Skip to content

WIP: regenerate signed user ID in memory#7898

Draft
link2xt wants to merge 18 commits intomainfrom
link2xt/regen-user-id
Draft

WIP: regenerate signed user ID in memory#7898
link2xt wants to merge 18 commits intomainfrom
link2xt/regen-user-id

Conversation

@link2xt
Copy link
Collaborator

@link2xt link2xt commented Feb 25, 2026
edited
Loading

This way we can place whatever we want into signature.

Based on #7925

Closes #7865 once finished, the idea is to put all relay addresses into notation subpacket of the primary user ID signature.

TODO:

  • Fix tests/test_multitransport.py::test_download_on_demand. It is currently broken because receiving the same pre-message second time results in trashing the second pre-message and replacing first pre-message, so essentially the message that already existed as a pre-message gets trashed. Then you get problem from Post-message resulted in receive_imf failure #7872 when post-message download is automatically requested, but pre-message got trashed.
  • Bring back all the commented out signature subpackets or decide to drop them. SEIPDv2 feature is needed, we also want to recognize it and start sending SEIPDv2 if everyone supports it. Preferred algorithms and hashes practically just increase the signature size at the moment.
  • Online Python test that after removing primary relay user can still receive messages. Currently it works already but message is assigned to ad hoc group because the message is not recognized as sent to us. This is supposed to work via "intended recipient fingerprint" (e.g. fix: receive_imf: Look up key contact by intended recipient fingerprint (#7661) #7786) but something does not work. The problem is apparently caused by not stopping IMAP loop when deleting the transport.
  • Have some way to update contact public key (aka OpenPGP certificate). Currently (as of 2.44.0) we never update public keys from Autocrypt header. Simple way to fix this is to accept updates, but only from the signed messages and remember the timestamp, so it is impossible to e.g. forge an update with dropped encryption subkey. But we also want to update from Autocrypt-Gossip, this will need more careful merging, e.g. keeping old certificate but replacing user ID with the one that has highest timestamp on the signature. Currently I just trust the updates from Autocrypt header.
  • Per-context lock around prefetching (IMAP loop) or around receive_imf. Currently multitransport tests with download on demand fail because two IMAP loops receive the same messages and download them in parallel and this is not handled properly.

@link2xt link2xt force-pushed the link2xt/regen-user-id branch 3 times, most recently from 722e3e6 to 5be3918 Compare February 25, 2026 22:06
@link2xt link2xt force-pushed the link2xt/regen-user-id branch 3 times, most recently from d810ee5 to e0744da Compare February 27, 2026 01:17
@link2xt link2xt mentioned this pull request Feb 27, 2026
Open
Base automatically changed from link2xt/keypair to main February 28, 2026 16:27
@link2xt link2xt force-pushed the link2xt/regen-user-id branch 2 times, most recently from 79a7943 to 895db47 Compare March 1, 2026 22:40
@link2xt link2xt changed the base branch from main to link2xt/qkzzkkylmtmk March 1, 2026 22:42
link2xt added 15 commits March 2, 2026 03:29
@link2xt link2xt force-pushed the link2xt/regen-user-id branch from 895db47 to 48a715b Compare March 2, 2026 03:30
@link2xt link2xt force-pushed the link2xt/qkzzkkylmtmk branch from a3deffe to 37e02ee Compare March 2, 2026 03:30
Base automatically changed from link2xt/qkzzkkylmtmk to main March 2, 2026 16:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Distribute information about relays in the key signature

1 participant

@link2xt