!GpMMBTUuJduUZAAKXM:matrix.org

OpenPGP/GPG

237 Members
OpenPGP/GnuPG related questions, discussions and  projects | Sharing your public keys | Key Signing (at own risk) | NO NSFW OR OTHER QUESTIONABLE STUFF 58 Servers

Load older messages


SenderMessageTime
15 Feb 2024
@kaie:mozilla.orgKai E (EU)
In reply to @wiktor:stratum0.org
I'm looking for exact CLI flags right now 👀
I think Werner just posted the flags on the IETF list.
10:59:29
@kaie:mozilla.orgKai E (EU) "Just put a the key into the signature. With gpg you can do this with
--include-keyblock and --auto-key-import."
10:59:39
@wiktor:stratum0.orgWiktorah, great, thanks Kai!10:59:48
@wiktor:stratum0.orgWiktor funnily include-keyblock is not on that page lol 11:00:07
@wiktor:stratum0.orgWiktor
> gpg --include-keyblock
gpg: invalid option "--include-keyblock"

🙄

11:00:30
@Valodim:stratum0.orgValodim --include-key-block 11:01:03
@wiktor:stratum0.orgWiktorright11:01:40
@Valodim:stratum0.orgValodim he's right, if you are already sending a signature, just do that. don't mess with pgp/mime if you don't really have to (you probably don't) 11:04:34
@Valodim:stratum0.orgValodim
In reply to @andrewg:nitro.chat
IIRC Autocrypt headers are email headers, not mime headers, and so they have lower size limits.
do they? we never really tested but headers (particularly from exchange) have become pretty bulky these days
11:06:01
@Valodim:stratum0.orgValodimmy assumption would be that anything you wouldn't be willing to put into headers, you probably shouldn't put into every single email you send11:06:21
@Valodim:stratum0.orgValodimwith autocrypt we determined that anything up to 10kb is fine, and that's what assumed in the spec. that is also the reason for the subkey+uid format, minimizing the amount of data sent11:07:39
@Valodim:stratum0.orgValodimhowever: in the first version of enigmail, there was no minimization done and the user's full public key would be sent with every email. which was, uh, large in some cases11:08:26
@Valodim:stratum0.orgValodimand as far as I'm aware, there were no complaints about undelivered email even with that version11:08:43
@andrewg:nitro.chatandrewgThere were a lot of complaints about autocrypt email size, although they were more aesthetic than practical11:09:18
@Valodim:stratum0.orgValodimright. I'm not aware of any actual issues caused by them11:10:00
@andrewg:nitro.chatandrewgI’m inclined to prefer Werner’s solution, and if the key is in the unhashed supacket area it can be stripped to save storage space. This could be combined with a symmetric re-encryption step, and could be handed off to the openpgp lib11:13:51
@andrewg:nitro.chatandrewgBut if there are no practical issues with autocrypt headers then I suppose it’s not really important?11:15:01
@Valodim:stratum0.orgValodimsigning emails by default is a terrible idea, and making it a requirement for key distribution to work severely limits how universal it can be11:15:08
@Valodim:stratum0.orgValodimit's also not just where the keys are, that is only half the problem. it's also important how they are used and what assumptions you can make about how recipients deal with them11:16:17
@Valodim:stratum0.orgValodimthis is one of those things openpgp does - just specify the wire format, clients will figure out all the rest11:16:50
@Valodim:stratum0.orgValodimpredictably leading to terrible flows for the user based on whatever reasonable (or was just convenient from control flow) to the programmer at the time11:18:03
@Valodim:stratum0.orgValodim(plus differently terrible on different clients, of course)11:18:22
@Valodim:stratum0.orgValodimalas11:18:32
@andrewg:nitro.chatandrewgYes, we've traditionally been good at having a low level spec for the formats, but with a wide leeway for applications to use them however they want. This is a feature, of course. :-)12:40:22
@aheinecke:kde.orgaheinecke
In reply to @Valodim:stratum0.org
I don't think it's enabled by default in gpg4win, but I don't know 🤔
That is my mistake, at first we wanted to enable it by defaut for everyone. Then we thought that would make the attack surface to large, now we want to implement it as default on options in GpgOL so that it is only on for mails but right when I was about to commit this I fell ill so it did not make in the last release.
12:50:31
@aheinecke:kde.orgaheinecke
In reply to @Valodim:stratum0.org
signing emails by default is a terrible idea, and making it a requirement for key distribution to work severely limits how universal it can be
I tend to disagree with that a bit. Since for example we suggest to users not to put a passphrase on their key file since if the local system is compromised anyway you have already lost. But more importantly it is the way S/MIME users are used to for key exchange. If I ask an S/MIME user to send me her certificate I get a signed mail in reply.
12:53:00
@Valodim:stratum0.orgValodimI'm very glad the "the passphrase is the only protection of your key, make sure it's super duper strong" line is gone from the man pages now12:54:27
@aheinecke:kde.orgaheinecke So this feature will definitely be in the next GpgOL release and I know that some customers of us are already using it. To be honest I had forgotten about that setting for over a year. 12:54:32
@aheinecke:kde.orgaheinecke Not sure about the man pages, but if you click through Kleopatra it requires you to set an extra checkbox if you want to have a password protected key. Of course our VS-NfD version requires a password because the BSI demands it. But we would like them to use tokens anyway. 12:55:51
@aheinecke:kde.orgaheinecke
In reply to @aheinecke:kde.org
So this feature will definitely be in the next GpgOL release and I know that some customers of us are already using it. To be honest I had forgotten about that setting for over a year.
We have support to enable this through the Windows registry, so it is easy for Admins / Security People to activate it.
12:56:52

Show newer messages


Back to Room ListRoom Version: 1