[dane] first release of openpgpkey-milter, DANE assisted GnuPG email encryption milter

Paul Wouters <paul@nohats.ca> Mon, 06 January 2014 02:10 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id C1B341ADF31; Sun, 5 Jan 2014 18:10:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.639
X-Spam-Status: No, score=-0.639 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id fBC0HY8EwbCX; Sun, 5 Jan 2014 18:09:58 -0800 (PST)
Received: from bofh.nohats.ca (bofh.nohats.ca []) by ietfa.amsl.com (Postfix) with ESMTP id 3A5371ADF44; Sun, 5 Jan 2014 18:09:56 -0800 (PST)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 7128A80055; Sun, 5 Jan 2014 21:09:46 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1388974186; bh=9+Ih7YDuwO+rpCA0MXU8scmnpS35MvVu3/GsPoq79+s=; h=Date:From:To:Subject; b=VcqJ3QizgoAEmm6EtS5qpJ77NKrv8KGFHOtdbh8oMzaI9Lyli+BnH31iFgTUuTLFr 2M1SdNXCU8tdvdgiLtTmIsRy1IYv1XTxEMJeEukySomDvfSzczdEt+jlT8WE6Nobba a9+2fls6RjYLvA/X1i5ik9rdYB7jUpjGo3nfCHoQ=
Received: from localhost (localhost []) by bofh.nohats.ca (Postfix) with ESMTP id 5DCD880048; Sun, 5 Jan 2014 21:09:46 -0500 (EST)
Date: Sun, 5 Jan 2014 21:09:46 -0500 (EST)
From: Paul Wouters <paul@nohats.ca>
To: dane WG list <dane@ietf.org>, openpgp@ietf.org, dnssec-deployment <dnssec-deployment@dnssec-deployment.org>
Message-ID: <alpine.LFD.2.10.1401052057280.27751@bofh.nohats.ca>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
Subject: [dane] first release of openpgpkey-milter, DANE assisted GnuPG email encryption milter
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2014 02:10:01 -0000

I've released the first version of openpgpkey-milter, a sendmail/postfix
milter service that attempts to automatically encrypt emails using gnupg
based on the precense of a DNSSEC signed OPENPGPKEY record as specified
in http://tools.ietf.org/html/draft-wouters-dane-openpgp

It currently uses the private-use RRTYPE 65280.

Version 2.3 of hash-slinger has a new openpgpkey command that you can
use to generate OPENPGPKEY records. It supports generating the generic
type syntax. (http://people.redhat.com/pwouters/hash-slinger/)

My paul@nohats.ca email address is pusblishing this record. Feel free to
send me test emails, although if you don't hear back from me, perhaps
follow up at paul@cypherpunks.ca :)

This initial version does not yet handle multipart / MIME emails, and
the python-gnupg module has some known bugs with utf-8 / IDN. Punycode
support is also not included in this release. It was also not stress
tested on a busy mail server.

You can grab the tar ball at ftp://ftp.nohats.ca/openpgpkey-milter/ or
have a look at https://github.com/letoams/openpgpkey-milter/