Package: gpg Version: 2.2.13-2 Severity: normal
Dear Maintainer, in the current version of GnuPG, signatures will be imported from public key blocks only if they are accompanied by a UserID packet plus valid signature. However, self-signatures on the key itself and on subkeys can be cryptographically verified, independently of user ids. This opens a use case of transferring revocations and updates on subkeys, without revealing the key's user ids. For instance, consider a case where I have the following key in my keyring: > -----BEGIN PGP PUBLIC KEY BLOCK----- > > mDMEXECaehYJKwYBBAHaRw8BAQdAAiJ1/GyBM4kgpY/nx+sXytMi8I+x8MW0/NBq > 3jepKpG0E0RhbmllbCBLYWhuIEdpbGxtb3KImQQTFggAQQIbAQUJA8JnAAULCQgH > AgYVCgkICwIEFgIDAQIeAQIXgBYhBHI+NDrAAzHwNHPmg3vloR+jfochBQJcQJsl > AhkBAAoJEHvloR+jfoch7q0A/3AMFfxPJGJ5rljN8qMctaFWAzAGc5rElBFQ433t > vuFYAQDagLYOFgcv9A5axQR4O0oYXJKfMBuImqaWyhDRg/MbAA== > =dSe7 > -----END PGP PUBLIC KEY BLOCK----- The following PGP block contains the same primary key, as well as a valid revocation signature: > -----BEGIN PGP PUBLIC KEY BLOCK----- > > mDMEXECaehYJKwYBBAHaRw8BAQdAAiJ1/GyBM4kgpY/nx+sXytMi8I+x8MW0/NBq > 3jepKpGIeAQgFggAIBYhBHI+NDrAAzHwNHPmg3vloR+jfochBQJcQJp6Ah0AAAoJ > EHvloR+jfochA+QA/jzjDXDZxwNd39ZfEkngWkR3Xebc96hCkTu9+jlbQnL/AP0b > HrIUG62g5BGzePFhXB+XtSpRL1g4H1Ywsd+GdWymBQ== > =KuHa > -----END PGP PUBLIC KEY BLOCK----- Importing this via `gpg --import` will yield an error: > gpg: key 0x7BE5A11FA37E8721: no user ID The key in my keyring will remain valid and unrevoked, even though a keyblock that contained a cryptographically valid revocation signature was encountered by GnuPG during an import operation. User IDs typically contain data that is of a more personal nature than the cryptographic information stored in other packets. It is arguably a quite important use case to distribute updates to cryptographic data in an OpenPGP certificate independently of personal information. This applies in particular to revoked keys, where usually the only important thing to distribute is the revocation itself. In countries where GDPR applies, it can also be interpreted as a legal obligation to distribute User IDs only with consent of its owner. A related effort is a new keyserver implementation [Hagrid], which went live last week at https://keys.openpgp.org/ (disclaimer: I'm the maintainer of said project). This keyserver publishes identity information only after verification via e-mail, but distributes non-identity information freely. This was received very well by the community so far. However, since GnuPG won't import keys without identity information, a `gpg --refresh-keys` will not update any keys which don't have at least one verified identity. I contributed a patch series to GnuPG (see [patch mail] on gnupg-devel) that implements the desired behavior, which is currently under review. Since GnuPG already supports a similar (but different) mechanism via the import-option "import-drop-uids" on its current master (see [related announcement]), the required changes are relatively unintrusive. Given the increasing reliability issues of the sks keyserver pool to distribute OpenPGP certificate updates (in particular, key revocations), and the freshly changing landscape of keyservers, I would welcome a speedy distribution and, ideally, backport of this patch in the debian packaging of GnuPG. Thanks - V [section 11.1]: https://tools.ietf.org/html/rfc4880#section-11.1 [Hagrid]: https://gitlab.com/hagrid-keyserver/hagrid/ [related announcement]: https://lists.gnupg.org/pipermail/gnupg-devel/2018-October/033969.html [patch mail]: mid:20190613192743.12991-1-look@my.amazin.horse