Currently, it is only possible to get someones public key into DeltaChat if the person uses an AutoCrypt-capable MUA (i.e. DeltaChat). If there was an option to not only import private, but also public keys, wouldn’t that enable DeltaChat-users to communicate encrypted with non-Autocrypt-users in one to one chats?
A great deal of Delta-Chat users care about encryption. Therefore, a good quantity of them have been encrypting before and might even already went through the pain of importing the public keys of their corespondents and verifying their fingerprints and all that.
A big advantage of DC over other messenger I see is that it is not exclusive. What I mean is that one is not forced to use DC in order to communicate with DC-users. But this is broken when one wants to communicate encrypted: The non-DC user may need to install another mail-client or plugins into their thunderbird, which I think is no good UX.
Add compatibility for 3rd-party key-storage?
This had been brought up before (for slightly different reasons): Using third-party key management (at least on android/mobile). Being able to optionally(!) use a 3rd party key-storage like a gpg-keyring on desktops or OpenKeyChain on Android would solve above problem, plus it would remove the necessity of importing and exporting keys. Just check the box and everything works.
I was invited here following a discussion I opened on Mastodon.
I would consider myself a user of GPG encryption prior to using DeltaChat and familiar with setting up keys, encrypting files and emails, etc.
I find the ease of use of DeltaChat to be excellent and agree with the principles of AutoCrypt in general. I could see corner cases for users like me who would like to import known public keys they have exchanged with contacts prior to using DeltaChat, knowing that these contacts don’t use AutoCrypt enabled clients or assuming they don’t.
I have no suggestions to make regarding the technical solutions. I would favor a cross-platform solution.
Another corner case I would like to propose for contideration outside of AutoCrypt regular usage:
There is a short list of known secure email providers that use GPG to secure communications between their subscribers. I suppose they might have registries of public keys for each subscribers. Would it make sense, for those know service providers only (since most have not implemented AutoCrypt) to fetch public keys for each contact that use them, prior to sending them a series of message?
Just my 2 cents.
I definitively also fall in this category of users.
I can see my own encrypted messages sent from my other MUA, with the padlock, but I can’t read their responses on Delta Chat if they don’t have autocrypt headers.
In the contact setting for a particular person would be a great place to have an “import public key” option.
I was like “wow, Delta Chat removes all the hassle, I can just respond” and then I put my public key on my contact page. Then removed it right away when I remembered that I can’t just respond. I would need their key, too.
Supporting this, had some talks with @cyBerta @link2xt @nami and @r10s about this. We all want this, including an option to attach our own public key as an attachment. There’s still some open questions, if i remember it correctly they were:
- how is the state handled internally. We currently already have I think 3 priorities of keys, gossip keys, autocrypt header keys and verified keys. Somehow attached/manually loaded keys need to be put in to one of those categories, or opening a fourth.
- what happens if we receive a different autocrypt/gossip later after we manually imported a public key? Simply overloading has security implications, completely blocking it could render the chat unusable if the contact switched to deltachat/changed their key.
This ties in to the general problems of mitm/key-“updating”. I don’t think it’s wrong to alert me that the person I’m talking to changed their key, so I can verify (maybe out of band) that they did. “Oh, new phone, don’t worry” they could say and that’d be fine. It’s scary to think of the implications of “trust on every use”.
To comment on the question more specifically; if someone has a PGP key on their website it could be a “legacy” key from before they started using autocrypt, and maybe they want their new hot autocrypt key instead. OTOH those legacy keys are probably much bigger & harder to crack than the short li’l keys Delta Chat uses by default?
This is also a good solution to deal with emailing Protonmail users since they’ve decided to not implement autocrypt.
(Tutanota is still out but they’re even worse than Protonmail)
Indeed, it would be great to be able to import the GPG keys of our correspondents, starting with the ones of our Protonmail friends.