Re: [openpgp] Transport public keys inside the message body

[Steffen Nurpmeso <steffen@sdaoden.eu>]

Simon Josefsson wrote in
 <871q9e40lg.fsf@kaka.sjd.se>:
 |Kai Engert <kaie@kuix.de> writes:
 |> I suggest to specify a way to transport public keys as part of the
 |> message body of a MIME message. I assume it would be necessary to
 |> amend the PGP/MIME specification to do so?
 |
 |I agree this is useful -- getting keys from people who send me signed
 |PGP email these days is challenging.  Including the public PGP key in
 |every e-mail is not that costly.
 |
 |I re-read RFC 3156 and one way to do this is "extend" it by allowing
 |putting a public key block before or after the '-----BEGIN PGP
 |MESSAGE-----' block, and say that MUAs can parse those blocks to find
 |keys.  Yes, that is a bit ugly, but overall complexity is lower than
 |having multipart MIME blobs with an extra application/pgp-keys
 |component, and solves the problem of locating which public key was (by
 |the sender) intended for use with the signature.
 |
 |Maybe the old OpenPGP: e-mail header with fingerprint and URL should be
 |revived...  https://josefsson.org/openpgp-header/ and
 |https://datatracker.ietf.org/doc/html/draft-josefsson-openpgp-mailnews-h\
 |eader

There are quite some people which use this, including myself.
(I "see them" in regular message view.)

It (i have the version from May 2008) should possibly be updated to
include OPENPGPKEY lookups, ... though would always bothered me
with those is that the DNS has to be changed to manage these keys.

I myself, and however, admire how DKIM solved this problem, they
pragamatically used TXT which exists for free and can be used
*now*.  I think datasize of these keys is most often so big that
a single UDP packet is not sufficient anyway, and then i became
a total DNSSEC fanatic (in standard terms), and then i think in
a not too distant future you even have to go to toiled over HTTPS.
So that is that.

It would maybe make sense to create a draft saying that the header
shall be included in DKIM signatures.

(I personally am not a fan of autocrypt.  Even though this really
is also used by people, i just recently saw touch@strayalpha.com,
just in case that makes someone prowd.  'Still not a fan, the
keys are often huge, and in the case a message is actually signed,
you include that thing twice.  That makes almost 11 KB (eleven
kilobyte!) only for public key data.
You know i myself can do something about it, but how many MUAs
could switch autocrypt on/off dependent on the message.  You need
to know it is the same key, for example.  Cheap and easy that is.

Regarding that i mysef am still thinking that if i really want
encrypted communication, a short back and forth ping "can we have
encrypted communication" via a PGP (or S/MIME here yet, mostly)
signed message is very easy to do.  And then many people always
sign their message anyway.)

Thank you.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)