Re: [openpgp] OpenPGP Web Key Directory I-D

Werner Koch <wk@gnupg.org> Thu, 08 November 2018 12:05 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B4E9130E6A for <openpgp@ietfa.amsl.com>; Thu, 8 Nov 2018 04:05:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level:
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aeA0IvAKgsxc for <openpgp@ietfa.amsl.com>; Thu, 8 Nov 2018 04:05:11 -0800 (PST)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D75B130E46 for <openpgp@ietf.org>; Thu, 8 Nov 2018 04:05:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=C1KU56KzMnIHgcbGhrvPhIh4KdkkYWMPvbXqDAbrUMY=; b=VMIJuerEv5S/1KrA0ydJ6yqWYk Lc+jlBqMTt5webptbZt+rqcg9fkM6vY2sjyB2B7MdM0XHunIPYaWe/Xi/V7Q9SrQRK+fRe3Ut1z/e 2OVbo8HZMBneUx1T1g7XPkC4Ro2Yj/nWjF46EeMhuBJ/JTrTyp8a/7ESE2bMMQwOgJC8=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1gKj3d-0002Qv-0S for <openpgp@ietf.org>; Thu, 08 Nov 2018 13:05:09 +0100
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1gKizA-0005Fo-6m; Thu, 08 Nov 2018 13:00:32 +0100
From: Werner Koch <wk@gnupg.org>
To: Paul Fawkesley <paul@fluidkeys.com>
Cc: openpgp@ietf.org
References: <23523.16831.292658.490356@chiark.greenend.org.uk> <874lcsyr3p.fsf@wheatstone.g10code.de> <2bc2bffb-86f5-1457-c19c-bf8a541b8e92@fluidkeys.com>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Paul Fawkesley <paul@fluidkeys.com>, openpgp@ietf.org
Date: Thu, 08 Nov 2018 13:00:31 +0100
In-Reply-To: <2bc2bffb-86f5-1457-c19c-bf8a541b8e92@fluidkeys.com> (Paul Fawkesley's message of "Thu, 8 Nov 2018 11:08:23 +0000")
Message-ID: <87ftwbye1s.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Fortezza_mindwar_MIT-LL_United_Nations_UNSCOM_Security_Council=Venez"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SH1dzlERTgJsaCoKvxQGsnckq-w>
Subject: Re: [openpgp] OpenPGP Web Key Directory I-D
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2018 12:05:14 -0000

On Thu,  8 Nov 2018 12:08, paul@fluidkeys.com said:

> The requirement for the client to filter the return key for matching
> user IDs is a fairly big blocker for us.

We can't request a certain address and then work with any address
returned from the server.  I am pretty sure that there will be server's
which store the entire key and not used the key stripped off all other
user-ids.  Thus the filtering on the client site is important.

> We (and previous large organisations I've worked in) use + aliases
> feature extensively to distinguish different services, for example:

Yes, I know.  We discussed this withe protonmail folks.  One idea was to
ask the server for the rules it uses to canonicalize the address.  That
will be quite complex and needs additional roundtrips.  So the other
idea is to simply go with the '+' separator and have a special case for
it.  Implementation wise it this requires changes at several palce to
have a consistent user experience.

> To stay compatible, keep supporting static files *and* resolve the case
> and aliasing issues, I'd support:
>
> 1. keep supporting sha1-z-base-32 identifier

Already doing that.

> 2. additionally start supporting z-base-32 identifier with no SHA1
>
>    2.a maybe put them at different path
>    2.b don't lowercase anything before searching for these

GnuPG 2.2.11  does this as descipned in my last mail.
For example the URI to lookup the key for Joe.Doe@Example.ORG is now

     https://example.org/.well-known/openpgpkey/
     hu/iy9q119eutrkn8s1mk4r39qejnbu3n5q?l=Joe.Doe@example.org

No hashing is required, the case is not changed; the parameters undergo
the usual percent-quoting.

>    2.c in the client, don't filter on the user id for these

That is the harder part.  The matching in gpg is anyway case-insensitive
and I would like to implement '+' style sub-addresses; that is ignoring
everything from '+' to '@'.

> Given that SRV records can't be accessed by Javascript implementations,
> I don't think we can point to that as a solution

It is a pity that solid network techniques need to be dropped in favor
of large but uncooperative browser vendors.  Adding an interface for SRV
records would be really easy and helps to support flexible network
administration.  Note that I don't wan't them to use SRV records for
generic http requests but extensions should be able to use it instead of
resorting to external DNS lookup providers.  [Arggh, it is the whole
everything must be http thing - I bet we will sooner or later see a new
IP protocol number for HTTP-ng].

>> This is an open question but for a different reason: Current web
>> browsers have no way to lookup SRV records.
>
> I'd support this.
>
> I'd also support dropping the whole SRV records part to simplify the spec.

I recently looked into a protocol *forgot which one) which didn't used
SRV but a domain name prefix.  So, do you think that a strategy of:

First try

     https://openpgpkey.example.org/.well-known/openpgpkey/...

if that host can't be resolved (or accessed?), fallback to

     https://example.org/.well-known/openpgpkey/...

be a practical replacement for SRV records here?


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.