[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: many rejects (Re: Second call for votes for the debian project leader election 2007)

On Sun, 1 Apr 2007 22:02:18 +0200, Michal Čihař <michal@cihar.com> said: 

> Maybe I read RFC 3156 wrong, but I think it says exactly what I
> sent:

> 6.1.  RFC 1847 Encapsulation

>    In [2], it is stated that the data is first signed as a
>    multipart/signature body, and then encrypted to form the final
>    multipart/encrypted body.  This is most useful for standard MIME-
>    compliant message forwarding.

        No, you were quite correct; I had zone on RFC 1847
 Encapsulation while writing up dvt-gpg. Mind you, implementing this
 was icky, since this breaks the nice little work-flow where first we do
 mime decoding, and then gpg verifications; now devotee has to decrypt
 the mail message, note that there did not seem to be any signatures
 on the message, run the mime parser on the newly decrupted body, see
 if there are exactly two parts with the proper mime encoding, save
 the body and the signature, and then run gpg again over the new body
 and sig, and properly bubble up any errors at any stage of the

        No wonder people tried to warn me away from implementing my
 own mail handling and mime and gpg parsing when I started thinking
 about writing devotee.

        I added all this icky code to devotee, and now devotee is
 indeed fully compliant with RFC 3156.

        Anyway, there were 10 ballots which could have been affected,
 so I re-ran these ballots through devotee.

        9 failed to verify the sig.

        One of your ballots (msg00250) did pass the gpg check -- but
 you must have voted with the same ballot, since devotee says:
   Failure: The signature on the message, though valid, has been seen
   before.  This could be a potential replay attack

        So, after all this, no rejected ballot has been accepted --
 and indeed, 9 of the 10 were correctly rejected in the first place.

        But I'm happy to say that any RFC 3156 compliant message
 should now be correctly interpreted by devotee.

Authors (and perhaps columnists) eventually rise to the top of
whatever depths they were once able to plumb.  -- Stanley Kaufman
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: