Spoofing OpenPGP.js signature verification

codeanlabs.com

97 points by ThomasRinsma 9 days ago


tptacek - 9 days ago

This is not normal. Modern cryptosystems don't have anything like PGP's insane "packet" format, which has caused other problems before this. There's no principal of design that would lead you to what PGP came up with, and the only reason we still have to deal with it is path dependence. I don't even care if you call the next design "PGP2", just throw this system in the bin and start over.

woodruffw - 9 days ago

Another year, another critical parsing vulnerability in the PGP ecosystem. Latacora has an excellent post[1] that touches on the excessive complexity of PGP's encoding which, remarkably, probably isn't even in the top 3 things wrong with PGP.

My personal favorite of these is when someone sent a weaponized compression packet to oss-sec in 2022[2].

[1]: https://www.latacora.com/blog/2019/07/16/the-pgp-problem/

[2]: https://seclists.org/oss-sec/2022/q3/9

egberts1 - 9 days ago

[flagged]