[GnuPG against MS Live-Mail] Question: clearsign send-hook

Discussion:

(too old to reply)

Michael Uplawski

2016-12-10 07:49:34 UTC

Good morning.

Occasionally, people tell me,
-) that they see my messages but cannot read them
-) that they cannot read them
-) that they cannot [something] with my mail
-) that nothing works with my mail

I discovered, that these folks were using outlook, outlook.com, a
different service with a MS-provided web-interface and last week, I saw
with my own eyes the Live-Mail client. “The problem” appears to be, that
the body of my message is presented as a text-attachment alongside the
signature and this disturbs the user.

As I apply detached GnuPG-signatures, especially where my messages are
directed towards a group of people, an association or the like, I
venture that this signature is the origin of the misbehavior of some
client or another.

_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?

I may be nuts anyway, but maybe you have some experience to share.

TY.

Michael.

--
GnuPG brainpoolP512r1/5C2A258D 2015-10-02 [expires: 2017-10-01]
sub brainpoolP512r1/53461AFA 2015-10-02 [expires: 2017-10-01]

Jorgen Grahn

2016-12-10 09:18:09 UTC

Permalink

Post by Michael Uplawski
Good morning.
Occasionally, people tell me,
-) that they see my messages but cannot read them
-) that they cannot read them
-) that they cannot [something] with my mail
-) that nothing works with my mail
I discovered, that these folks were using outlook, outlook.com, a
different service with a MS-provided web-interface and last week, I saw
with my own eyes the Live-Mail client. "The problem" appears to be, that
the body of my message is presented as a text-attachment alongside the
signature and this disturbs the user.
As I apply detached GnuPG-signatures, especially where my messages are
directed towards a group of people, an association or the like, I
venture that this signature is the origin of the misbehavior of some
client or another.
_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?
I may be nuts anyway, but maybe you have some experience to share.

Which one is which? I forget. I like multipart/signed:

Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="1yeeQ81UyVL57Vl7"
Content-Disposition: inline

--1yeeQ81UyVL57Vl7
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

...

--1yeeQ81UyVL57Vl7
Content-Type: application/pgp-signature; name="signature.asc"

...

--1yeeQ81UyVL57Vl7--

I use it regularly, and don't think I've had any complaints. Not that
a lot of people read mail nowadays ...

A mail program which cannot cope with that in 2016 is simply broken,
and needs to be replaced. All it takes to show it properly is basic
MIME conformance.

/Jorgen

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .

Michael Uplawski

2016-12-10 09:40:48 UTC

Permalink

Thanks Jorgen,

there is some pressure building up, here, as regards the diffusion and
reaction to some specific messages, which adds real interest to my
(simple) curiosity. If Usenet comes to the rescue, joy comes in as a
third component. ;-)

On 10 Dec 2016 09:18:09 GMT,
Me too. This works with most ... people. Most of the time, at least.

Post by Jorgen Grahn
A mail program which cannot cope with that in 2016 is simply broken,
and needs to be replaced. All it takes to show it properly is basic
MIME conformance.

You use slrn, as do I and many others. We know.
A difficulty arises from he fact, that I am not in the position to make
a few people, some of which I do not even “know” in the wider sense of
the expression, replace *their* (or Microsoft's) mail-client.

For Live-Mail I have identified the problem in the detached signature.
This guy had not even reported trouble but contented in routinely
opening my messages in a text-editor! Be it so, but if the pgp_inline
option ( <--- Note the correction to my original post) helps to help all
the others, notably the users of outlook ex hotmail, sourcing a list of
exceptions in my .muttrc is easy.

But alas, they cannot tell me, as they cannot anything... :-(

Michael

Post by Jorgen Grahn
/Jorgen

--
GnuPG brainpoolP512r1/5C2A258D 2015-10-02 [expires: 2017-10-01]
sub brainpoolP512r1/53461AFA 2015-10-02 [expires: 2017-10-01]

Jorgen Grahn

2016-12-10 19:51:29 UTC

Permalink

Post by Michael Uplawski
Thanks Jorgen,
there is some pressure building up, here, as regards the diffusion and
reaction to some specific messages, which adds real interest to my
(simple) curiosity. If Usenet comes to the rescue, joy comes in as a
third component. ;-)
On 10 Dec 2016 09:18:09 GMT,
Me too. This works with most ... people. Most of the time, at least.

But is multipart/signed the format you ran into trouble with? I am
too lazy to check in detail, but it seems to be the default in mutt;
I have very little crypto configuration in my .muttrc.

Post by Michael Uplawski

Post by Jorgen Grahn
A mail program which cannot cope with that in 2016 is simply broken,
and needs to be replaced. All it takes to show it properly is basic
MIME conformance.

You use slrn, as do I and many others. We know.

More importantly, I use mutt.

Post by Michael Uplawski
A difficulty arises from he fact, that I am not in the position to make
a few people, some of which I do not even "know" in the wider sense of
the expression, replace *their* (or Microsoft's) mail-client.

I know. Sometimes I just back down and don't sign my email because the
recipient is too inept or busy to deal with her broken mail client.
Social status is part of it -- you don't typically tell your boss that
she's using broken tools.

When the topic arises, perhaps one could reply like this:

Internet mail was designed so that different people could use
different software and still send mail to each other. That
freedom was part of the core value of the Internet. The way they
did that was by definining simple protocols which everyone was
supposed to follow. These were documented in RFCs.

One of the problems with Internet mail is that it's easy to forge
mail. Back in the mid-1990s someone wrote the RFC on how to fix
that using encryption. The RFC was written so that recipients
without crypto software could still read their mail as before.

If, twenty years later, your software neither lets you detect
forged mail nor easily read signed mail without protection against
forgery, then that software is either two decades old, or broken.

It's not uncommon to encounter broken software, since large
companies are always tempted to try to gain market share by
breaking standards and closing their users in. I'm sorry, but
that's /your/ problem, not mine.

I might have gone a bit rude at the end.

Post by Michael Uplawski
For Live-Mail I have identified the problem in the detached signature.
This guy had not even reported trouble but contented in routinely
opening my messages in a text-editor!

That's what would happen when your mail program doesn't understand the
'inline' property.

Post by Michael Uplawski
Be it so, but if the pgp_inline option ( <--- Note the correction to
my original post) helps to help all the others, notably the users of
outlook ex hotmail, sourcing a list of exceptions in my .muttrc is
easy.

I don't know what pgp_inline means -- it doesn't seem to be documented
in my copy of mutt.

/Jorgen

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .

Ian Zimmerman

2016-12-11 17:53:17 UTC

Permalink

Post by Jorgen Grahn
It's not uncommon to encounter broken software, since large
companies are always tempted to try to gain market share by
breaking standards and closing their users in. I'm sorry, but
that's /your/ problem, not mine.

Have you looked at the mutt-users thread quoted in the other subthread,
down to the leaves?

Yes, some clients are broken. But it's worse than that: some MTAs are
broken, and your recipients are in no position to fix that.

--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Jorgen Grahn

2016-12-11 20:53:53 UTC

Permalink

Post by Ian Zimmerman

(That last part was probably too rude, and would need to be written
much better.)

Post by Ian Zimmerman
Have you looked at the mutt-users thread quoted in the other subthread,
down to the leaves?

I tried to, as I indicated in my other response.

Post by Ian Zimmerman
Yes, some clients are broken. But it's worse than that: some MTAs are
broken, and your recipients are in no position to fix that.

Which ones? Links to bug reports would be helpful.

Lots of what you wrote (but I didn't wade through all the postings in
all of the threads) was about 8-bit MIME, and sendmail downgrading
that to 7-bit QP. But (see elsewhere in this thread) that should not
be a problem for multipart/signed.

/Jorgen

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .

Ian Zimmerman

2016-12-12 17:58:59 UTC

Permalink

Post by Jorgen Grahn
Lots of what you wrote (but I didn't wade through all the postings in
all of the threads) was about 8-bit MIME, and sendmail downgrading
that to 7-bit QP. But (see elsewhere in this thread) that should not
be a problem for multipart/signed.

It is yet worse than that.

The MTA in the path to me (and I know of this problem because of
_incoming_ signed mail failing signature verification) transforms (not
always, but depending on phase of moon) perfectly valid QP-encoded lines
like

foo=20bar=20baz

into the equivalent

foo bar baz

apparently just because it thinks it can. In addition, it reflows
base-64 encoded parts (changes the line length, IIRC to 60 if the
original line length is larger than that).

None of this can be remotely imagined to be triggerred by RFC specified
7-bit downgrading: the next hop MTA is fully 8-bit capable and
advertises that fact.

How can I bug report this when the MTA runs on a system I don't control?
TBH I do have non-root shell access to it, but this might not have been
the case. This was the point of my post here: you cannot blame the
recipients for not being able to process GPG signed mail, not even
politely. It is beyond their control.

IMO the root problem is the PGP spec itself. The signature should have
been defined with respect to some _unique_ canonical form of the body
and the endpoint MUAs should have been required to transform from/into
that canonical form before signature verification/generation.

--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Jorgen Grahn

2016-12-13 06:36:55 UTC

Permalink

Post by Ian Zimmerman

I see. That's insane, but plausible.

Post by Ian Zimmerman
None of this can be remotely imagined to be triggerred by RFC specified
7-bit downgrading: the next hop MTA is fully 8-bit capable and
advertises that fact.
How can I bug report this when the MTA runs on a system I don't control?
TBH I do have non-root shell access to it, but this might not have been
the case.

So what's the MTA and where is the bug report? I can understand there
may be reasons you cannot give out the information, but I think you
can see that lack of information makes your story less believable.
(That's why I'm bothering you about it).

Post by Ian Zimmerman
This was the point of my post here: you cannot blame the
recipients for not being able to process GPG signed mail, not even
politely. It is beyond their control.

You've changed topic a bit since I entered the thread. I wrote about
users who were not interested in verifying signatures. The OP just
wanted them to see an ordinary mail (with a weird little attachment
and no false promise that the attachment made the mail "secure", I
guess).

Post by Ian Zimmerman
IMO the root problem is the PGP spec itself. The signature should
have been defined with respect to some _unique_ canonical form of
the body and the endpoint MUAs should have been required to
transform from/into that canonical form before signature
verification/generation.

Yes, perhaps that would have been better. But perhaps:

(a) They didn't think anyone writing an MTA would be stupid enough to
mess with the payload, except where implementing 8BITMIME would
make it necessary. Perhaps that's even an RFC violation.

(b) They didn't want to add that complexity to the software verifying
signatures: more code to be exploited.

(c) At some point you need to ask yourself what modifications are
forgeries. Perhaps PGP does the right thing when it alerts you
about these messages?

Sorry about the long reply; it's a bit misleading. I'm not really
that interested in an argument with you, and I'm not really that
knowledgable or interested in the subject (I want mail and PGP to
work, but it was 15+ years since I was more deeply involved).

/Jorgen

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .

Ian Zimmerman

2016-12-13 22:45:16 UTC

Permalink

Post by Jorgen Grahn
So what's the MTA and where is the bug report? I can understand there
may be reasons you cannot give out the information, but I think you
can see that lack of information makes your story less believable.
(That's why I'm bothering you about it).

sendmail, but there may be other stuff running on the server I don't
know about (e.g. as a milter, or something). I don't even _have_ all
the information, because some of the configuration is not world
readable. Which is just as if I didn't have the shell account at all.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584678#15

Post by Jorgen Grahn
You've changed topic a bit since I entered the thread. I wrote about
users who were not interested in verifying signatures. The OP just
wanted them to see an ordinary mail (with a weird little attachment
and no false promise that the attachment made the mail "secure", I
guess).

I see, sorry about that. But IIRC he wrote something like "recipients
say they can't read my mail, refuse to provide details". It's
conceivable (to me at least) that the reason is their MUA tries, but
fails, to verify the signature, and refuses to show the contents in such
circumstances. (Yes, that would of course be broken.)

Post by Jorgen Grahn
(c) At some point you need to ask yourself what modifications are
forgeries. Perhaps PGP does the right thing when it alerts you
about these messages?

It's hard to accept that POV just thinking about the representation of
spaces, but when I think about other possibilites, I start to see the
point, especially when Unicode gets into the picture.

Post by Jorgen Grahn
Sorry about the long reply; it's a bit misleading.

No problem at all, I welcome any interaction that brings me closer to
the bottom of these enigmas.

--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Michael Uplawski

2016-12-10 09:49:30 UTC

Permalink

“We are sorry for the inconvenience”
but as most servers nowadays do not seem to honor supercedes, I just put
in this correction-post to my original message.

On Sat, 10 Dec 2016 08:49:34 +0100,

Post by Michael Uplawski
_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?

I should have put it the other way around. In addition, the pgp_inline
option exists and can be set implicitly, if need be.

My next post (sort by thread, not chronologicaly) should clear it up
further.

Michael

Post by Michael Uplawski
I may be nuts anyway, but maybe you have some experience to share.
TY.
Michael.

--
GnuPG brainpoolP512r1/5C2A258D 2015-10-02 [expires: 2017-10-01]
sub brainpoolP512r1/53461AFA 2015-10-02 [expires: 2017-10-01]

Ian Zimmerman

2016-12-10 21:56:16 UTC

Permalink

Post by Michael Uplawski
As I apply detached GnuPG-signatures, especially where my messages are
directed towards a group of people, an association or the like, I
venture that this signature is the origin of the misbehavior of some
client or another.
_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?

Are you _sure_ these recipients actually can verify your GPG sig?

See recent discussion on the mutt users mailing list [1] and all the
subthreads is spawned, and see the blurb beneath my "-- " fold.

For me, the summary is: GPG signing (either inline or MIME) without
also encrypting is pretty much useless.

[1]
https://marc.info/?l=mutt-users&m=147417981514310&w=2

--
Please *no* private Cc: on mailing lists and newsgroups
Personal signed mail: please _encrypt_ and sign
Don't clear-text sign: http://cr.yp.to/smtp/8bitmime.html

Michael Uplawski

2016-12-11 07:42:28 UTC

Permalink

Thank you, Ian, for your response.

On Sat, 10 Dec 2016 13:56:16 -0800,

Post by Ian Zimmerman
Are you _sure_ these recipients actually can verify your GPG sig?

The question why I apply signatures to my mail is worth a discussion.
But this is *each time* that it is raised. I do not have to explain it
in this thread on the mutt newsgroup, though, and especially not to
people who know at least as much as myself or, more probably, a lot more
than myself, about the involved technology.

Post by Ian Zimmerman
For me, the summary is: GPG signing (either inline or MIME) without
also encrypting is pretty much useless.

A bunch of arguments are exchanged on these occasions. I am not enjoying
a feeling of superiority, when I thrust a spectacular technology-stack
upon people who have no explanation for what they see. I actually
consider giving up on the Internet altogether.

The observations that provoke my initial post are made after years of
routinely signing my mail, and a few more years after routinely
encrypting mail with GnuPG/PGP had made sense. Whatever my reasons are,
whatever I expect from the future or whatever I consider worth teaching
among my acquaintances is of no importance, even if the flaw in Live
Mail shows in the context of signed email. I have no reason to claim
that Live Mail would deal multipart/inline poorly in general. If this is
the case, the information could help me.

If, on the other hand with Mutt, I can avoid 1 problem at a time by
slightly changing my configuration options, it would be dumb to not try
it. Afterwards, we can exchange cooking recipes, talk about music videos
or compare our cement mixers.

Thanks anyway, have a nice Sunday, all. ;-)

Michael

Post by Ian Zimmerman
[1]
https://marc.info/?l=mutt-users&m=147417981514310&w=2

--
GnuPG brainpoolP512r1/5C2A258D 2015-10-02 [expires: 2017-10-01]
sub brainpoolP512r1/53461AFA 2015-10-02 [expires: 2017-10-01]

Jorgen Grahn

2016-12-11 09:22:32 UTC

Permalink

Post by Ian Zimmerman

Are you _sure_ these recipients actually can verify your GPG sig?
See recent discussion on the mutt users mailing list [1] and all the
subthreads is spawned, and see the blurb beneath my "-- " fold.
For me, the summary is: GPG signing (either inline or MIME) without
also encrypting is pretty much useless.

The mutt-users threads were hard to follow via the web interface, but
it seemed to boil down to signed mail from you being rewritten by MUAs
between you and the recipient, so that the signature check fails.

I have not had any such complaints myself. The few signed mails I
receive verify ok. But it seems to me the correct response is to fix
or work around the bug, not to stop signing.

Does mutt follow https://tools.ietf.org/html/rfc2015 section 3?
If not, that seems like a good place to start.

| 3. Content-Transfer-Encoding restrictions
|
| Multipart/signed and multipart/encrypted are to be treated by agents
| as opaque, meaning that the data is not to be altered in any way [1].
| However, many existing mail gateways will detect if the next hop does
| not support MIME or 8-bit data and perform conversion to either
| Quoted-Printable or Base64. This presents serious problems for
| multipart/signed, in particular, where the signature is invalidated
| when such an operation occurs. For this reason all data signed
| according to this protocol MUST be constrained to 7 bits (8- bit data
| should be encoded using either Quoted-Printable or Base64). Note
| that this also includes the case where a signed object is also
| encrypted (see section 6). This restriction will increase the
| likelihood that the signature will be valid upon receipt.
|
| Data that is ONLY to be encrypted is allowed to contain 8-bit
| characters and therefore need not be converted to a 7-bit format.

/Jorgen

Post by Ian Zimmerman
[1]
https://marc.info/?l=mutt-users&m=147417981514310&w=2

--
// Jorgen Grahn <grahn@ Oo o. . .
\X/ snipabacken.se> O o .

Eike Rathke

2016-12-11 12:43:12 UTC

Permalink

Post by Jorgen Grahn
Does mutt follow https://tools.ietf.org/html/rfc2015 section 3?

Yes.
Content-Transfer-Encoding: quoted-printable

Eike

--
OpenPGP/GnuPG encrypted mail preferred in all private communication.
Key "ID" 0x65632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A
Better use 64-bit 0x6A6CD5B765632D3A here is why: https://evil32.com/
Care about Free Software, support the FSFE https://fsfe.org/support/?erack
Use LibreOffice! https://www.libreoffice.org/

Eike Rathke

2016-12-11 12:43:12 UTC

Permalink

Post by Ian Zimmerman
For me, the summary is: GPG signing (either inline or MIME) without
also encrypting is pretty much useless.

No. Just because some MTA or mailing list software involved do alter the
mail body, in general it is not touched and signing mail is not useless.

Eike

Eike Rathke

2016-12-11 12:43:13 UTC

Permalink

Post by Michael Uplawski
_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?

That might make the mail more readable to the Outlook recipient (i.e.
not being an attachment there), but if you specialize for Outlook users
you can also omit signing the mail altogether because with a 99% chance
those users won't be using OpenPGP anyway and would never verify the
signature.

Eike

Michael Uplawski

2016-12-13 09:16:05 UTC

Permalink

Good morning, all.

I read the discussion, but do not feel competent to respond to all
posts, nor sufficiently intellectually challenged or suicidal enough to
try it anyway.

On 11 Dec 2016 12:43:13 GMT,

Post by Eike Rathke

Post by Michael Uplawski
_The question_: Could it help (or am I nuts), to configure a send-hook
against mail-addresses and there replace the clearsign-command by the
pgp_sign_command?

Danke Eike, for your response.

I want to explicitly *not specialize* but have my software take
decisions once that the conditions are met.

That detail about “99% would never etc.”
is a meta-problem which has been raised all the time for the 20 years,
that I try to figure things out. When I dare to mention encryption or
digital signatures, I usually concentrate on a technicality.

If my ignorance does harm, I will be able to change my behavior, but for
the time I feel good. Not using Web-Mail, nor IMAP, I usually keep all
copies of sent mails and even archive most of them.

Living my own utopia or my own illusion, I continue considering that
signing all mails (without exception) is better than to make exceptions
every now and then. Exceptions to a rule mean additional effort,
additional sources of error. Routine is often bad, especially in IT, but
where it comes to discussing behavioural patterns and adaptation to
social conventions... coping with mentalities and what not... routine is
saving *me* time.

I am just dumb that way. ;-)

Cheerio.

--
GnuPG brainpoolP512r1/5C2A258D 2015-10-02 [expires: 2017-10-01]
sub brainpoolP512r1/53461AFA 2015-10-02 [expires: 2017-10-01]