[Feature request] send an user agent in hkp request

Fabian Keil freebsd-listen at fabiankeil.de
Tue Feb 5 11:43:37 CET 2013


Phil Pennock <gnupg-devel at spodhuis.org> wrote:

> On 2013-02-04 at 19:00 +0100, Fabian Keil wrote:
> > Additionally speculating based on the URL would be less reliable
> > and I'd prefer using the same detection method for all clients.
> 
> What's unreliable about dispatching functionality based on the URL and
> the path components?  That's how almost all web-servers work and is
> fundamental to the model of URLs.

The context you didn't bother to preserve was Tor circuit
separation for gpg requests.

"Detecting" gpg based on the URL would allow Tor exit relays and
untrustworthy websites to get the browser to use the same circuits
as gpg which is undesirable.
 
> If the path starts /pks/ then it goes to the keyserver; it's something
> speaking the Horowitz Keyserver Protocol, and if it isn't then tough,
> because it has asked for that, as even on ports other than 11371 the
> protocol, since the original thesis paper, has used URLs in that
> namespace.  Specifically, `/pks/lookup` and `/pks/add`.

The "requirement" isn't to differentiate keyserver URLs from other URLs,
but to reliably differentiate requests from gpg from requests coming
from different clients without allowing remote third-parties to sabotage
the detection.

> You get to use the hostname and the path.  That's sufficient for
> everyone else, and dispatching functionality based on User-Agent has
> always been far less reliable and advocated against, as it leads to new
> User-Agents having to pretend to be old ones, to get past dated checks.

Tor circuit separation for gpg has been discussed on or-talk@ several
times in the past so clearly using hostname and path is not "sufficient
for everyone else".

> You _decide_ based on the URL; you might sometimes _speculate_ based on
> the User-Agent and choose to override the URL for stuff like
> bug-workarounds, setting additional HTTP headers in a response, for
> instance.
> 
> The closest there is to a formal specification for HKP is
> http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00
> and you might want to read it.

Given that it's based on HTTP the "formal specification" already
allows setting the User-Agent. In fact, browsers already set the
User-Agent when using keyservers.

As far as I can tell the keyservers just ignore the header and
thus this doesn't affect the reliability in any way.

Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: </pipermail/attachments/20130205/1a7de42c/attachment.pgp>


More information about the Gnupg-devel mailing list