Re: [openpgp] Web Key Directory I-D -07

Werner Koch <wk@gnupg.org> Wed, 14 November 2018 10:10 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D4CA124408 for <openpgp@ietfa.amsl.com>; Wed, 14 Nov 2018 02:10:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level:
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3VW4O3n2WqKY for <openpgp@ietfa.amsl.com>; Wed, 14 Nov 2018 02:10:15 -0800 (PST)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E71B12D4E6 for <openpgp@ietf.org>; Wed, 14 Nov 2018 02:10:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=AWVtcGY4TiCwfx1K0mktJTwv5B0LzdoVlt/aMzNFSoI=; b=fYHSp1DyTF4+kR5WFFWrRQY4iT xohhsqix8jHklBDmcykxxyuAzRjj2ecwgk5dX2FMss5hs4npwbsvwkM1EfJAIc4dL7uT95cYXnDHk DwvzuTYx9EKRvETCCJiHNjWJzC9XDSUtIuAgF1dh9Dzvip3xhF1gZjamO2CP0XfgYTkY=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1gMs7d-00007C-5J for <openpgp@ietf.org>; Wed, 14 Nov 2018 11:10:09 +0100
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1gMs76-0004qz-EO; Wed, 14 Nov 2018 11:09:36 +0100
From: Werner Koch <wk@gnupg.org>
To: Bart Butler <bartbutler@protonmail.com>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>
References: <878t1xoz37.fsf@wheatstone.g10code.de> <9J2v287mmh9FWFLrXjxZGnVjA8HNCHpPc2wyEDDqhGeKAhE7grR6JKFMRoHJfKSq9qcjDGRNfoJ5sEODERtP0Q==@protonmail.com> <875zx0n0j9.fsf@wheatstone.g10code.de> <lVvFGxVUkBNCpL2ek6IOg0IR5V0Y94sscgd72rcoZ_obkE-9WZ6L-wz9BXlxclZ8dXoc9dCMLndA8-LVMG5vcA==@protonmail.com>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Bart Butler <bartbutler@protonmail.com>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Wed, 14 Nov 2018 11:09:30 +0100
In-Reply-To: <lVvFGxVUkBNCpL2ek6IOg0IR5V0Y94sscgd72rcoZ_obkE-9WZ6L-wz9BXlxclZ8dXoc9dCMLndA8-LVMG5vcA==@protonmail.com> (Bart Butler's message of "Tue, 13 Nov 2018 21:37:33 +0000")
Message-ID: <87sh04km1x.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=satellite_imagery_pre-emptive_spies_argus_ASDIC_arrangements_beanpol"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/z0vES8mFdAlFyHh8Ok0u6GGLNn8>
Subject: Re: [openpgp] Web Key Directory I-D -07
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2018 10:10:18 -0000

On Tue, 13 Nov 2018 22:37, bartbutler=40protonmail.com@dmarc.ietf.org
said:

> "The key MUST carry a User ID packet ([RFC4880]) containing the email address to which mail sent to the queried email address will be routed."

You are talking about how mail is routed, the spec is about discovering
the one and only key to be used for a given mail address.  And by key I
mean the OpenPGP keyblock, that is the public key plus one user ID (or
several if they have the same addrspec part).

A mail address is here considered as an identifier for an entity and not
as an addressing scheme for mails.  An entity may have several
identifiers like Werner.Koch@foo, Werner_Koch@foo, wernerkoch@foo,
wk@foo, koch@foo.  That is a pretty normal but there is no way a sender
can decide whether they are all the same; for example the last two of
the list could also identify my brother.

A sender gets hold of one mail address and that must have been relayed
(direct or indirectly) to them by the owner of that mail address.  The
recipient needs to take care that a key exists for that very mail
address.

Sub-addresses are different and we can find a way to handle this common
case. 


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.