headers
Vinnie Moscaritolo | 11 Mar 2011 19:39

MIME media type literal packet in OpenPGP

* PGP Signed: 03/11/2011 at 10:39:52 AM
Greating;

I just posted an informational draft about some minor changes that the PGP sdk
is now supporting.   comments and complaints are welcome.

be kind, this is my first time doing this.

http://www.ietf.org/id/draft-moscaritolo-openpgp-literal-00.txt

 This document describes an extension to the OpenPGP Message Format
   that allows a Multipurpose Internet Mail Extension (MIME) Media Type
   (aka Intenet Media type) to be associated with the encoded content.
   By providing more information beyond the existing binary and text
   formats this extension and can enable the automated selection of an
   appropriate media viewer for the decoded content.



-------------------------------------------------------

Vinnie Moscaritolo
Principal Cryptographic Engineer
PGP, now a part of Symantec Corporation
PGP Fingerprint:
7E64 B73D 55AB CEF5 B3BB  E501 E985 A429 9CFE ACEC



* Vinnie Moscaritolo <vinnie <at> pgpeng.com>
* 0x9CFEACEC:0xBAD29397
 
Permalink | Reply |
headers
David Shaw | 11 Mar 2011 20:49

Re: MIME media type literal packet in OpenPGP


On Mar 11, 2011, at 1:39 PM, Vinnie Moscaritolo wrote:

> * PGP Signed: 03/11/2011 at 10:39:52 AM
> Greating;
> 
> I just posted an informational draft about some minor changes that the PGP sdk
> is now supporting.   comments and complaints are welcome.
> 
> be kind, this is my first time doing this.
> 
> http://www.ietf.org/id/draft-moscaritolo-openpgp-literal-00.txt

This looks reasonable enough to me.

I'd add a note to the Security Considerations section that when using this method on a signed document, the
MIME type is changeable without invalidating the signature (since the signature hash does not cover the
literal packet metadata).  This could allow an attacker to force a particular content handler to run (say,
by changing text/plain to image/jpeg).  When encrypting (or signing+encrypting) the MDC helps you here,
but for a signed (only) document, there is an opening for mischief.

Also, a minor typo:

   By providing more information beyond the existing binary and text
   formats this extension and can enable the automated selection of an
   appropriate media viewer for the decoded content.

"...and can enable..." should probably be "...can enable...".

I like this bit:

   o  The MIME media type MAY have an OPTIONAL null byte termination.
      Any data that follows such a null byte should be discarded and not
      considered part of the MIME media type.

That effectively leaves open a possibility of having a third (hopefully small) string in that field, which
may be useful someday.

Implementation-wise, there is a minor gotcha here as GPG actually allows nulls in the filename.  By
default, GPG ignores the filename field, but there is an option (--use-embedded-filename) which tells
GPG to actually use that field for the filename, and it will interpret a null as a literal "\0" (i.e.
backslash plus zero).  I wouldn't worry terribly much about it, but if this draft is adopted we'll have to
update GPG to handle it.

David
Permalink | Reply |
headers
Daniel A. Nagy | 11 Mar 2011 22:24

Re: MIME media type literal packet in OpenPGP

On 03/11/2011 07:39 PM, Vinnie Moscaritolo wrote:
> * PGP Signed: 03/11/2011 at 10:39:52 AM
> Greating;
> 
> I just posted an informational draft about some minor changes that the
> PGP sdk
> is now supporting.   comments and complaints are welcome.

Hello,

I have two complaints about this proposal:

1. There is an already widely used way of encapsulating MIME content
into PGP messages, PGP/MIME (a.k.a. RFC 3156), and this proposal is not
compatible with it.

2. In this proposal, mime type would not be part of the hashed content
for digital signatures, meaning that it can be changed without breaking
the digital signature. This is dangerous. PGP/MIME does not have this
weakness.

--

-- 
Daniel
Permalink | Reply |
headers
Jon Callas | 14 Mar 2011 19:13
Gravatar

Re: MIME media type literal packet in OpenPGP


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I have two complaints about this proposal:
> 
> 1. There is an already widely used way of encapsulating MIME content
> into PGP messages, PGP/MIME (a.k.a. RFC 3156), and this proposal is not
> compatible with it.
> 
> 2. In this proposal, mime type would not be part of the hashed content
> for digital signatures, meaning that it can be changed without breaking
> the digital signature. This is dangerous. PGP/MIME does not have this
> weakness.

Comments on your comments, Daniel.

I think the word MIME is a misnomer, because it has nothing to do content. It has to do with data typing only.
It's a way to say that a PGP blob in (e.g. a web page) is of a certain type. Without it, you have to infer type
from the file name, which is suboptimal. All that it does is let you say that a PGP output has a certain media
type explicitly.

If you're doing a MIME mail message, then yes, that's a much better way to express things. But if you're doing
secured web content, especially dynamic content (think Web 2.0 etc.), then it's much better to put the
exact media type in the blob, so it can be handled properly when the higher levels get it.

You're absolutely right that it's unsigned. That's unfortunate. It is also what we have to work with. It is,
at least, covered by an MDC packet, which is better than nothing and likely good enough. On the other side of
it, you don't have to get into trust issues, either, which is a plus. 

This grew out of some fantastic work that Vinnie did for secure Web 2.0 content using OpenPGP as the
encryption framework. It let you do things like Facebook messages and lists that Facebook couldn't read itself.

	Jon

-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.10.0 (Build 554)
Charset: us-ascii

wj8DBQFNflrWsTedWZOD3gYRAlm8AJwPYnQz46Uzg2k/q2Niy1npO0szeACg2yuu
g2+6IsNLh29RgU5kKXcska0=
=QJnd
-----END PGP SIGNATURE-----
Permalink | Reply |
headers
Aaron Toponce | 12 Mar 2011 01:03
Picon
Gravatar

Re: MIME media type literal packet in OpenPGP

On 03/11/2011 11:39 AM, Vinnie Moscaritolo wrote:
> * PGP Signed: 03/11/2011 at 10:39:52 AM

Curious, but I can't find the signature, even though your email says
that it is signed. Am I missing something?

--

-- 
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
Permalink | Reply |

Gmane