opportunistic email encryption by the MTA (not MUA)

• Previous message (by thread): Petition for Board of Trustees adoption consideration of ARIN-2020-2
• Next message (by thread): opportunistic email encryption by the MTA (not MUA)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

email from a friend who uses protonmail as their MTA suddenly started to
be opportunistically encrypted with pgp; i.e. the sender's MUA did
nothing to cause the encryption.  i believe this started when i provided
my pgp public key over WKD [0].

i have a guess.  i suspect that protonmail opportunistically tests for a
WKD for the recipient and, if found, uses it.  i do see protonmail
queries to my WKD service

    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:08:44:41 +0000] "HEAD /.well-known/openpgpkey/policy HTTP/1.1" 200 - "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"
    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:08:44:42 +0000] "GET /.well-known/openpgpkey/hu/pbe8wr5gm5b4gf43adj411yrreqyib6u?l=randy HTTP/1.1" 200 26027 "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"
    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:10:49:44 +0000] "HEAD /.well-known/openpgpkey/policy HTTP/1.1" 200 - "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"
    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:10:49:45 +0000] "GET /.well-known/openpgpkey/hu/pbe8wr5gm5b4gf43adj411yrreqyib6u?l=randy HTTP/1.1" 200 26027 "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"
    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:15:02:49 +0000] "HEAD /.well-known/openpgpkey/policy HTTP/1.1" 200 - "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"
    /var/log/httpd-access.log:185.70.40.57 - - [14/Jan/2021:15:02:49 +0000] "GET /.well-known/openpgpkey/hu/pbe8wr5gm5b4gf43adj411yrreqyib6u?l=randy HTTP/1.1" 200 26027 "-" "GuzzleHttp/6.5.5 curl/7.29.0 PHP/7.4.11"

my interest is whether WKD publication is triggering opportunistic
encryption; if anything else might be using it opportunistically, and if
this can actually scale.

i really do not want to discuss if pgp encryption is a good thing,  if
opportunistic encryption is the spawn of the frog goddess, or if there
are viable alternatives to emacs.

anyone with protonmail clue or contact(s)?

randy

[0] - https://git.rg.net/randy/randy/src/master/pgp-WKD.md

• Previous message (by thread): Petition for Board of Trustees adoption consideration of ARIN-2020-2
• Next message (by thread): opportunistic email encryption by the MTA (not MUA)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]