Fri May 16 12:20:03 2003
-----BEGIN PGP SIGNED MESSAGE-----
At 02:00 2003-05-16 +0400, you wrote:
>An example may be the best description, so I've written a rough draft.
>I've broken OpenPGP use into 3 levels of sophistication. Each level
>can be attacked at the user's own pace.
>Level 1: Opportunistic Encryption
>For this level, the user just generates a key. After that, the e-mail
>client software does the following:
>A) All outbound messages are signed. Mail is encrypted whenever the
> recipient's public key is available. (See my previous post for
> algorithms on key selection when multiple untrusted keys exist.)
>B) When a signed message with an attached key is received, we verify
> that the attached key matches the key used to sign the message.
> If so, the key is automatically added to the local keyring.
>C) If a received message is signed but not encrypted, any reply to
> the signature owner should have our public key automatically
> included as an attachment.
>Eavesdropping protection is achieved after one round trip and no user
>interaction or keyservers are required!
> - Yenot
I would like to add automatic use of robot-CA:s to the scheme. It's a
simple way of tieing a key to an e-mail address:
- - the user just generates a key
- - the client sends it to a robot-CA
- - the robot CA signs the key, encrypts it with the same key and returns it
to all e-mail addresses used in the userid.
- - the encrypted message from the robot-CA is received, decrypted, the
signed key is imported to the keyring and sent to at least one keyserver.
The rest as you proposed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - GPGrelay v0.92
-----END PGP SIGNATURE-----