best practice for pgp mail service, revoking keys

[David Shaw]

On Apr 23, 2014, at 6:13 PM, tim at piratemail.se wrote:

> Greetings,
> 
> This is a tiny bit philosophical. Perhaps a little off-topic. I think this is probably the best list to ask never-the-less.
> 
> So I've been working on this pgp base web based mail service.
> https://github.com/timprepscius/mv
> 
> Here is the problem I hope eventually to be confronted with:
> 
> 1. User registers name "decker at piratemail.se," user auto-magically generates a pgp pub/priv key. The pub key is registered on the pgp key servers.
> 2. User goes away. Account is closed.
> 3. User still has "decker at piratemail.se" registered on the pgp key servers.
> 4. Another person wants to use "decker at piratemail.se."  He would generate a brand new pgp key with a later creation date, but still that old one seems like a liability.
> 
> What should I do?
> 
> A few options I can see:
> 1. email addresses are used only once.
> 2. email addresses are used more than once, but with a warning, "there already exists an unrevoked pgp key for this address."
> 3. user gives me a revocation certification when he generates his pgp key, I can revoke accounts which close.
> 4. user generates pgp keys which expire after a year
> 5. ?

I haven't looked extensively at your design, so this isn't a suggestion as to what you should do, but just to mention a possibility you may have missed:

5. User appoints you (or a designated key) as their designated revoker.  This allows your key to issue a revocation on their key.  Pro: no need to store revocation certificates for all of your users, which could leak.  Con: the revocation only works if the person checking has both your key and their key.

It's similar in many ways to 3.

David