Send Autocrypt key header for simple keys
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(thunderbird_esr78 fixed, thunderbird79 fixed)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
Attachments
(1 file)
(deleted),
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
wsmwk
:
approval-comm-esr78+
|
Details |
RNP gave us an API to extract a simpler key.
It allows us to extract the combination of the primary key plus an encryption sub key, and it can strip away other keys.
It allows to extract only one user ID, and strip away other user IDs.
That means we could start sending an autocrypt key header, however, I think we should restrict it to users who are using a simple key.
My worry is related to our automatic notifications, that we show to the user if there is a key attached (either real attachment or an autocrypt header).
Currently, we prevent the "key attached" notification, as soon as we detect that the attached key ID has already been imported at an earlier time.
This means, if the sender changed the sub key they use for expiration, we currently wouldn't notice.
Also, if the sender has assigned two separate user IDs to the key, and we send only one, what will happen if the same sender later sends the same key with the other ID? The recipient using Thunderbird wouldn't get a notification for importing the new key, because the same key is already present.
Also, if the primary key has a different expiration than the single encryption sub key, it is a signal that the user might intend to start using separate subkeys at a later time.
I think before we offer sending minimized keys, we need to have a better story for detecting and importing keys with a modified structure. But that's something for a later time.
At this, if we consider to attach an autocrypt key header, I think we should only do it for very simple keys, one subkey, same expiration, one user ID.
The other question is, when should we automatically attach an autocrypt header for key distribution?
I think that initially, we should add the header if we're also attaching the real/full key at the same time, only.
This can achieve compatibility with email agents that support Autocrypt headers, only, but don't support key attachments, for example DeltaChat.
https://github.com/deltachat/deltachat-core-rust/issues/1456
Assignee | ||
Comment 1•4 years ago
|
||
Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/40f634170be6
Send Autocrypt key header for simple keys. r=PatrickBrunschwig DONTBUILD
Assignee | ||
Comment 3•4 years ago
|
||
Comment on attachment 9165644 [details]
Bug 1654767 - Send Autocrypt key header for simple keys. r=PatrickBrunschwig
Enables compatibility with OpenPGP software that supports Autocrypt key headers, only, for obtanining OpenPGP keys, not using attachments.
Assignee | ||
Comment 4•4 years ago
|
||
received a=wsmwk for both comm-beta and comm-esr78 on Matrix
Assignee | ||
Comment 5•4 years ago
|
||
https://hg.mozilla.org/releases/comm-beta/rev/e1d7b9c52966513c100b510e03e5a79b70d1830f
https://hg.mozilla.org/releases/comm-esr78/rev/99fa57e43a5850a9b03686e6d2062bbc9cb2e215
Updated•4 years ago
|
Comment 6•4 years ago
|
||
Comment on attachment 9165644 [details]
Bug 1654767 - Send Autocrypt key header for simple keys. r=PatrickBrunschwig
Per previous comment Approved for esr78, and beta 79.0b3
(and already landed)
Description
•