Proposal of OpenPGP Email Validation

MFPA 2014-667rhzu3dc-lists-groups at
Wed Jul 29 14:25:31 CEST 2015

Hash: SHA512


On Wednesday 29 July 2015 at 6:42:34 AM, in
<mid:55B867CA.9090501 at>, nico at wrote:

> Interesting. What comes into my mind is the following:
> - This requires special email clients.

How would this require a special email client?

OpenPGP-aware email clients I have used have a simple way to save a
key from a message to the keyring by clicking a button or selecting a
menu option. And if the user's email client is not OpenPGP-aware, or
they use webmail, there is always copy and paste.

> The benefit of
> the proposed workflow is that any existing client   can
> use it just by switching its keyserver to the
> validating   keyserver proxy.

I only suggested simplification of the workflow for actually
validating/signing the keys. The user can still just switch their
keyserver of choice to the validating proxy.

> How to
> deal with existing keys?   Well probably the same
> (upload a key for the first time and uploading it
> for updates would run the saem workflow), right?

Yes. And for automatic re-validations, before my step 1 (key reaches
validation server) the proxy server would consult its list of which
keys it signed when and fetch them for revalidation.

>> There is still the same level of assurance that the
>> email address and private key are controlled by the
>> same entity. Advantages are:-

>> a. Nobody is asked to click links or reply to emails.

> Hmm, isn't step 5 is kind of that?

No. Step 5 is that the user receives an encrypted email to each
relevant email address containing a copy of their key with the
additional signature on just that UID, much as they might receive from
other attendees at a keysigning. If they wish, the user saves the
updated key to their keyring. And, again if they wish, the user
uploads their updated key to a keyserver.

> In any case some
> confirmation email handling is required.

For each UID, the copy of the key containing a validation signature
over only that UID would be sent in an encrypted email to the email
address in that UID.

Receipt of the email containing the signed key confirms the ability to
receive messages sent to that email address.

And decryption of that email confirms access to the private key.

What else do you need to confirm?

>> c. Changes to the user's key are uploaded to the
>> keyserver by the    user, not by the validation
>> server.

> Is this a real benefit?

It's the user's key. Denying them the choice by uploading your changes
directly to keyservers is pretty arrogant. Maybe you could have the
validating proxy upload the changes itself in the event the the key
you are validating does not have the keyserver no-modify flag set?

- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at>

Think for yourself.
Otherwise you have to believe what other people tell you.


More information about the Gnupg-users mailing list