Mailing List Archive

WKD: User ID filtering
Hello,

During tests of gpg --locate-keys using WKD I noticed that the key UIDs
are filtered, that is only UID that contains the e-mail passed to
locate-keys is added to the keyring, no other UIDs.

It seems reasonable but I couldn't find anything about this behavior in
the WKD I-D.

Is this by design?

An implementation detail of gnupg?

Should this behavior be documented/recommended in the I-D?

Thank you for your time!

Kind regards,
Wiktor

--
*/metacode/*
Re: WKD: User ID filtering [ In reply to ]
On Wed, 20 Jun 2018 22:06, gnupg-devel@gnupg.org said:

> Is this by design?

Yes, this by design of the protocol. The protocol asserts via TLS that
a user id is managed by a certain domain (i.e. mail provider). client
connects to the domain of a user id and looks up the key. That key is
then stored in the local public keyring along with a flag that the user
id has been retrieved via WKD.

> Should this behavior be documented/recommended in the I-D?

I though this was obvious. I will add this to the security
considerations:

| The mail provider MUST make sure to filter a key in a way that only
| the User ID belonging to that user is returned and that confirmation
| requests are only send for such User IDs. It is further recommended
| that a client filters the key for a publication requests so that only
| a key with the specific User ID of the provider is send.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: WKD: User ID filtering [ In reply to ]
Hello,

Yes, it's obvious in retrospect, but when implementing it from the spec
it's far to easy to take the shortcut of "just fetch the binary key from
that URL and import it to local keyring".

I did it in my two implementations of WKD clients and as far as I've
read the source code of EnigMail it does that too (imports the entire
key without filtering).

Your addition to security considerations will be greatly appreciated.

I assume that if after filtering the key does not contain any UIDs the
import is rejected.

> That key is
> then stored in the local public keyring along with a flag that the
> user id has been retrieved via WKD.

Is that flag used for anything or just informational?

Because fetching via WKD at least "validates" the e-mail part and this
information is useful.

Thank you for your time!

Kind regards,
Wiktor

W dniu 21.06.2018 o 09:39, Werner Koch pisze:
> On Wed, 20 Jun 2018 22:06, gnupg-devel@gnupg.org said:
>
>> Is this by design?
>
> Yes, this by design of the protocol. The protocol asserts via TLS that
> a user id is managed by a certain domain (i.e. mail provider). client
> connects to the domain of a user id and looks up the key. That key is
> then stored in the local public keyring along with a flag that the user
> id has been retrieved via WKD.
>
>> Should this behavior be documented/recommended in the I-D?
>
> I though this was obvious. I will add this to the security
> considerations:
>
> | The mail provider MUST make sure to filter a key in a way that only
> | the User ID belonging to that user is returned and that confirmation
> | requests are only send for such User IDs. It is further recommended
> | that a client filters the key for a publication requests so that only
> | a key with the specific User ID of the provider is send.
>
>
> Shalom-Salam,
>
> Werner
>

--
*/metacode/*
Re: WKD: User ID filtering [ In reply to ]
On Thu, 21 Jun 2018 10:16, gnupg-devel@gnupg.org said:

> I assume that if after filtering the key does not contain any UIDs the
> import is rejected.

Right. There is also the little twist that if a mail provider announces
mailbox-only and the user id also has a real-name gpg-wks-client
creates a new user-id with just the mailbox.

> Is that flag used for anything or just informational?

It can be read out and will eventually be used for key validation
heuristics. Option --with-key-origin and in the --with-colons output
fields 19 and 20 of uid and pub records.

> Because fetching via WKD at least "validates" the e-mail part and this
> information is useful.

Right.


Shalom-Salam,

Werner

--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Re: WKD: User ID filtering [ In reply to ]
Hi,

On Thursday, June 21, 2018 10:21:21 AM CEST Werner Koch wrote:
> On Thu, 21 Jun 2018 10:16, gnupg-devel@gnupg.org said:
> > Is that flag used for anything or just informational?
>
> It can be read out and will eventually be used for key validation
> heuristics. Option --with-key-origin and in the --with-colons output
> fields 19 and 20 of uid and pub records.

In gpgme it is also available since 1.10.0 ;-)

> > Because fetching via WKD at least "validates" the e-mail part and this
> > information is useful.

As an example, I'm using that flag for "Automatic Encryption" in GpgOL. It will
see a userid as acceptable for automatic encryption if it has either marginal
validity (when TOFU is not used) or if it came from WKD.

Best Regards,
Andre

--
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Re: WKD: User ID filtering [ In reply to ]
Hello,

>> It can be read out and will eventually be used for key validation
>> heuristics. Option --with-key-origin and in the --with-colons output
>> fields 19 and 20 of uid and pub records.
>
> In gpgme it is also available since 1.10.0 ;-)

I will check this out, thanks for the info! :)

>>> Because fetching via WKD at least "validates" the e-mail part and this
>>> information is useful.
>
> As an example, I'm using that flag for "Automatic Encryption" in GpgOL. It will
> see a userid as acceptable for automatic encryption if it has either marginal
> validity (when TOFU is not used) or if it came from WKD.

Yes! That's a very good idea! Actually I was thinking about the same but
for EnigMail. WKD provides a good basis for initial contact encryption.

Have you thought about extending it even further? For example if someone
types an unknown e-mail, presses Enter, the GpgOL could see if there is
a key available via WKD and if so, fetch it and enable encryption
entirely automatically!

Kind regards,
Wiktor

--
*/metacode/*
Re: WKD: User ID filtering [ In reply to ]
Hi,

On Thursday, June 21, 2018 11:02:28 AM CEST Wiktor Kwapisiewicz wrote:
> Yes! That's a very good idea! Actually I was thinking about the same but
> for EnigMail. WKD provides a good basis for initial contact encryption.
>
> Have you thought about extending it even further? For example if someone
> types an unknown e-mail, presses Enter, the GpgOL could see if there is
> a key available via WKD and if so, fetch it and enable encryption
> entirely automatically!

Exactly. That is actually what I am currently working on for the next version.
I can probably show a demo video next week about how it looks in GpgOL.

Btw. Last year Neal, Bernhard and me worked on a concept how we would like to
utilize WKD and the TOFU trust model for automated encryption. It can be found
under:
https://wiki.gnupg.org/AutomatedEncryption

Maybe you find it interesting, I would be interested in your opinion.

It's my current focus for new feature work on Gpg4win.

Best Regards,
Andre

--
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Re: WKD: User ID filtering [ In reply to ]
Hello,

> Btw. Last year Neal, Bernhard and me worked on a concept how we would like to
> utilize WKD and the TOFU trust model for automated encryption. It can be found
> under:
> https://wiki.gnupg.org/AutomatedEncryption
>
> Maybe you find it interesting, I would be interested in your opinion.

That definitely is most interesting!

I've been pondering setting up encryption for less technical people for
some time and the current approach requires a lot of hops to do that
(basically me setting up their MUA).

Automated encryption with WKD+TOFU seems like a good approach.

I am looking forward to your demo video!

Kind regards,
Wiktor

--
*/metacode/*
Re: WKD: User ID filtering [ In reply to ]
Hi,

On Thursday, June 21, 2018 1:01:49 PM CEST Wiktor Kwapisiewicz wrote:
> > Btw. Last year Neal, Bernhard and me worked on a concept how we would like
to
> > utilize WKD and the TOFU trust model for automated encryption. It can be
found
> > under:
> > https://wiki.gnupg.org/AutomatedEncryption
> >
> > Maybe you find it interesting, I would be interested in your opinion.
>
> That definitely is most interesting!
>
> I've been pondering setting up encryption for less technical people for
> some time and the current approach requires a lot of hops to do that
> (basically me setting up their MUA).
>
> Automated encryption with WKD+TOFU seems like a good approach.
>
> I am looking forward to your demo video!

I've uploaded an animation of how it looks in the current development version
of GpgOL:

https://wiki.gnupg.org/EasyGpg2016/OutlookUi#Empty_Keyring_-_Verifying_a_Mail_with_key_available_in_WKD

Below this you will find an animation which includes Keygen / Setup with a Web
Key Service.


I'm not sure if the wording is perfect. "Confirmed" is a bit strong for WKD.
It's in contrast to "Certified" which is the word for PGP / S/MIME trust.

Apologies for the language mix but I was running on a German Windows.

Best Regards,
Andre

--
Andre Heinecke | ++49-541-335083-262 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabr?ck | AG Osnabr?ck, HR B 18998
Gesch?ftsf?hrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Re: WKD: User ID filtering [ In reply to ]
Hi Andre,

> I've uploaded an animation of how it looks in the current development version
> of GpgOL:
>
> https://wiki.gnupg.org/EasyGpg2016/OutlookUi#Empty_Keyring_-_Verifying_a_Mail_with_key_available_in_WKD
>
> Below this you will find an animation which includes Keygen / Setup with a Web
> Key Service.

Oh, yes. This definitely looks good! Especially the "Empty Keyring -
Verifying a Mail with key available in WKD" animation that doesn't bug
the user with popups - it just works! Very cool, I will definitely check
this out with Outlook once released.

Thanks!

Kind regards,
Wiktor

--
https://metacode.biz/@wiktor