[git] gnupg-doc - branch, master, updated. 18b09effc2b8696bcefdad2b1a5cb2663a620dcb

by Werner Koch cvs at cvs.gnupg.org
Fri Dec 14 10:02:54 CET 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GnuPG website and other docs".

The branch, master has been updated
       via  18b09effc2b8696bcefdad2b1a5cb2663a620dcb (commit)
       via  733acdda1a440ca38df4aa22711459af7c25cd2d (commit)
      from  a51e1d2bf99aa4df7ee8d15edac60ad15e34b665 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 18b09effc2b8696bcefdad2b1a5cb2663a620dcb
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Dec 14 10:01:55 2018 +0100

    drafts,openpgp-webkey-service: Remark on 401 server responses.
    
    Suggested-by: Hanno Böck

diff --git a/misc/id/openpgp-webkey-service/draft.org b/misc/id/openpgp-webkey-service/draft.org
index a6c7a83..0fd09a4 100644
--- a/misc/id/openpgp-webkey-service/draft.org
+++ b/misc/id/openpgp-webkey-service/draft.org
@@ -529,6 +529,13 @@ requests are only send for such User IDs.  It is further recommended
 that a client filters the key for a publication requests so that only
 a key with the specific User ID of the provider is send.
 
+A client MUST not accept a HTTP authentication challenge (HTTP
+code 401) because the information in the Web Key Directory is public
+and needs no authentication.  Allowing an authentication challenge has
+the problem to easily confuse a user with a password prompt and
+tricking him into falsely entering the passphrase used to protect his
+private key or to login to his mail provider.
+
 The use of DNS SRV records as specified in former revisions of this
 document reduces the certainty that a mail address belongs to a
 domain.  For example an attacker may change the target to a host in a

commit 733acdda1a440ca38df4aa22711459af7c25cd2d
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Dec 14 09:16:54 2018 +0100

    drafts,openpgp-webkey-service: Fix flaws in the last revision.
    
    - Parts of the well-known URL were swapped in one place.
    
    - The security considerations still talked about SRV record.  Changed
      to a historical remark.
    
    Reported-by: Jeremy Drake

diff --git a/misc/id/openpgp-webkey-service/draft.org b/misc/id/openpgp-webkey-service/draft.org
index 5d99e12..a6c7a83 100644
--- a/misc/id/openpgp-webkey-service/draft.org
+++ b/misc/id/openpgp-webkey-service/draft.org
@@ -250,7 +250,7 @@ examples the domain "example.org" is assumed, thus:
 
 #+BEGIN_EXAMPLE
       WELLKNOWN := https://openpgpkey.example.org/.well-known/
-                   example.org/openpgpkey
+                   openpgpkey/example.org
 #+END_EXAMPLE
 (line has been wrapped for rendering purposes)
 
@@ -264,8 +264,7 @@ alice at example.org.  To install the key at her provider's Web Key
 Directory, she performs the following steps:
 
 1. She retrieves a file which contains one line with the mail address
-   used to submit the key to the mail provider. The DNS SRV rules
-   described for the Web Key Directory apply here as well.  See below
+   used to submit the key to the mail provider.  See below
    for the syntax of that file.  For a mail address at the domain
    "example.org" the URI of the file is
 #+begin_example
@@ -520,13 +519,6 @@ The domain name part of the mail address is not part of the hash to
 avoid problems with internationalized domain names.  Instead a
 separate URL is required for each domain name.
 
-The use of DNS SRV records reduces the certainty that a mail address
-belongs to a domain.  For example an attacker may change the target to
-a host in a sub-domain under their control and thus gain full control
-over all keys.  An implementation may want to weight the certainty of
-a mapping different if it has been retrieved via a sub-domain and in
-particular if a non-recommended name is used for the sub-domain.
-
 To make it a bit harder to test for published keys, the server
 responsible to serve the WELLKNOWN directory SHOULD NOT create an
 index file for that directory or any sub-directory.
@@ -537,6 +529,11 @@ requests are only send for such User IDs.  It is further recommended
 that a client filters the key for a publication requests so that only
 a key with the specific User ID of the provider is send.
 
+The use of DNS SRV records as specified in former revisions of this
+document reduces the certainty that a mail address belongs to a
+domain.  For example an attacker may change the target to a host in a
+sub-domain under their control and thus gain full control over all
+keys.
 
 * IANA Considerations
 

-----------------------------------------------------------------------

Summary of changes:
 misc/id/openpgp-webkey-service/draft.org | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)


hooks/post-receive
-- 
The GnuPG website and other docs
http://git.gnupg.org

More information about the Gnupg-commits mailing list