-
larma
SCE isn't really common - so there is no common message format inside encrypted messages...
-
larma
except... MIME
-
vanitasvitae
Everybody loves MIME!!!
-
vanitasvitae
I'm facing a hen and egg problem using OpenPGP.
-
vanitasvitae
To utilize OpenPGP for Account wide identity key + per device keys, I'd like to have the device keys as subkeys of the account identity key. However, the device keys would usually again consist of a primary device key with subkeys (I want to be able to both sign and encrypt using the per-device keys).
-
vanitasvitae
As a consequence I'd need something along the lines of : Account Identity Key owns (Device Primary Key owns Device Encryption Subkey and Device Signing Subkey)
-
vanitasvitae
However, currently virtually no OpenPGP implementation supports subkeys of subkeys.
-
vanitasvitae
See https://gitlab.com/sequoia-pgp/weird-keys#results (cert-subkeys)
-
vanitasvitae
https://gitlab.com/sequoia-pgp/weird-keys#cert-subkeyspgp
-
vanitasvitae
So I'm thinking of manually establishing the subkey hierarchy by keeping the keys separate, but requiring implementations to check for subkey binding signatures.
-
larma
what is the purpose of the account identity key?
-
larma
i.e. how is it different from a device key?
-
beforeigner
larma: a device key is just for that one device. If you use 2 devices with same acc you have 2 device keys, an account key is for the account independent from the device.
-
vanitasvitae
The account key is used as long term identity
-
larma
but, isn't that account key not stored on a "device" (phone, computer, server, paper) and thus is just another device key?
-
vanitasvitae
And to certify device keys
-
vanitasvitae
It is
-
larma
so why do we need it?
-
vanitasvitae
But it is higher up in the hierarhy
-
larma
is it a hierarchy for the sake of having a hierarchy or does it actually make sense?
-
vanitasvitae
You dont want to have your account key on every device.
-
larma
but on some devices? or only a single device?
-
vanitasvitae
It is used as a single user identity. So that users dont have to individually trust X devixe keys
-
vanitasvitae
The identity key CAN be kept on a single trusted device, but could also be synced
-
vanitasvitae
Depends on users /clients preferences
-
larma
do I need the account key to add a new device?
-
vanitasvitae
Yes. That is if you want to include your new device in the set of trustworthy devices.
-
vanitasvitae
Clients should allow the user to further communicate with devices not yet certified by the account key.
-
vanitasvitae
But they should warn the user in that case.
-
larma
only once or persistently?
-
larma
I kinda feel there is some overengineering going on here.
-
vanitasvitae
Once
-
vanitasvitae
This is basically the Matrix trust model
-
vanitasvitae
And it seems to work for them
-
vanitasvitae
So 🤗
-
larma
not sure what you mean by works for them. they just store a single accounts key on the server that is password encrypted and most people just use the same password as their account password or something very close. when logging in from a new device they just have to enter their password twice
-
larma
but then you don't really need device keys anymore because effectively the account key is on every device✎ -
larma
but then you don't really need device keys anymore because effectively the account key is/was on every device ✏
-
vanitasvitae
I'd model the sepc such that you CAN do what the matrix guys do, but allow for different schemes (offline account key)
-
larma
I mean, OMEMO TBFV seems to work as well. 90%+ don't verify at all and can be attacked under certain scenarios (active server side attack), but everyone gets the "feeling" of encrypted chats. Just like Matrix...
-
vanitasvitae
Yeah, but people always complain about fingerprints. An account key would reduce this situation to only a single fingerprint per contact + the fps of the users own devices.
-
beforeigner
> when logging in from a new device they just have to enter their password twice But you get an new aditional device key, and the list becomes longer and longer with every device change or new install of a client if you dont delete obsolete devices from your list.