OpenPGP signature spoofing using HTML

Posted Oct 15, 2018 23:53 UTC (Mon) by karkhaz (subscriber, #99844)
In reply to: OpenPGP signature spoofing using HTML by sune
Parent article: OpenPGP signature spoofing using HTML

Mutt does. The situation you're describing commonly happens with emails from mailing lists, usually the author's original email is signed by them, but the mailing list software attaches a footer at the end. Here's what it looks like (author lightly redacted, although this was posted to a public mailing list):

Date: Wed, 29 Aug 2018 18:07:20 +0200
From: Alice Bobbins via llvm-devmeeting <llvm-devmeeting@lists.llvm.org>
To: llvm-devmeeting@lists.llvm.org
Subject: [llvm-devmeeting] Reserved speaker slots
User-Agent: Mutt/1.5.24 (2015-08-30)

[-- Attachment #1 --]
[-- Type: multipart/signed, Encoding: 7bit, Size: 1.6K --]

[-- Begin signature information --]
Good signature from: Alice Bobbins <bobbins@mpi-inf.mpg.de>
                aka: Alice Bobbins <alice@abobbins.de>
            created: Wed 29 Aug 2018 17:07:20 BST
WARNING: It is NOT certain that the key belongs to the person named as shown
above
Fingerprint: BDC2 D66D AC0C 846A 1988  0149 EE2C F631 81ED D94A
[-- End signature information --]

[-- The following data is signed --]

Quick question: The webpage does not mention the reserved registration
(as I think it used to in recent years). Is below quote from the CfP
still valid or did we eliminate reserved slots for speakers?

Thanks in advance,
  Alice

-- 
Alice Bobbins
Compiler engineer
University of Timbuktu


[-- End of signed data --]

[-- Attachment #2 --]
[-- Type: text/plain, Encoding: base64, Size: 0.2K --]

_______________________________________________
llvm-devmeeting mailing list
llvm-devmeeting@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-devmeeting
- s - 5427/5756: Alice Bobbins via   [llvm-devmeeting] Reserved spea -- (end)
Bottom of message is shown.
Warning: Part of this message has not been signed.

All lines beginning with [-- are not part of the email and are displayed in bold white (on a dark terminal). Similarly, the last line is the status bar and is displayed in cyan, and the signature information is also in a different colour.

OpenPGP signature spoofing using HTML

Posted Oct 17, 2018 17:19 UTC (Wed) by iam.TJ (guest, #56644) [Link] (1 responses)

The problem with using colours, especially in a text console application, is how a visually impaired person can be clearly notified of the security status.

When the information is presented in-line a screen-reader or braille display is not going to be able to differentiate.

Signature presence and verification ought to be presented out-of-band - outside the body of the email and where it cannot be faked.

OpenPGP signature spoofing using HTML

Posted Oct 18, 2018 12:15 UTC (Thu) by karkhaz (subscriber, #99844) [Link]

I'm not familiar with how braille displays render console output, but in the example I showed above the out-of-band information is the last line of text: that line always contains a status bar, and emails cannot write arbitrary text into it.

Does a braille display exactly copy the spacial layout of a terminal, such that the lowest line of the terminal sits at the bottom of the display? If so, then this still works. Otherwise, I'm not sure what the general solution is for out-of-band signalling that also works for visually impaired people. Note that when I said "bright white", what this really means is that text that mutt injects into the email is marked up with the bold attribute for terminal display (as opposed to regular email text, which has no formatting). So for this particular use case, it would suffice if a braille display could somehow indicate to its user that some range of text is 'bold' or otherwise important, no need for various colours.