pretty Easy privacy (pEp): Email Formats and Protocols
draft-pep-email-01
Network Working Group H. Marques
Internet-Draft pEp Foundation
Intended status: Standards Track November 03, 2020
Expires: May 7, 2021
pretty Easy privacy (pEp): Email Formats and Protocols
draft-pep-email-01
Abstract
The proposed pretty Easy privacy (pEp) protocols for email are based
upon already existing email and encryption formats (as PGP/MIME) and
designed to allow for easily implementable and interoperable
opportunistic encryption. The protocols range from key distribution,
secret key synchronization between own devices, to mechanisms of
metadata and content protection. The metadata and content protection
is achieved by moving the whole message (not only the body part) into
the PGP/MIME encrypted part. The proposed pEp Email Formats not only
achieve simple forms of metadata protection (like subject
encryption), but also allow for sending email messages through a
mixnet. Such enhanced forms of metadata protection are explicitly
discussed within the scope of this document.
The purpose of pEp for email is to simplify and automate operations
in order to make usage of email encryption a viability for a wider
range of Internet users, with the goal of achieving widespread
implementation of data confidentiality and privacy practices in the
real world.
The proposed operations and formats are targeted towards to
Opportunistic Security scenarios and are already implemented in
several applications of pretty Easy privacy (pEp).
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
Marques Expires May 7, 2021 [Page 1]
Internet-Draft pretty Easy privacy (pEp) Email November 2020
This Internet-Draft will expire on May 7, 2021.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Relationship to other pEp documents . . . . . . . . . . . 4
1.2. Requirements Language . . . . . . . . . . . . . . . . . . 4
1.3. Terms . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. Opportunistic Security and Privacy for Email . . . . . . . . 5
2.1. Privacy by Default . . . . . . . . . . . . . . . . . . . 5
2.2. Data Minimization . . . . . . . . . . . . . . . . . . . . 6
2.3. Metadata Protection . . . . . . . . . . . . . . . . . . . 6
2.4. Interoperability . . . . . . . . . . . . . . . . . . . . 7
2.5. End-to-End . . . . . . . . . . . . . . . . . . . . . . . 7
2.6. Peer-to-Peer . . . . . . . . . . . . . . . . . . . . . . 7
2.7. User Experience (UX) . . . . . . . . . . . . . . . . . . 7
2.8. Identity System . . . . . . . . . . . . . . . . . . . . . 7
2.8.1. Address . . . . . . . . . . . . . . . . . . . . . . . 8
2.8.2. Key . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.8.3. User . . . . . . . . . . . . . . . . . . . . . . . . 8
2.8.4. Identity . . . . . . . . . . . . . . . . . . . . . . 8
2.8.5. Alias . . . . . . . . . . . . . . . . . . . . . . . . 9
2.9. pEp Email Formats . . . . . . . . . . . . . . . . . . . . 9
2.9.1. Unencrypted pEp Format . . . . . . . . . . . . . . . 10
2.9.2. pEp Email Format 1.0 . . . . . . . . . . . . . . . . 11
2.9.3. pEp Email Format 2.0 . . . . . . . . . . . . . . . . 15
2.9.4. pEp Email Format 2.1 . . . . . . . . . . . . . . . . 18
2.9.5. Protocol Negotiation for Format Selection . . . . . . 21
2.9.6. Saving Messages . . . . . . . . . . . . . . . . . . . 21
Show full document text