Re: [openpgp] OpenPGP Web Key Directory I-D

[Bjarni Runar Einarsson <bre@pagekite.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello all!

Werner Koch <wk@gnupg.org> wrote:
> 
> > Given that SRV records can't be accessed by Javascript implementations,
> > I don't think we can point to that as a solution
> 
> It is a pity that solid network techniques need to be dropped
> in favor of large but uncooperative browser vendors. Adding an
> interface for SRV records would be really easy and helps to
> support flexible network administration. Note that I don't
> wan't them to use SRV records for generic http requests but
> extensions should be able to use it instead of resorting to
> external DNS lookup providers.

On behalf of Mailpile, I'd just like to speak up and say I am
very glad to hear we are moving away from SRV records.

Mailpile tries very hard to protect the privacy of its users;
when fetching things from the public Internet (usually the web),
the easiest way to do that is to route the requests over Tor.

This is very easy for HTTPS - so looking up keys at predictable,
stable HTTPS URLs (exactly what the format of the URL is, doesn't
matter much) is something we are very comfortable and happy to
do. This means WKD (w/o SRV records) is currently our preferred
mechanism for discovering keys that we haven't already received
over AutoCrypt or imported by hand.

If I were to implement support for SRV records, that would mean I
can no longer rely on Tor to do that for us, but need to start
thinking about DNS-over-HTTPS or other emerging standards (or,
hacks ;-) in order to maintain the same security/privacy
guarantees. It's just more complicated to do in a
privacy-preserving fashion, which means in any resource-starved
project (aren't we all?) it might not happen at all.

I'm very happy not to have to deal with that.

> First try
> 
>      https://openpgpkey.example.org/.well-known/openpgpkey/...
> 
> if that host can't be resolved (or accessed?), fallback to
> 
>      https://example.org/.well-known/openpgpkey/...
> 
> be a practical replacement for SRV records here?

This works well for Mailpile.

I might be tempted to suggest trying the bare domain first, and
openpgpkey.example.org as a fallback, simply because from a
privacy point of view that leaks less information about what the
client is doing.

But I understand this would probably waste more bytes/CPU cycles
and it requires more complicated logic to determine when to fall
back, and when to treat the server's 404 as final. So it may not
be worth it.

I am also quite happy with the ?l=... solution to expose the
original e-mail address to servers who want to be smarter than
can be accommodated with a fixed hash in the filesystem.

In general, I applaud the fact that this appears to be converging
on something that is dead-simple to implement both on the client
and the server, even if the "fixed subdomain" is a hack from a
protocol-purity point of view. It's pragmatic and it works, which
is (IMO) exactly what we need in this space.

All the best,
 - Bjarni

- -- 
PageKite.net lets your personal computer be part of the web

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEETBSz4pzXkOHlSFMhjgA3FgDPlJEFAlvpq0MACgkQjgA3FgDP
lJG/mgf9EuYwdEvRJc+wfRA5CflRy99oFeaHJHTSMlvOy8mOwvXRrq6u7Qtr+pt7
nu0EYFPxO7/NiLctVJmSkJXNqjagzCuZpOeozbN2/C1q2y9wk5kcN6DjW+2ncQxr
2Ut0x9fZVjQdUbJvZTE2PF8ORGXrsRpaxqBgYgfurV1UhGopwCy3DsKIFRvNFis3
pRoMadTMsWny8ELkc4+dHTuzkz9NGdUd/cGWHIva2OkAUJwMRXl96myjRZx8Q+G/
mAdXL5MkZiq07zTaZZgkKYkHRaNjfzzrYeRsyfG6Nc3Bum8gxKw/w5qGrx2esxeY
f90ip0D+EJaJcS5JMFFGdkaCOcJCvA==
=JoN2
-----END PGP SIGNATURE-----