Request for Discussion: new/PubKeyDistributionConcept/FallbackServer
Neal H. Walfield
neal at walfield.org
Tue Jun 14 15:29:09 CEST 2016
On Tue, 14 Jun 2016 14:47:16 +0200,
Bernhard Reiter wrote:
> Am Dienstag, 14. Juni 2016 14:25:20 schrieb Neal H. Walfield:
> > Before I comment: what an MSP?
> MSP: mail service provider
> (I've just taken the abbreviation from the wiki page.
> It makes sense to read it first anyway.)
> > What does "significantly add to `validity level' mean?
> Getting a pubkey from a MSP operated WKD should add a medium amount
> to the level of "how much do I believe that this pubkey belongs
> the owner of the email address that I am looking for".
> Medium because it will have to be a lot more than the contribution I get from
> having communicated with pubkey A and user U once or a couple of time.
> Only medium because other sources of validity will be necessary to detect
> malicious behaviour, so they must be able to get over medium for these
> This mainly documents my mental model how a good and secure user experience
> can be constructed in the future. I know that Werner's model is different.
> We need a way to get this exposed and talked about.
Please explain to me how a WKD being run by an MSP is not almost the
same thing as using key escrow? Let's say Alice's MSP runs WKD¸ I
look up her key using WKD, and her MSP returns the public part of a
fresh key. When I send her an email, the MSP reencrypts the message
and neither I nor Alice is any wiser. The only defense against this
is if Alice anonymously and regularly checks that the WKD server
returns the correct public key, which isn't a terribly good defense.
So, no, WKD is not add a "medium" amount of validity to the key. In
fact, using a key server and guessing which key is right is probably
better than this scheme, because it uses a different network path,
which means your MSP couldn't be compromised by an NSL!
Note: it would be possible to save this scheme if we augmented WKD
with something like Coniks , but Werner doesn't like this, because
it adds complexity and will take too much time to implement and we
need to ship in the near future.
More information about the Gnupg-devel