[messaging] Fwd: TOFU to ease PGP key discovery

Tankred Hase tankred at whiteout.io
Tue Feb 10 01:34:26 PST 2015


Sorry, forgot to CC the mailinglist on this one.


---------- Forwarded message ----------
From: Tankred Hase <tankred at whiteout.io>
Date: 2015-02-10 10:04 GMT+01:00
Subject: Re: [messaging] TOFU to ease PGP key discovery
To: Daniel Kahn Gillmor <dkg at fifthhorseman.net>


Hi Daniel,

> Also: have you considered the additional privacy concerns that might
> arise when sending mail to someone without a key?  That's the part
> that's often gotten me tripped up on this kind of approach.  If Alice is
> sending mail to Bob through such a system, and Bob doesn't have a key
> yet, then every e-mail Alice sends is likely to send a query to the
> keyserver (or your proxy) announcing "i'm looking to send a message to
> Bob!"
>
> This metadata leakage seems like a not-great situation for a
> privacy-preserving tool.  How do you intend to mitigate it?

That's a valid point. We can't really mitigate it since we need the
plaintext recipient address to proxy public key lookups to HKP in our
keyserver. But we don't advertise meta-data security or anonymity for
Whiteout anyway. Having said that, we don't log any queries to our
keyserver, which is something we need to be more clear about in our
privacy policy.

Tankred

-- 
Whiteout Networks GmbH c/o Werk1
Grafinger Str. 6
D-81671 München
Geschäftsführer: Oliver Gajek
RG München HRB 204479


More information about the Messaging mailing list