[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: WKD: returns only one pubkey (and why)
From: Dashamir Hoxha via Gnupg-devel <gnupg-devel () gnupg ! org>
Date: 2022-12-13 21:32:59
Message-ID: CAMucfLwrJCk6VeK9rrOWHtJPTo4Dxgr-ik5GW+7+oBn6Xdzg=w () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Tue, Dec 13, 2022 at 1:59 PM Simon Josefsson via Gnupg-devel <
gnupg-devel@gnupg.org> wrote:
>
> 1) Use WDK to map ONE email address to ONE public key to use for
> email.
>
> 2) Use WDK to find ALL public keys for an email address.
>
The second case, as you describe it, seems to be orthogonal to the first
one, in the sense that they are independent of each-other. So, it can be
implemented as a separate protocol. But probably it makes more sense to
implement it as an extension of the current WKD protocol.
specifying that a plural-version of the URL returns all keys? So let's
> assume we have this URL to return one public key only:
>
>
> https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4
>
> Then we could standardize the following (note plural 's') to return ALL
> keys for the given email address:
>
>
> https://intevation.de/.well-known/openpgpkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4
>
> Alternatively, we could use URL parameters on the first URL like this:
>
>
> https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4?allkeys
>
> Or perhaps a compromise -- based on the observation that registering
> multiple 'well-known' protocols has a cost, and that URL parameters like
> '?allkeys' works badly with HTTPS servers serving static content, how
> about a URL like this:
>
>
> https://intevation.de/.well-known/openpgpkey/allkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4
Does it make sense to look for a public key by its id? I mean something
like this:
https://intevation.de/.well-known/openpgpkey/id/847FC5C4337D9CDBD473B7A60967FD258D6414F9
There are two differences with the current well-known url:
1. Instead of "/hu/" (which means hashed-userid), there is "/id/" (which
means the key id).
2. Instead of "it5sewh54rxz33fwmr8u6dy4bbz8itz4" which is the hash of
"alice" (in case that the userid is "alice@intevation.de"), there is
"847FC5C4337D9CDBD473B7A60967FD258D6414F9" which is the id of the key.
In this case a client can easily ask for the public key that is needed to
verify a certain signature.
However I am not sure, can we find out the userids of the key that is used
to sign? If not, then we cannot infer the domain of the well-known url.
In this case we might need a directory service to lookup the userid(s) that
are associated with a certain key id (think of it like a phone book -- you
know the phone number and you can find the name of its owner). This
directory service might be based on blockchains, or it might be a modified
(simplified?) version of the current keyservers.
However, if we have such a directory service, then we can just list the url
where the public key is located, so maybe we don't need a "well-known url"
format.
Dashamir
[Attachment #5 (text/html)]
<div dir="ltr"><div dir="ltr"><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><span \
style="font-family:Arial,Helvetica,sans-serif">On Tue, Dec 13, 2022 at 1:59 PM Simon \
Josefsson via Gnupg-devel <<a \
href="mailto:gnupg-devel@gnupg.org">gnupg-devel@gnupg.org</a>> \
wrote:</span><br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" \
style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"> <br>
1) Use WDK to map ONE email address to ONE public key to use for<br>
email.<br>
<br>
2) Use WDK to find ALL public keys for an email \
address.<br></blockquote><div><br></div><div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small">The second case, as you describe \
it, seems to be orthogonal to the first one, in the sense that they are independent \
of each-other. So, it can be implemented as a separate protocol. But probably it \
makes more sense to implement it as an extension of the current WKD \
protocol.</div></div><div><br></div><blockquote class="gmail_quote" style="margin:0px \
0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> specifying \
that a plural-version of the URL returns all keys? So let's<br> assume we have \
this URL to return one public key only:<br> <br>
<a href="https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4" \
rel="noreferrer" target="_blank">https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4</a><br>
<br>
Then we could standardize the following (note plural 's') to return ALL<br>
keys for the given email address:<br>
<br>
<a href="https://intevation.de/.well-known/openpgpkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4" \
rel="noreferrer" target="_blank">https://intevation.de/.well-known/openpgpkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4</a><br>
<br>
Alternatively, we could use URL parameters on the first URL like this:<br>
<br>
<a href="https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4?allkeys" \
rel="noreferrer" target="_blank">https://intevation.de/.well-known/openpgpkey/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4?allkeys</a><br>
<br>
Or perhaps a compromise -- based on the observation that registering<br>
multiple 'well-known' protocols has a cost, and that URL parameters like<br>
'?allkeys' works badly with HTTPS servers serving static content, how<br>
about a URL like this:<br>
<br>
<a href="https://intevation.de/.well-known/openpgpkey/allkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4" \
rel="noreferrer" target="_blank">https://intevation.de/.well-known/openpgpkey/allkeys/hu/it5sewh54rxz33fwmr8u6dy4bbz8itz4</a></blockquote><div><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small">Does it \
make sense to look for a public key by its id? I mean something like this:</div><div \
class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small"><a \
href="https://intevation.de/.well-known/openpgpkey/id/847FC5C4337D9CDBD473B7A60967FD25 \
8D6414F9">https://intevation.de/.well-known/openpgpkey/id/847FC5C4337D9CDBD473B7A60967FD258D6414F9</a></div><div \
class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small">There are \
two differences with the current well-known url:</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small">1. Instead of "/hu/" \
(which means hashed-userid), there is "/id/" (which means the key \
id).</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small">2. Instead of \
"it5sewh54rxz33fwmr8u6dy4bbz8itz4" which is the hash of "alice" \
(in case that the userid is "<a \
href="mailto:alice@intevation.de">alice@intevation.de</a>"), there is \
"847FC5C4337D9CDBD473B7A60967FD258D6414F9" which is the id of the \
key.</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small">In this \
case a client can easily ask for the public key that is needed to verify a certain \
signature.</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small">However I am not sure, can we \
find out the userids of the key that is used to sign? If not, then we cannot infer \
the domain of the well-known url.</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small">In this \
case we might need a directory service to lookup the userid(s) that are associated \
with a certain key id (think of it like a phone book -- you know the phone number and \
you can find the name of its owner). This directory service might be based on \
blockchains, or it might be a modified (simplified?) version of the current \
keyservers.</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:arial,sans-serif;font-size:small">However, \
if we have such a directory service, then we can just list the url where the public \
key is located, so maybe we don't need a "well-known url" \
format.</div><div class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small"><br></div><div \
class="gmail_default" \
style="font-family:arial,sans-serif;font-size:small">Dashamir</div></div></div>
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic