subkey binding signature with no usage flags and/or a critical notation
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Sep 14 00:03:16 CEST 2013
On Wed 2013-09-11 17:46:41 -0400, Daniel Kahn Gillmor wrote:
> Without this patch, if a subkey with a usage flags subpacket that is
> all-zero appears, GnuPG thinks that the key is valid for all
> capabilities (usage: SCEA).
>
> This is dangerous in several ways:
>
> * if it's your own key, GnuPG will use it to sign messages or certify
> other OpenPGP certificates
>
> * if it's someone else's key, GnuPG will encrypt to it
>
> * if it's someone else's key, GnuPG may be willing to rely on OpenPGP
> certifications made by the key, despite the owner having clearly
> marked that it is not acceptable for that use.
>
> Depending on how such a key is actually used in practice, this may cause
> unrelated confidential data to be revealed, or it may let GnuPG follow
> spoofable paths through the WoT.
[...]
> I'm inclined to see this as a security vulnerability (because of the
> confidentiality and certification-following concerns); i'd like to see
> it fixed in the stable branches and assigned a CVE, so that i can push
> for getting it resolved in those distros that care about CVE coverage.
This is now CVE-2013-4351.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 965 bytes
Desc: not available
URL: </pipermail/attachments/20130913/a448044d/attachment-0001.sig>
More information about the Gnupg-devel
mailing list