photo-ID omitted when retrieving keys from WKD

Piotr Morgwai Kotarbinski foss at morgwai.pl
Tue Feb 1 18:22:00 CET 2022


hmm: I don't seem to follow:
if a user decided to trust (to certain extent) some domain's WKS admins regarding key fingerprints (for example the user trusts that the WKS admins verify key fingerprints with members of their organization by some means of their internal procedures), it seems quite arbitrary to assume that the user should definitely NOT trust the same admins regarding photo-IDs verification (for example the admins may be comparing photo-IDs with photos from their HR DB before publishing to the WKD). It seems to me, that a decision whether to trust some WKD regarding photo-IDs should be made by individual users based on their knowledge/feeling about security practices in the given organization. Users can "store" such feelings in their keyring by either (l)signing the given photo-ID, leaving it as is, or deleting it themselves.

Furthermore, it may happen that some photo-ID stored in a WKD is signed by a 3rd party that is already trusted by the user. Stripping such photo-ID may unnecessarily conceal information that may be useful/important to the user.

Am I missing maybe some part of the story that invalidates my reasoning?

Thanks!



PS: Happy new lunar year to everyone! :) 



On 01/02/2022 00:53, Ingo Klöcker wrote:
> On Montag, 31. Januar 2022 15:58:22 CET Piotr Morgwai Kotarbinski via Gnupg-
> users wrote:
>> I have a public key with a photo-ID uploaded to WKD at my domain and when I 
> download it manually and import to gpg, everything works as expected:
> [...]
>> However if I try to locate the same key automatically using WKD mechanism, 
> then the attached photo-ID is not imported into my keyring:
> [...]
>> Is this intended or is it a bug?
> 
> Yes, this is intended. Keys retrieved via WKD are always imported with the 
> equivalent of the import filter {keep-uid=<email address used for WKD 
> retrieval>}.
> 
> The reasoning is that only user ids matching the email address used to 
> retrieve the key via WKD can be somewhat trusted (if you trust the people 
> running the WKS). Any other user id including photo ids on the key could be 
> fake, i.e. you could easily add the photo of another person as photo id to 
> your key.
> 
> Regards,
> Ingo
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
> 



More information about the Gnupg-users mailing list