,19 @@ essence is a PEF-2-0 format.
|
|
|
|
|
|
|
|
|
|
On the wire, no difference is visble to example {{pef-2-1-ex1}} above:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
The "msg.asc" part, on the other hand, looks like this:
|
|
|
|
|
|
|
|
|
|
{::inlucde examples/msg-part-decrypted-pef-2-1_compat-2-0.mkd}
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-pef-2-1_compat-2-0.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
Please note that this basically is a PEF-2-0 format, but with the additional
|
|
|
|
|
pEp-specific headers for the wrapped RFC 822 message.
|
|
|
|
@ -1291,13 +1304,21 @@ PEF-2-0.
|
|
|
|
|
On the wire, PEF-2-1 is identical to {{pef-2}} except X-pEp-Version being set
|
|
|
|
|
to version 2.1 instead of 2.0.
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/pef-2-1.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
The "msg.asc", when decrypted, looks exactly the same as in
|
|
|
|
|
{{pef-2-ex1-compat}}:
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include examples/msg-part-decrypted-compat.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
<!-- TBD: Rework
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -1487,7 +1508,11 @@ considered when rendering messages:
|
|
|
|
|
| | Signed, no key | No | MODIFICATION_DETECTED |
|
|
|
|
|
| | Bad signature | No | SIGNATURE_DOES_NOT_MATCH |
|
|
|
|
|
|
|
|
|
|
{::include artwork/msg-rendering.mkwd}
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{:#:include artwork/msg-rendering.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
For cases where Messages appear unsigned: e.g., signed with a private key
|
|
|
|
|
there's no public key for, or with a bad signature, pEp's Privacy Status SHALL
|
|
|
|
@ -1643,8 +1668,12 @@ trust management:
|
|
|
|
|
As color code changes for an identity, it is also applied to future
|
|
|
|
|
Messages to/from this identity.
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/ascii-arts/basic-msg-flow.mkd}
|
|
|
|
|
|
|
|
|
|
{::include ../shared/fence-line.mkd}
|
|
|
|
|
|
|
|
|
|
\[\[ TODO: Add more of what is specific to email \]\]
|
|
|
|
|
|
|
|
|
|
## Privacy Status
|
|
|
|
@ -1755,7 +1784,6 @@ This document has no actions for IANA.
|
|
|
|
|
|
|
|
|
|
{::include ../shared/text-blocks/implementation-status.mkd}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Acknowledgements
|
|
|
|
|
|
|
|
|
|
Special thanks go to Krista Bennett and Volker Birk for the reference
|
|
|
|
|