[messaging] On Signed-Only Mails
trevp at trevp.net
Sun Dec 4 15:47:15 PST 2016
On Sun, Dec 4, 2016 at 12:14 PM, Ben Laurie <ben at links.org> wrote:
> On 3 December 2016 at 19:13, Trevor Perrin <trevp at trevp.net> wrote:
> > If all you need is a signal telling the recipient to encrypt future messages
> > with a public key fetched via WKD then the signal could be anything: For
> > example, an email header "X-OpenPGP-WKD: True". No signature needed.
> I know nothing of WKD, but if your public key is not associated with
> content I value, why would I trust some random server to give me a
> correct key?
The idea seems to be that the sender looks up the recipient's public
key from a "Web Key Directory" hosted at a well-known URL in the
The sender can authenticate the WKD via TLS, similar to how the
recipient's MTA might be authenticated by the sender's MTA.
The WKD doesn't provide end-to-end authentication, which could be done
afterwards (checking fingerprints, signatures, TOFU, etc). But I
think the goal is for the WKD to be reliable enough that senders can
automatically encrypt to public keys from a WKD.
If it achieves that (which is a separate question), then you don't
need to put anything in your emails beyond an advertisement "I support
They're also contemplating a "fallback" case where you lookup a public
key from a less reliable source (PGP key servers), and in that case
you might want to advertise in your emails "my public key has this
But I don't think signed-only emails are needed for either of these cases.
More information about the Messaging