Proposal of OpenPGP Email Validation
Neal H. Walfield
neal at walfield.org
Mon Jul 27 14:15:57 CEST 2015
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
in the key. Each encrypted mail contains a unique link to confirm the
email address. Once all email addresses are confirmed, the key is
validated and the keyserver will allow access to it just like with any
regular keyserver.
This approach is not going to stop a nation state. A nation state can
intercept the mail, decrypt it and follow the link.
For the same reason, it is not going to stop a user's ISP. Given
Microsoft's et al.'s willingness to cooperate with the NSA, these are
not very good starting conditions.
The approach also has another problem: which key servers are going to
do this? There are 100s of key servers. I'm not going to reply to
mails from each one, sorry.
This also seems like a nice way to spam someone. Generate a key,
upload it to a key server and they have a bunch of mails from the key
server. Based on this, I suspect that it won't take long for the key
servers to be blacklisted?
Have you considered these issues? Do you have any thoughts about how
to avoid these problems or do you think they are not real problems?
Regarding the design: personally, I wouldn't have the user follow a
link that includes a swiss number, but have the user reply to the
mail, include the swiss number and sign it.
I'd also consider having the key servers publish the validations. If
you chain the validations (include the hash of the previous validation
in the current validation) you can detect if the key servers serve a
fake key to a specific user.
Neal
More information about the Gnupg-users
mailing list