Hi all---
On Mon 2015-07-27 01:55:03 -0400, n...@enigmail.net wrote:
> In the past months I tried to come up with a concrete proposal.
> I discussed it already with some people and
> this is what I/we propose so far.
Sorry to take a while to respond to this thread. I think a proposal for
an e-ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Friday 31 July 2015 at 6:43:29 AM, in
, Viktor Dick wrote:
> On 31.07.2015 01:11, MFPA wrote:
>> Only if you download the key from the GPGTools website and find the
>> key-id first. (If the GPGTools team shows their key ID or Fingerprint
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Friday 31 July 2015 at 8:15:23 AM, in
, listo factor wrote:
> The problem with most "e-mail reform" proposals (this
> one included) is that they don't address what is the
> primary problem of essential users of the encrypted
> communication: th
The problem with most "e-mail reform" proposals (this one included)
is that they don't address what is the primary problem of essential
users of the encrypted communication: that to their attackers the
knowledge of who communicates with whom is of greater value than
the content of the message. Wit
On 31.07.2015 01:11, MFPA wrote:
> Only if you download the key from the GPGTools website and find the
> key-id first. (If the GPGTools team shows their key ID or Fingerprint
on their website, I failed to find it.)
On the front page they have 'to verify the signature, please download
and import ou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Friday 31 July 2015 at 12:11:35 AM, in
, MFPA wrote:
> However, what would be different if one of the keys
> found happened to carry one of your proposed?
Sorry, that should have been:-
What would be different if one of the keys foun
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thursday 30 July 2015 at 4:12:35 PM, in
, Viktor Dick wrote:
> On 2015-07-30 16:39, MFPA wrote:
>> On Thursday 30 July 2015 at 1:43:35 PM, in
>> , n...@enigmail.net wrote
>>> BTW, as another example, several keys of
>>> t...@gpgtools.org are f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/30/2015 05:12 PM, Viktor Dick wrote:
> On 2015-07-30 16:39, MFPA wrote:
>> On Thursday 30 July 2015 at 1:43:35 PM, in
>> , n...@enigmail.net wrote
>>> BTW, as another example, several keys of t...@gpgtools.org are
>>> faked (search for these k
On 2015-07-30 16:39, MFPA wrote:
> On Thursday 30 July 2015 at 1:43:35 PM, in
> , n...@enigmail.net wrote
>> BTW, as another example, several keys of
>> t...@gpgtools.org are faked (search for these keys and
>> the the interesting result).
>
> Sorry, I don't see a result that leaps out at me as in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thursday 30 July 2015 at 1:43:35 PM, in
, n...@enigmail.net wrote:
> BTW, as another example, several keys of
> t...@gpgtools.org are faked (search for these keys and
> the the interesting result).
Sorry, I don't see a result that leaps out
Indeed,
as written in the proposal
key 8B5A ABB1 A033 21CE C2FF C35F 3BA0 E844 EDEB DFE9
> https://hkps.pool.sks-keyservers.net/pks/lookup?op=vindex&search=0x3BA0E844EDEBDFE9
is a faked key which is signed by a faked CA.
THAT's exactly the problem I want to fix!
And note that for ordinary users i
Hi
On Thursday 30 July 2015 at 7:04:28 AM, in
, Viktor Dick wrote:
> On 2015-07-29 18:24, n...@enigmail.net wrote:
>> So, could somebody explain in a bit more detail how a PoW approach works?
> As far as I understand it, for any key that you have -
> regardless whether you have access to the m
On Wed, 29 Jul 2015 17:49, patr...@enigmail.net said:
> The whole point of this exercise is to verify that the key and the email
> address(es) belong _together_. I don't see how PoW could do this, or I
> didn't understand it well enough.
The idea with a regular PoW is that an attacker (well, scri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Thursday 30 July 2015 at 9:27:37 AM, in
, Viktor Dick wrote:
> On 2015-07-30 10:17, Ingo Klöcker wrote:
>> I'm sorry to tell you that you have fallen into the trap. There is only one
>> genuine pg...@ct.heise.de key the fingerprint of which
On 2015-07-30 10:17, Ingo Klöcker wrote:
> I'm sorry to tell you that you have fallen into the trap. There is only one
> genuine pg...@ct.heise.de key the fingerprint of which is printed in each
> issue of the c't magazine. The other one is a fake. And the fact that the
> fake
> key with the au
On Thursday 30 July 2015 08:04:28 Viktor Dick wrote:
> Now that I think about it - if I search for the original author of the
> c't article (j...@ct.de), who complained about getting mails that were
> encrypted to some fake key, I would assume that the keys 38EA4970 and
> E1374764 are both genuine,
On 2015-07-29 18:24, n...@enigmail.net wrote:
> So, could somebody explain in a bit more detail how a PoW approach works?
>
As far as I understand it, for any key that you have - regardless
whether you have access to the mail address in the uid - you can add
some signature where anyone with the p
Am 29.07.2015 um 15:41 schrieb MFPA:
>> Well, I don't like the CA model and that's what Nico is
>> basically proposing (with less rigorous checks).
>> Another huge disadvantage is that user's have to
>> actively participate by replying to emails / visiting a
>> link.
>
> Yes, PoW has none of that
On 29.07.15 14:07, Neal H. Walfield wrote:
> At Wed, 29 Jul 2015 01:03:53 +0100,
> MFPA wrote:
>> On Tuesday 28 July 2015 at 11:46:10 PM, in
>> , Neal H. Walfield wrote:
>>> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
It also eliminates any attempt to to establish a link
between the k
[Sent from my HTC, as it is not a secured device there are no cryptographic
keys on this device, meaning this message is sent without an OpenPGP
signature. In general you should *not* rely on any information sent over
such an unsecure channel, if you find any information controversial or
un-expecte
[Please do not CC me. I am subscribed.]
On Wednesday 29 July 2015 13:07:20 n...@enigmail.net wrote:
> I see no reason NOT to solve this problem,
> but I see many reasons to solve it.
>
> Just saying "deal with it" simply means that
> we place unneccesary burden on OpenPGP users.
> IMO, that's a r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:47:35 PM, in
, Kristian Fiskerstrand wrote:
> On 07/29/2015 02:41 PM, MFPA wrote:
>> That would be good: mail clients that applied a rule
>> to only use validated keys would otherwise deny
>> service when emaili
On Wed, 29 Jul 2015 12:38, kloec...@kde.org said:
> I personally chose to ignore the stupid editorial. IMHO it does not deserve
> more attention than any other rant written by a random troll. OTOH, the
The publication came to a surprise to me given that we had a mail Q+A in
the week before to e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 12:07:20 PM, in
, n...@enigmail.net wrote:
> They get hundreds of emails per day and each email they
> can't read is a significant problem because the 2
> seconds they have for reading emails turn out to become
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:07:21 PM, in
, Neal H. Walfield wrote:
> It doesn't have to be per-email address. It is
> sufficient to attach it to the primary key.
Fair enough if it is just to signify the key is in current usage. But
I thi
At Wed, 29 Jul 2015 15:14:07 +0200,
Ingo Klöcker wrote:
> If you replace "validation server" with "keysigning party participant" then
> you get one of the ways participants of keysigning parties get their
> signatures to the key owners. So, it's already done and people do upload
> their
> signe
At Wed, 29 Jul 2015 14:05:49 +0100,
MFPA wrote:
> On Wednesday 29 July 2015 at 1:09:54 PM, in
> , Neal H. Walfield wrote:
>
>
> > Personally, I think c is the killer in this plan:
> > people aren't going to bother to upload it (assuming
> > they even get that far)!
>
> They have gone to the effo
On Wednesday 29 July 2015 14:09:54 Neal H. Walfield wrote:
> At Wed, 29 Jul 2015 02:30:47 +0100,
>
> MFPA wrote:
> > On Monday 27 July 2015 at 1:15:57 PM, in
> >
> > , Neal H. Walfield wrote:
> > > Regarding the design: personally, I wouldn't have the
> > > user follow a link that includes a swis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 1:09:54 PM, in
, Neal H. Walfield wrote:
> Personally, I think c is the killer in this plan:
> people aren't going to bother to upload it (assuming
> they even get that far)!
They have gone to the effort of sendin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 02:41 PM, MFPA wrote:
> Hi
>
>
> On Wednesday 29 July 2015 at 11:05:13 AM, in
> , Ingo Klöcker
> wrote:
>
>
>> A possible benefit would be that the user can choose not to
>> upload the validation signatures to the keyservers. With
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 11:05:13 AM, in
, Ingo Klöcker
wrote:
> A possible benefit would be that the user can choose
> not to upload the validation signatures to the
> keyservers. With a minor change in step 1 (the key
> owner uploads his
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Wednesday 29 July 2015 at 6:42:34 AM, in
, n...@enigmail.net wrote:
> Interesting. What comes into my mind is the following:
> - This requires special email clients.
How would this require a special email client?
OpenPGP-aware email cli
At Wed, 29 Jul 2015 02:30:47 +0100,
MFPA wrote:
> On Monday 27 July 2015 at 1:15:57 PM, in
> , Neal H. Walfield wrote:
>
>
> > Regarding the design: personally, I wouldn't have the
> > user follow a link that includes a swiss number, but
> > have the user reply to the mail, include the swiss
> >
At Wed, 29 Jul 2015 01:03:53 +0100,
MFPA wrote:
> On Tuesday 28 July 2015 at 11:46:10 PM, in
> , Neal H. Walfield wrote:
> > At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
> >> It also eliminates any attempt to to establish a link
> >> between the key and the email address in the UID.
>
> > I'm n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/29/2015 01:07 PM, n...@enigmail.net wrote:
> Hmmm,
> There should simply be no overhead in using OpenPGP in the ordinary
> case for the ordinary user.
>
Any secure system needs proper operational security surrounding it,
that require user a
Hmmm,
first i talked to him/them a couple of times personally
(there are multiple editors at that magazine)
about the issue in detail and tried to convince them following
the WoT without success.
Note that they just behave as ordinary users,
having not much time to deal with the problems of OpenP
On Wednesday 29 July 2015 01:48:54 MFPA wrote:
> On Tuesday 28 July 2015 at 8:17:28 PM, in
> , n...@enigmail.net wrote:
> > AFAIK, there are not THAT many faked keys, but the
> > problem exists especially for key parties of our
> > internet world (a famous German magazine, at least one
> > GPG tool
On Wednesday 29 July 2015 07:42:34 n...@enigmail.net wrote:
> Am 29.07.2015 um 03:30 schrieb MFPA:
> > Why not simplify the workflow:-
> >
> > 1. key reaches validation server.
> >
> > 2. for each UID containing an email address, validation server creates
> >a copy of the key stripped of all
On Tue, 28 Jul 2015 20:46, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> Unless at least some of the major email providers were to provide a
> means for these DNS entries to be added, any DNS-based approach has
> very limited potential.
Right, but is the only solid way of doing it. The provide
On Tue, 28 Jul 2015 19:57, 2014-667rhzu3dc-lists-gro...@riseup.net said:
> Couldn't human-readable data with a suitable field delimiter (such as
> generated by GnuPG's "--with-colons" option) be interpreted by a
> parser?
OpenPGP allows to indicate whether a notation data item is human
readable.
>> b. The validation server does not need to manage a "stack" of keys
>>awaiting feedback from the validation emails.
>>
> indeed, that's an argument
>
Hmm, but IMO we anyway need a state in validation servers to deal with
different spam schemes
(i.e. avoiding that any request to a v-server
Am 29.07.2015 um 03:30 schrieb MFPA:
>
> Hi
>
>
> On Monday 27 July 2015 at 1:15:57 PM, in
> , Neal H. Walfield wrote:
>
>
>> Regarding the design: personally, I wouldn't have the
>> user follow a link that includes a swiss number, but
>> have the user reply to the mail, include the swiss
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 8:17:28 PM, in
, n...@enigmail.net wrote:
> AFAIK, there are not THAT many faked keys, but the
> problem exists especially for key parties of our
> internet world (a famous German magazine, at least one
> GPG tool, .
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 9:06:03 PM, in
, Ludwig Hügelschäfer wrote:
> Let's concentrate on this one, I think this is the real
> tough task: establishing a trust chain from the
> validating servers to the client.
> There's one root certifi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 11:46:10 PM, in
, Neal H. Walfield wrote:
> At Tue, 28 Jul 2015 19:22:29 +0100, MFPA wrote:
>> It also eliminates any attempt to to establish a link
>> between the key and the email address in the UID.
> I'm not so
At Tue, 28 Jul 2015 19:22:29 +0100,
MFPA wrote:
> On Tuesday 28 July 2015 at 8:22:23 AM, in
> , Neal H. Walfield wrote:
>
> > Did you consider user a proof-of-work scheme? For
> > instance, the user does a 1 week PoW, signs the result
> > and attackes it to the key. These would be refreshed
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 28.07.15 16:46, Ingo Klöcker wrote:
> On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
>> Hi Ingo,
>>
>> On 27.07.15 16:31, Ingo Klöcker wrote:
(...)
>> Why should there not be a similar community approach for setting
>> up a (smaller
Hi,
thanks again for the great feedback.
Am 28.07.2015 um 19:26 schrieb MFPA:
>
> Hi
>
> On Monday 27 July 2015 at 6:55:24 PM, in
> , n...@enigmail.net wrote:
>
>> If the
>> goal is to keep validations in sync, key owners might
>> have to confirm emails added over the year earlier,
>> which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 3:46:54 PM, in
, Ingo Klöcker
wrote:
> I'm confident that the smaller mail providers who focus
> on security would be willing to add such an interface.
> Frankly, I do not care that much for the big mail
> providers.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Tuesday 28 July 2015 at 8:22:23 AM, in
, Neal H. Walfield wrote:
> Did you consider user a proof-of-work scheme? For
> instance, the user does a 1 week PoW, signs the result
> and attackes it to the key. These would be refreshed
> about
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 7:00:08 PM, in
, Kristian Fiskerstrand
wrote:
> It makes the information more compact and will make hkp
> vindex lists look cleaner.
I thought Base64 encodes 3 bytes into 4, so has a 33% overhead.
> Presuming thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 6:55:24 PM, in
, n...@enigmail.net wrote:
> If the
> goal is to keep validations in sync, key owners might
> have to confirm emails added over the year earlier,
> which shouldn't be too bad. - - If the goal is to
On Tuesday 28 July 2015 09:22:23 Neal H. Walfield wrote:
> Hi,
>
> Did you consider user a proof-of-work scheme? For instance, the user
> does a 1 week PoW, signs the result and attackes it to the key. These
> would be refreshed about once a year.
Which problem do you propose to address with su
On 28.07.15 16:46, Ingo Klöcker wrote:
> On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
>> Hi Ingo,
>>
>> On 27.07.15 16:31, Ingo Klöcker wrote:
>>> This whole concept of a whitelist of "trusted validation servers"
>>> included in the email clients sounds a lot like the CA certificate
>
On Monday 27 July 2015 20:19:07 n...@enigmail.net wrote:
> Am 27.07.2015 um 16:31 schrieb Ingo Klöcker:
> > This whole concept of a whitelist of "trusted validation servers" included
> > in the email clients sounds a lot like the CA certificate bundles
> > included in browsers and/or OSes. Who is g
On Monday 27 July 2015 21:05:26 Ludwig Hügelschäfer wrote:
> Hi Ingo,
>
> On 27.07.15 16:31, Ingo Klöcker wrote:
> > This whole concept of a whitelist of "trusted validation servers"
> > included in the email clients sounds a lot like the CA certificate
> > bundles included in browsers and/or OSes
On Mon, 27 Jul 2015 19:54, kristian.fiskerstr...@sumptuouscapital.com
said:
> The way I read this proposal isn't about keyservers per se, but the
> individual validation servers publishing a chained list (like a
Right. I assume that these validation servers still work like the
the regualr keyser
Hi,
Did you consider user a proof-of-work scheme? For instance, the user
does a 1 week PoW, signs the result and attackes it to the key. These
would be refreshed about once a year.
This eliminates the verification servers and the problems associated
with them (namely, people need to trust them
At Mon, 27 Jul 2015 17:51:56 +0200,
Patrick Brunschwig wrote:
>
> On 27.07.15 14:15, Neal H. Walfield wrote:
> > Hi,
> >
> > I guess you mean this:
> >
> > The idea I have in mind is roughly as follows: if you upload a key to
> > a keyserver, the keyserver would send an encrypted email to ev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 1:33:42 PM, in
, Daniel Baur wrote:
> What could be a problem: The state or the ISP could
> create a key-pair of its own and upload it, intercept
> the mail and verify it.
That certainly would be a problem. I've no i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Ingo,
On 27.07.15 16:31, Ingo Klöcker wrote:
> This whole concept of a whitelist of "trusted validation servers"
> included in the email clients sounds a lot like the CA certificate
> bundles included in browsers and/or OSes. Who is going to mai
On 2015/07/27 at 21:08, Neal H. Walfield wrote:
> If this is not right please point me to the proposal. The above is
> just a quote from the single source in your original email. After I
> read that I will respond to your other questions / comments.
>
> :) Neal
>
It's attached in the OP named
Hi Nico,
At Mon, 27 Jul 2015 19:21:10 +0200,
n...@enigmail.net wrote:
>
> Thanks, Neal for the feedback.
> I will try to answer.
>
> Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
> > Hi,
> >
> > I guess you mean this:
> >
> > The idea I have in mind is roughly as follows: if you upload a
Hi Ingo,
thanks a lot for the feedback.
Am 27.07.2015 um 16:31 schrieb Ingo Klöcker:
> On Monday 27 July 2015 07:55:03 n...@enigmail.net wrote:
>> Hi all,
>>
>> in March we discussed here
>> "German ct magazine postulates death of pgp encryption"
>> and Patrick Brunschwig proposed a way to validat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/27/2015 07:55 PM, n...@enigmail.net wrote:
> Hi MFPA, Thanks a lot for your feedback.
..
>
>> Why would the notation value be base64 encoded? What is the
>> rationale for preventing users from reading the notation values
>> in a key listing?
Thanks, Neal for the feedback.
I will try to answer.
Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
> Hi,
>
> I guess you mean this:
>
> The idea I have in mind is roughly as follows: if you upload a key to
> a keyserver, the keyserver would send an encrypted email to every UID
> in the
On 07/27/2015 07:46 PM, Werner Koch wrote:
> On Mon, 27 Jul 2015 14:15, n...@walfield.org said:
>
>
> You can't do that due to the decentralized approach with no
> requirement for the user to always upload to the same keyserver.
> Thus a server may miss validation signatures not yet received fr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi MFPA,
Thanks a lot for your feedback.
Am 27.07.2015 um 15:16 schrieb MFPA:
> Hi
>
>
> On Monday 27 July 2015 at 6:55:03 AM, in
> , n...@enigmail.net wrote:
>
>
>
>> Thus, I am happy for any feedback (details and general
>> remarks) both here
On Mon, 27 Jul 2015 14:15, n...@walfield.org said:
> The approach also has another problem: which key servers are going to
> do this? There are 100s of key servers. I'm not going to reply to
> mails from each one, sorry.
As Nico described, PGP used a very simlar system to validate keys and
expi
On 27.07.15 14:15, Neal H. Walfield wrote:
> Hi,
>
> I guess you mean this:
>
> The idea I have in mind is roughly as follows: if you upload a key to
> a keyserver, the keyserver would send an encrypted email to every UID
> in the key. Each encrypted mail contains a unique link to confirm t
On Monday 27 July 2015 07:55:03 n...@enigmail.net wrote:
> Hi all,
>
> in March we discussed here
> "German ct magazine postulates death of pgp encryption"
> and Patrick Brunschwig proposed a way to validate email addresses
>
> I also had in mind:
> > http://lists.gnupg.org/pipermail/gnupg-users/
On Mon, 27 Jul 2015 07:55, n...@enigmail.net said:
> Thus, I am happy for any feedback
> (details and general remarks)
Plain text would be appreciated. I accidentally accepted that 280k PDF
but sending such files to 2600 subscribes should be the exception.
Salam-Shalom,
Werner
--
Die Ged
Hello,
Am 27.07.2015 um 14:15 schrieb Neal H. Walfield:
> This approach is not going to stop a nation state. A nation state can
> intercept the mail, decrypt it and follow the link.
>
> For the same reason, it is not going to stop a user's ISP. Given
> Microsoft's et al.'s willingness to coopera
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 27 July 2015 at 6:55:03 AM, in
, n...@enigmail.net wrote:
> Thus, I am happy for any feedback (details and general
> remarks) both here and directly as email to me.
Comments in no particular order, just as they occurred to me when
Hi,
I guess you mean this:
The idea I have in mind is roughly as follows: if you upload a key to
a keyserver, the keyserver would send an encrypted email to every UID
in the key. Each encrypted mail contains a unique link to confirm the
email address. Once all email addresses are confirme
75 matches
Mail list logo
