Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Grant Taylor
On 05/15/2018 10:46 AM, Kurt Andersen (b) wrote: People who run their GUI MUA to auto-decrypt and display undefanged HTML probably also run that client as root so the exploit is really quite a lot more risky than even the hype has made out. I doubt that. I'm sure that some of the people that

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Grant Taylor
On 05/15/2018 10:33 AM, Paul Rock wrote: You're tapping next next next in your email client, the client loads my message, sends me the decrypted text, and you scratch your head wondering why you got two copies of the message. The recipient shouldn't see the second copy of the decrypted

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Grant Taylor
On 05/15/2018 10:09 AM, John Levine wrote: I suppose, for the 10 seconds from the time the message is created until the attacker's MTA signs it on the way out. The bad guy can put a return address he controls on the malicious message and make the whole thing DMARC compliant. There is a much

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Paul Rock
If someone tries some sort of man in the middle inline injection attack to pull this off, sure, I can see DKIM catching that. But the really really nasty bit is the assumption is that you (the target) are running an email client that automatically decrypts any inbound message and render's the HTML

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread John Levine
In article <66d513ca-f33d-748b-e394-bceb6e1da...@spamtrap.tnetconsulting.net> you write: >-=-=-=-=-=- > >On 05/15/2018 08:15 AM, Kurt Andersen wrote: >> Manipulating MIME structures in email messages to expose the encrypted >> content: https://efail.de/ > >DKIM will not help protect against

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Grant Taylor
On 05/15/2018 08:15 AM, Kurt Andersen wrote: Manipulating MIME structures in email messages to expose the encrypted content: https://efail.de/ DKIM will not help protect against #Efail. Efail works by copying ciphertext into a new message and arranging for the client to decrypt it. Said new

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Steve Atkins
> On May 15, 2018, at 7:15 AM, Kurt Andersen wrote: > > Manipulating MIME structures in email messages to expose the encrypted > content: https://efail.de/ While I'd agree that the whole efail thing is a little over-hyped, I don't see where in the exploit process having

[dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

2018-05-15 Thread Kurt Andersen
Manipulating MIME structures in email messages to expose the encrypted content: https://efail.de/ --Kurt ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc