Re: [openpgp] Keyserverless Use of OpenPGP in Email
Paul Wouters <paul@nohats.ca> Tue, 12 April 2016 13:15 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7964212EDDF for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 06:15:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, RP_MATCHES_RCVD=-0.996] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DCZ6mzUcfyWU for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 06:15:52 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B77E712ED8A for <openpgp@ietf.org>; Tue, 12 Apr 2016 06:15:51 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3qknVt183Hz390; Tue, 12 Apr 2016 15:15:50 +0200 (CEST)
X-OPENPGPKEY: Message passed unmodified
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 3NyYjY1YGmEI; Tue, 12 Apr 2016 15:15:48 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 12 Apr 2016 15:15:48 +0200 (CEST)
Received: from [10.210.2.31] (unknown [186.141.130.133]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id A99CB614B000; Tue, 12 Apr 2016 09:15:46 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 bofh.nohats.ca A99CB614B000
References: <20160412121549.GB16775@littlepip.fritz.box>
In-Reply-To: <20160412121549.GB16775@littlepip.fritz.box>
Mime-Version: 1.0 (1.0)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"
Message-Id: <29B66C8D-BAD3-42C6-A8E7-8D243FF45A02@nohats.ca>
X-Mailer: iPhone Mail (13E238)
From: Paul Wouters <paul@nohats.ca>
Date: Tue, 12 Apr 2016 10:15:36 -0300
To: Vincent Breitmoser <look@my.amazin.horse>
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/AysttjyTWYCJX8GluLnNWyXwi1Y>
Cc: IETF OpenPGP <openpgp@ietf.org>, openpgp-email <openpgp-email@enigmail.net>
Subject: Re: [openpgp] Keyserverless Use of OpenPGP in Email
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2016 13:15:53 -0000
Have you looked at the openpgpkey DNS record which is going to be an RFC very soon? https://tools.ietf.org/html/draft-ietf-dane-openpgpkey-07 Paul Sent from my iPhone > On Apr 12, 2016, at 09:15, Vincent Breitmoser <look@my.amazin.horse> wrote: > > Hi, > > (crossposting to openpgp-email and openpgp-wg, the lists where I expect > the highest rates of interested people) > > I'd like to discuss a thought that has come up in my work on k9 mail: > Using OpenPGP in E-Mail without relying on keyservers. As a motivation, > just consider someone spins up their botnet to add 1000 or more keys per > second to the pool - aaaaand it's gone. Other aspects are that a > keyserver lookup requires network connectivity, introduces noticable > delay, and has privacy implications which prevent us from doing the > lookup in an automated fashion. > > First, some basic considerations: To obtain the public key of a > communication partner, we obviously have to rely on said communication > partner to make their key available to us one way or another. The only > deployed lookup mechanism are keyservers, but we said we don't have > that. The alternative is sending the key in-band with the particular > communication protocol: No problem for synchronous communication such as > XMPP because we can simply request them, more difficult for e-mail where > that option is not available. > > If we don't have bandwidth constraints, we can solve this by sticking > the public key block right next to every signature we make, which > effectively eliminates the need for keyservers (with the possible > exception of the distribution of revocation certs). However, it also > adds ~10kb of size to every signature. This is a rather extreme > approach, and although 10kb are not a lot these days, they add up. > > To counteract this, we can significantly reduce the number of attached > public keys if we are just a little bit clever about the decision of > when to add it. Roughly, it makes sense to attach the public key to the > first message of a conversation with each recipient. > > Another question is, where to place the key. In email, we have two > options: in a separate mime part, or directly next to the pgp signature > data. I favor the second option, for two reasons: > - the email client has to know a lot less about openpgp for this to > work, the public key is naturally handed to the openpgp-implementation > together with the signature data. > - there isn't yet another weird attachment for recipients who don't have > openpgp support > - the intended purpose of the key is clear, because there are no other > circumstances where a key might end up in this position. > > The drawback with this approach is implementation support. If an > implementation doesn't expect a public key next to the signature data, > it's just bloat (or even worse, produces a warning about trailing data. > I did some tests and this is the case in mutt, but not enigmail), and > does not even show an option for the user to manually import the key. > > I think that this approach might be a way to overcome the need for a > click from the user (whether it's "Retrieve from Keyserver" or "Import > from Attachment") to be able to import and work with a public key. It's > unacceptable to import a key from keyservers automatically for various > reasons, but I think an opt-out behavior of importing keys retrieved as > part of a message is fine, if that key also signed the message. > > I'll leave it at this for now. I'd be delighted about comments and > thoughts, in particular from those of you who are involved in the > decision making of other implementations. > > - V > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- [openpgp] Keyserverless Use of OpenPGP in Email Vincent Breitmoser
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Paul Wouters
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Simon Josefsson
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Neal H. Walfield
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Ruben Pollan
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Derek Atkins
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Neal H. Walfield
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Werner Koch
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Werner Koch
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Ruben Pollan