On Wed, Apr 20, 2022 at 5:38 PM Alexander Lobakin <[email protected]> wrote:
Again?
-----BEGIN PGP MESSAGE-----
Version: ProtonMail
wcFMA165ASBBe6s8AQ/8C9y4TqXgASA5xBT7UIf2GyTQRjKWcy/6kT1dkjkF
FldAOhehhgLYjLJzNAIkecOQfz/XNapW3GdrQDq11pq9Bzs1SJJekGXlHVIW
Sorry I'm tossing the series out of patchwork.
From: Alexei Starovoitov <[email protected]>
Date: Wed, 20 Apr 2022 17:40:34 -0700
> On Wed, Apr 20, 2022 at 5:38 PM Alexander Lobakin <[email protected]> wrote:
>
> Again?
>
> -----BEGIN PGP MESSAGE-----
> Version: ProtonMail
>
> wcFMA165ASBBe6s8AQ/8C9y4TqXgASA5xBT7UIf2GyTQRjKWcy/6kT1dkjkF
> FldAOhehhgLYjLJzNAIkecOQfz/XNapW3GdrQDq11pq9Bzs1SJJekGXlHVIW
ProtonMail support:
"
The reason that some of the recipients are receiving PGP-encrypted
emails is that kernel.org is providing public keys for those
recipients ([email protected] and [email protected] specifically) via WKD
(Web Key Directory), and our API automatically encrypts messages
when a key is served over WKD.
Unfortunately, there is currently no way to disable encryption for
recipients that server keys over WKD but the recipients should be
able to decrypt the messages using the secret keys that correspond
to their public keys provided by kernel.org.
This is applicable both to messages sent via the ProtonMail web app,
and messages sent via Bridge app.
We have forwarded your feedback to the appropriate teams, and we
will see if we can implement a disable encryption option for these
cases. Unfortunately, we cannot speculate when we might implement
such an option.
"
Weeeeeird, it wasn't like that a year ago.
Anyway, since it's address specific and for now I observed this only
for ast@ and toke@, can I maybe send the series adding your Gmail
account rather that korg one? Alternatively, I can send it from my
Intel address if you prefer (thankfully, it doesn't encrypt anything
without asking), I just didn't want to mix personal stuff with corp.
>
> Sorry I'm tossing the series out of patchwork.
Thanks,
Al
Alexander Lobakin <[email protected]> writes:
> From: Alexei Starovoitov <[email protected]>
> Date: Wed, 20 Apr 2022 17:40:34 -0700
>
>> On Wed, Apr 20, 2022 at 5:38 PM Alexander Lobakin <[email protected]> wrote:
>>
>> Again?
>>
>> -----BEGIN PGP MESSAGE-----
>> Version: ProtonMail
>>
>> wcFMA165ASBBe6s8AQ/8C9y4TqXgASA5xBT7UIf2GyTQRjKWcy/6kT1dkjkF
>> FldAOhehhgLYjLJzNAIkecOQfz/XNapW3GdrQDq11pq9Bzs1SJJekGXlHVIW
>
> ProtonMail support:
>
> "
> The reason that some of the recipients are receiving PGP-encrypted
> emails is that kernel.org is providing public keys for those
> recipients ([email protected] and [email protected] specifically) via WKD
> (Web Key Directory), and our API automatically encrypts messages
> when a key is served over WKD.
>
> Unfortunately, there is currently no way to disable encryption for
> recipients that server keys over WKD but the recipients should be
> able to decrypt the messages using the secret keys that correspond
> to their public keys provided by kernel.org.
> This is applicable both to messages sent via the ProtonMail web app,
> and messages sent via Bridge app.
>
> We have forwarded your feedback to the appropriate teams, and we
> will see if we can implement a disable encryption option for these
> cases. Unfortunately, we cannot speculate when we might implement
> such an option.
> "
>
> Weeeeeird, it wasn't like that a year ago.
Well, they're also doing something non-standard with their WKD
retrieval, so maybe that changed? GPG itself will refuse to retrieve a
key that doesn't have the email address specified in the key itself:
$ gpg --locate-keys [email protected]
gpg: key 4A55C497F744F705: no valid user IDs
gpg: Total number processed: 1
gpg: w/o user IDs: 1
gpg: error retrieving '[email protected]' via WKD: No fingerprint
Given that they do it this way, I suppose this will affect every
@kernel.org address that has a PGP key attached (of which there are
currently 519, according to pgpkeys.git)...
-Toke