Support the Autocrypt Gossip key distribution mechanism
Categories
(MailNews Core :: Security: OpenPGP, enhancement)
Tracking
(thunderbird_esr115? fixed, thunderbird120 fixed)
People
(Reporter: KaiE, Assigned: KaiE)
Details
Attachments
(3 files)
|
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
|
Details | Review |
|
53.45 KB,
patch
|
wsmwk
:
approval-comm-esr115+
|
Details | Diff | Splinter Review |
|
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
|
Details | Review |
If Alice sends an encrypted email to Bob and Charlie, then Bob might want to send an encrypted reply to everyone.
Bob might night have Charlie's key yet.
To enable all participants of an email conversation to reply to everyone else, it's helpful to distribute the public keys of all participants as part of the encrypted message.
The Autocrypt specification defines a mechanism to do so, called Gossip.
I suggest we should implement that mechanism. It requires sending additional headers, and they should be contained in the protected-headers area.
|
Assignee | |
Comment 1•2 years ago
|
||
|
|
Assignee | |
Comment 2•2 years ago
|
||
The attached patch implements the sending part (adding headers to outgoing messages).
TODO: We should also implement the receiver side.
Whenever we detect an Autocrypt-Gossip header in a message, we should add that key to CollectedKeysDB.
|
|
Assignee | |
Comment 3•2 years ago
|
||
I was able to reuse existing code, and it was mostly a matter of finding the right places to hook up and restore the processing.
The attached phab revision seems to work already.
|
||
Updated•2 years ago
|
|
|
Assignee | |
Comment 4•2 years ago
|
||
The patch applies cleanly to esr115, and doesn't require any new UI.
We could consider to uplift to 115, after sufficient beta exposure.
|
|
Assignee | |
Updated•2 years ago
|
|
|
Assignee | |
Comment 5•2 years ago
|
||
backport to esr115
(I'm using a local build of 115 with this patch.)
Pushed by brendan@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/edf9b804e9a8
Add the Autocrypt Gossip key distribution mechanism. r=mkmelin
|
||
Updated•2 years ago
|
|
|
||
Comment 7•2 years ago
|
||
comm/mail/base/test/performance/browser_startup.js is failing
|
|
||
Updated•2 years ago
|
Pushed by brendan@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/b5958ea9e0cc
Follow-up: lazy-load mimeParser. r=kaie
|
|
Assignee | |
Comment 9•2 years ago
|
||
Comment on attachment 9353687 [details]
Bug 1853674 - Add the Autocrypt Gossip key distribution mechanism. r=mkmelin
Would be nice to get this feature improvement tested early.
[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: less convenience
Testing completed (on c-c, etc.): works on c-c
Risk to taking this patch (and alternatives if risky): low
|
||
Comment 10•2 years ago
|
||
Comment on attachment 9353687 [details]
Bug 1853674 - Add the Autocrypt Gossip key distribution mechanism. r=mkmelin
[Triage Comment]
Approved for beta
|
|
||
Comment 11•2 years ago
|
||
Comment on attachment 9360390 [details]
Bug 1853674 - Follow-up: lazy-load mimeParser. r=kaie
[Triage Comment]
Approved for beta
|
||
Comment 12•2 years ago
|
||
| bugherder uplift | ||
|
|
Assignee | |
Comment 13•2 years ago
|
||
Comment on attachment 9360370 [details] [diff] [review]
1853674-esr115.patch
[Approval Request Comment]
Regression caused by (bug #): none
User impact if declined:
Testing completed (on c-c, etc.): yes
Risk to taking this patch (and alternatives if risky): low
I suggest to uplift this feature to the stable 115 branch.
The added functionality happens completely behind the scenes, no UI necessary (and it can be enabled by an already existing pref).
The feature can help improve encrypted group conversations.
|
|
||
Comment 14•2 years ago
|
||
Comment on attachment 9360370 [details] [diff] [review]
1853674-esr115.patch
[Triage Comment]
Approved for esr115
This seems quite large. What steps may be used to test the release candidate?
|
|
Assignee | |
Comment 15•2 years ago
|
||
(In reply to Wayne Mery (:wsmwk) from comment #14)
This seems quite large. What steps may be used to test the release candidate?
I think the new automated tests sufficiently test that we do produce and consume the additional information.
The new code is reached only when a user has OpenPGP configured, so it should be sufficient to test that with OpenPGP enabled, the basic functionality of sending/receiving signed messages still works.
But again, this should be sufficiently covered by automated tests.
|
||
Comment 16•2 years ago
|
||
| bugherder uplift | ||
Thunderbird 115.7.0:
https://hg.mozilla.org/releases/comm-esr115/rev/9ca380b93c9c
Description
•