Closed Bug 1629309 Opened 5 years ago Closed 2 years ago

OpenPGP public key email attachments should use a reduced key, that excludes signatures from others

Categories

(MailNews Core :: Security: OpenPGP, enhancement)

enhancement

Tracking

(thunderbird102 fixed)

RESOLVED FIXED
103 Branch
Tracking Status
thunderbird102 --- fixed

People

(Reporter: KaiE, Assigned: KaiE)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

A public key can be quite large, if it contains many signatures made by other people (key certifications).

When automatically appending the user's own public key (because we're sending a signed message), we should probably send the minimal version. This requires stripping off signatures with RNP, which depends on upstream https://github.com/rnpgp/rnp/issues/1006

We need to figure out a way for the user to optionally send the full public key.

Blocks: 1595231
Summary: Allow to either attach your minimal or complete OpenPGP public key → Pref and UI: Allow to either attach your minimal or complete OpenPGP public key

Option could be also not to send any key as per bug 1645514

What about keyservers? My keys are there and a pointer would do.

Just because you are technical enough to get them uploaded to a keyserver that doesn't mean the average user would have any clue.

True. But tb could be clever enough to find it there.

It can already find keys from a keyserver. But we don't upload keys - which is its own can of worms.

I understand that sending minimum keys is now possible since TB 91 and bug#1713664.

See https://github.com/rnpgp/rnp/pull/1433.

Maybe off-topic, but closely related: In case I use S/MIME for signing instead, what about attaching the used S/MIME certificate similarly? I do not see anything thelike in the menus.

When you sign with S/MIME the recipient automatically get your certificate at the same time.

I think that by default we should minimize.
We recently added code to minimize in a different scenario:
https://hg.mozilla.org/comm-central/rev/58bcd5abe85a22c9d73f2abbacee8c3e89b02f23

It should be easy to also fix this bug using that new code.

Suggestion as an intermediary solution, without introducing new UI.

For the automatic key attachment, we always use the reduced key (keep user IDs, keep all self-signatures, but strip all foreign signatures).

For all existing mechanisms used to explicitly copy/export/send a key, we continue to use the full key.

Assignee: nobody → kaie
Status: NEW → ASSIGNED
Summary: Pref and UI: Allow to either attach your minimal or complete OpenPGP public key → OpenPGP public key email attachments should use a reduced key, that excludes signatures from others
Target Milestone: --- → 102 Branch
Target Milestone: 102 Branch → 103 Branch
Attached patch 1629309-esr102.patch (deleted) — Splinter Review

Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/37b5215866bc
Send reduced size OpenPGP when automatically attaching to emails. r=mkmelin

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED

Comment on attachment 9280475 [details] [diff] [review]
1629309-esr102.patch

[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: unnecessarily big email attachments with signed/encrypted email
Testing completed (on c-c, etc.): yes
Risk to taking this patch (and alternatives if risky): low

Attachment #9280475 - Flags: approval-comm-beta?
Flags: needinfo?(kaie)

Comment on attachment 9280475 [details] [diff] [review]
1629309-esr102.patch

[Triage Comment]
Approved for beta (102)

Attachment #9280475 - Flags: approval-comm-beta? → approval-comm-beta+
Regressions: 1777251
Regressions: 1764175
Regressions: 1779745
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: