[openpgp] Web Key Directory (WKD) draft home on gitlab

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 09 November 2019 20:56 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 1BA2912008D for <openpgp@ietfa.amsl.com>; Sat, 9 Nov 2019 12:56:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=fc5eSZRa; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=ZLYMerC8
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 2c4V64CHV5Wv for <openpgp@ietfa.amsl.com>; Sat, 9 Nov 2019 12:56:36 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57BA3120048 for <openpgp@ietf.org>; Sat, 9 Nov 2019 12:56:36 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1573332995; h=from : to : cc : subject : date : message-id : mime-version : content-type : from; bh=pac3p+37dQakGmsPTVO1rET5wBUZ/luR0Hn4lpqlcNs=; b=fc5eSZRaqMZJMsEa4ZWSMVllHax/k8dzKlDxgu9jzCLjfx8ldgYKPZ6k ag2cGtxAj2ki3xf4cyxzMGL4/a02Bg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1573332995; h=from : to : cc : subject : date : message-id : mime-version : content-type : from; bh=pac3p+37dQakGmsPTVO1rET5wBUZ/luR0Hn4lpqlcNs=; b=ZLYMerC8ZVi7crDFV3a+P8a4U0KeXqUOCu6NI4GIoCw0y5G3/LeTPeT9 4nD9TStK1wcUScv0uK74oT35GUNjYqDy6hBkSmMeak0atgqoD1D+Vkk31E zhlOMM6i0dDFspvCZAvczsCfl2aqD/0olIJDVyfcvI7LG1wZ91evJ1/J+3 7sDI73yQSL/lKIM7H2MKqAYZ28f0+bDr0ri2J0x0atk3eEsfpSUcV5AfO2 m/vKSJbEyVBf6hbXNcidkh8apyplqPYYlU0jbAHMKjJRF6ZkcbTTpi+/1n 2pkXDiuGYToiI2C5uozGQ+yoKMPjgXciki09933N64z50YpMy3vcBg==
Received: from fifthhorseman.net (unknown [IPv6:2001:470:1f07:60d:54c4:58ff:fe31:1452]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 86974F9A6; Sat, 9 Nov 2019 15:56:34 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 6881C203ED; Sat, 9 Nov 2019 15:56:25 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
Cc: Werner Koch <wk@g10code.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Sat, 09 Nov 2019 15:56:24 -0500
Message-ID: <87o8xklqfb.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/jTsVva5JY3PaSRCMQm12FpHIFQM>
Subject: [openpgp] Web Key Directory (WKD) draft home on gitlab
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Nov 2019 20:56:39 -0000

Hi OpenPGP folks--

One of the key takeaways for me from the OpenPGP E-mail Summit that
happened in Berlin last month [0] was that Werner Koch's Web Key
Directory (WKD) [1] is clearly a desirable and useful standard for the
community of developers who work on OpenPGP-enabled e-mail clients.

 [0] https://wiki.gnupg.org/OpenPGPEmailSummit201910
 [1] https://datatracker.ietf.org/doc/draft-koch-openpgp-webkey-service/

WKD was discussed in a dedicated session [1], but it was also threaded
throughout the discussions over the days of the summit.

 [2] https://wiki.gnupg.org/OpenPGPEmailSummit201910Notes#Workshop:_WKD

It was apparent from the lively conversation that WKD is considered part
of the critical infrastructure for OpenPGP e-mail clients these days,
and that there are subtle nuances to it that people actively wanted to

After talking with Werner about it, i've set up a location where we can
keep track of outstanding issues with WKD on gitlab:

 [3] https://gitlab.com/openpgp-wg/webkey-directory

I hope that folks who have ideas, suggestions, or questions about WKD
will use the issue tracker there to help make sure their concerns are
addressed in future revisions of the draft.  I've opened three issues as
a start, covering themes I heard voiced at the summit:

 * Focus on WKD retrieval by splitting out the WKD Update Protocol to a
   separate draft
 * Size-based metadata leakage: padding concerns
 * Nuances about fallback from "advanced" to "direct" URLs

Hopefully others who have been using WKD will record their own concerns
on the issue tracker as well as bringing them up on the list here.

One helpful job would be for anyone who was at the WKD session at the
summit to go over the notes in [2] and transfer any relevant concerns to
issues in the gitlab issue tracker.

A note about the git repository hosted at gitlab:

While the WKD draft has been developed by Werner in his gnupg-doc repo
at https://dev.gnupg.org/source/gnupg-doc.git, that repository contains
lots of things that are not WKD-specific.

I used "git filter-branch" on the gnupg-doc repo to pull out just the
commits relating to the wkd draft, and what's on gitlab is the result of
that extraction.  I did this because i thought it would be simpler for
other people to engage with the draft if they don't have to worry about
the rest of gnupg-doc.  But if Werner doesn't want to switch to that
repository, I am fine with taking it down and pointing people to the
gnupg-doc repo instead.  Werner, please let me know if you want me to do