ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Keyserverless Use of OpenPGP in Email

2016-04-12 09:46:10
from [Derek Atkins] [Permanent Link] 
Hi,

Vincent Breitmoser <look@my.amazin.horse> writes:


Hi,

(crossposting to openpgp-email and openpgp-wg, the lists where I expect
the highest rates of interested people)

I'd like to discuss a thought that has come up in my work on k9 mail:
Using OpenPGP in E-Mail without relying on keyservers.  As a motivation,
just consider someone spins up their botnet to add 1000 or more keys per
second to the pool - aaaaand it's gone. Other aspects are that a
keyserver lookup requires network connectivity, introduces noticable
delay, and has privacy implications which prevent us from doing the
lookup in an automated fashion.

First, some basic considerations:  To obtain the public key of a
communication partner, we obviously have to rely on said communication
partner to make their key available to us one way or another.  The only
deployed lookup mechanism are keyservers, but we said we don't have
that.  The alternative is sending the key in-band with the particular
communication protocol: No problem for synchronous communication such as
XMPP because we can simply request them, more difficult for e-mail where
that option is not available.


This is only an issue on the first communication with someone.  Once you
have your comminicant's key you can cache it locally and re-use it for
all future transmissions without touching the keyserver.

So really it's a question of bootstrapping: When you are sending an
email to a person for the first time (or if you are verifying a
signature for the first time), how do you get their key?

This is, in my experience, a much more limited use-case.  I find that I
rarely send an email to someone for the first time, and rarely do I
receive cold-call emails where I care about validating the signature.
I'm usually sending (and receiving) emails to (from) the same people
over and over.  So once I acquire their key, it's cached and I don't
need to ask for it again.

Okay, so now that we're reduced the issue to first-use, how does one
acquire that data?  There are several options:

1) email unencrypted and ask for it
2) use a PGP keyserver
3) use some other lookup database (LDAP, DNS, etc)

Pretty much every single one of these options implies some amount of
delay and has different trust (and deployment) models.

-derek
-- 
       Derek Atkins                 617-623-3745
       derek(_at_)ihtfp(_dot_)com             www.ihtfp.com
       Computer and Internet Security Consultant

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Fingerprint requirements for OpenPGP, Derek Atkins
Next by Date:  Re: [openpgp] [openpgp-email] Keyserverless Use of OpenPGP in Email, Neal H. Walfield
Previous by Thread:  Re: [openpgp] [openpgp-email] Keyserverless Use of OpenPGP in Email, Ruben Pollan
Next by Thread:  [openpgp] Proposed Patch to RFC4880bis to reserve two public key numbers, Derek Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]