mailto with pgp fingerprint

Nicolai Josuttis (enigmail) enigmail at
Tue Jul 22 09:40:10 CEST 2014

More and more we seem to have the problem of faked keys in the key
servers. This especially applies to "well known" keys such as
authors of magazines and famous tools.

In addition, I have the problem that I'd like to use a special
reply-to address, which is not listed in the keyservers, but it
should be easy to associate that with a (known) public key.

So, I was wondering whether it is possible to force somehow the usage
of a specific pgp key identified by its fingerprint.

One obvious approach might be to extend the mailto format

I was wondering whether it make sense to standardize something like
> <mailto:nico at>
<mailto:nico at>
so that we can provide elements in websites and emails
that force mailers to automatically choose the right public key
(either from internal list or from key servers).
The semantics would be:
- use the passed pgp key with the following email address

Mailers/PGP-tools could even use this to update their key rings.
(but with appropriate interaction and/or warning/error handling,
 because this can be a simple security hole if a link just
 would assign faked associated keys.).

We could even use a syntax like:
>> <mailto:?pgp=EA25EF48BF2001E41FAB0C1CDEF9FC808A1C44D0>
>> <mailto:?pgpfp=EA25EF48BF2001E41FAB0C1CDEF9FC808A1C44D0>
to force the usage of a pgp key and derive the email address from there.

- Would such a thing make sense or am I missing something?
- Is there even something like that already there or on the way?
- If not, is somebody familiar with the process or even willing
  to propose this as a RFC?
- Other thoughts?

And BTW, if this is too much out of scope of GnuPG issues:
- What would be the right place to discuss such a thing?


Nicolai M. Josuttis
mailto:nico at
PGP fingerprint: CFEA 3B9F 9D8E B52D BD3F 7AF6 1C16 A70A F92D 28F5

More information about the Gnupg-users mailing list