local part of e-mail addresses
Neal H. Walfield
neal at walfield.org
Sat Jul 25 18:16:08 CEST 2015
At Tue, 21 Jul 2015 14:24:42 +0200,
Werner Koch wrote:
> On Tue, 21 Jul 2015 13:24, neal at walfield.org said:
> > introduces a potential for false positives. However, I think it is
> > extremely rare that email addresses like neal at walfield.org and
> > Neal at walfield.org are distinct. Thus, I think in this case,
> > regularizing is the right approach.
> I concur. People actually tend to change capitalization of mail
> addresses so that common MUA configurations ignore the case.
> GnuPG's PKA system hashes the local-part but downcases all plain ASCII
> characters first. Characters with the MSB set are not touched and
> hashed verbatim. The reason for that the latter is that the rules for
> changing the case of characters > 127 depend on the locale and are
> sometimes not correctly implemented if at all well defined. This is all
> done on the UTF-8 encoding without any IDNA transformation.
I'm not familiar with this problem. Here are my thoughts. We want to
prevent attacks whereby an attacker creates a key that appears
legitimate, but does not trigger a conflict. Concretely, if the
user's email address is:
alice at example.org
Alice at example.org
should result in a conflict.
Let's assume that 'A' maps to different lower case letters in
different locales (say, 'a' and 'b'):
'A' -> 'a'
'A' -> 'b'
Moreover, let's assume that other letters also sometimes map to 'a'
'B' -> 'a'
'B' -> 'b'
If we map all of these letters to one representative letter, say 'x',
then 'alice' maps to 'xlice' and 'Alice' maps to 'xlice' and we
correctly identify a conflict!
The tradeoff is that we increase the false positive rate (i.e., we
suggest there is a conflict where this is none). But, if the
equivalent classes are relatively small, these should be manageable.
More information about the Gnupg-devel