Re: [openpgp] [openpgp-email] Keyserverless Use of OpenPGP in Email
Vincent Breitmoser <look@my.amazin.horse> Wed, 13 April 2016 17:19 UTC
Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0466512B029 for <openpgp@ietfa.amsl.com>; Wed, 13 Apr 2016 10:19:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BnBMBcjwy-3i for <openpgp@ietfa.amsl.com>; Wed, 13 Apr 2016 10:19:26 -0700 (PDT)
Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A7F012D57F for <openpgp@ietf.org>; Wed, 13 Apr 2016 10:19:26 -0700 (PDT)
Received: from localhost (dhcp183-119.wlan.rz.tu-bs.de [134.169.183.119]) by mail.mugenguild.com (Postfix) with ESMTPSA id 959265FB6A; Wed, 13 Apr 2016 19:19:24 +0200 (CEST)
Date: Wed, 13 Apr 2016 19:19:22 +0200
From: Vincent Breitmoser <look@my.amazin.horse>
To: Ruben Pollan <meskio@sindominio.net>
Message-ID: <20160413171922.GB4283@littlepip.fritz.box>
References: <20160412121549.GB16775@littlepip.fritz.box> <20160412154918.1ca8da7c@latte.josefsson.org> <146047167027.5102.16171502176440717800@KingMob>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="oLBj+sq0vYjzfsbl"
Content-Disposition: inline
In-Reply-To: <146047167027.5102.16171502176440717800@KingMob>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/cf4NQKRVB8pO4ombTFQvIoPP2nc>
Cc: Simon Josefsson <simon@josefsson.org>, IETF OpenPGP <openpgp@ietf.org>, openpgp-email <openpgp-email@enigmail.net>
Subject: Re: [openpgp] [openpgp-email] Keyserverless Use of OpenPGP in Email
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Apr 2016 17:19:29 -0000
Ruben Pollan(meskio@sindominio.net)@Tue, Apr 12, 2016 at 04:34:30PM +0200: > In bitmask we do some of the things you propose Vincent. We attach public keys > to all sent emails until we get an email encrypted to this public key. We attach > the key as a mime part, because enigmail already have support for that and is > one click to import it in your keyring. That's nice for interoperability but is also, imo, simply one click too much. > We also add the OpenPGP header to all the sent emails and use it to discover > keys from the 'url' field if it's https and from the same domain than the email > address. I don't think the URI field can gain any reach as long as it has to rely on users manually uploading the key somewhere. If an email provider did provided this service and added the header, that might work... but then the DANE approach probably works better for that scenario. > We need to be able to revoke, extend expiration, rotate subkeys, ... Timed updates from keyservers aren't as affected by the the connectivity, delay, and privacy problem as on-the-fly lookup while reading mail. - V
- [openpgp] Keyserverless Use of OpenPGP in Email Vincent Breitmoser
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Paul Wouters
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Simon Josefsson
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Neal H. Walfield
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Ruben Pollan
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Derek Atkins
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Neal H. Walfield
- Re: [openpgp] Keyserverless Use of OpenPGP in Ema… Werner Koch
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Werner Koch
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Vincent Breitmoser
- Re: [openpgp] [openpgp-email] Keyserverless Use o… Ruben Pollan