pretty Easy privacy (pEp): Key Synchronization Protocol
draft-hoeneisen-pep-keysync-00

Document Type Active Internet-Draft (individual)
Last updated 2019-07-07
Replaces draft-birk-pep-keysync
Stream (None)
Intended RFC status (None)
Formats plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                       B. Hoeneisen
Internet-Draft                                                   Ucom.ch
Intended status: Standards Track                              H. Marques
Expires: January 8, 2020                                  pEp Foundation
                                                           July 07, 2019

        pretty Easy privacy (pEp): Key Synchronization Protocol
                     draft-hoeneisen-pep-keysync-00

Abstract

   Modern users of messaging systems usually have multiple devices, and
   often desire to send and receive encrypted messages on some or all of
   their devices.  Using encryption on multiple devices often results in
   situations where messages cannot be decrypted on the device used to
   read the message due to a missing private key.

   This document specifies a protocol for secure peer-to-peer
   synchronization of private keys across devices belonging to the same
   user (pEp Key Synchronization Protocol).

   The pretty Easy privacy (pEp) protocols describe a set of conventions
   for the automation of operations traditionally seen as barriers to
   the use and deployment of secure end-to-end interpersonal messaging.
   These include, but are not limited to, key management, key discovery,
   and private key handling.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 8, 2020.

Hoeneisen & Marques      Expires January 8, 2020                [Page 1]
Internet-Draft      pretty Easy privacy (pEp) KeySync          July 2019

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Problem Statement . . . . . . . . . . . . . . . . . . . .   3
     1.2.  Approach  . . . . . . . . . . . . . . . . . . . . . . . .   4
     1.3.  Main Challenge  . . . . . . . . . . . . . . . . . . . . .   4
     1.4.  Requirements Language . . . . . . . . . . . . . . . . . .   4
     1.5.  Terms . . . . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  General Description . . . . . . . . . . . . . . . . . . . . .   5
     2.1.  Use Cases for pEp KeySync . . . . . . . . . . . . . . . .   6
       2.1.1.  Form Device Group . . . . . . . . . . . . . . . . . .   6
       2.1.2.  Add New Device to Existing Device Group . . . . . . .   6
       2.1.3.  Exchange Private Keys . . . . . . . . . . . . . . . .   6
       2.1.4.  Leave Device Group  . . . . . . . . . . . . . . . . .   7
       2.1.5.  Remove other Device from Device Group . . . . . . . .   7
     2.2.  Interaction Diagrams  . . . . . . . . . . . . . . . . . .   7
       2.2.1.  Form Device Group . . . . . . . . . . . . . . . . . .   8
       2.2.2.  Add New Device to Existing Device Group . . . . . . .  16
       2.2.3.  Exchange Private Keys . . . . . . . . . . . . . . . .  23
       2.2.4.  Leave Device Group  . . . . . . . . . . . . . . . . .  23
       2.2.5.  Remove other Device from Device Group . . . . . . . .  23
     2.3.  Simplified Finite-State Machine . . . . . . . . . . . . .  23
   3.  Reference Implementation  . . . . . . . . . . . . . . . . . .  24
     3.1.  Full Finite-State Machine . . . . . . . . . . . . . . . .  24
       3.1.1.  States  . . . . . . . . . . . . . . . . . . . . . . .  24
       3.1.2.  Actions . . . . . . . . . . . . . . . . . . . . . . .  43
     3.2.  Messages  . . . . . . . . . . . . . . . . . . . . . . . .  69
       3.2.1.  Format  . . . . . . . . . . . . . . . . . . . . . . .  69
       3.2.2.  List of Messages Used in Finite-State Machine . . . .  69
       3.2.3.  Example Messages  . . . . . . . . . . . . . . . . . .  72
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .  72
Show full document text