Thunderbird and OpenPGP - Autocrypt

Tanstaafl tanstaafl at
Tue Dec 10 14:14:25 UTC 2019

On 12/8/2019, 4:14:07 AM, Kai Engert <kaie at> wrote:
> However, if non-specialists use a system that automatically replaces 
> keys without telling them, the risk of detection for an adversary is 
> much lower.

I have a dumb question... I like automation, so like the idea of
Autocrypt, but I also like security, so...

Would it not be possible to add in some Auto-Protect mechanism -
something like:

a) Autocrypt temporarily replaces the key silently for Alice, but also
(silently, or with a prompt) sends an email (with some kind of
validation code in the subject) notification to Bob (the original key
owner), letting him know that Alice received a new key for him and it
was accepted via Autocrypt.

b) Bob then has the ability (through obviously some as yet unknown,
nonexistent mechanism built into Autocrypt) to tell Alice's system to
reject the attackers key, returning her system to a safe state, and
finally notifying her that an attempt was made to replace Bobs
real/valid key with an attacker's, and that she should contact Bob
directly to make sure everything is ok now.

c) Autocrypt then goes into a 'paranoid' state with respect to Bobs key
for the next ... 90 days? 180 days? ... and will prompt Alice if any
more attempts to replace his key are made.

Yes, Bob would get some - maybe a lot - of these notifications if/when
he changes his key, but the validation code in the subject would make it
easy for him to set an auto filter for them, leaving only ones with the
wrong validation code to stand out.

Anyway, I'm sure a lot of people a lot smarter than me have thought
about this, but it seems like this could work - especially if these MITM
attacks really are very rare...

More information about the tb-planning mailing list