mirrors/hockeypuck
1
0
Fork 0
mirror of https://github.com/hockeypuck/hockeypuck.git synced 2025-12-17 08:55:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Page: HIP 008: Out of Band Email Ownership Proof
Pages
HIP 000: Hockeypuck Improvement Proposals HIP 001: [REVERTED] Regaining control over public key identity with authenticated key management HIP 002: SKS v2 protocol HIP 003: Timestamp aware merge strategy HIP 004: Third party revocation sig distribution HIP 005: Reliable personal data deletion using self signatures HIP 006: WKD support HIP 007: Recursive resolver HIP 008: Out of Band Email Ownership Proof HIP 009: Management Interface HIP 010: Internal rate limiting support HIP 011: Merge ptree into pghkp HIP 012: Define and use JSON‐LD schemas HIP 013: In‐Band Metadata Sync Using Trust Packets Home Migrating from SKS‐keyserver to Hockeypuck Semantic Versioning Policy Upgrading docker‐compose standalone deployment from 2.1 to 2.2
HIP 008: Out of Band Email Ownership Proof
Andrew Gallagher edited this page 2025-03-28 15:27:01 +00:00
Table of Contents

Motivation

To prevent spam, we wish to allow users to demonstrate ownership of their claimed User IDs. This can be done interactively by making a verification request to that User ID (such as sending an email containing a link), however in a distributed network this would involve either all network members sending out their own verification requests, or each member implicitly trusting all other members to perform verification correctly.

It would be preferable for each User ID to have a proof attached to it, the validity of which could be checked without further interaction. This could be done using existing cryptographic proofs for email antispam, in particular DKIM.

Examples of interactions

TBC

Design

A client would send an email containing its public key, and its email service provider would automatically sign it using DKIM. A keyserver could receive that email via SMTP, verify the DKIM signature, and store the received email as an offline proof. Alternatively, a client could send the proof email to itself, and then submit the key plus the DKIM-signed proof over HKP, with the same result.

Since DKIM signing keys are long-lived, other keyservers in the network could independently verify the proof. Keyservers would then store the proof in their database and distribute it to their peers. Keyservers should verify the email proofs of User IDs newly received over HKP or sync (or email, if supported). They are not required to verify the proofs of known User IDs, or of User IDs newly restored from a dump.

When a client requests a User ID search, a keyserver would serve results that had a valid proof first. A client could choose to request only those results with a valid proof.

Out of scope

TBC

Security considerations

The proofs described above are not equivalent to web of trust calculations, and a client SHOULD still perform these wherever possible.

Compatibility

This would need client support, and it may be easiest if we implemented our own client tooling.