ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Deriving an OpenPGP secret key from a human readable seed

2019-10-17 04:27:07
On 17.10.19 11:20, Peter Todd wrote:
Do we really need something that doesn't require the public key? Those are
fairly widely distributed; when would you be unable to get a copy yet still
need to recover the secret key?

Please see my other response to Daniel, which illustrates a scenario in
which a user might no longer have that available.

The scenario is an email application, which targets users that only use
end-to-end-encryption because it's readily and easily available in an
email application they're using, who aren't diligent with their files,
but still don't want to lose their archive of old (encrypted) emails.

I'm quoting from my other email from today:

What about a user who owns just a single computer, it breaks, and
they've lost all their files, and only the IMAP mail archive is left?

Maybe the user never uploaded their key to a key server, there's no backup.

Maybe the user has an email with the attached public key somewhere, but
can it be found reliably?

If we don't record any key information in the Mnemonic, the user must
perform some bootstrap action, prior to being able to regenerate the key:

- look at existing encrypted email, an extract the key ID, to understand
which key needs to be recovered. But that might be a subkey ID, so
further searching is required to identify the ID of the master key?

- search through existing email, in the hope that the full public key is
attached somewhere, either regular attachment, or maybe an outgoing
autocrypt header (only if user's client had autocrypt headers enabled).
Maybe there's no such email?

- contact one of the correspondents, and ask them to send the public key
back. Maybe the user doesn't want to do that?

It might be useful if recovery didn't depend on the above.

Kai

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>