[openpgp] Re: Certificate discovery over HKP
Andrew Gallagher <andrewg@andrewg.com> Wed, 09 April 2025 09:57 UTC
Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 5DFA51974E05 for <openpgp@mail2.ietf.org>; Wed, 9 Apr 2025 02:57:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pJRtupuBKjRd for <openpgp@mail2.ietf.org>; Wed, 9 Apr 2025 02:57:01 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id D43001974DFB for <openpgp@ietf.org>; Wed, 9 Apr 2025 02:57:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1744192621; bh=C44ed7ejELznDWpf2Uk+I3Ao52mKug/ihQIGABqDNKo=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=no+cGY7ombqlpPi5P0ikeM5iavNRcvgDUYWx/pTBXzCzimi+hekZZlVdKYV7uO+J0 hVmYhlpEDrbAek6y++F1d4VHkiahBsXjMn8kB3n86EVL5MVmpPjR4Tuuv8wQjvga/K hcXUh1ibPRYjvnqlrmJe3H9zXqRiYS6v6w7D7rpeDmebGaolfY5exOscySgS+6p8XA mu5sa9ynZE9lLHOvho0PbgJb5qbddtteiPOQNlzEkuEx9tN9srT8FfFHi/vNJnhAcG RT9TXbYhuwAKpo/uabqF9xampiS7yY+X0Leb8mWfCRzjHeIUoyBlO0PPWwWTdgKetS pCI94IeyUCQzw==
Received: from smtpclient.apple (serenity [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id BCBB35EE00; Wed, 9 Apr 2025 09:57:00 +0000 (UTC)
From: Andrew Gallagher <andrewg@andrewg.com>
Message-Id: <B955FA52-7286-4BDF-9E67-34A29CE5BC2B@andrewg.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_F2A91D50-D9A8-430C-8C55-C7B390B2AA21"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.9\))
Date: Wed, 09 Apr 2025 10:56:44 +0100
In-Reply-To: <ywsjaFv5IFyH29E5KNpWJkz3HN2HJG6-YpLDB7kdCrmq7SpjM5m0ufn-bkD6p05nwYMYtw-eiNEO8wdcNqnLI9Xp2CgHlWq7g3D0zvCtNY0=@protonmail.com>
To: Daniel Huigens <d.huigens@protonmail.com>
References: <-0Idgc9O4unvMWFMaXJXFqwK7IJCVXnK2ElLGWK8XjHd3juaDt-bShTiuu0V8KCDR_Uubqjr33I4F-A8xp9KpZkoJcORRXSHII9NXNaU64s=@protonmail.com> <64E8EDAE-CCD3-483C-BB7D-B08499253752@andrewg.com> <ywsjaFv5IFyH29E5KNpWJkz3HN2HJG6-YpLDB7kdCrmq7SpjM5m0ufn-bkD6p05nwYMYtw-eiNEO8wdcNqnLI9Xp2CgHlWq7g3D0zvCtNY0=@protonmail.com>
X-Mailer: Apple Mail (2.3731.700.6.1.9)
Message-ID-Hash: RAGYHEWHT2UAZSQG5LJ7FUCPYUL4CXOP
X-Message-ID-Hash: RAGYHEWHT2UAZSQG5LJ7FUCPYUL4CXOP
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF OpenPGP WG <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: Certificate discovery over HKP
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/NsRhRYVWyCiLwhjaySvpCIV_ofM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
On 9 Apr 2025, at 10:40, Daniel Huigens <d.huigens@protonmail.com> wrote: > > So the only difference here is that the attack is silent also for the > sender, in the sense that they will still see that the message will be > encrypted, if they trust the keyserver. Perhaps that's still significant > in the sense that they might be more willing to send sensitive data in > an encrypted email (but then again, you could argue that in that case > they should verify the key first). Agreed, but we’ve spent enough time telling people to look for lock icons that a significant number of them will behave differently when the lock icon appears - in which case we’re giving them a false sense of security. Sure, they *should* verify out of band, but how many will in practice? And I do appreciate that the same argument applies to DANE etc. over DNS-non-SEC. But it's a regression when compared to WKD over TLS. A
- [openpgp] Certificate discovery over HKP Andrew Gallagher
- [openpgp] Re: Certificate discovery over HKP Daniel Huigens
- [openpgp] Re: Certificate discovery over HKP Andrew Gallagher
- [openpgp] Re: Certificate discovery over HKP Vincent Breitmoser
- [openpgp] Re: Certificate discovery over HKP Daniel Huigens
- [openpgp] Re: Certificate discovery over HKP Andrew Gallagher
- [openpgp] Re: Certificate discovery over HKP Vincent Breitmoser
- [openpgp] Re: Certificate discovery over HKP Bart Butler
- [openpgp] Re: Certificate discovery over HKP Andrew Gallagher
- [openpgp] Re: Certificate discovery over HKP Andrew Gallagher