What's wrong with this pubkey?

--
*Jorge Gonzalez Villalonga*
Systems Engineer
*The International Consortium of Investigative Journalists*
<https://www.icij.org>
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)

--
Thomas Bahn
Diplom-Mathematiker
Geschäftsführer

Tel.: 04307 900-401
Fax: 04307 900-409
Mobil: 0173 935 79 16
E-Mail: tbahn(a)assono.de

assono GmbH
Lise-Meitner-Straße 1-7
24223 Schwentinental

Geschäftsführer: Lydia Bahn, Thomas Bahn
Amtsgericht Kiel, HRB 8202 KI
Hauptsitz des Unternehmens: Schwentinental

Profitieren Sie von Künstlicher Intelligenz mit individuellen,
intelligenten Chatbots von assono.

Supportkosten senken - Kundenzufriedenheit steigern - Umsätze erhöhen
- Prozesse beschleunigen - Mehr Zeit für das Wesentliche

Von: "Jorge Gonzalez via Users" <users(a)lists.ciphermail.com>
An: users(a)lists.ciphermail.com
Kopie: "Jorge Gonzalez" <jorgegv(a)icij.org>
Datum: 22.06.2021 12:02
Betreff: What's wrong with this pubkey?

Hi people,

I'm having trouble sending encrypted PGP emails to the user of key with ID
0xd465eef3f810745c (attached). I have imported and trusted it in
Ciphermail, and then tried to send test emails with no success.

At first I thought it was something related with the "é" or "()" characters
("e" with a tilde), but I created a test PGP key with similar characters in
it, and everything worked fine with the test key.

My personal PGP key (0xaa976e29616d42d4) when imported in Ciphermail shows
in exactly the same way as the problematic one (except the obviousfields:
fingerprint, associated emails, dates, etc.), but test emails addressed to
both keys work fine for my key but not for the other.

Any ideas on what's special about this key that may prevent it from working
correctly?

Thanks

Jorge

--
Jorge Gonzalez Villalonga
Systems Engineer
The International Consortium of Investigative Journalists
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)[Anhang
"C5C0375C920BD3F66564FB2AD465EEF3F810745C (1).asc" gelöscht von Thomas
Bahn/assono]

El 22/6/21 a las 13:45, Thomas Bahn escribió:

Hi Jorge,

what happens,exactly when you send the email? What does "no success".mean?

Do you (as sender) get some information?

Had you have a look into the server logs?

Regards
Thomas

--
*Thomas Bahn*
Diplom-Mathematiker
Geschäftsführer

Tel.: 04307 900-401
Fax: 04307 900-409
Mobil: 0173 935 79 16
E-Mail: tbahn(a)assono.de

_https://www.assono.de_ <https://www.assono.de/&gt;
_https://www.assono.de/blog_ <https://www.assono.de/blog&gt;

*assono GmbH*
Lise-Meitner-Straße 1-7
24223 Schwentinental

Geschäftsführer: Lydia Bahn, Thomas Bahn
Amtsgericht Kiel, HRB 8202 KI
Hauptsitz des Unternehmens: Schwentinental

<https://www.assono.de/&gt;

Profitieren Sie von Künstlicher Intelligenz mit _individuellen,
intelligenten Chatbots_ <https://www.assono.de/chatbot&gt; von assono.

*Supportkosten* senken - *Kundenzufriedenheit *steigern - *Umsätze
*erhöhen - *Prozesse *beschleunigen - Mehr Zeit für das *Wesentliche*

Inaktiv: Details verbergen für "Jorge Gonzalez via Users"
---22.06.2021 12:02:06---Hi people, I'm having trouble sending
encryp"Jorge Gonzalez via Users" ---22.06.2021 12:02:06---Hi people,
I'm having trouble sending encrypted PGP emails to the user of key with

Von: "Jorge Gonzalez via Users" <users(a)lists.ciphermail.com>
An: users(a)lists.ciphermail.com
Kopie: "Jorge Gonzalez" <jorgegv(a)icij.org>
Datum: 22.06.2021 12:02
Betreff: What's wrong with this pubkey?

------------------------------------------------------------------------

Hi people,

I'm having trouble sending encrypted PGP emails to the user of key
with ID 0xd465eef3f810745c (attached). I have imported and trusted it
in Ciphermail, and then tried to send test emails with no success.

At first I thought it was something related with the "é" or "()"
characters ("e" with a tilde), but I created a test PGP key with
similar characters in it, and everything worked fine with the test key.

My personal PGP key (0xaa976e29616d42d4) when imported in Ciphermail
shows in exactly the same way as the problematic one (except the
obviousfields: fingerprint, associated emails, dates, etc.), but test
emails addressed to both keys work fine for my key but not for the other.

Any ideas on what's special about this key that may prevent it from
working correctly?

Thanks

Jorge

-- *
Jorge Gonzalez Villalonga*
Systems Engineer_
_*_The International Consortium of Investigative Journalists_*
<https://www.icij.org/&gt;
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)[Anhang
"C5C0375C920BD3F66564FB2AD465EEF3F810745C (1).asc" gelöscht von Thomas
Bahn/assono]

El 22/6/21 a las 14:18, Jorge Gonzalez escribió:

Yes, of course, my fault for now having written about it

Here is the mail log I see when the email enters Ciphermail:

Jun 14 16:33:37 localhost postfix/smtp[32363]: EA68240146:
to=<miguel.fiandor.gutierrez(a)gmail.com>,
relay=127.0.0.1[127.0.0.1]:10025, delay=0.1,
delays=0.01/0.01/0.04/0.04, dsn
=2.6.0, status=sent (250 2.6.0 Message received)
Jun 14 16:33:37 localhost postfix/qmgr[2163]: EA68240146: removed
Jun 14 16:33:37 localhost postfix/smtp[32364]: 016DF4030C:
to=<mfiandor(a)icij.org>, relay=127.0.0.1[127.0.0.1]:10025, delay=0.09,
delays=0.01/0.01/0.04/0.04, dsn=2.6.0, status=sent (250 2.6.0 Message
received)
Jun 14 16:33:37 localhost postfix/qmgr[2163]: 016DF4030C: removed

(There are no corresponding outgoing emails - Our setup goes through
an external smart host, Mailgun)

And the DJIGZO log says:

14 Jun 2021 16:33:37 | INFO There are no valid PGP encryption keys
for recipient(s); MailID: 638f3049-d431-4d82-b2f9-d290d048aac3;
Recipients: [miguel.fiandor.gutierrez(a)gmail.com];
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #3]

(...)

14 Jun 2021 16:33:37 | INFO There are no valid PGP encryption keys
for recipient(s); MailID: 51aa83ff-8cc3-43cc-b04a-4571dbd21f7e;
Recipients: [mfiandor(a)icij.org];
(mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]

The logs say that there is no PGP key available for encryption for
that email, but the key is enrolled in Ciphermail, it's trusted, and
it's associated to both emails.

J.

*Jorge Gonzalez Villalonga*
Systems Engineer
*The International Consortium of Investigative Journalists*
<https://www.icij.org>
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United States
Phone: +34 672 173 200 (Madrid, Spain)
El 22/6/21 a las 13:45, Thomas Bahn escribió:

Hi Jorge,

what happens,exactly when you send the email? What does "no
success".mean?

Do you (as sender) get some information?

Had you have a look into the server logs?

Regards
Thomas

--
*Thomas Bahn*
Diplom-Mathematiker
Geschäftsführer

Tel.: 04307 900-401
Fax: 04307 900-409
Mobil: 0173 935 79 16
E-Mail: tbahn(a)assono.de

_https://www.assono.de_ <https://www.assono.de/&gt;
_https://www.assono.de/blog_ <https://www.assono.de/blog&gt;

*assono GmbH*
Lise-Meitner-Straße 1-7
24223 Schwentinental

Geschäftsführer: Lydia Bahn, Thomas Bahn
Amtsgericht Kiel, HRB 8202 KI
Hauptsitz des Unternehmens: Schwentinental

<https://www.assono.de/&gt;

Profitieren Sie von Künstlicher Intelligenz mit _individuellen,
intelligenten Chatbots_ <https://www.assono.de/chatbot&gt; von assono.

*Supportkosten* senken - *Kundenzufriedenheit *steigern - *Umsätze
*erhöhen - *Prozesse *beschleunigen - Mehr Zeit für das *Wesentliche*

Inaktiv: Details verbergen für "Jorge Gonzalez via Users"
---22.06.2021 12:02:06---Hi people, I'm having trouble sending
encryp"Jorge Gonzalez via Users" ---22.06.2021 12:02:06---Hi people,
I'm having trouble sending encrypted PGP emails to the user of key with

Von: "Jorge Gonzalez via Users" <users(a)lists.ciphermail.com>
An: users(a)lists.ciphermail.com
Kopie: "Jorge Gonzalez" <jorgegv(a)icij.org>
Datum: 22.06.2021 12:02
Betreff: What's wrong with this pubkey?

------------------------------------------------------------------------

Hi people,

I'm having trouble sending encrypted PGP emails to the user of key
with ID 0xd465eef3f810745c (attached). I have imported and trusted it
in Ciphermail, and then tried to send test emails with no success.

At first I thought it was something related with the "é" or "()"
characters ("e" with a tilde), but I created a test PGP key with
similar characters in it, and everything worked fine with the test key.

My personal PGP key (0xaa976e29616d42d4) when imported in Ciphermail
shows in exactly the same way as the problematic one (except the
obviousfields: fingerprint, associated emails, dates, etc.), but test
emails addressed to both keys work fine for my key but not for the
other.

Any ideas on what's special about this key that may prevent it from
working correctly?

Thanks

Jorge

-- *
Jorge Gonzalez Villalonga*
Systems Engineer_
_*_The International Consortium of Investigative Journalists_*
<https://www.icij.org/&gt;
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United
States
Phone: +34 672 173 200 (Madrid, Spain)[Anhang
"C5C0375C920BD3F66564FB2AD465EEF3F810745C (1).asc" gelöscht von
Thomas Bahn/assono]

On Tue, 2021-06-22 at 16:11 +0200, Jorge Gonzalez via Users wrote:

Well, finally my user updated his key to not have the special "é" and
"()" chars, I reimported it in Ciphermail and now it works fine with
the updated key.
So it looks that special characters in the PGP metadata are finally
the culprits of this issue?
Martijn, what's your opinion? Should a ticket be opened for this?
Best regards
Jorge
Jorge Gonzalez Villalonga
Systems Engineer
The International Consortium of Investigative Journalists
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United
States
Phone: +34 672 173 200 (Madrid, Spain)
El 22/6/21 a las 14:18, Jorge Gonzalez escribió:
> Yes, of course, my fault for now having written about it
> Here is the mail log I see when the email enters Ciphermail:
> Jun 14 16:33:37 localhost postfix/smtp[32363]: EA68240146: to=<
> miguel.fiandor.gutierrez(a)gmail.com>,
> relay=127.0.0.1[127.0.0.1]:10025, delay=0.1,
> delays=0.01/0.01/0.04/0.04, dsn
> =2.6.0, status=sent (250 2.6.0 Message received)
> Jun 14 16:33:37 localhost postfix/qmgr[2163]: EA68240146: removed
> Jun 14 16:33:37 localhost postfix/smtp[32364]: 016DF4030C: to=<
> mfiandor(a)icij.org>, relay=127.0.0.1[127.0.0.1]:10025, delay=0.09,
> delays=0.01/0.01/0.04/0.04, dsn=2.6.0, status=sent (250 2.6.0
> Message received)
> Jun 14 16:33:37 localhost postfix/qmgr[2163]: 016DF4030C: removed
> (There are no corresponding outgoing emails - Our setup goes
> through an external smart host, Mailgun)
> And the DJIGZO log says:
> 14 Jun 2021 16:33:37 | INFO There are no valid PGP encryption keys
> for recipient(s); MailID: 638f3049-d431-4d82-b2f9-d290d048aac3;
> Recipients: [miguel.fiandor.gutierrez(a)gmail.com];
> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #3]
> (...)
> 14 Jun 2021 16:33:37 | INFO There are no valid PGP encryption keys
> for recipient(s); MailID: 51aa83ff-8cc3-43cc-b04a-4571dbd21f7e;
> Recipients: [mfiandor(a)icij.org];
> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
>
> The logs say that there is no PGP key available for encryption for
> that email, but the key is enrolled in Ciphermail, it's trusted,
> and it's associated to both emails.
> J.
> Jorge Gonzalez Villalonga
> Systems Engineer
> The International Consortium of Investigative Journalists
> 1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United
> States
> Phone: +34 672 173 200 (Madrid, Spain)
> El 22/6/21 a las 13:45, Thomas Bahn escribió:
> > Hi Jorge,
> >
> > what happens,exactly when you send the email? What does "no
> > success".mean?
> >
> > Do you (as sender) get some information?
> >
> > Had you have a look into the server logs?
> >
> > Regards
> > Thomas
> >
> > --
> > Thomas Bahn
> > Diplom-Mathematiker
> > Geschäftsführer
> >
> > Tel.: 04307 900-401
> > Fax: 04307 900-409
> > Mobil: 0173 935 79 16
> > E-Mail: tbahn(a)assono.de
> >
> > https://www.assono.de
> > https://www.assono.de/blog
> >
> > assono GmbH
> > Lise-Meitner-Straße 1-7
> > 24223 Schwentinental
> >
> > Geschäftsführer: Lydia Bahn, Thomas Bahn
> > Amtsgericht Kiel, HRB 8202 KI
> > Hauptsitz des Unternehmens: Schwentinental
> >
> >
> >
> > Profitieren Sie von Künstlicher Intelligenz mit individuellen,
> > intelligenten Chatbots von assono.
> >
> > Supportkosten senken - Kundenzufriedenheit steigern - Umsätze
> > erhöhen - Prozesse beschleunigen - Mehr Zeit für das
> > Wesentliche
> >
> > "Jorge Gonzalez via Users" ---22.06.2021 12:02:06---Hi people,
> > I'm having trouble sending encrypted PGP emails to the user of
> > key with
> >
> > Von: "Jorge Gonzalez via Users" <users(a)lists.ciphermail.com>
> > An: users(a)lists.ciphermail.com
> > Kopie: "Jorge Gonzalez" <jorgegv(a)icij.org>
> > Datum: 22.06.2021 12:02
> > Betreff: What's wrong with this pubkey?
> >
> >
> >
> > Hi people,
> > I'm having trouble sending encrypted PGP emails to the user of
> > key with ID 0xd465eef3f810745c (attached). I have imported and
> > trusted it in Ciphermail, and then tried to send test emails with
> > no success.
> > At first I thought it was something related with the "é" or "()"
> > characters ("e" with a tilde), but I created a test PGP key with
> > similar characters in it, and everything worked fine with the
> > test key.
> > My personal PGP key (0xaa976e29616d42d4) when imported in
> > Ciphermail shows in exactly the same way as the problematic one
> > (except the obviousfields: fingerprint, associated emails, dates,
> > etc.), but test emails addressed to both keys work fine for my
> > key but not for the other.
> > Any ideas on what's special about this key that may prevent it
> > from working correctly?
> > Thanks
> > Jorge
> > --
> > Jorge Gonzalez Villalonga
> > Systems Engineer
> > The International Consortium of Investigative Journalists
> > 1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 |
> > United States
> > Phone: +34 672 173 200 (Madrid, Spain)[Anhang
> > "C5C0375C920BD3F66564FB2AD465EEF3F810745C (1).asc" gelöscht von
> > Thomas Bahn/assono]

--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger

On Tue, 2021-06-22 at 12:01 +0200, Jorge Gonzalez via Users wrote:

Hi people,
I'm having trouble sending encrypted PGP emails to the user of key
with ID 0xd465eef3f810745c (attached). I have imported and trusted it
in Ciphermail, and then tried to send test emails with no success.
At first I thought it was something related with the "é" or "()"
characters ("e" with a tilde), but I created a test PGP key with
similar characters in it, and everything worked fine with the test
key.
My personal PGP key (0xaa976e29616d42d4) when imported in Ciphermail
shows in exactly the same way as the problematic one (except the
obviousfields: fingerprint, associated emails, dates, etc.), but test
emails addressed to both keys work fine for my key but not for the
other.
Any ideas on what's special about this key that may prevent it from
working correctly?
Thanks
Jorge

--
Jorge Gonzalez Villalonga
Systems Engineer
The International Consortium of Investigative Journalists
1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United
States
Phone: +34 672 173 200 (Madrid, Spain)

El 28/6/21 a las 13:33, Martijn Brinkers escribió:

Hi Jorge,

The issue was that the library I use for PGP (BC) did not take all
self-signature certification types into account. There can be different
types of certifications (0x10: Generic certification, 0x11: Persona
certification, 0x12: Casual certification, 0x13: Positive
certification).

The expiration check is able to check all certification types but if
one type returned an expiration value, it would not check the other
certification types for longer expiration values. The key you had
issues with used different self-signature certification types.

I changed the code to take all certification types into account.

There are some additional details, for example the faulty expiration
was only taken into account for the expiration value stored in the
database, so if you want more details, let me know.

The following commit should fix the issue:

SAML single sign-on for CipherMail B.V. · GitLab

Thanks for reporting.

Kind regards,

Martijn Brinkers