Security advisory emails - is the PGP signature correct?

rwv37

rwv37

I've never used PGP to try to verify emails before a few minutes ago, when I tried on a recent FreeBSD security advisory email (for "FreeBSD-SA-26:03.blocklistd"). It did not work, and I feel like there's a very good chance that I'm doing something incorrectly, but I'm not sure. Option #2 is I'm misunderstanding or missing something; #3 is it's an issue with my mail client (Thunderbird). But #4 is the emails are not properly set up for this, which seems important (from the FreeBSD point of view) if true, so I figured I'd ask about it here.

The FreeBSD Security Information page on freebsd.org says, in part, "Advisories are always signed using the FreeBSD Security Officer PGP key". So checked that link, and it goes to a file that sure looks like some sort of key or whatever. I then told Thunderbird's built-in "OpenPGP Key Manager" to "Import Key(s) from URL" for that page. It did so, importing one for "FreeBSD Security Officer <security-officer@freebsd.org>". Seems cool so far, I guess.

Thunderbird then considered the key "accepted but not verified", or something like that, and suggested that I manually verify the fingerprint. I found the claimed value of the fingerprint on freebsd.org, in the Handbook's "Appendix D. OpenPGPKeys". It did in fact match the fingerprint that Thunderbird was showing me, so I told Thunderbird that I had verified the fingerprint. Great. But here's where things went wrong:

Thunderbird now tells me that the email "has a digital signature, but a mismatch was detected. This message was sent from an email address that doesn't match the signer's public key."

There's a "View signer key" button with that, and clicking it brings me to the expected key (which is not surprising, as it's the only signer key I've ever imported into Thunderbird). It again notes that it is for "FreeBSD Security Officer <security-officer@freebsd.org>".

But the message is, in fact, not from that address. It is from "FreeBSD Security Advisories <security-advisories@freebsd.org>". Both the "To" and the "envelope-from". So Thunderbird's complaint about the email address not matching seems true? I looked on those freebsd.org pages for keys/fingerprints matching security-advisories@freebsd.org, but didn't find any.

So, I don't know if this is a problem with my lack of knowledge (maybe I have to somehow manually tell it that this key is good for this email address, though that would seem kind of wonky and potentially dangerous to me), with Thunderbird (at least its design - like I said its claim of a mismatched address seems to be true, but maybe it shouldn't be checking it this way), or with FreeBSD's email setup (shouldn't be sending from this address, or else should set up a key appropriate for it), or something else entirely.

Thanks in advance for any help.
 
The fact that the From header does not match the signature owner is just a warning. As long as the signature actually checks out then the content can be trusted.

However

A bigger problem is that the message is using a cleartext inline signature which is a bad [1] [2] [3] [4] [5] thing.
A detached signature should be used instead, especially because gnupg is not inclined to fix the cleartext vulnerabilities.

[1] https://events.ccc.de/congress/2025...gn-or-not-to-sign-practical-vulnerabilities-i
[2] https://dev.gnupg.org/T7900
[3] https://gpg.fail/nullbyte
[4] https://gnupg.org/blog/20251226-cleartext-signatures.html
[5] man gpg(): "It is suggested to avoid cleartext signatures in favor of detached signatures"
 
I receive my mails through sendmail+procmail an here is the filter used to convert inline PGP signature :
Code: 
# Convert old-style inline PGP messages to MIME
:0
* !^Content-Type: message/
* !^Content-Type: multipart/
* !^Content-Type: application/pgp
{
    :0 fBw
    * ^-----BEGIN PGP MESSAGE-----
    * ^-----END PGP MESSAGE-----
    | formail -i "Content-Type: application/pgp; format=text; x-action=encrypt"

    :0 fBw
    * ^-----BEGIN PGP SIGNED MESSAGE-----
    * ^-----BEGIN PGP SIGNATURE-----
    * ^-----END PGP SIGNATURE-----
    | formail -i "Content-Type: application/pgp; format=text; x-action=sign"
}
 
Thunderbirds PGP-Implementation is absolute garbage. Instead of using tested and mature tools like enigmail did before, they rolled their own implementation which had several high-rated CVEs right from the start. Don't use it - in fact don't use that bloatfest at all. It's the same as with Firefox: their primary goal is to remove all working and sane features and hide all options most people might need.
I have to support this @work and with every second release they completely butchered the UI again and added crap nobody asked for.

I've been using mail/claws-mail for decades now and it just works, is fast, adheres to standards and hides unnecessary crap (i.e. html emails) by default.
It also has a perfectly working and unintrusive GPG implementation (via mail/claws-mail-pgp) which just uses gnupg in the background - i.e. it completely integrates with the rest of the system and your GPG infrastructure (not like the isolated crap Thunderbird is doing):

1770883912098.png
 
sko said:
Thunderbirds PGP-Implementation is absolute garbage.
Click to expand...
True! If you need to communicate encrypted with others using Thunderbird, this mostly will fail. Making it necessary not only to educate them but also to convince them to use a better email client.
 
Edit text file. Encrypt and sign with GPG. Send the PGP file. The other side decrypts the text file, adds the reply keeping old text, then encrypt, sign, and send. Not comfortablе but practical and workable way.
 
dear god, no - don't use office gui cruft for simple text. and especially don't send that via email - thats the equivalent of making a screenshot from text output (or even worse).
Just use proper, text formatted emails that are mime-encrypted and/or signed. it's been standardized forever and works - that's what we have standards for.
 
My "method" was for using PGP with Thunderbird without its automation. About GUI editor - I agree that it is security risk (not sure whether it will store temporary file).
 
You must log in or register to reply here.
Back
Top