-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi
On Monday 27 July 2015 at 6:55:24 PM, in <mid:[email protected]>, [email protected] wrote: > If the > goal is to keep validations in sync, key owners might > have to confirm emails added over the year earlier, > which shouldn't be too bad. - - If the goal is to > reduce validation requests, I see no problem to have > different expiration dates. I think, because each email > should be validated from time to time anyway (and this > is an isolated process), each validation should give > the 12 month period for the specific email when it is > validated. Or do you see any problems? I just think if I was to receive revalidation requests all at the same time I would be less likely to overlook those for little-used email addresses I do not often check. It also keeps it neat. > This whole approach is NOT to make a perfect prove that > the email is correct. Nothing is perfect. Even meeting up and verifying government-issued ID documents can be defeated by good quality fake documents. > It only says that the email did > one day work for a validation of any kind, which is > more than what we have now. We have the Web of Trust to demonstrate that. But those are generally one-off signatures on a key, and may be quite a few years old. Some email providers recycle addresses, so an address Bob used a few months or years ago could now be under Alice's, or even Mallory's, control. As far as I see it, your scheme adds two things: periodic revalidation, and an easy way to get a signature on your key without having to meet anybody. > That is, such a validation > does not give full trust, it would only give slightly > more trust over emails that do not have the validation. Indeed. I think an annual revalidation period strikes a reasonable balance, although maybe there are email services that recycle addresses more quickly than that. > But that might be enough to solve the faked key issue. Are there really many "faked" keys, rather than keys that are no longer used, forgotten passphrase, lost private key, etc.? > this solution does NOT solve the > problem of interception of emails. But it helps to > detect them How does this help to detect interception of emails? > It depends on whether and how far you trust the > provider. Reality looks different (see startmail, > posteo, riseup, and many company email servers). I > don't claim to solve any problem in that area. > User/clients might have to decide whether to trust a > validation notation given by posteo, riseup, google, > ... Company email servers, I would expect companies as a matter of course to have a means to decrypt their employees' emails. I'm shocked to read [0] that Riseup once had a webmail option that stored the user's public and private keys. Riseup now tells [1] users who want to use encrypted email to utilize an email client to send and receive email, while keeping their private key stored safely on their local machine. [0] <https://help.riseup.net/en/email/webmail/where-is-imp> [1] <https://help.riseup.net/en/security/message-security/openpgp#can-i-send-and-receive-encrypted-email-using-riseups-webmail> Startmail sounds like a similar concept to Hushmail, which was compromised by a court order obtained through a mutual assistance treaty. It is not clear to me why Startmail would not be expected to suffer the same fate. Posteo looks interesting. But their overview says end-to-end encryption is done by the user in addition to Posteo's own security measures, so the user would have to generate and store their own keys. And Google make a living out of exploiting data mined from users' emails and search activities. Why would anybody trust them? >> In your proposal for listing validation signatures in >> GnuPG: "‘!’ after sig signals successful validation" - >> why is this needed? Surely the mere presence of a >> validation signature signals successful validation. > Hmm, Wener recommended to use --check-sigs rather than > --list.sigs which then results in printing the '!'. > Isn't it necessary in your opinion? Fair enough. The mere presence of a validation signature from the validation server indicates successful validation of the email address in the UID. The "!" after "sig" in the output of --check-sigs indicates the signature has been checked and found to be "good" or "valid". - -- Best regards MFPA <mailto:[email protected]> A woman's mind is cleaner than a man's: She changes it more often. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVt7tCXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwT+gIALbLkCzYZ8UV65RDYkMEZhZx kos01iteGKPiOZDOkvNanXEiM2UWO848kDS4SLb/bl/k3Wwob4SatIUwSH5g5LYi VSVl3UF1KeoycEg96HvIpxddRpK8EdhrOe7QMCYQh9UfPwpjbjda2iO+v3bnNXS3 GQJNNfKs9ra4cWiouqV26c52q3uKtiSTnjrs31nXeiCpEP9LN6GjjDQuj+j3bfQq yYs3sLjvTPR6izg9YrXqD0rsWaEAjb0QblVb32a4X1lmmWApKZGL/o5h+qodPbXy ntjKaUftxjC80bB9tmYkiQeCyA4Cx3J7Ah8qN/HOMg3emc7M+su93akvgft7zwCI vgQBFgoAZgUCVbe7SF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45EktAQChF8LMjoJ+Bo1lU4Rgx6thm+V2 fJmlWB0C8wbJin0IaAD/UcDLbZIJrrgRhSC1Jo1a8NGxijHKWfc5ydIXC7kGowc= =8z3J -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
