cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
agowa338
New member
Status: New idea

Thunderbird should always first try to import the pgp public keys from the signature before trying to use the key manager, wks, or the configured key server.

Currently Thunderbird shows a missing key message even if the public key is already part of the signature. Also Thunderbird doesn't offer to import the key from the signature but instead has to import it from a different source. This is bad UX compared to the S/MIME workflow where Thunderbird (admittedly has to) use the public key from the message.

Also in regards to privacy requiring this additional wks and key server lookup is not that great. At least if we consider the issue mentioned in the GnuPG documentation about using this as a way to fingerprint and identify users (in a very small amount of cases and in very specific scenarios, probably similar thread vector  and impact as CRL and OCSP validation with S/MIME certificates).

Example gpg command to generate a test message: `gpg --sign --include-key-block --armor messagebody.txt` (and the feature requested in this ticket is basically identical to the gpg option `--auto-key-import`)

From the gpg documentation:

```
--auto-key-import
--no-auto-key-import

This is an offline mechanism to get a missing key for signature verification and for later encryption to this key. If this option is enabled and a signature includes an embedded key, that key is used to verify the signature and on verification success the key is imported. The default is --no-auto-key-import.

On the sender (signing) site the option --include-key-block needs to be used to put the public part of the signing key as “Key Block subpacket” into the signature.
```

```
--include-key-block
--no-include-key-block

This option is used to embed the actual signing key into a data signature. The embedded key is stripped down to a single user id and includes only the signing subkey used to create the signature as well as as valid encryption subkeys. All other info is removed from the key to keep it and thus the signature small. This option is the OpenPGP counterpart to the gpgsm option --include-certs and allows the recipient of a signed message to reply encrypted to the sender without using any online directories to lookup the key. The default is --no-include-key-block. See also the option --auto-key-import.
```

1 Comment
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.