[messaging] On Signed-Only Mails
ben at links.org
Sun Dec 4 12:14:33 PST 2016
On 3 December 2016 at 19:13, Trevor Perrin <trevp at trevp.net> wrote:
> On Sat, Dec 3, 2016 at 9:48 AM, Daniel McCarney <daniel at binaryparadox.net>
>> On 03/12, Trevor Perrin wrote:
>>> AFAICT the purpose of signed-only emails in  is only to signal OpenPGP
>>> support to recipients, who would look up the sender's public key through
>>> some other mechanism. So the signature doesn't seem important, there?
>> I guess the crux of it is what the signature is over (the message?) and
>> which key is used (the private key corresponding to the published public
>> key?). Are you saying that it could be a throw away signature over a
>> signalling indicator?
> If all you need is a signal telling the recipient to encrypt future messages
> with a public key fetched via WKD then the signal could be anything: For
> example, an email header "X-OpenPGP-WKD: True". No signature needed.
I know nothing of WKD, but if your public key is not associated with
content I value, why would I trust some random server to give me a
> Looking at the technical document , there seems to be a "fallback method"
> where the signed email signals the recipient to encrypt future messages with
> a public key fetched from PGP key servers.
> PGP key servers are not a reliable source of data, since anyone can upload a
> public key for anyone else's name. So there's a reliability risk here:
> Attackers could upload bad PGP keys, causing recipients to get messages they
> can't decrypt.
> So maybe they're thinking that the signature "authenticates" the fetched
> public key. But that's an incorrect use of signatures (e.g. see "duplicate
> signature key selection", ). The right solution for that would be to
> include a full key fingerprint in the email (e.g. email header
> "X-OpenPGP-Key: <pubkey fingerprint>").
Agree that there needs to be a strong association between the key and
>  https://wiki.gnupg.org/EasyGpg2016/PubkeyDistributionConcept
> Messaging mailing list
> Messaging at moderncrypto.org
More information about the Messaging