On Mon, May 14, 2018 at 03:33:33PM +0200, Vincent Lefevre wrote: > About Efail <https://efail.de/>, you may be interested in this > discussion: > > https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html > > Mutt is probably safe as not rendering HTML, but this isn't clear...
The EFAIL team contacted Mutt in advance of their publication, politely and well in advance. At first it seemed we might have an S/MIME issue, but their subsequent testing found we were (mostly) okay. The only issue was that checking the certificate chain could notify someone the email had been opened. I think this can be mitigated by using the "# Section D: Alternatives" commands in contrib/smime.rc, but that cure may be worse than the problem. > And piping a decrypted mail to a browser (e.g. if there is no > text/plain part, and an attacker can ensure that) is not safe. > > Does it handle the GPG warning in a special way? The display of the > warning only is not sufficient since it can easily remain unnoticed > by the user. I added $pgp_decryption_okay in 1.6.0, which (when set to the defaults in contrib/gpg.rc) checks for "[GNUPG:] DECRYPTION_OKAY" output. If that's not there, the email is considered unsuccessfully decrypted. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
