Safe and useful handling of "Mixed Up" mangled messages

Rollins, Jameson jrollins at caltech.edu
Wed May 29 19:21:02 PDT 2019


On Wed, May 29 2019, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On Tue 2019-05-28 18:58:22 -0400, Daniel Kahn Gillmor wrote:
>> I forgot to mention: this test case makes use of the test_json_nodes
>> functionality introduced in 03/17 of the protected header series.
>>
>> So please only consider this after that patch has been merged.
>
> It has been merged, so this series is good to go.  Please review!
>
> I'm running this series today, and it is definitely useful.  It'd be
> great to get it into 0.29 if we can.

As someone who's messages have been mangled in this way, I very much
appreciate this fix.  Thank you dkg!

Daniel has documented this particular mangling very well in his IETF
draft [0], and this patch follows the recommendation there for fixing
messages.  The way he handles the repair seems reasonable to me (modulo
a couple minor comments in reply).  I suppose the index.repaired
property is a good way to indicate that a repair has happened.  Given
that we can have multiple properties with the same key, we will be able
to indicate other repairs in the same way, which is good.

All tests pass for me with these patches.

jamie.

[0] https://tools.ietf.org/html/draft-dkg-openpgp-pgpmime-message-mangling-00


More information about the notmuch mailing list