GnuPG Gpg4win Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • RecentChanges
  • FindPage
  • HelpContents
Revision 1 as of 2018-08-31 07:27:54
  • PgpPartitioned

PGP Partitioned

PGP Partitioned is a format optionally used by Symantec in it's Endpoint security solution.

It's not an official standard, it does not have a content type. There is just some mailing thread describing it. (partitioned) PGP Partitioned is basically a word for "PGP/Inline Mail Body and each attachment encrypted / signed separately "

It can usually be identified by a "PGPexch.htm.pgp" Attachment containing the body of the mail as a HTML Page.

Symantec's PGP Desktop can be configured to send PGP/MIME. This should be preferred.

Critique

  • PGP Partitioned is not standardized in an RFC.
  • It does not properly handle encoding as it uses PGP/Inline.
  • Attachments and the Text are encrypted / signed as different PGP Messages.

E.g. for a Signed and Encrypted Message with 10 Attachments a receiving MUA would have to show 10 different decryption and verification states. To do this securely and user friendly is nearly impossible.

An attacker could add or remove attachments to a mail or change the encoding specified in the mail header making this format inherently insecure.

  • This site is hosted by Intevation GmbH
  • |
  • Datenschutzerklärung und Impressum
  • |
  • Privacy Policy and Imprint