PGP / MIME
PGP / MIME is a special coding for the encryption and signing of emails by a hybrid cryptosystem . PGP / MIME-enabled mail programs can reliably detect that the email and its attachments are PGP / GnuPG -encrypted and / or PGP / GnuPG-signed. It is specified in RFC 3156 .
With PGP / MIME it is possible to encrypt and sign a message as a whole, i.e. including all file attachments , which is also done by default. Without knowing the private recipient key, it is not possible to tell whether attachments are encoded in the mail or what type they are. It is not possible to draw conclusions about the content of a mail.
In contrast to Mozilla Thunderbird , some popular mail programs did not master PGP / MIME until mid-2008. B. Microsoft Outlook , Outlook Express and the Mail module of Opera . These mail programs then usually only displayed the text "This is an OpenPGP / MIME encrypted message ( RFC 2440 and 3156)".
In 2006 the Federal Office for Information Security (BSI) commissioned the Gpg4win software package to encrypt e-mails and files. Since Gpg4win 2.3.0 (published on November 25, 2015) the “GpgOL” plug-in for Outlook 2010, 2013 and 2016 enables the reading of PGP / MIME and S / MIME emails. Mozilla Thunderbird in combination with Enigmail , GPGMail or KMail send encrypted mails in MIME format by default.
In its raw format, a PGP / MIME-encoded mail looks something like this:
Return-Path: <absender@example.org> Delivered-To: empfaenger@example.com Received: from mail.example.com (localhost [127.0.0.1]) by mail.example.com (ExampleMTA) with ESMTP id 776B01A40FA for <empfaenger@example.com; Mon, 17 Nov 2008 20:55:02 +0100 (CET) Message-ID: <77922349882211@example.org> From: Absender <absender@example.org> User-Agent: ExampleMUA 1.0 MIME-Version: 1.0 To: Empfaenger <empfaenger@example.com> Subject: PGP/MIME-Testmail Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="------------24i8m5cu37hapwm904t8v" This is an OpenPGP/MIME encrypted message (RFC 2440 and 3156) --------------24i8m5cu37hapwm904t8v Content-Type: application/pgp-encrypted Content-Description: PGP/MIME version identification Version: 1 --------------24i8m5cu37hapwm904t8v Content-Type: application/octet-stream; name="encrypted.asc" Content-Description: OpenPGP encrypted message Content-Disposition: inline; filename="encrypted.asc" -----BEGIN PGP MESSAGE----- Version: GnuPG v1.5.0 (GNU/Hurd) SlCIp2OH5FGLfdWHISzTvSuoPw/e4s8EurdY/rVp4zfJ/kOs6fZadzKqZG7AGWnI q0Npz0vb11RKAORbVMIf55lRaGIfBA2W+ddV/p17QsSJpOwO4QcnJGLS/aXr1paD [...] myL/Id+j96/hOBC1ylhz8EGSNml5GvhrstxHqRftr6S7DwZ/YM44J51kMX1ybYyf X25sKEqWCr9Y1IiZGWiiA+jNL1+Mdx6l4+KxBbQ/TRiHPik= =K731 -----END PGP MESSAGE----- --------------24i8m5cu37hapwm904t8v--
Alternatives
With PGP / INLINE , each attachment is encrypted individually. The file name is legible and it is possible to draw conclusions about the content of the message.
With S / MIME , similar to PGP / MIME, the format of the encrypted e-mail or attachments is standardized. It is also possible to encrypt a message as a whole, i.e. including the attachments. It is therefore difficult to draw conclusions about the content of a mail. However, S / MIME is not compatible with the PGP-based PGP / INLINE and PGP / MIME.
Web links
swell
- ↑ https://tools.ietf.org/html/rfc3156
- ↑ http://hp.kairaven.de/pgp/gpg/gpganhang1.html
- ↑ http://www.bretschneidernet.de/tips/secmua.html.de
- ↑ https://www.gpg4win.de/
- ↑ Emanuel Schütze: [Gpg4win-announce-de] Gpg4win 2.3.0 released. November 25, 2015, accessed November 25, 2015 .