Re: [openpgp] Put Signature in an Email's Header
Werner Koch <wk@gnupg.org> Tue, 08 August 2023 10:14 UTC
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9FB9C14F75F for <openpgp@ietfa.amsl.com>; Tue, 8 Aug 2023 03:14:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gc_Z9DuYZV97 for <openpgp@ietfa.amsl.com>; Tue, 8 Aug 2023 03:14:09 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E2E2C14CE47 for <openpgp@ietf.org>; Tue, 8 Aug 2023 03:14:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Vz3HGbZWfHgWlOLETbDkiniGka5FI/zUwl+kDdaeq3g=; b=LW4IiMpwUxlgy3W2q+YBDVGxMb vO4mpV9DrU5VhjE3mVpYqfyh6v/YSULQExKTlnf+FvN+WWy7wkeo0KnXDsAMG+dWeC7yKiA2BaCEm bdmHvTtdX2vB7AdLsZi4qaQu8NfuL9XSMGhjLeGC132Xk55kixo2P0nG5DCKnuW/TrIk=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1qTJjC-0000Kx-TQ for <openpgp@ietf.org>; Tue, 08 Aug 2023 12:14:14 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1qTJir-0003zL-2r; Tue, 08 Aug 2023 12:13:53 +0200
From: Werner Koch <wk@gnupg.org>
To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>
Cc: openpgp@ietf.org, Kai Engert <kaie@kuix.de>
References: <48be3fcf-cdce-9ef4-655b-63b6dddf9310@kuix.de> <20201211095836.5218a72e@computer> <cd02d2db-0671-dfc0-dab3-dc793a2c1605@metacode.biz> <878sa4y7hy.wl-neal@walfield.org> <4dbaf770-2b2e-47cc-afb5-3ba07706aafd@kuix.de> <87a5v1j4xo.fsf@wheatstone.g10code.de> <db447915-fc25-4759-879e-b64020c0ec0e@kuix.de> <87zg31hoee.fsf@wheatstone.g10code.de> <ba560bb0-0fa5-40a2-b70d-83f36859e17e@metacode.biz>
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Jabber-ID: wk@jabber.gnupg.org
Mail-Followup-To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>, openpgp@ietf.org, Kai Engert <kaie@kuix.de>
Date: Tue, 08 Aug 2023 12:13:47 +0200
In-Reply-To: <ba560bb0-0fa5-40a2-b70d-83f36859e17e@metacode.biz> (Wiktor Kwapisiewicz's message of "Tue, 8 Aug 2023 11:58:03 +0200")
Message-ID: <87v8dphmec.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Lon_Horiuchi_GEODSS_assassinate_crypto_anarchy_H&K_EDI_bootleg_ninja"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/KLyMvgZBJU4-TgR0zWm59Os6V9o>
Subject: Re: [openpgp] Put Signature in an Email's Header
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Aug 2023 10:14:14 -0000
On Tue, 8 Aug 2023 11:58, Wiktor Kwapisiewicz said: > Putting the signature in the header, alongside the Autocrypt header > for the key would mean e-mails would be simple and clean in all > clients, at the same time advertising the support of OpenPGP on the A signed mail with the signing key included (as done by CMS) is a straightforward way to bootstrap encrypted communication. It is mail standards compliant and does not break when for example forwarding mails. You are tackling problems which have long been solved. Sure, revocations are still a problem but that is not OpenPGP specific but a general problem of all store-and-forward systems dating back at least to medieval message conveying systems. Specific solution which will work more reliable _and_ decentralized than CRLs or OCSP are possible. However they are without the coolness factor needed to get deployed in the real world. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
- [openpgp] Combining signature with signer's publi… Kai Engert
- Re: [openpgp] Combining signature with signer's p… vedaal
- Re: [openpgp] Combining signature with signer's p… brian m. carlson
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Werner Koch
- Re: [openpgp] Combining signature with signer's p… holger krekel
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Hanno Böck
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Kai Engert
- Re: [openpgp] Combining signature with signer's p… Wiktor Kwapisiewicz
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- Re: [openpgp] Combining signature with signer's p… Neal H. Walfield
- [openpgp] Put Signature in an Email's Header Neal H. Walfield
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] key distribution by email strategy Heiko Schaefer
- Re: [openpgp] key distribution by email strategy Vincent Breitmoser
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] Put Signature in an Email's Header Benjamin Kaduk
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Wiktor Kwapisiewicz
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Kai Engert
- Re: [openpgp] Put Signature in an Email's Header Bart Butler
- Re: [openpgp] Put Signature in an Email's Header Andrew Gallagher
- [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Werner Koch
- Re: [openpgp] Put Signature in an Email's Header Daniel Kahn Gillmor
- Re: [openpgp] key distribution by email strategy Andrew Gallagher
- Re: [openpgp] key distribution by email strategy Kai Engert
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] key distribution by email strategy John Scott
- Re: [openpgp] key distribution by email strategy Steffen Nurpmeso
- Re: [openpgp] Put Signature in an Email's Header Bart Butler