Web Key Directory

Bernhard Reiter bernhard at intevation.de
Thu May 12 14:37:46 CEST 2016

Am Donnerstag, 12. Mai 2016 09:47:59 schrieb Werner Koch:
> On Tue, 10 May 2016 09:40, bernhard at intevation.de said:
> > Ok, where did you take it from?
> *h*ashed *u*serid

Sorry I've missunderstood your previous statement here.

> > Being able to show the credentials to the mail service provider that
> > can access the email account (storage and settings) is equivalent from
> > the security point of view of being able to send and receive the emails
> > over this
> That mixes two entirely different services.  Web service may even be
> outsourced.

But it shows ownership of the email account.
With showing it by credentials it may save the crypto processing side
of the server to construct, safe and confirm a challenge. Otherwise
each server will need to implement this and while it may be ready available as 
Free Software from us, this may be a major implementation hurdle.

> >> Even if parts of the protocol would use HTTPS, there will in any case be
> >> a need to use SMTP/LMTP/IMAP/POP3 for the email confirmation.
> >
> > Why? To show that the client can do email format construction and
> > parsing?
> To receive and send confirmation mails ??

The alternative I am thinking of would not necessarily need confirmation 
emails. After a while I can request my own pubkey from the 
mail-service-provider and know that my status is okay then.

> > What security purpose are you thinking of with air gaps?
> > You mean in the case that your client is on a disconnected machine
> > and you transport emails over via removable medias? This seems to be
> Right , that is what an ari gap is about.
> > a very rare use case from my point of view. 

Do you agree that it is a rare use case?

If one out of 10.000 users has this issue, he will be of subset of 
archetype "Bob" (from https://wiki.gnupg.org/EasyGpg2016/VisionAndStories)
and we should probably not design for it. Bob could just use the WoT.

> > And it could be done with 
> > an https based protocol as well, just allow the challenge to be answered
> > with a reasonable time delay.
> I am not sure whether RFC-1149 like transport mechanisms [1] will work
> with TLS :-)

RFC-1149 with its addendum is a nice April Jokes (though it has been 
implemented, claims Wikipedia 
https://en.wikipedia.org/wiki/IP_over_Avian_Carriers) Did not know it yet. :)

Back to the serious issue:
The protocol can be designed in a way that if Bob wants to he can:
Take the challenge carry it over to a different machine, solve it there and 
then take it back and transmit back with TLS.

Best Regards,

www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160512/56964719/attachment.sig>

More information about the Gnupg-devel mailing list