Evaluate sub-addresses in gpg and wkd
Open, HighPublic

Description

How should we handle subaddressing (joe+mailinglist@example.org) in gpg. There are a coupe of real world problems.

Change mailaddr_from_uid ?

werner created this task.Oct 21 2018, 2:46 PM

It does not make sense to handle this in the protocol. The client should always ask for joe@example.org and thus keep the whole thing mostly out of gpg. This requires that keys are not created with sub-addresses. However, if someone has a need for this, this strategy should work:

  • gpg's AKL "local" method looks for both joe@example.org and joe+ml@example.org and if it find one that key is used.
  • gpg's AKL "wkd" method only searches for joe@example.org

This way a key with a full address can still be imported and used but is not used for remote things. gpg-wks-client might even auto create a new user-id with the stripped address.

aheinecke added a subscriber: aheinecke.EditedNov 9 2018, 12:07 PM

I would change gpgme_addrspec_from_uid and the gnupg equivalent to strip out the subaddress.

From the 992 keys in my keyring i only have 3 non expired keys with subaddresses and I don't have any case where multiple keys exist for multiple subaddresses.

Sorry I did not see your first comment.

I would be fine if gnupg would not handle it and we only change it in gpgme to have a reference normalization and to make it easier for Applications to handle this.