Proposal of OpenPGP Email Validation

Patrick Brunschwig patrick at
Mon Jul 27 17:51:56 CEST 2015

On 27.07.15 14:15, Neal H. Walfield wrote:
> Hi,
> I guess you mean this:
>   The idea I have in mind is roughly as follows: if you upload a key to
>   a keyserver, the keyserver would send an encrypted email to every UID
>   in the key. Each encrypted mail contains a unique link to confirm the
>   email address. Once all email addresses are confirmed, the key is
>   validated and the keyserver will allow access to it just like with any
>   regular keyserver.
> This approach is not going to stop a nation state.  A nation state can
> intercept the mail, decrypt it and follow the link.

If the email can be decrypted, then any email can be decrypted, which
would turn OpenPGP useless.

> For the same reason, it is not going to stop a user's ISP.  Given
> Microsoft's et al.'s willingness to cooperate with the NSA, these are
> not very good starting conditions.

If (and only if) the user stores his private key on his computer, and
the connection to the validating key server is HTTPS with PFS, I don't
really agree.

In any case, the target users are not the Edward Snowdens of this world,
but the 99% of people who just want to communicate easily with each
other and don't want to be bothered too much with key complicated key
lookup/verification scenarios.

> The approach also has another problem: which key servers are going to
> do this?  There are 100s of key servers.  I'm not going to reply to
> mails from each one, sorry.

The idea is that these servers are separate from the keyserver network.
That is, a relatively small set of servers that would only do validation
of email addresses. Validated keys would then be uploaded to normal key

> This also seems like a nice way to spam someone.  Generate a key,
> upload it to a key server and they have a bunch of mails from the key
> server.  Based on this, I suspect that it won't take long for the key
> servers to be blacklisted?

True, but this only serves the purpose of spamming someone without any
further action. You cannot send specific text to those who get spammed,
that's thus not very interesting. But in general, that's certainly
something to consider (such as only accepting one key at a time and only
accepting N keys per hour from some IP address).

> Have you considered these issues?  Do you have any thoughts about how
> to avoid these problems or do you think they are not real problems?
> Regarding the design: personally, I wouldn't have the user follow a
> link that includes a swiss number, but have the user reply to the
> mail, include the swiss number and sign it.

That's a good idea indeed.

> I'd also consider having the key servers publish the validations.  If
> you chain the validations (include the hash of the previous validation
> in the current validation) you can detect if the key servers serve a
> fake key to a specific user.

Sounds like a good idea.


More information about the Gnupg-users mailing list