[openpgp] Encrypted emails with cleartext copies [was: Re: use of .well-known in WKD and HKP]

Daniel Huigens <d.huigens@protonmail.com> Thu, 02 November 2023 11:10 UTC

Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 0AE6FC151717 for <openpgp@ietfa.amsl.com>; Thu, 2 Nov 2023 04:10:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id eWsK5Weh7gLx for <openpgp@ietfa.amsl.com>; Thu, 2 Nov 2023 04:10:41 -0700 (PDT)
Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BC26C1519A3 for <openpgp@ietf.org>; Thu, 2 Nov 2023 04:10:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1698923439; x=1699182639; bh=RWCZTRpoeZp6jS5jO+BhxZtZ/iJ5oILV6xuD0gspsHo=; h=Date:To:From:Cc:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=MKS75MTAn+4y1HpUMWNSNrXhjEFPjRm/H10+jDX7oE+XWX7hxAYqUuefaP8ZWkJXt TCDEFDY/zaLBA4o5mT4LY5XmB9frrVv0JeE45bGj9HxTCBaATxOiaceUN2JmRs3K/f 1J3Z7urqY2aQ8ZdS6mtMnELIOfD+bkZfOFl+hJMZHqxIPD0KSnHFktJvNwgY+VuM0p ax8SG9BbY/hA4cvJICtdrlrawP2Nkg5Gs3qSue5NmOgjizbKAMM1/5XhEP1JR6C5oN 0ZnoV064sVr57C8al+/QHI8EYFGq9BjQBpQX66Ep83m6Q4PYXHavuY25tbsexUXHqO J9kAgaIicTItw==
Date: Thu, 02 Nov 2023 11:10:25 +0000
To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Cc: Bart Butler <bart=2Bietf=40pm.me@dmarc.ietf.org>, openpgp@ietf.org
Message-ID: <emlSwBkDqOoXDPHDUKfqZImc8fIYRH0ZJhmMJJYmCtATIm0JDG19aqeqpPVv4fRh5olOsf2lU8qxNJOzU7iYreju2RgbXChVf0uuhr2HnPQ=@protonmail.com>
Feedback-ID: 2934448:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/nHG4kF_zLRw6sqpHF1m_XJ1mu1A>
Subject: [openpgp] Encrypted emails with cleartext copies [was: Re: use of .well-known in WKD and HKP]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Nov 2023 11:10:46 -0000

Hi Wiktor & all,

> I personally found out that ProtonMail sends me encrypted mails even if
> the copy goes in plaintext to the mailing list which, I think, is
> suboptimal

Just to note, dkg also raised this topic with us, and even wrote a draft
about it [1]; on which there was some discussion here: [2].

In brief, I agree with you in the case of public mailing lists, that
it doesn't make much sense to send an encrypted copy to someone else.
However, in the general case, it might make sense to encrypt some
copies even if we don't have keys for other recipients; for example,
if the other recipients self-host their email (and trust the server),
while the recipient for whom we have a key doesn't, it still improves
security to encrypt their copy.

Also note that Proton Mail doesn't have a button to say "I want to
(not) encrypt this email"; we'd like to encrypt messages by default,
as much as possible.

[We do have a button that says "(don't) encrypt messages to this
*contact*", nowadays, partially to address the issue with WKD keys
that weren't meant to be used for automatic encryption, for one reason
or another. But turning this off for all recipients of a mailing list
message, and then on again, is a bit cumbersome.]

Though, perhaps we could think about trying to detect the scenario of
public mailing lists, or allow users to mark a contact as being that,
perhaps, to handle this specific scenario better.

Writing this email, I also note that your message came from
wiktor=40metacode.biz@dmarc.ietf.org, and so when responding to that,
Proton Mail also doesn't find any key, obviously. If all public mailing
lists did that for all senders (regardless of whether they have DMARC
enabled or not), it would also reduce this issue.


[1]: https://datatracker.ietf.org/doc/draft-dkg-mail-cleartext-copy/
[2]: https://gitlab.com/dkg/cleartext-copy/-/issues/1