how does pka relate to openpgpkey

Werner Koch wk at gnupg.org
Thu Mar 12 12:05:10 CET 2015 

On Thu, 12 Mar 2015 10:33, hanno at hboeck.de said:

> How do these relate to each other? Is openpgpkey supposed to replace
> pka?

I don't understand either.  In particular I wonder why PKA was not
mentioned given that gpg support it since 10 years.  I asked Paul
Wouters why he came up with a new record type instead of use the CERT
record (which was updated to support PGP after I did the PKA thing using
TXT records).

He claims that the CERT record is too complex, not supported by all DNS
libraries, and nobody is using it.  Further the DNS WG does not anymore
like subtypes (eg. PGP, IPGP, PKIX, IPKIX for CERT) because you can't
request a certain subtype and an application has to pick one from the
responses.

I can't agree to that because we have full support for CERT record in
gpg on Unix and on Windows.  Implementing it was not that hard.  The
real problem with all DNS methods is that most people can't add a record
to the DNS.  This is why keyservers lower the entry barrier.

I do not plan to cease support for PKA.  In fact I redefined PKA to only
take care of the first time association of a key with a mail address and
not to deliver the actual key.  Keyservers or other methods (CERT allows
to add a canonical URL to the PKA record) are much easier to use than a
service from your provider to upload an updated key.  And access to the
key via fingerprint is anyway required for signature verification - DANE
can't do that.

Consider the case that you lost access to you mail provider: You would
need to rely on your former provider to distribute a revocation
certificate and that the provider won't reuse your mail address.

Using the IPGP CERT subtype allows to get a key for a first time
encrypted communication - after that you do not need it anymore.  This
would be used to seed a TOFU trust model - implementing that is on the
GnuPG shortlist.

For the DANE system the new _openpgpg.DOMAIN stuff makes sense.
However, not re-using an existing standard (CERT records, RFC-4398) and
adding yet another thing for the same purpose is not a good idea.  It
would have been sufficient to define the local-part hashing and the
_openpgp prefix.  The kdns keyserver helper would then immediately be
usable by all gpg versions.

I do not understand why there has been no recent discussion at the
OpenPGP WG mailing list.  There was a brief discussion in Summer 2013
and short message from Paul in January 2014.  After that the discussion
seem to have moved to the DANE group with no traces at the OpenPGP WG.
After all it is about OpenPGP and thus that would have been the right
place for it.  Well, the OpenPGP WG has been concluded because after
RFC-4880 the IETF lost all interest in OpenPGP and settled for S/MIME.
Anyway, it is still the place were OpenPGP people come together.



Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list