Re: [openpgp] Combining signature with signer's public key
Kai Engert <kaie@kuix.de> Fri, 11 December 2020 09:43 UTC
Return-Path: <kaie@kuix.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0074F3A0844 for <openpgp@ietfa.amsl.com>; Fri, 11 Dec 2020 01:43:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kuix.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SqJKZNpSQ2fY for <openpgp@ietfa.amsl.com>; Fri, 11 Dec 2020 01:43:15 -0800 (PST)
Received: from cloud.kuix.de (cloud.kuix.de [93.90.207.85]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D63B03A083E for <openpgp@ietf.org>; Fri, 11 Dec 2020 01:43:14 -0800 (PST)
Received: from [10.137.0.17] (ip-95-223-75-128.hsi16.unitymediagroup.de [95.223.75.128]) by cloud.kuix.de (Postfix) with ESMTPSA id DD29418D050; Fri, 11 Dec 2020 09:43:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kuix.de; s=2018; t=1607679791; bh=7+o/aAnX2lIq5q2LPbkS4bmjCLqi0dVY72dK8bz4zAk=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=Q5SkH4rFQmfvgu+bcmdQLRAMTrajBF5639l4+EUAUqRG3rel99fHBGqZmCjM4TLiZ brguIQaVW4krRWefJ+kWgWwcVmOlQdE47nWNWUOnvLFaFs0asQyiLtqD1gv+Z6UJNT emlah6/O/XnpU9AJmG+GvONGDAuGtsLd1AXJj4pnuGbeTz5GV/E+Q34phDFMDZRWZN 3OGyZs8PYLYr7dlskNmqE+OfSbXfZ+C96ToF2TBOxO6xs2dbxxaZLj2NJ5/IqeHa7a Wj0gBQgr2uPyADWGC+ITCWZFI9owJmAFV5V4ZJbc6Z9r4QIWfuB5hom7bFxd6AGoSK Uwd+VO2EiO8zQ==
To: holger krekel <holger@merlinux.eu>
Cc: openpgp@ietf.org
References: <48be3fcf-cdce-9ef4-655b-63b6dddf9310@kuix.de> <20201211083114.GI184802@beta>
From: Kai Engert <kaie@kuix.de>
Message-ID: <91e4784a-3238-6c50-fa10-e09835fc6587@kuix.de>
Date: Fri, 11 Dec 2020 10:43:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.5.1
MIME-Version: 1.0
In-Reply-To: <20201211083114.GI184802@beta>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/HJYJlch5gkaWlr_6-aeDlFJWX1U>
Subject: Re: [openpgp] Combining signature with signer's public key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2020 09:43:17 -0000
On 11.12.20 09:31, holger krekel wrote: > the reason several e-mail app implementors decided for a header > in the discussions leading up to the Autocrypt spec in 2017 > was precisely to not confuse users with weird attachments. related FAQ: > https://autocrypt.org/faq.html#why-are-you-using-headers-rather-than-attached-keys > > What do you find problematic about it? It's been used in several mail > apps (including Thunderbird/Enigmail up until TB78 in August 2020) and > did not cause any UX issues or complaints. I'd kindly ask you to consider > not inventing another method now without strong reason. The amount of data that can be transported in an email header is limited. For the simple keys that can be generated inside Thunderbird (primary key, single subkey for encryption, single used ID), using the Autocrypt header could work. However: - we also allow users to use their complex keys with Thunderbird, which may contain multiple user IDs, and contain many certifications, causing the key to be very big The Autocrypt header seems like an incomplete key distribution mechanism for complex keys. - what Thunderbird sends in PGP/MIME's application/gpg-keys attachment isn't limited to the sender's public key. It will also include revocation statements, for revoked keys matching the sender's email address. Kai
- [openpgp] Combining signature with signer's publi… Kai Engert
- Re: [openpgp] Combining signature with signer's p… vedaal
- Re: [openpgp] Combining signature with signer's p… brian m. carlson
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Werner Koch
- Re: [openpgp] Combining signature with signer's p… holger krekel
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Hanno Böck
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- [openpgp] Put Signature in an Email's Header Neal H. Walfield
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] key distribution by email strategy Heiko Schaefer
- Re: [openpgp] key distribution by email strategy Vincent Breitmoser
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] Put Signature in an Email's Header Benjamin Kaduk
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] key distribution by email strategy Andrew Gallagher
- Re: [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy John Scott
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] Put Signature in an Email's Header Bart Butler