GnuPG Gpg4win Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • RecentChanges
  • FindPage
  • HelpContents
Revision 20 as of 2016-01-07 11:37:33
  • OpenPGPEmailSummit201512
  • EmailValidation

OpenPGPEmailSummit: EmailValidation

Workshop at 2nd OpenPGP Email Summit, Dec 2015 run by Nicolai Josuttis

With this approach we want to establish a quick backward compatible solution to validate email addresses of UIDs of OpenPGP keys.

This would help to solve two major problems we have:

  • People can currently easily upload faked keys (and they do)
  • We have a lot of "moldered" keys (old keys not for any usage anymore)

The key approach is:

  • Define a standard signature format to signal successfull email validation
    • The standard format would be:
      • expires after 1 year
      • having a "signature notation" defining when/how/what was validated as JSON value
    • The standard format allows email clients to process them accordingly
      • E.g.: List who validated the email address or prefer validated email addresses over those not validated.
    • But even existing email clients can benefit from them:
      • According to the WebOfTrust a user can grant trust (and therefore priority) to emails with specific signatures
  • Establish some initial validation servers to perform that validations on request
    • To validate: Sends email to email address in UID encrypted with the key to ensure that the one who confirms has the private key
    • Request might be implicitly triggered by email clients or explicitly triggered by sending an email
      • request shall be an email
        • to ensure that the request is signed by the owner
      • part of the email can be two hints:
        • "upload to key server"
        • "revoke signatures on old keys"
    • Validation can be done asynchonously (not hindering immediate use of a new key)

Key properties of the approach are:

  • No change of existing key server infrastructure or protocol
  • Existing email clients can use it
  • Fast establishment possible when email clients (e.,g. enigmail) support this in a new version
  • The standard format might also be used by email providers, who provide both email address and keys (e.g. Google)
  • Yes, this is a CA-like approach
    • Careful selection of initial CAs
    • Options: Current SMime CAs, trusted organizations, ... ?
  • This is no perfect solution, but it makes faking keys a lot harder and easier to detect
    • Solution against trolls not against secret services
    • But very important for the acceptance of OpenPGP because the naive user does not understand, why emails are not validated

Open issues:

  • How to ensure that the validation request is triggered by the owner of the key?
    • To avoid spam DOS
    • Answer: explicit request by email client that supports this approach or by user sending a specific email.

Initial Proposal: https://lists.gnupg.org/pipermail/gnupg-users/2015-July/053971.html

Slides: attachment:EmailValidation20151207.pdf

Whiteboard 2nd OpenPGP Summit: attachment:Whiteboard_EmailValidation.png

  • This site is hosted by Intevation GmbH
  • |
  • Datenschutzerklärung und Impressum
  • |
  • Privacy Policy and Imprint