Hi all---
On Mon 2015-07-27 01:55:03 -0400, n...@enigmail.net wrote:
In the past months I tried to come up with a concrete proposal.
I discussed it already with some people and
this is what I/we propose so far.
Sorry to take a while to respond to this thread. I think a proposal for
an
The problem with most e-mail reform proposals (this one included)
is that they don't address what is the primary problem of essential
users of the encrypted communication: that to their attackers the
knowledge of who communicates with whom is of greater value than
the content of the message.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Friday 31 July 2015 at 8:15:23 AM, in
mid:55bb208b.6090...@mail.ru, listo factor wrote:
The problem with most e-mail reform proposals (this
one included) is that they don't address what is the
primary problem of essential users of the
Indeed,
as written in the proposal
key 8B5A ABB1 A033 21CE C2FF C35F 3BA0 E844 EDEB DFE9
https://hkps.pool.sks-keyservers.net/pks/lookup?op=vindexsearch=0x3BA0E844EDEBDFE9
is a faked key which is signed by a faked CA.
THAT's exactly the problem I want to fix!
And note that for ordinary users it
Hi
On Thursday 30 July 2015 at 7:04:28 AM, in
mid:55b9be6c.1050...@gmail.com, Viktor Dick wrote:
On 2015-07-29 18:24, n...@enigmail.net wrote:
So, could somebody explain in a bit more detail how a PoW approach works?
As far as I understand it, for any key that you have -
regardless
On 2015-07-30 16:39, MFPA wrote:
On Thursday 30 July 2015 at 1:43:35 PM, in
mid:55ba1bf7.4090...@enigmail.net, n...@enigmail.net wrote
BTW, as another example, several keys of
t...@gpgtools.org are faked (search for these keys and
the the interesting result).
Sorry, I don't see a result
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thursday 30 July 2015 at 1:43:35 PM, in
mid:55ba1bf7.4090...@enigmail.net, n...@enigmail.net wrote:
BTW, as another example, several keys of
t...@gpgtools.org are faked (search for these keys and
the the interesting result).
Sorry, I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/30/2015 05:12 PM, Viktor Dick wrote:
On 2015-07-30 16:39, MFPA wrote:
On Thursday 30 July 2015 at 1:43:35 PM, in
mid:55ba1bf7.4090...@enigmail.net, n...@enigmail.net wrote
BTW, as another example, several keys of t...@gpgtools.org are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Friday 31 July 2015 at 12:11:35 AM, in
mid:957598505.20150731001135@my_localhost, MFPA wrote:
However, what would be different if one of the keys
found happened to carry one of your proposed?
Sorry, that should have been:-
What
On 31.07.2015 01:11, MFPA wrote:
Only if you download the key from the GPGTools website and find the
key-id first. (If the GPGTools team shows their key ID or Fingerprint
on their website, I failed to find it.)
On the front page they have 'to verify the signature, please download
and import our
On Thursday 30 July 2015 08:04:28 Viktor Dick wrote:
Now that I think about it - if I search for the original author of the
c't article (j...@ct.de), who complained about getting mails that were
encrypted to some fake key, I would assume that the keys 38EA4970 and
E1374764 are both genuine,
On 2015-07-30 10:17, Ingo Klöcker wrote:
I'm sorry to tell you that you have fallen into the trap. There is only one
genuine pg...@ct.heise.de key the fingerprint of which is printed in each
issue of the c't magazine. The other one is a fake. And the fact that the
fake
key with the
On 2015-07-29 18:24, n...@enigmail.net wrote:
So, could somebody explain in a bit more detail how a PoW approach works?
As far as I understand it, for any key that you have - regardless
whether you have access to the mail address in the uid - you can add
some signature where anyone with the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thursday 30 July 2015 at 4:12:35 PM, in
mid:55ba3ee3.7000...@gmail.com, Viktor Dick wrote:
On 2015-07-30 16:39, MFPA wrote:
On Thursday 30 July 2015 at 1:43:35 PM, in
mid:55ba1bf7.4090...@enigmail.net, n...@enigmail.net wrote
BTW, as
On Wed, 29 Jul 2015 17:49, patr...@enigmail.net said:
The whole point of this exercise is to verify that the key and the email
address(es) belong _together_. I don't see how PoW could do this, or I
didn't understand it well enough.
The idea with a regular PoW is that an attacker (well, script
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 30 July 2015 at 9:27:37 AM, in
mid:55b9dff9.6080...@gmail.com, Viktor Dick wrote:
On 2015-07-30 10:17, Ingo Klöcker wrote:
I'm sorry to tell you that you have fallen into the trap. There is only one
genuine pg...@ct.heise.de
[Sent from my HTC, as it is not a secured device there are no cryptographic
keys on this device, meaning this message is sent without an OpenPGP
signature. In general you should *not* rely on any information sent over
such an unsecure channel, if you find any information controversial or
Am 29.07.2015 um 15:41 schrieb MFPA:
Well, I don't like the CA model and that's what Nico is
basically proposing (with less rigorous checks).
Another huge disadvantage is that user's have to
actively participate by replying to emails / visiting a
link.
Yes, PoW has none of that.
If you
On 29.07.15 14:07, Neal H. Walfield wrote:
At Wed, 29 Jul 2015 01:03:53 +0100,
MFPA wrote:
On Tuesday 28 July 2015 at 11:46:10 PM, in
mid:87vbd3nbnx.wl-n...@walfield.org, Neal H. Walfield wrote:
At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
It also eliminates any attempt to to establish a
On Tue, 28 Jul 2015 20:46, 2014-667rhzu3dc-lists-gro...@riseup.net said:
Unless at least some of the major email providers were to provide a
means for these DNS entries to be added, any DNS-based approach has
very limited potential.
Right, but is the only solid way of doing it. The provider
On Tue, 28 Jul 2015 19:57, 2014-667rhzu3dc-lists-gro...@riseup.net said:
Couldn't human-readable data with a suitable field delimiter (such as
generated by GnuPG's --with-colons option) be interpreted by a
parser?
OpenPGP allows to indicate whether a notation data item is human
readable.
b. The validation server does not need to manage a stack of keys
awaiting feedback from the validation emails.
indeed, that's an argument
Hmm, but IMO we anyway need a state in validation servers to deal with
different spam schemes
(i.e. avoiding that any request to a v-server sends an
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 01:07 PM, n...@enigmail.net wrote:
Hmmm,
There should simply be no overhead in using OpenPGP in the ordinary
case for the ordinary user.
Any secure system needs proper operational security surrounding it,
that require user
On Wednesday 29 July 2015 07:42:34 n...@enigmail.net wrote:
Am 29.07.2015 um 03:30 schrieb MFPA:
Why not simplify the workflow:-
1. key reaches validation server.
2. for each UID containing an email address, validation server creates
a copy of the key stripped of all other UIDs.
On Wednesday 29 July 2015 01:48:54 MFPA wrote:
On Tuesday 28 July 2015 at 8:17:28 PM, in
mid:55b7d548.4020...@enigmail.net, n...@enigmail.net wrote:
AFAIK, there are not THAT many faked keys, but the
problem exists especially for key parties of our
internet world (a famous German magazine,
Hmmm,
first i talked to him/them a couple of times personally
(there are multiple editors at that magazine)
about the issue in detail and tried to convince them following
the WoT without success.
Note that they just behave as ordinary users,
having not much time to deal with the problems of
At Wed, 29 Jul 2015 02:30:47 +0100,
MFPA wrote:
On Monday 27 July 2015 at 1:15:57 PM, in
mid:874mkpokxu.wl-n...@walfield.org, Neal H. Walfield wrote:
Regarding the design: personally, I wouldn't have the
user follow a link that includes a swiss number, but
have the user reply to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 11:05:13 AM, in
mid:1713361.r4rmyyg...@collossus.ingo-kloecker.de, Ingo Klöcker
wrote:
A possible benefit would be that the user can choose
not to upload the validation signatures to the
keyservers. With a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 6:42:34 AM, in
mid:55b867ca.9090...@enigmail.net, n...@enigmail.net wrote:
Interesting. What comes into my mind is the following:
- This requires special email clients.
How would this require a special email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:09:54 PM, in
mid:87lhdzmagd.wl-n...@walfield.org, Neal H. Walfield wrote:
Personally, I think c is the killer in this plan:
people aren't going to bother to upload it (assuming
they even get that far)!
They
At Wed, 29 Jul 2015 15:14:07 +0200,
Ingo Klöcker wrote:
If you replace validation server with keysigning party participant then
you get one of the ways participants of keysigning parties get their
signatures to the key owners. So, it's already done and people do upload
their
signed keys.
At Wed, 29 Jul 2015 01:03:53 +0100,
MFPA wrote:
On Tuesday 28 July 2015 at 11:46:10 PM, in
mid:87vbd3nbnx.wl-n...@walfield.org, Neal H. Walfield wrote:
At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
It also eliminates any attempt to to establish a link
between the key and the email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 02:41 PM, MFPA wrote:
Hi
On Wednesday 29 July 2015 at 11:05:13 AM, in
mid:1713361.r4rmyyg...@collossus.ingo-kloecker.de, Ingo Klöcker
wrote:
A possible benefit would be that the user can choose not to
upload the
On Wednesday 29 July 2015 14:09:54 Neal H. Walfield wrote:
At Wed, 29 Jul 2015 02:30:47 +0100,
MFPA wrote:
On Monday 27 July 2015 at 1:15:57 PM, in
mid:874mkpokxu.wl-n...@walfield.org, Neal H. Walfield wrote:
Regarding the design: personally, I wouldn't have the
user follow a link
At Wed, 29 Jul 2015 14:05:49 +0100,
MFPA wrote:
On Wednesday 29 July 2015 at 1:09:54 PM, in
mid:87lhdzmagd.wl-n...@walfield.org, Neal H. Walfield wrote:
Personally, I think c is the killer in this plan:
people aren't going to bother to upload it (assuming
they even get that far)!
[Please do not CC me. I am subscribed.]
On Wednesday 29 July 2015 13:07:20 n...@enigmail.net wrote:
I see no reason NOT to solve this problem,
but I see many reasons to solve it.
Just saying deal with it simply means that
we place unneccesary burden on OpenPGP users.
IMO, that's a really
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:47:35 PM, in
mid:55b8cb67@sumptuouscapital.com, Kristian Fiskerstrand wrote:
On 07/29/2015 02:41 PM, MFPA wrote:
That would be good: mail clients that applied a rule
to only use validated keys would
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:07:21 PM, in
mid:87twsnmakm.wl-n...@walfield.org, Neal H. Walfield wrote:
It doesn't have to be per-email address. It is
sufficient to attach it to the primary key.
Fair enough if it is just to signify the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 12:07:20 PM, in
mid:55b8b3e8.9080...@enigmail.net, n...@enigmail.net wrote:
They get hundreds of emails per day and each email they
can't read is a significant problem because the 2
seconds they have for
On Wed, 29 Jul 2015 12:38, kloec...@kde.org said:
I personally chose to ignore the stupid editorial. IMHO it does not deserve
more attention than any other rant written by a random troll. OTOH, the
The publication came to a surprise to me given that we had a mail Q+A in
the week before to
Hi,
Did you consider user a proof-of-work scheme? For instance, the user
does a 1 week PoW, signs the result and attackes it to the key. These
would be refreshed about once a year.
This eliminates the verification servers and the problems associated
with them (namely, people need to trust them
On Mon, 27 Jul 2015 19:54, kristian.fiskerstr...@sumptuouscapital.com
said:
The way I read this proposal isn't about keyservers per se, but the
individual validation servers publishing a chained list (like a
Right. I assume that these validation servers still work like the
the regualr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 9:06:03 PM, in
mid:55b7e0ab.9020...@hammernoch.net, Ludwig Hügelschäfer wrote:
Let's concentrate on this one, I think this is the real
tough task: establishing a trust chain from the
validating servers to the
At Tue, 28 Jul 2015 19:22:29 +0100,
MFPA wrote:
On Tuesday 28 July 2015 at 8:22:23 AM, in
mid:87y4i0n3v4.wl-n...@walfield.org, Neal H. Walfield wrote:
Did you consider user a proof-of-work scheme? For
instance, the user does a 1 week PoW, signs the result
and attackes it to the key.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 8:17:28 PM, in
mid:55b7d548.4020...@enigmail.net, n...@enigmail.net wrote:
AFAIK, there are not THAT many faked keys, but the
problem exists especially for key parties of our
internet world (a famous German
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 11:46:10 PM, in
mid:87vbd3nbnx.wl-n...@walfield.org, Neal H. Walfield wrote:
At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
It also eliminates any attempt to to establish a link
between the key and the email
On Monday 27 July 2015 20:19:07 n...@enigmail.net wrote:
Am 27.07.2015 um 16:31 schrieb Ingo Klöcker:
This whole concept of a whitelist of trusted validation servers included
in the email clients sounds a lot like the CA certificate bundles
included in browsers and/or OSes. Who is going to
On 28.07.15 16:46, Ingo Klöcker wrote:
On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
Hi Ingo,
On 27.07.15 16:31, Ingo Klöcker wrote:
This whole concept of a whitelist of trusted validation servers
included in the email clients sounds a lot like the CA certificate
bundles
On Tuesday 28 July 2015 09:22:23 Neal H. Walfield wrote:
Hi,
Did you consider user a proof-of-work scheme? For instance, the user
does a 1 week PoW, signs the result and attackes it to the key. These
would be refreshed about once a year.
Which problem do you propose to address with such a
On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
Hi Ingo,
On 27.07.15 16:31, Ingo Klöcker wrote:
This whole concept of a whitelist of trusted validation servers
included in the email clients sounds a lot like the CA certificate
bundles included in browsers and/or OSes. Who is
Am 29.07.2015 um 03:30 schrieb MFPA:
Hi
On Monday 27 July 2015 at 1:15:57 PM, in
mid:874mkpokxu.wl-n...@walfield.org, Neal H. Walfield wrote:
Regarding the design: personally, I wouldn't have the
user follow a link that includes a swiss number, but
have the user reply to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 6:55:24 PM, in
mid:55b6708c.9090...@enigmail.net, n...@enigmail.net wrote:
If the
goal is to keep validations in sync, key owners might
have to confirm emails added over the year earlier,
which shouldn't be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 7:00:08 PM, in
mid:55b671a8.7020...@sumptuouscapital.com, Kristian Fiskerstrand
wrote:
It makes the information more compact and will make hkp
vindex lists look cleaner.
I thought Base64 encodes 3 bytes into 4,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 8:22:23 AM, in
mid:87y4i0n3v4.wl-n...@walfield.org, Neal H. Walfield wrote:
Did you consider user a proof-of-work scheme? For
instance, the user does a 1 week PoW, signs the result
and attackes it to the key.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 3:46:54 PM, in
mid:1865150.ufn610a...@collossus.ingo-kloecker.de, Ingo Klöcker
wrote:
I'm confident that the smaller mail providers who focus
on security would be willing to add such an interface.
Frankly, I do
Hi,
thanks again for the great feedback.
Am 28.07.2015 um 19:26 schrieb MFPA:
Hi
On Monday 27 July 2015 at 6:55:24 PM, in
mid:55b6708c.9090...@enigmail.net, n...@enigmail.net wrote:
If the
goal is to keep validations in sync, key owners might
have to confirm emails added over the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 28.07.15 16:46, Ingo Klöcker wrote:
On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
Hi Ingo,
On 27.07.15 16:31, Ingo Klöcker wrote:
(...)
Why should there not be a similar community approach for setting
up a (smaller) network
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
in the key. Each encrypted mail contains a unique link to confirm the
email address. Once all email addresses are
Hello,
Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
This approach is not going to stop a nation state. A nation state can
intercept the mail, decrypt it and follow the link.
For the same reason, it is not going to stop a user's ISP. Given
Microsoft's et al.'s willingness to cooperate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 6:55:03 AM, in
mid:55b5c7b7.4090...@enigmail.net, n...@enigmail.net wrote:
Thus, I am happy for any feedback (details and general
remarks) both here and directly as email to me.
Comments in no particular order,
On Monday 27 July 2015 07:55:03 n...@enigmail.net wrote:
Hi all,
in March we discussed here
German ct magazine postulates death of pgp encryption
and Patrick Brunschwig proposed a way to validate email addresses
I also had in mind:
On Mon, 27 Jul 2015 07:55, n...@enigmail.net said:
Thus, I am happy for any feedback
(details and general remarks)
Plain text would be appreciated. I accidentally accepted that 280k PDF
but sending such files to 2600 subscribes should be the exception.
Salam-Shalom,
Werner
--
Die
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/27/2015 07:55 PM, n...@enigmail.net wrote:
Hi MFPA, Thanks a lot for your feedback.
..
Why would the notation value be base64 encoded? What is the
rationale for preventing users from reading the notation values
in a key listing?
On 07/27/2015 07:46 PM, Werner Koch wrote:
On Mon, 27 Jul 2015 14:15, n...@walfield.org said:
You can't do that due to the decentralized approach with no
requirement for the user to always upload to the same keyserver.
Thus a server may miss validation signatures not yet received from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi MFPA,
Thanks a lot for your feedback.
Am 27.07.2015 um 15:16 schrieb MFPA:
Hi
On Monday 27 July 2015 at 6:55:03 AM, in
mid:55b5c7b7.4090...@enigmail.net, n...@enigmail.net wrote:
Thus, I am happy for any feedback (details and
Hi Ingo,
thanks a lot for the feedback.
Am 27.07.2015 um 16:31 schrieb Ingo Klöcker:
On Monday 27 July 2015 07:55:03 n...@enigmail.net wrote:
Hi all,
in March we discussed here
German ct magazine postulates death of pgp encryption
and Patrick Brunschwig proposed a way to validate email
On 27.07.15 14:15, Neal H. Walfield wrote:
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
in the key. Each encrypted mail contains a unique link to confirm the
Thanks, Neal for the feedback.
I will try to answer.
Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
in the key.
On Mon, 27 Jul 2015 14:15, n...@walfield.org said:
The approach also has another problem: which key servers are going to
do this? There are 100s of key servers. I'm not going to reply to
mails from each one, sorry.
As Nico described, PGP used a very simlar system to validate keys and
expire
Hi Nico,
At Mon, 27 Jul 2015 19:21:10 +0200,
n...@enigmail.net wrote:
Thanks, Neal for the feedback.
I will try to answer.
Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a
On 2015/07/27 at 21:08, Neal H. Walfield wrote:
If this is not right please point me to the proposal. The above is
just a quote from the single source in your original email. After I
read that I will respond to your other questions / comments.
:) Neal
It's attached in the OP named
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Ingo,
On 27.07.15 16:31, Ingo Klöcker wrote:
This whole concept of a whitelist of trusted validation servers
included in the email clients sounds a lot like the CA certificate
bundles included in browsers and/or OSes. Who is going to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 1:33:42 PM, in
mid:55b62526.9000...@dabpunkt.eu, Daniel Baur wrote:
What could be a problem: The state or the ISP could
create a key-pair of its own and upload it, intercept
the mail and verify it.
That certainly
At Mon, 27 Jul 2015 17:51:56 +0200,
Patrick Brunschwig wrote:
On 27.07.15 14:15, Neal H. Walfield wrote:
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
74 matches
Mail list logo