Bouncy Castle meta information removal request #319
Comments
|
Yea, it's something I've pondered in the past as well. I'm pretty sure I saw a way to do this in the BC API, but just kept getting sidetracked :) |
|
While we're at it, the default created MIME ID for messages also tends to "give away" some relatively private type of information. Example Not even sure if I could explicitly set it myself, as in if it's got a setter property - But especially for encrypted emails, the above is giving away a lot of information ... Thx, Can't wait to get my hands on your new stuff :D .t |
|
It looks like there's no way to avoid writing out a ArmoredOutputStream.ResetHeaders() will clear all headers and then add back the The only thing I can think of is to disguise it as GnuPG or something? |
|
Ah, you can do: By default it uses your local hostname because that's the suggestion made by the specs. |
|
Trying to figure out whether I should have an API for enumerating |
|
Weird that you can't remove the PGP BC info. Do you know if this is mentioned as a criteria in OpenPGP or something? I'd suspect it would be considered a bad thing to do ...? Regarding key rings versus keys, I wouldn't know. Normally I'd think people are looking for a specific key, and not a keyring ...? About the MIME ID, am I too paranoid when I say I want to try to hide the local hostname? What alternatives could I use here, that still would be considered a "valid MIME ID" you think ...? |
|
I don't think it matters that much since it's only the internal hostname of your machine, but I suppose it depends on what you name your machine (e.g. if you name it something sensitive, that might not be good). I've added APIs to enumerate both keyrings and keys. |
|
You're the champ! :) |
|
Pst, ready to release, only awaiting your NuGet package ... :) For the record, this stuff is built with your baby ... ;) https://gaiasoul.com/2017/08/07/sephia-five-military-grade-cryptography/ |
|
Sorry about that. Just released 1.18.0 to nuget :) |
|
Thx mate, did you read the link I sent you ...? :) |
|
One thing that I've noticed that Outlook does is it'll warn you if the message you are reading was sent by someone you've never received email from before (or received very few emails from). But an improvement on this feature might be to say "this email address looks similar to another email address in your address book, it may be a phishing email". I haven't really delved into fuzzy matching algorithms, but I think this would be one area that might be useful. Just figured I'd mention it since it seems to align with what Sephia 5 is all about. One of the problems I have with GMail is that it seems to collect every address that I've ever had contact with into my addressbook, and so when I go to type an address, if [email protected] has sent me an email and I want to send an email to [email protected], it might autocomplete to johndooe instead of johndoe, exacerbating the "oops, sent it to the wrong person" catastrophe. |
|
Interesting suggestions all of them. Your final point, I largely have a fix for, though not entirely. Yet still "good enough" I think, which is to create some better sorting when searching for contacts, according to volume, and/or last sent/received ... |
Basically, it will select the top five contacts, whom sent you an email, sorted according to who sent you an email most recently, excluding "spam" contacts, having the name or email starting out with whatever you type into the search query text box. Pretty nifty if you ask me ... Thx mate :) .t |
|
Cool! That would definitely be useful :) |
|
What should we do about this? I'd like to get this resolved before making the 1.18.1 release if we can, but that probably means either giving up on it or else setting it to some other hard-coded value that disguises the real version details. |
|
Hmm, I don't know. To be honest with you, I have seriously considered forking BC, optionally creating wrappers around it, using the original base as a foundation. There are other arguments in favour of doing such a thing too, such as that the code is not very intuitive, and highly "C# 1.0'ish". Such an act (of arguably desperation), would solve it though. Have you tried speaking to the devs of BC ...? |
|
Hah, looks like Peter Dettman actually fixed it. Now I mostly just need him to make a new release... |
|
Awesome!! Seems like I owe a lot of peeples out there some serious flowers!! :D |
|
Potential bug in his fix: bcgit/bc-csharp@53a508e (mostly documenting this for myself so I can find my comment again, hah!) I just did a bit of testing and it seems that even w/o a new release of bc-csharp, I can set the "Version" header to So it kinda sorta already works, but there's just an empty Version: header in the armored output. I think we can accept that for now until Peter releases a new nuget (at which point I'll update my nuget references and we'll get no Version: header at all). |
|
Nifty!! Besides, agree. Important to get it out, for then later to update when we've got the real goods. |
|
Looks like Oren Novotny has made a release of BouncyCastle.Portable with the fix, so I'm updating MimeKit.Portable, MimeKit.WindowsUniversal81 and MimeKit.NetStandard to use that instead. Not sure if you are using the .netstandard1.3 version of MimeKit or the old-school .net45 version. |
|
Hmm, what's the different ...? (I think I am using .net45) |
|
.netstandard is the newer .NET Core stuff that Microsoft is pushing for use with ASP.NET |
|
My stuff is built on WebForms, hence it probably wouldn't work, without a massive rewrite, which I don't see the point in.
|
|
Funny link ... :D |
There's this principle in security that one should never give away information about the implementation used to secure a system, which brings me to the PGP message created by MimeKit, which includes not only the fact that Bouncy Castle was used to encrypt the message, but even its versioning number.
Would it be possible to remove this, and make the PGP encrypted messages completely anonymous?
PS!
The above reasoning is the reasons why among other things the HTTP standard explicitly encourages implementers to not give away versioning numbers of the software used to handle the HTTP request ...
The text was updated successfully, but these errors were encountered: