When sending a signed OpenPGP message, attach your own public key by default
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(Not tracked)
People
(Reporter: KaiE, Assigned: KaiE)
References
(Blocks 1 open bug)
Details
Attachments
(5 files)
geary.png
The suggestion is to always include (attach) your own public key, whenever you send a message with an OpenPGP digital signature.
The public key is required by recipients to verify the signature, so it's helpful if the public key is included directly.
(S/MIME signed messages include the public key, and its commonly known that in order to bootstrap S/MIME encryption between two people, it's possible to send signed messages to each other.)
This could be implemented by automatically enabling the "attach my key" checkbox, whenever the user clicks "sign this message". If desired, the user could be allowed to manually deselect the "attach my public key" after enabling signing.
|
||
Comment 1•5 years ago
|
||
In my experience, most users are confused by attachments that they don't understand. Attached keys fall in this category.
I would suggest to not attach keys as attachment by default. If you want a default way to attach a key, then use the way that Autocrypt foresees - add an Autocrypt header that contains the key.
|
Assignee | |
Comment 2•5 years ago
|
||
First, we could use a better name for the attachment. Currently it's named like 0x12345689abcdef.asc.
If we name it "OpenPGP_Public_Key_{Username}_0x12345689abcdef.asc" that's a step towards less confusion.
Second, the suggestion is to limit the attachment to signed message. With signed messages, recipients using non-PGP clients will see a signature attachment anyway, and adding the PGP key attachment shouldn't make that worse.
Third, for the Thunderbird UI, we could consider to use a special UI for displaying OpenPGP key attachments. We could exclude it from the regular attachment list, and instead have a special explanation area (icon and label) that indicates the included Key.
Your suggestion to use autocrypt headers, only, won't help when corresponding with users who use software that doesn't support autocrypt.
|
|
||
Comment 3•5 years ago
|
||
The list of OpenPGP compliant MUA that support Autocrypt has grown quite significantly. There are not many MUA that support OpenPGP and do not recognize Autocrypt headers.
|
||
Comment 4•5 years ago
|
||
If we don't attach the key it's really hard for people to start sending encrypted emails - they then for most of the cases don't have a key, even an unverified such so nothing to verify even if they have means to verify.
Agreed that since there's still the signature attachment, having the key too is not much of a problem.
For the names, one idea could be to utilize emojis. Like
OpenPGP🖋0x12345689abcdef.txt.sig
OpenPGP🔏0x12345689abcdef.txt.asc
or
🖋0x12345689abcdef.openpgp.sig
🔏0x12345689abcdef.openpgp.asc
|
|
Assignee | |
Comment 5•5 years ago
|
||
I think we agree that we want to attach the key in some way.
If we use autocrypt headers, only, then the attached key isn't discoverable.
If we use Emojis, we may cause display trouble in older email agents who will then show weird filenames. I tried the popular GMX webmail, and the pen emoji isn't shown.
Why not use a self-descriptive filename? The current filename "signature.asc" could be changed to "OpenPGP_signature.asc". People can do a web search for OpenPGP to learn what this is about.
And OpenPGP_Key as a prefix also helps with education and a web search.
It seems to me that "automatically show special UI if an attached public key is detected, and hide it from the regular attachment list" would be the best thing to do for Thunderbird users, and for everyone else (and until we have better attachment uI), the better filename.
|
|
Assignee | |
Comment 6•5 years ago
|
||
Geary is a simple client that doesn't understand OpenPGP. This is how it shows the attachments with the suggested filenames.
|
|
Assignee | |
Comment 7•5 years ago
|
||
as shown by GMX webmail client
|
|
Assignee | |
Comment 8•5 years ago
|
||
as shown by the sylpheed client
|
|
Assignee | |
Comment 9•5 years ago
|
||
as shown by thunderbird
|
|
||
Comment 10•5 years ago
|
||
(In reply to Kai Engert (:KaiE:) from comment #5)
I suggested emojis because then there is no localization issue. If a char doesn't show on some client, it doesn't necessary matter since it would be only a plus if it's shown.
|
|
Assignee | |
Comment 11•5 years ago
|
||
Ok. I'm still undecided on the emoji, but there's another argument against using them: They could be misinterpreted as signaling icons used by the email client, to visualize encryption/signature status. We might consider to strip signature and lock related icons in email names, and even attachment names (don't show those emojis). For example, I noticed that Twitter doesn't allow such icons in the user's self-description name.
|
|
Assignee | |
Comment 12•5 years ago
|
||
|
||
Updated•5 years ago
|
|
|
Assignee | |
Comment 13•5 years ago
|
||
The patch has the following changes:
- we make use of the configured default prefs, this was still a TODO from bug 1603809
- it uses better attachment filenames (as seen in screenshot)
- experimental change for bug 1628095: if the user enables encryption, we automatically enable signing
- if the user enables signing, or if we enable signing automatically, then we enable "attach my own key"
- if the user reverts a choice, we also revert our automatic option change
- we don't revert a choice that the user has touched
- if default prefs says "encrypt", but "don't sign", then new composer windows will NOT automatically enable signing
|
|
Assignee | |
Comment 14•5 years ago
|
||
Another detail to consider:
Some people have a very big key. Because I have participated in "key signing parties" in the past, many people have signed my key, and it's currently 107 KB big. That's a lot of data to include in every signed message.
The information is helpful for people who are using the web of trust, and want to use the contained signatures for deciding if they accept my key.
It's possible to create a minimal version of your own key, which excludes the signatures from other people. (For RNP, we're waiting for a feature enhancement to do that: https://github.com/rnpgp/rnp/issues/1006 ).
For users who start using Thunderbird, and create a new key, their key will remain small (until we'll implement key signing in a later version of TB).
We could potentially include the minimal version of the key, whenever we automatically include the key. However, we'll probably need a UI switch that allows the user to attach the full version of the key instead.
|
|
Assignee | |
Comment 15•5 years ago
|
||
Let's handle comment 14 separately, I've filed bug 1629309.
|
|
Assignee | |
Comment 16•5 years ago
|
||
Magnus, can we go ahead with this initial behavior as is? I'd like to think more about bug 1628095, before we add final prefs andUI for this behavior.
|
|
Assignee | |
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
|
||
Comment 17•5 years ago
|
||
Pushed by kaie@kuix.de:
https://hg.mozilla.org/comm-central/rev/bf32f9306077
Auto attach own pub key to signed messages. Use better attachment name. Use configured sign/encrypt prefs. r=mkmelin DONTBUILD
|
|
||
Updated•5 years ago
|
|
||
Comment 18•4 years ago
|
||
NONONONONONO!
THIS IS NOT RESOLVED, it is wrongly decided.
Usually public key shall not be attached, it's only needed on first contact not on each and every signed message!
Description
•