GnuPG Gpg4win Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • RecentChanges
  • FindPage
  • HelpContents

Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment
Get the password from https://wiki.gnupg.org/UnlockRegistration

Revision 27 as of 2016-01-07 15:04:20
  • OpenPGPEmailSummit201512
  • EmailValidation

OpenPGPEmailSummit: EmailValidation

Workshop at 2nd OpenPGP Email Summit, Dec 2015 run by Nicolai Josuttis

Approach

With this approach we want to establish a quick backward compatible solution to validate email addresses of UIDs of OpenPGP keys.

This would help to solve two major problems we have:

  • People can currently easily upload faked keys (and they do)
  • We have a lot of "moldered" keys (old keys not for any usage anymore)

The key approach is:

  • Define a standard signature format to signal successfull email validation
    • The standard format would be:
      • expires after 1 year
      • having a "signature notation" defining when/how/what was validated as JSON value
    • The standard format allows email clients to process them accordingly
      • E.g.:
        • Show list of who validated the email address
        • Prefer validated email addresses over those not validated.
    • But even existing email clients can benefit from them:
      • According to the WebOfTrust a user can grant trust (and therefore priority) to emails with specific signatures
  • Establish some initial validation servers to perform that validations on request
    • To validate: Sends email to email address in UID encrypted with the key to ensure that the one who confirms has the private key
    • Request might be implicitly triggered by email clients or explicitly triggered by sending an email
      • request shall be an email
        • to ensure that the request is signed by the owner
      • part of the email can be two hints:
        • "upload to key server"
        • "revoke signatures on old keys"
    • Validation can be done asynchonously (not hindering immediate use of a new key)

Key properties of the approach are:

  • No change of existing key server infrastructure or protocol
  • Existing email clients can use it
  • Fast establishment possible when email clients (e.,g. enigmail) support this in a new version
  • The standard format might also be used by email providers, who provide both email address and keys (e.g. Google)
  • Yes, this is a CA-like approach
    • Careful selection of initial CAs
    • Options: Current SMime CAs, trusted organizations, ... ?
  • This is no perfect solution, but it makes faking keys a lot harder and easier to detect
    • Solution against trolls not against secret services
    • But very important for the acceptance of OpenPGP because the naive user does not understand, why emails are not validated

Open issues:

  • How to ensure that the validation request is triggered by the owner of the key?
    • To avoid spam DOS
    • Answer: explicit request by email client that supports this approach or by user sending a specific email.
  • Who runs a first validation server?

Documents / Links / Resources

Initial Proposal: https://lists.gnupg.org/pipermail/gnupg-users/2015-July/053971.html

Slides: attachment:EmailValidation20151207.pdf

Whiteboard 2nd OpenPGP Email Summit: attachment:Whiteboard_EmailValidation.png

Feedback

Please send comments and feedback to Nico Josuttis, nico(at)enigmail.net (Fingerprint: CFEA 3B9F 9D8E B52D BD3F 7AF6 1C16 A70A F92D 28F5)

  • This site is hosted by Intevation GmbH
  • |
  • Datenschutzerklärung und Impressum
  • |
  • Privacy Policy and Imprint