Secure Private Key Synchronization (RFC)

Tankred Hase tankred at whiteout.io
Fri Jul 3 12:44:38 CEST 2015


2015-07-02 18:59 GMT+02:00 Daniel Roesler <diafygi at gmail.com>:
> Will the proposal require support private subkey stubs generated from
> gpg --export-secret-subkeys?

That's a good question and the spec is indeed not specific enough
here. If I'm not mistaken Mailvelope only includes the primary key
packets in their current implementation. But it makes sense to include
subkey packets as well. Something to be clarified in the spec.

Tankred


> On Thu, Jul 2, 2015 at 6:48 AM, Tankred Hase <tankred at whiteout.io> wrote:
>> Hi,
>>
>> I'm Tankred from Whiteout (https://whiteout.io). Me, Werner and other
>> PGP projects discussed a secure way to synchronize a user's private
>> key between devices during the OpenPGP summit in April
>> (https://www.gnupg.org/blog/20150426-openpgp-summit.html). The goal
>> was to formalize and hopefully standardize a very simple protocol that
>> allows interoperability between mail user agents.
>>
>> We've already gotten feedback from other vendors using OpenPGP.js such
>> as Mailvelope and 1&1, and we would also like to hear what the GPG
>> community has to say about it. Here is our current proposal:
>>
>> https://github.com/whiteout-io/mail-html5/wiki/Secure-OpenPGP-Key-Pair-Synchronization-via-IMAP
>>
>> Thanks for any feedback!
>>
>> Kind regards,
>> Tankred
>>
>> --
>> Whiteout Networks GmbH c/o Werk1
>> Grafinger Str. 6
>> D-81671 München
>> Geschäftsführer: Oliver Gajek
>> RG München HRB 204479
>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users

-- 
Whiteout Networks GmbH c/o Werk1
Grafinger Str. 6
D-81671 München
Geschäftsführer: Oliver Gajek
RG München HRB 204479



More information about the Gnupg-users mailing list