ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Combining signature with signer's public key

2020-12-11 03:53:52
On Fri, 11 Dec 2020 10:43:11 +0100,
Kai Engert wrote:
The amount of data that can be transported in an email header is limited.

For the simple keys that can be generated inside Thunderbird (primary
key, single subkey for encryption, single used ID), using the
Autocrypt header could work.

However:

- we also allow users to use their complex keys with Thunderbird,
  which may contain multiple user IDs,

You only need the User ID corresponding to the email address in the
from field, and the current self signature.

  and contain many certifications,
  causing the key to be very big

The last I checked gmail doesn't accept mails larger than 25MB.  So,
you'll need a filter if you intend to include everything...  Also, you
have to remember that the email also has content, so you probably
don't want to reserve more than a few MB for the signer's certificate.
In that case, you pretty much have to filter some certificates...

  The Autocrypt header seems like an incomplete key distribution
  mechanism for complex keys.

Indeed.  I'd argue that that is a feature, not a bug.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>