|
⇤ ← Revision 1 as of 2016-09-14 08:02:30
Size: 901
Comment: added contents.
|
Size: 2176
Comment: Added date and description to links. Useful as is, so "under construction sign" removed.
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| **Page under construction** | = Proposal to distribute pubkeys via HTTPS to make Email crypto much easier. |
| Line 3: | Line 3: |
| Proposal to distribute pubkeys via HTTPS to make Email crypto much easier. | == How does it work? As email user, you just select the recipient(s) and can see that the email will be encrypted. If you and your peers use email-providers offering this "web key service", it works with the first email. Otherwise encryption will start after you have exchanged some emails. |
| Line 6: | Line 10: |
| * [[EasyGpg2016/PubkeyDistributionConcept]] <- the details * http://www.openpgp-conf.org/program.html#werner http://www.openpgp-conf.org/2016/openpgp-2016-simple-key-discovery.pdf * http://www.intevation.de/~bernhard/presentations/201609-openpgpconf/20160908-3bsi-contracts.pdf * [[http://www.golem.de/news/web-key-service-openpgp-schluessel-ueber-https-verteilen-1609-123194.html|Golem news about WKS (in German)]] * [[http://www.heise.de/newsticker/meldung/Spezifikation-fuer-die-Verteilung-von-OpenPGP-Keys-per-HTTPS-veroeffentlicht-3317914.html|Heise news about WKS (in German)]] * [[http://lists.gnupg.org/pipermail/gnupg-de/2016-September/000547.html|"Anwerkungen zum Web Key Service" 2016-09-11 Werner Koch]] |
Technically your email client will * prepare for this by creating a crypto key for you and either send it to your provider by email or to public keyservers. * sign all emails so others see your pubkey (unless you opt out) * ask the mail provider of your recipients for their pubkeys. An email-provider offering "web key service" will technically: * provide a pubkey for each user via ~HT~TPS * allow each user's email client to automatically manage the pubkey that gets published by email. == Details / Discussion * [[EasyGpg2016/PubkeyDistributionConcept]] <- the (technical) details * 2016-09-08 ~OpenPGP.conf presentation by Werner Koch: [[https://www.openpgp-conf.org/program.html#werner|Abstract]] [[https://www.openpgp-conf.org/2016/openpgp-2016-simple-key-discovery.pdf|Slides.PDF]] * 2016-09-08 ~OpenPGP.conf presentation by Bernhard Reiter, pages 21-24 [[https://www.intevation.de/~bernhard/presentations/201609-openpgpconf/20160908-3bsi-contracts.odp|Slides.ODP]] [[https://www.intevation.de/~bernhard/presentations/201609-openpgpconf/20160908-3bsi-contracts.pdf|Slides.PDF]] * 2016-09-09 //[[http://www.golem.de/news/web-key-service-openpgp-schluessel-ueber-https-verteilen-1609-123194.html|OpenPGP-Schlüssel über HTTPS verteilen]]// Golem news by Hanno Böck * 2016-09-11 [[https://www.heise.de/newsticker/meldung/Spezifikation-fuer-die-Verteilung-von-OpenPGP-Keys-per-HTTPS-veroeffentlicht-3317914.html|Spezifikation für die Verteilung von OpenPGP-Keys per HTTPS veröffentlicht//]] Heise news by Johannes Merkert * 2016-09-11 //[[http://lists.gnupg.org/pipermail/gnupg-de/2016-September/000547.html|Anwerkungen zum Web Key Service]]// gnupg-de@ by Werner Koch |
Proposal to distribute pubkeys via HTTPS to make Email crypto much easier.
How does it work?
As email user, you just select the recipient(s) and can see that the email will be encrypted.
If you and your peers use email-providers offering this "web key service", it works with the first email. Otherwise encryption will start after you have exchanged some emails.
Technically your email client will
- prepare for this by creating a crypto key for you and either send it to your provider by email or to public keyservers.
- sign all emails so others see your pubkey (unless you opt out)
- ask the mail provider of your recipients for their pubkeys.
An email-provider offering "web key service" will technically:
- provide a pubkey for each user via HTTPS
- allow each user's email client to automatically manage the pubkey that gets published by email.
Details / Discussion
- EasyGpg2016/PubkeyDistributionConcept <- the (technical) details
- 2016-09-08 OpenPGP.conf presentation by Werner Koch: Abstract Slides.PDF
- 2016-09-08 OpenPGP.conf presentation by Bernhard Reiter, pages 21-24 Slides.ODP Slides.PDF
- 2016-09-09 OpenPGP-Schlüssel über HTTPS verteilen Golem news by Hanno Böck
- 2016-09-11 Spezifikation für die Verteilung von OpenPGP-Keys per HTTPS veröffentlicht// Heise news by Johannes Merkert
- 2016-09-11 Anwerkungen zum Web Key Service gnupg-de@ by Werner Koch
The elaborated proposal is a result of the EasyGpg2016 contract.