Hello. FSF’s ‘Email Self-Defence Guide’ [1] teaches those who are not yet familiar with OpenPGP to use Thunderbird + Enigmail and features the following text: | In your email program's menu, select Enigmail → Key Management. | | Right click on your key and select Upload Public Keys to Keyserver. Use the default keyserver in the popup. | | Now someone who wants to send you an encrypted message can download your public key from the Internet. There are multiple keyservers that you can select from the menu when you upload, but they are all copies of each other, so it doesn't matter which one you use. However, since the last week this is no longer true, as Patrick Brunschwig <patrick@enigmail.net>, an author of Enigmail, making use of a recently exploited security flaw in SKS network, which the guide describes, changed the default keyserver from the SKS round-robin pool, to a *proprietary centralized service* [2], “one of whose initiators” he was, and which does _not_ share the base with with SKS: as of now, it provides info for about 5 000 email’s (SKS — for about 5 000 000 keys). Some more details are in the correspondence below. WDYT? [1] https://emailselfdefense.fsf.org [2] https://keys.openpgp.org
--- Begin Message ---Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 08:24:56 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0 On 10.07.2019 05:55, Dmitry Alexandrov wrote: > Patrick Brunschwig <patrick@enigmail.net> wrote: >> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.* > >> This release sets the default keyserver to keys.openpgp.org in order to >> mitigate the SKS Keyserver Network Attack [1]. This change is applied >> unconditionally for all installations, except if the default keyserver is >> set to an ldap server. > > Given that the issue is now mitigated in GPG, when will reverting this back > be scheduled? I won't revert this change for two reasons: 1. It will take weeks to months until the majority of the Windows and macOS systems will have updated (which first requires the availability of new versions of gpg4win, GPGTools, GpgOSX etc). 2. As I already said publicly, the default in Enigmail 2.1 will be keys.openpgp.org. The change is now just a little earlier than anticipated. If you want a different default keyserver, you can change that manually in the Enigmail preferences. -Patrick
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 11:43:49 +0300 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Patrick Brunschwig <patrick@enigmail.net> wrote: > On 10.07.2019 05:55, Dmitry Alexandrov wrote: >> Patrick Brunschwig <patrick@enigmail.net> wrote: >>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.* >> >>> This release sets the default keyserver to keys.openpgp.org in order to >>> mitigate the SKS Keyserver Network Attack [1]. This change is applied >>> unconditionally for all installations, except if the default keyserver is >>> set to an ldap server. >> >> Given that the issue is now mitigated in GPG, when will reverting this back >> be scheduled? > > I won't revert this change for two reasons: > > 1. It will take weeks to months until the majority of the Windows and macOS > systems will have updated (which first requires the availability of new > versions of gpg4win, GPGTools, GpgOSX etc). Well, that’s exactly the kind of answer I hoped to get: a stub will be reverted when such and such updates are published. But I see now, I was too optimistic. :-\ > 2. As I already said publicly, the default in Enigmail 2.1 will be > keys.openpgp.org. The change is now just a little earlier than anticipated. So, just to clarify, you intentionally replaced the standard distributed network with some freshly established private service, where centralized control is _not_ a child illness, but a design: | Several folks offered to help out by "running a Hagrid server instance". We very much appreciate the offer, but we will probably never have an "open" federation model like SKS, where everyone can run an instance and become part of a "pool". — https://keys.openpgp.org/about/faq moreover, pushed that change to setups of the most old users, — and found all of that absolutely okay? > If you want a different default keyserver, you can change that manually in > the Enigmail preferences. Please, do not say it like the question is about choosing a default colour-scheme or some other trifle! It’s not a ‘different keyserver’ in a sense, that became usual for all those years of SKS (that is, whether it pgp.mit.edu, keys.ubuntu.com or even keybase.io). You have driven the whole userbase to a *different network* — a network consisting of a single server.
Description: PGP signature
--- End Message ---
--- Begin Message ---Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 13:41:26 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0 On 10.07.2019 10:43, Dmitry Alexandrov wrote: > Patrick Brunschwig <patrick@enigmail.net> wrote: >> On 10.07.2019 05:55, Dmitry Alexandrov wrote: >>> Patrick Brunschwig <patrick@enigmail.net> wrote: >>>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.* >>> >>>> This release sets the default keyserver to keys.openpgp.org in order to >>>> mitigate the SKS Keyserver Network Attack [1]. This change is applied >>>> unconditionally for all installations, except if the default keyserver is >>>> set to an ldap server. >>> >>> Given that the issue is now mitigated in GPG, when will reverting this back >>> be scheduled? >> >> I won't revert this change for two reasons: >> >> 1. It will take weeks to months until the majority of the Windows and macOS >> systems will have updated (which first requires the availability of new >> versions of gpg4win, GPGTools, GpgOSX etc). > > Well, that’s exactly the kind of answer I hoped to get: a stub will be > reverted when such and such updates are published. But I see now, I was too > optimistic. :-\ > >> 2. As I already said publicly, the default in Enigmail 2.1 will be >> keys.openpgp.org. The change is now just a little earlier than anticipated. > > So, just to clarify, you intentionally replaced the standard distributed > network with some freshly established private service, where centralized > control is _not_ a child illness, but a design: > > | Several folks offered to help out by "running a Hagrid server instance". We > very much appreciate the offer, but we will probably never have an "open" > federation model like SKS, where everyone can run an instance and become part > of a "pool". > — https://keys.openpgp.org/about/faq Even though I currently don't have an active role with Hagrid, I am one of its initiators. I'm fully aware of the pros and cons. I honestly strongly disagree with the idea that a key directory (and Hagrid is not more than that) must be decentralized. If you want decentralized key distribution/lookup, then use Autocrypt and WKD, which are both part or Enigmail and which are both used before keyserver lookup. Furthermore, you rely on Enigmail, which is developed by me, myself and I -- with very little help from others. That is, many people rely on a centralized system sitting above my shoulders for their encrypted communication. Do you think that's any better or worse than using a centralized directory for key lookup? > moreover, pushed that change to setups of the most old users, — and found all > of that absolutely okay? Given the circumstances - yes. My plan was to set the new default, but to NOT touch the existing installations. But the SKS issue forced me to go that way. This is not a problem that only affects a few dozen users who are savvy enough to handle this, or to look up resources for fixing this. This is something that affects many thousand people, if not more. And it is simply out of question for me to spend my free time on handling the support requests of all these users individually. And this *will* happen. I just had 2 support requests this morning. And as I said - I can't undo that because people are too lazy with updating their software. -Patrick
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Thu, 11 Jul 2019 23:30:13 +0300 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Patrick Brunschwig <patrick@enigmail.net> wrote: > On 10.07.2019 10:43, Dmitry Alexandrov wrote: >> Patrick Brunschwig <patrick@enigmail.net> wrote: >>> On 10.07.2019 05:55, Dmitry Alexandrov wrote: >>>> Patrick Brunschwig <patrick@enigmail.net> wrote: >>>>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.* >>>> >>>>> This release sets the default keyserver to keys.openpgp.org in order to >>>>> mitigate the SKS Keyserver Network Attack [1]. This change is applied >>>>> unconditionally for all installations… >>>> >>>> Given that the issue is now mitigated in GPG, when will reverting this >>>> back be scheduled? >>> >>> I won't revert this change for two reasons: >>> 2. As I already said publicly, the default in Enigmail 2.1 will be >>> keys.openpgp.org. The change is now just a little earlier than anticipated. >> >> So, just to clarify, you intentionally replaced the standard distributed >> network with some freshly established private service, where centralized >> control is _not_ a child illness, but a design: >> >> | Several folks offered to help out by "running a Hagrid server instance". >> We very much appreciate the offer, but we will probably never have an "open" >> federation model like SKS, where everyone can run an instance and become >> part of a "pool". >> — https://keys.openpgp.org/about/faq > > Even though I currently don't have an active role with Hagrid, I am one of > its initiators. I'm fully aware of the pros and cons. > > I honestly strongly disagree with the idea that a key directory (and Hagrid > is not more than that) must be decentralized. And honestly believe, that it’s fine to break longstanding interoperability between GPG frontends and GPG-compatible programs just because of your personal opinion of how it should be implemented? When to expect an in-house default cipher in Enigmail? > If you want decentralized key distribution/lookup, then use Autocrypt and WKD I beg my pardon, but what a nonsense is that? How WKD is decentralized? WKD for a given address is on a single server, normally controlled by one of the two potential attackers. So in the terms of security it’s even worse than your private service. Anyway, it’s irrelevant for now, WKD vs. HKP is not what we are discussing. And Autocrypt is not a way to publish your key at all, but to send it privately. > Furthermore, you rely on Enigmail, which is developed by me, myself and I -- > with very little help from others. That is, many people rely on a centralized > system sitting above my shoulders for their encrypted communication. Do you > think that's any better or worse than using a centralized directory for key > lookup? No, I believe I do not rely on ‘Enigmail centralized system’, only on OpenPGP, which is an open standard, and on SKS, which is a distributed network that until your diversion seemed to be an unanimously accepted standard de-facto; and on some free programs, but it does not matter on which exactly, as long they do not cause any negative network effect. Or do I miss some another nasty feature of Enigmail, that also would have an impact on my correspondents: force them to use some proprietary service, nonfree software, or something like that? Please, do enlighten me on that. >> moreover, pushed that change to setups of the most old users, — and found >> all of that absolutely okay? > > Given the circumstances - yes. My plan was to set the new default, but to NOT > touch the existing installations. But the SKS issue forced me to go that way. That is, you were even going to break seamless interoperability between different installations of your own program initially? o_O >>> 1. It will take weeks to months until the majority of the Windows and macOS >>> systems will have updated (which first requires the availability of new >>> versions of gpg4win, GPGTools, GpgOSX etc). >> >> Well, that’s exactly the kind of answer I hoped to get: a stub will be >> reverted when such and such updates are published. But I see now, I was too >> optimistic. :-\ > > This is not a problem that only affects a few dozen users who are savvy > enough to handle this, or to look up resources for fixing this. This is > something that affects many thousand people, if not more. And it is simply > out of question for me to spend my free time on handling the support requests > of all these users individually. And this *will* happen. I just had 2 support > requests this morning. And so instead of the obvious disabling of HKP lookup at all until things are fixed, you took a DDoS of the present open system as a perfect opportunity to radically promote a new competing proprietary service, “one of whose initiators” you were. Very clever, my sincere admirations to you. > And as I said - I can't undo that because people are too lazy with updating > their software. So? What are obstacles to perform a simple check of GPG’s version used?
Description: PGP signature
--- End Message ---
--- Begin Message ---Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Fri, 12 Jul 2019 08:10:52 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0 On 11.07.2019 22:30, Dmitry Alexandrov wrote: [...] > When to expect an in-house default cipher in Enigmail? Never -Patrick
Description: OpenPGP digital signature
--- End Message ---
signature.asc
Description: PGP signature
--- End Message ---