Re: [openpgp] key distribution by email strategy
Heiko Schaefer <heiko.schaefer@posteo.de> Fri, 11 December 2020 12:22 UTC
Return-Path: <heiko.schaefer@posteo.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69BC73A0B0C for <openpgp@ietfa.amsl.com>; Fri, 11 Dec 2020 04:22:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=posteo.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XZRD7CeUNy8M for <openpgp@ietfa.amsl.com>; Fri, 11 Dec 2020 04:22:21 -0800 (PST)
Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CA9E3A0AF8 for <openpgp@ietf.org>; Fri, 11 Dec 2020 04:22:20 -0800 (PST)
Received: from submission (posteo.de [89.146.220.130]) by mout02.posteo.de (Postfix) with ESMTPS id 416FC2400FC for <openpgp@ietf.org>; Fri, 11 Dec 2020 13:22:14 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017; t=1607689337; bh=MJHC869qVW0N5wPY+Ode0+6Qu66njrRwwzCejrD5kjY=; h=To:From:Subject:Date:From; b=QwOmTEH8WWHnpXVHHo6wejcIiRFbsStbD8EQ0CVKjA0QBs+PmoBqVHapU85bFByOZ P4Ucc8nYlwAg3pSNbMJH92G3vcP2a/RYyx8USxba6dN58YRpfgdW5S7+M0337ZAwLj yXpMj3d1dmla2jDNC/xIf+J03ksEpYOda60O2KNP3H3JCVSdWbiYkajJuOQrTyIeV4 LTIhhFp8C6jfimul/sOVqqvdBabHDBlzTXseLrpl7Wxeyu1TiP21RCQtyhspIrBghv bdTqlOScF+6Z9XG9ASXxGRtDwKbVZSLc3gxPK1131Y1FmpMikRCqcd5y5bFpozxoTV X/x4x5IDOMcDQ==
Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4CsqfZ3mSvz6tmD for <openpgp@ietf.org>; Fri, 11 Dec 2020 13:22:13 +0100 (CET)
To: openpgp@ietf.org
References: <48be3fcf-cdce-9ef4-655b-63b6dddf9310@kuix.de> <322cc545-4358-ba95-65d5-3f75b7050c0b@kuix.de>
From: Heiko Schaefer <heiko.schaefer@posteo.de>
Message-ID: <47bcbed4-3832-6ee0-4a39-127af7e455b3@posteo.de>
Date: Fri, 11 Dec 2020 13:22:12 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1
MIME-Version: 1.0
In-Reply-To: <322cc545-4358-ba95-65d5-3f75b7050c0b@kuix.de>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/1zQMUEwOMlM-0casoR2fBnUQ0gw>
Subject: Re: [openpgp] key distribution by email strategy
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 12:22:23 -0000
Hello Kai On 12/11/20 12:21 PM, Kai Engert wrote: [..] > (3) Develop a reasonable strategy for treating complex keys, > which contain multiple user IDs, or multiple sub keys, or both. [..] I would like to add a strong vote for not casually inventing yet another mechanism for distributing OpenPGP key material. The autocrypt standard is established, and quiet a few projects support it (https://autocrypt.org/dev-status.html). One of the stated objectives of autocrypt is "Use decentralized, in-band key discovery" (https://autocrypt.org/background.html). This seems to be exactly what this discussion is about. For example, the point you raise above is specifically covered in the standard here: https://autocrypt.org/level1.html#openpgp-based-key-data If the autocrypt standard does not satisfy requirements that thunderbird has, relating to key discovery, it would seem best to me that the wider OpenPGP community work on enhancing the standard. Thank you, regards, Heiko
- [openpgp] Combining signature with signer's publi… Kai Engert
- Re: [openpgp] Combining signature with signer's p… vedaal
- Re: [openpgp] Combining signature with signer's p… brian m. carlson
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Werner Koch
- Re: [openpgp] Combining signature with signer's p… holger krekel
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Hanno Böck
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- [openpgp] Put Signature in an Email's Header Neal H. Walfield
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] key distribution by email strategy Heiko Schaefer
- Re: [openpgp] key distribution by email strategy Vincent Breitmoser
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] Put Signature in an Email's Header Benjamin Kaduk
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] key distribution by email strategy Andrew Gallagher
- Re: [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy John Scott
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] Put Signature in an Email's Header Bart Butler