[Medup] Protocol for peer-to-peer synchronization of secret key material (new draft)
Hernâni Marques (p≡p foundation) <hernani.marques@pep.foundation> Sat, 13 July 2019 10:09 UTC
Return-Path: <hernani.marques@pep.foundation>
X-Original-To: medup@ietfa.amsl.com
Delivered-To: medup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA804120133 for <medup@ietfa.amsl.com>; Sat, 13 Jul 2019 03:09:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGeOameFOWk1 for <medup@ietfa.amsl.com>; Sat, 13 Jul 2019 03:09:47 -0700 (PDT)
Received: from dragon.pibit.ch (dragon.pibit.ch [94.231.81.244]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15320120090 for <medup@ietf.org>; Sat, 13 Jul 2019 03:09:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id CA17E171C055 for <medup@ietf.org>; Sat, 13 Jul 2019 12:09:43 +0200 (CEST)
Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OzmW9ynjFm07 for <medup@ietf.org>; Sat, 13 Jul 2019 12:09:13 +0200 (CEST)
Received: from [192.168.43.135] (101.235.197.178.dynamic.wless.lssmb00p-cgnat.res.cust.swisscom.ch [178.197.235.101]) by dragon.pibit.ch (Postfix) with ESMTPSA id CB0C9171C035 for <medup@ietf.org>; Sat, 13 Jul 2019 12:09:12 +0200 (CEST)
References: <156252185924.518.6267662147833081715.idtracker@ietfa.amsl.com>
To: medup@ietf.org
From: "Hernâni Marques (p≡p foundation)" <hernani.marques@pep.foundation>
Openpgp: id=31733E0C598D3A1CF70955D6CB5738652768F7E9
X-Forwarded-Message-Id: <156252185924.518.6267662147833081715.idtracker@ietfa.amsl.com>
Message-ID: <20ab2ae0-e0ce-59b4-ff50-a7e9f9417f48@pep.foundation>
Date: Sat, 13 Jul 2019 12:09:11 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <156252185924.518.6267662147833081715.idtracker@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="7DrVY8HBlKsF85EhtAvM3xtovJlT60JtX"
Archived-At: <https://mailarchive.ietf.org/arch/msg/medup/OcIx4RAoJYo8L1rt_L56oXhag_Q>
Subject: [Medup] Protocol for peer-to-peer synchronization of secret key material (new draft)
X-BeenThere: medup@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Missing Elements for Decentralized and Usable Privacy <medup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/medup>, <mailto:medup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/medup/>
List-Post: <mailto:medup@ietf.org>
List-Help: <mailto:medup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/medup>, <mailto:medup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jul 2019 10:09:50 -0000
Dear folks From pEp side, we are describing a protocol for p2p sync of private key material and provide a finite-state machine which can be implemented for that task; see draft below. We use Trustwords for authentication of the pairing; see also this Thread on Twitter for other ideas on that part: https://twitter.com/BerndPaysan/status/1149749653727928320 Feedback is very welcome. In Montreal, we'll also be able to demonstrate how it works, in terms of message flow and and user interaction (for example, between Android and Outlook mail clients). Greets Hernani -------- Forwarded Message -------- Subject: New Version Notification for draft-hoeneisen-pep-keysync-00.txt Date: Sun, 07 Jul 2019 10:50:59 -0700 From: internet-drafts@ietf.org To: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>, Hernani Marques <hernani.marques@pep.foundation> A new version of I-D, draft-hoeneisen-pep-keysync-00.txt has been successfully submitted by Bernie Hoeneisen and posted to the IETF repository. Name: draft-hoeneisen-pep-keysync Revision: 00 Title: pretty Easy privacy (pEp): Key Synchronization Protocol Document date: 2019-07-07 Group: Individual Submission Pages: 74 URL: https://www.ietf.org/internet-drafts/draft-hoeneisen-pep-keysync-00.txt Status: https://datatracker.ietf.org/doc/draft-hoeneisen-pep-keysync/ Htmlized: https://tools.ietf.org/html/draft-hoeneisen-pep-keysync-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-hoeneisen-pep-keysync Abstract: Modern users of messaging systems usually have multiple devices, and often desire to send and receive encrypted messages on some or all of their devices. Using encryption on multiple devices often results in situations where messages cannot be decrypted on the device used to read the message due to a missing private key. This document specifies a protocol for secure peer-to-peer synchronization of private keys across devices belonging to the same user (pEp Key Synchronization Protocol). The pretty Easy privacy (pEp) protocols describe a set of conventions for the automation of operations traditionally seen as barriers to the use and deployment of secure end-to-end interpersonal messaging. These include, but are not limited to, key management, key discovery, and private key handling. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Medup] Protocol for peer-to-peer synchronization… Hernâni Marques (p≡p foundation)
- Re: [Medup] Protocol for peer-to-peer synchroniza… Bernd Paysan