PGP Legacy Key Import

[JoshuaLyle]

It's been noted that we need to support importing of PGP keys to the app. The safest way to transfer the key would be some type of physical means i.e. QR codes like we've done before. Should we create an option in the email client add on to display a private key as QR code so that it can be scanned in to the phone?

Do y'all have any other ideas?

[hahnicity]

The mechanics of a QR code sound possible but clunky. Either our email plugin needs access to the PGP key via the filesystem or the user needs to manually input the PK somehow.

Physical transfer is possible but could be tricky for users. It could also require dedicated hardware. There were also some issues I bumped into with physical transfer involving apparmor that I wasn't able to resolve a few months ago. So this would likely have to be resolved.

[bbusenius]

By physical hardware are we just talking about a micro-usb or usbc to usb cable, or something like that? That might be appropriate for this use case.

Though one of the main goals of the app, is to make encryption simple for average users, I feel like we're already doing a good job of that with the current feature set. Legacy key import is more of a feature for advanced users. I think it's safe to assume that anyone who already has a PGP key they use and want to transfer is more capable of dealing with a harder process.

Of course, we want to make it as easy as possible, so we should be open to any idea that will help, however, I'm okay with this process being a little more cumbersome than some of the others.

[JoshuaLyle]

By physical, I just mean not sending it over a network. However it doesn't look like QR codes are an option for direct transfer. You can only have ~3000 characters for the character set an ascii armored private key uses and my private key has ~5000.

I also don't particularly want to go down the USB transfer route because that won't be possible on the iPhone app.

We can make an API interface on the MEG server shares a sym key via QR (like the plugin) and symmetrically encrypts the private key in javascript (to keep it all local and safe). Then just passes it to the phone through the server the same way as a message. If they can break that symmetric encryption to get the private key then they'd be able to break the individual messages anyway so I would think it'd be safe to rely on it.

[thompsonm-ANL]

I would prefer if we can do it with the phone attached to the computer in USB storage mode. I know this makes things more problematic for different implementations and particularly for iOS, but we'll cross that bridge when we get there. I think its the only solution that combines usability with the level of security we want to be maintaining.

[thompsonm-ANL]

Re: iOS: https://developer.apple.com/library/content/technotes/tn2152/_index.html