[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mail client implementations problem? bcc and encrypting to multiple recipients

To: sen_ml@xxxxxxxxxxx
Subject: Re: mail client implementations problem? bcc and encrypting to multiple recipients
From: "L. Sassaman" <rabbi@xxxxxxxxxxx>
Date: Tue, 22 Aug 2000 00:43:16 -0700 (PDT)
Cc: ietf-openpgp@xxxxxxx, Terje Elde <terje@xxxxxxxx>
In-reply-to: <20000822133357T.1001@xxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Why don't we make the "wild card" or "speculative" key id support a
SHOULD? I at least want to see all the client's being able to properly
decrypt messages that use this feature.

On Tue, 22 Aug 2000 sen_ml@xxxxxxxxxxx wrote:

> through some testing of existing mail clients, Terje Elde
> <terje@xxxxxxxx>, other members of the pgp-users@xxxxxxxxxxxxxxxx
> mailing list, and i have noticed that bcc-ed recipient key id
> information can be leaked to non-bcc-ed recipients.
> 
> it's probably obvious what the problem is, but for the sake of clarity:
> 
>   for the purposes of sending a message to a group of recipients, some 
>   mail clients create a single encrypted message body which is sent
>   out to all recipients, including bcc-ed recipients.
> 
>   since this means that each recipient receives a message containing a 
>   public key encrypted session key packet for each recipient, each recipient
>   is able to tell who all of the recipients were (assuming no use of
>   speculative key ids) -- or at least all key ids.
> 
>   even if speculative key ids were to be used, a recipient would likely
>   be able to tell that there were other recipients than those implied
>   in the headers of a message.  also, afaik, nai pgp doesn't support
>   speculative key ids, so in terms of interroperability it's not a great
>   option at this point.
> 
> we've found 5 mail clients that suffer this problem so far, so it
> seems like it may be a common implementation "choice".
> 
> [ we have also received reports that at least a couple of mail clients
> actually encrypt to each recipient separately and thus do not suffer
> this problem. ]
> 

__

L. Sassaman

Security Architect             |  "We all want many things,      
Technology Consultant          |   but some of those are bottomly
                               |   destructive of all desires."
http://sion.quickie.net        |               --Vernor Vinge

-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.

iD8DBQE5oi8aPYrxsgmsCmoRAnxyAJ0bAqYcrJDUEUVwIRJ6uz4jsX56kQCgqZkn
pqNTNhWyWSduOPkPWIeWbIQ=
=XnBR
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: mail client implementations problem? bcc and encrypting to multiple recipients
  - From: William H. Geiger III

References:
- mail client implementations problem? bcc and encrypting to multiple recipients
  - From: sen_ml

Prev by Date: mail client implementations problem? bcc and encrypting to multiple recipients
Next by Date: Re: mail client implementations problem? bcc and encrypting to multiple recipients
Previous by thread: mail client implementations problem? bcc and encrypting to multiple recipients
Next by thread: Re: mail client implementations problem? bcc and encrypting to multiple recipients
Index(es):
- Date
- Thread