emailselfdefense.fsf.org indirectly recommends a proprietary service through a new Enigmail defaults

[Dmitry Alexandrov]

Hello.  FSF’s ‘Email Self-Defence Guide’ [1] teaches those who are not yet 
familiar with OpenPGP to use Thunderbird + Enigmail and features the following 
text:

| In your email program's menu, select Enigmail → Key Management.
|
| Right click on your key and select Upload Public Keys to Keyserver. Use the 
default keyserver in the popup.
|
| Now someone who wants to send you an encrypted message can download your 
public key from the Internet. There are multiple keyservers that you can select 
from the menu when you upload, but they are all copies of each other, so it 
doesn't matter which one you use.

However, since the last week this is no longer true, as Patrick Brunschwig 
<patrick@enigmail.net>, an author of Enigmail, making use of a recently 
exploited security flaw in SKS network, which the guide describes, changed the 
default keyserver from the SKS round-robin pool, to a *proprietary centralized 
service* [2], “one of whose initiators” he was, and which does _not_ share the 
base with with SKS: as of now, it provides info for about 5 000 email’s (SKS — 
for about 5 000 000 keys).

Some more details are in the correspondence below.

WDYT?

[1] https://emailselfdefense.fsf.org
[2] https://keys.openpgp.org

--- Begin Message --- Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 08:24:56 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0

On 10.07.2019 05:55, Dmitry Alexandrov wrote:
> Patrick Brunschwig <patrick@enigmail.net> wrote:
>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.*
> 
>> This release sets the default keyserver to keys.openpgp.org in order to 
>> mitigate the SKS Keyserver Network Attack [1]. This change is applied 
>> unconditionally for all installations, except if the default keyserver is 
>> set to an ldap server.
> 
> Given that the issue is now mitigated in GPG, when will reverting this back 
> be scheduled?

I won't revert this change for two reasons:

1. It will take weeks to months until the majority of the Windows and
macOS systems will have updated (which first requires the availability
of new versions of gpg4win, GPGTools, GpgOSX etc).

2. As I already said publicly, the default in Enigmail 2.1 will be
keys.openpgp.org. The change is now just a little earlier than anticipated.

If you want a different default keyserver, you can change that manually
in the Enigmail preferences.

-Patrick

signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message --- Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 11:43:49 +0300 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Patrick Brunschwig <patrick@enigmail.net> wrote:
> On 10.07.2019 05:55, Dmitry Alexandrov wrote:
>> Patrick Brunschwig <patrick@enigmail.net> wrote:
>>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.*
>> 
>>> This release sets the default keyserver to keys.openpgp.org in order to 
>>> mitigate the SKS Keyserver Network Attack [1]. This change is applied 
>>> unconditionally for all installations, except if the default keyserver is 
>>> set to an ldap server.
>> 
>> Given that the issue is now mitigated in GPG, when will reverting this back 
>> be scheduled?
>
> I won't revert this change for two reasons:
>
> 1. It will take weeks to months until the majority of the Windows and macOS 
> systems will have updated (which first requires the availability of new 
> versions of gpg4win, GPGTools, GpgOSX etc).

Well, that’s exactly the kind of answer I hoped to get: a stub will be reverted 
when such and such updates are published.  But I see now, I was too optimistic. 
 :-\

> 2. As I already said publicly, the default in Enigmail 2.1 will be 
> keys.openpgp.org. The change is now just a little earlier than anticipated.

So, just to clarify, you intentionally replaced the standard distributed 
network with some freshly established private service, where centralized 
control is _not_ a child illness, but a design:

| Several folks offered to help out by "running a Hagrid server instance". We 
very much appreciate the offer, but we will probably never have an "open" 
federation model like SKS, where everyone can run an instance and become part 
of a "pool".
— https://keys.openpgp.org/about/faq

moreover, pushed that change to setups of the most old users, — and found all 
of that absolutely okay?

> If you want a different default keyserver, you can change that manually in 
> the Enigmail preferences.

Please, do not say it like the question is about choosing a default 
colour-scheme or some other trifle!  It’s not a ‘different keyserver’ in a 
sense, that became usual for all those years of SKS (that is, whether it 
pgp.mit.edu, keys.ubuntu.com or even keybase.io).  You have driven the whole 
userbase to a *different network* — a network consisting of a single server.

signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message --- Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Wed, 10 Jul 2019 13:41:26 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0

On 10.07.2019 10:43, Dmitry Alexandrov wrote:
> Patrick Brunschwig <patrick@enigmail.net> wrote:
>> On 10.07.2019 05:55, Dmitry Alexandrov wrote:
>>> Patrick Brunschwig <patrick@enigmail.net> wrote:
>>>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.*
>>>
>>>> This release sets the default keyserver to keys.openpgp.org in order to 
>>>> mitigate the SKS Keyserver Network Attack [1]. This change is applied 
>>>> unconditionally for all installations, except if the default keyserver is 
>>>> set to an ldap server.
>>>
>>> Given that the issue is now mitigated in GPG, when will reverting this back 
>>> be scheduled?
>>
>> I won't revert this change for two reasons:
>>
>> 1. It will take weeks to months until the majority of the Windows and macOS 
>> systems will have updated (which first requires the availability of new 
>> versions of gpg4win, GPGTools, GpgOSX etc).
> 
> Well, that’s exactly the kind of answer I hoped to get: a stub will be 
> reverted when such and such updates are published.  But I see now, I was too 
> optimistic.  :-\
> 
>> 2. As I already said publicly, the default in Enigmail 2.1 will be 
>> keys.openpgp.org. The change is now just a little earlier than anticipated.
> 
> So, just to clarify, you intentionally replaced the standard distributed 
> network with some freshly established private service, where centralized 
> control is _not_ a child illness, but a design:
> 
> | Several folks offered to help out by "running a Hagrid server instance". We 
> very much appreciate the offer, but we will probably never have an "open" 
> federation model like SKS, where everyone can run an instance and become part 
> of a "pool".
> — https://keys.openpgp.org/about/faq

Even though I currently don't have an active role with Hagrid, I am one
of its initiators. I'm fully aware of the pros and cons.

I honestly strongly disagree with the idea that a key directory (and
Hagrid is not more than that) must be decentralized. If you want
decentralized key distribution/lookup, then use Autocrypt and WKD, which
are both part or Enigmail and which are both used before keyserver lookup.

Furthermore, you rely on Enigmail, which is developed by me, myself and
I -- with very little help from others. That is, many people rely on a
centralized system sitting above my shoulders for their encrypted
communication. Do you think that's any better or worse than using a
centralized directory for key lookup?

> moreover, pushed that change to setups of the most old users, — and found all 
> of that absolutely okay?

Given the circumstances - yes. My plan was to set the new default, but
to NOT touch the existing installations. But the SKS issue forced me to
go that way.

This is not a problem that only affects a few dozen users who are savvy
enough to handle this, or to look up resources for fixing this. This is
something that affects many thousand people, if not more. And it is
simply out of question for me to spend my free time on handling the
support requests of all these users individually. And this *will*
happen. I just had 2 support requests this morning.

And as I said - I can't undo that because people are too lazy with
updating their software.

-Patrick

signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message --- Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Thu, 11 Jul 2019 23:30:13 +0300 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Patrick Brunschwig <patrick@enigmail.net> wrote:
> On 10.07.2019 10:43, Dmitry Alexandrov wrote:
>> Patrick Brunschwig <patrick@enigmail.net> wrote:
>>> On 10.07.2019 05:55, Dmitry Alexandrov wrote:
>>>> Patrick Brunschwig <patrick@enigmail.net> wrote:
>>>>> I am happy to announce Enigmail v2.0.12 for Thunderbird 60.*
>>>>
>>>>> This release sets the default keyserver to keys.openpgp.org in order to 
>>>>> mitigate the SKS Keyserver Network Attack [1]. This change is applied 
>>>>> unconditionally for all installations…
>>>>
>>>> Given that the issue is now mitigated in GPG, when will reverting this 
>>>> back be scheduled?
>>>
>>> I won't revert this change for two reasons:

>>> 2. As I already said publicly, the default in Enigmail 2.1 will be 
>>> keys.openpgp.org. The change is now just a little earlier than anticipated.
>>
>> So, just to clarify, you intentionally replaced the standard distributed 
>> network with some freshly established private service, where centralized 
>> control is _not_ a child illness, but a design:
>> 
>> | Several folks offered to help out by "running a Hagrid server instance". 
>> We very much appreciate the offer, but we will probably never have an "open" 
>> federation model like SKS, where everyone can run an instance and become 
>> part of a "pool".
>> — https://keys.openpgp.org/about/faq
>
> Even though I currently don't have an active role with Hagrid, I am one of 
> its initiators. I'm fully aware of the pros and cons.
>
> I honestly strongly disagree with the idea that a key directory (and Hagrid 
> is not more than that) must be decentralized.

And honestly believe, that it’s fine to break longstanding interoperability 
between GPG frontends and GPG-compatible programs just because of your personal 
opinion of how it should be implemented?  When to expect an in-house default 
cipher in Enigmail?

> If you want decentralized key distribution/lookup, then use Autocrypt and WKD

I beg my pardon, but what a nonsense is that?  How WKD is decentralized?  WKD 
for a given address is on a single server, normally controlled by one of the 
two potential attackers.  So in the terms of security it’s even worse than your 
private service.  Anyway, it’s irrelevant for now, WKD vs. HKP is not what we 
are discussing.  And Autocrypt is not a way to publish your key at all, but to 
send it privately.

> Furthermore, you rely on Enigmail, which is developed by me, myself and I -- 
> with very little help from others. That is, many people rely on a centralized 
> system sitting above my shoulders for their encrypted communication. Do you 
> think that's any better or worse than using a centralized directory for key 
> lookup?

No, I believe I do not rely on ‘Enigmail centralized system’, only on OpenPGP, 
which is an open standard, and on SKS, which is a distributed network that 
until your diversion seemed to be an unanimously accepted standard de-facto; 
and on some free programs, but it does not matter on which exactly, as long 
they do not cause any negative network effect.

Or do I miss some another nasty feature of Enigmail, that also would have an 
impact on my correspondents: force them to use some proprietary service, 
nonfree software, or something like that?  Please, do enlighten me on that.

>> moreover, pushed that change to setups of the most old users, — and found 
>> all of that absolutely okay?
>
> Given the circumstances - yes. My plan was to set the new default, but to NOT 
> touch the existing installations. But the SKS issue forced me to go that way.

That is, you were even going to break seamless interoperability between 
different installations of your own program initially?  o_O

>>> 1. It will take weeks to months until the majority of the Windows and macOS 
>>> systems will have updated (which first requires the availability of new 
>>> versions of gpg4win, GPGTools, GpgOSX etc).
>>
>> Well, that’s exactly the kind of answer I hoped to get: a stub will be 
>> reverted when such and such updates are published.  But I see now, I was too 
>> optimistic.  :-\
>
> This is not a problem that only affects a few dozen users who are savvy 
> enough to handle this, or to look up resources for fixing this. This is 
> something that affects many thousand people, if not more. And it is simply 
> out of question for me to spend my free time on handling the support requests 
> of all these users individually. And this *will* happen. I just had 2 support 
> requests this morning.

And so instead of the obvious disabling of HKP lookup at all until things are 
fixed, you took a DDoS of the present open system as a perfect opportunity to 
radically promote a new competing proprietary service, “one of whose 
initiators” you were.  Very clever, my sincere admirations to you.

> And as I said - I can't undo that because people are too lazy with updating 
> their software.

So?  What are obstacles to perform a simple check of GPG’s version used?

signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message --- Subject: Re: [Enigmail] Enigmail 2.0.12 available Date: Fri, 12 Jul 2019 08:10:52 +0200 User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.0

On 11.07.2019 22:30, Dmitry Alexandrov wrote:
[...]
> When to expect an in-house default cipher in Enigmail?

Never

-Patrick

signature.asc
Description: OpenPGP digital signature

--- End Message ---

signature.asc
Description: PGP signature