Proposal of OpenPGP Email Validation

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Wed Jul 29 14:25:31 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Wednesday 29 July 2015 at 6:42:34 AM, in
<mid:55B867CA.9090501 at enigmail.net>, nico at enigmail.net wrote:




> Interesting. What comes into my mind is the following:
> - This requires special email clients.

How would this require a special email client?

OpenPGP-aware email clients I have used have a simple way to save a
key from a message to the keyring by clicking a button or selecting a
menu option. And if the user's email client is not OpenPGP-aware, or
they use webmail, there is always copy and paste.



> The benefit of
> the proposed workflow is that any existing client   can
> use it just by switching its keyserver to the
> validating   keyserver proxy.

I only suggested simplification of the workflow for actually
validating/signing the keys. The user can still just switch their
keyserver of choice to the validating proxy.



> How to
> deal with existing keys?   Well probably the same
> (upload a key for the first time and uploading it
> for updates would run the saem workflow), right?

Yes. And for automatic re-validations, before my step 1 (key reaches
validation server) the proxy server would consult its list of which
keys it signed when and fetch them for revalidation.



>> There is still the same level of assurance that the
>> email address and private key are controlled by the
>> same entity. Advantages are:-

>> a. Nobody is asked to click links or reply to emails.

> Hmm, isn't step 5 is kind of that?

No. Step 5 is that the user receives an encrypted email to each
relevant email address containing a copy of their key with the
additional signature on just that UID, much as they might receive from
other attendees at a keysigning. If they wish, the user saves the
updated key to their keyring. And, again if they wish, the user
uploads their updated key to a keyserver.



> In any case some
> confirmation email handling is required.

For each UID, the copy of the key containing a validation signature
over only that UID would be sent in an encrypted email to the email
address in that UID.

Receipt of the email containing the signed key confirms the ability to
receive messages sent to that email address.

And decryption of that email confirms access to the private key.

What else do you need to confirm?



>> c. Changes to the user's key are uploaded to the
>> keyserver by the    user, not by the validation
>> server.

> Is this a real benefit?

It's the user's key. Denying them the choice by uploading your changes
directly to keyservers is pretty arrogant. Maybe you could have the
validating proxy upload the changes itself in the event the the key
you are validating does not have the keyserver no-modify flag set?


- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

Think for yourself.
Otherwise you have to believe what other people tell you.
-----BEGIN PGP SIGNATURE-----

iQF8BAEBCgBmBQJVuMZGXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2
QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXweqgH/Aq5kO8qt0dJLy0J7W73I8k2
TXjCir9yvYvlqIliJpoYRbV5TC4N/k0xI6d+kx/J825V81xjpi6wgtLHXpF3tii4
rGdEniBgzJmoZvSNVVUhbzgy/Nd7RdMAL/ZF0PVfGsG0fg0MRSonikG1AUVxk9S8
JOXNfq5suDhx3hIA0W5qL0ecWSWRfbwFmUXcO9C59oTd90Do1Noz7LAAizzeNOgT
ZeM7wuGlOicqqRGVKppxJ64LlRlkRc/WHkbZlubDw3iR4d3iqwAMam+/tI1vDvDg
9YHu7M91FHqPPIKFd8cCVbcFBdnBctucYVvC07KnCKOeqPBmCE+EnHoxwRm22reI
vgQBFgoAZgUCVbjGcF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx
MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45J7bAP0dlJftV38bRaG70yc2g0ZMOUCv
hMpVCeNAbfYKXoQmwwEA/TzLo6o28HFJ3pjaQ/ZGr8x0sR4RzBsMJ9JwUWw+4AE=
=5N4q
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list