18 10 | 2012

An email header field to indicate you would like encrypted replies

Written by Tanguy

Classified in : Homepage, Debian

A letter with a wax seal

As you may know, when Phil Zimmermann published PGP, his goal was to counter the wide spying possibilities the development of electronic communications offered to the authorities, by promoting the general use of encryption so that 1. governments would not be able to restrict it afterwards and 2. it becomes possible to encrypt messages for privacy without drawing suspicion.

Now, cryptography has made its way and is widely use, but mostly for commercial website and only sparsely for mail. Indeed, contrary to signing, encrypting a message requires that the recipient has a crypto key and is able and willing to use it to decrypt your message.

To alleviate this problem, I thought that it would be useful to have a way, when sending a message, to tell your recipients that you would like that they encrypt their answers, because you are able and willing to get encrypted mail. I think the most relevant way to do that would be by adding a dedicated header field:

In that header, one would be able to indicate what protocols he accepts. I suggest a comma-separated list, with the following possible values: PGP (or PGP/MIME and PGP/traditional for people that only accept one of these two PGP formats), S/MIME. For instance:

It may be useful to be able to indicate that you either always wish your messages to be encrypted, or that it is only for this message's replies. If this is really relevant, it would take two distinct headers: and .

Any thought about that proposal? Next thing to do, determine how to have that standardized at IANA and how to promote it.


friday 19 october 2012 à 00:25 Philipp Kern said : #1

I'd guess IETF, not IANA.

friday 19 october 2012 à 00:32 Nick said : #2

How do you handle preference orders? For example, my mail client (notmuch) automatically handles PGP/MIME, but not PGP/traditional. Nonetheless, *I* handle PGP/traditional, just not automatically, so PGP/MIME is preferred.

I see two ways to handle preferences (1) sort the comma delimited list, or (2) create an Encryption-Acceptable header that lists possible, less desired, formats. I think the first would be preferred, as the second option only allows two tiers of encryption, while the first allows as many as your mail client supports.

Also, should PGP/traditional be renamed PGP/INLINE?

friday 19 october 2012 à 00:33 Aaron Toponce said : #3


friday 19 october 2012 à 05:13 Anonymous said : #4

Why not use the syntax of the HTTP Accept header, so that you can specify preference ordering, and use MIME types for future extension? Inline PGP, PGP/MIME, and S/MIME all have their own MIME types.

friday 19 october 2012 à 09:26 Douglas said : #5

My very simple approach to this: If someone sends an email signed with PGP, I reply with a PGP-encrypted email. If someone sends an email signed with S/MIME, I reply an S/MIME-encrypted email.

No need for additional headers :)

friday 19 october 2012 à 09:45 Tanguy said : #6

@Philipp Kern : If it gets standardized, it will be listed in the IANA header list, but I guess you are right.

@Nick, @Anonymous : Sorting the list would be enough and much more simple, in my opinion.

@Aaron Toponce : Thanks, I shall contact its author to see if it would fit to complete his proposal.

@Anonymous : Good idea, using the MIME types, I did not know traditional PGP had one.

@Douglas : Well, unfortunately it cannot be generalized, there are people who sign their email but do not like encryption. Anyway, explicit is better than implicit. :-)

friday 19 october 2012 à 11:40 niq said : #7

Re: Anonymous@05:13 - Use not just the syntax, but the name. As in,


Or better, something to catch the imagination of the chattering classes:

Accept-Security: [signing-methods]
Accept-Privacy: [encryption-methods]

Because everyone is in favour of security and privacy, right!

Then we have scope for scenarios like a user's mailer to accept everything, but a mailinglist to disallow encryption (strip out that header) while still accepting signed mail.

friday 19 october 2012 à 13:02 Tanguy said : #8

@niq : I am not sure: accepting encryption is not the same as asking for it. I already saw people that accepted encryption, but that preferred to receive cleartext messages.

friday 19 october 2012 à 14:16 Simon said : #9

The OpenPGP header work is essentially done and the only reason it hasn't been pushed out as an RFC is lack of time. If you want to jump in and drive this, I'd be happy to add you as co-author if you do a review of the document. I think the BNF and references needs to be updated a bit to sync it with latest RFCs.

tuesday 23 october 2012 à 08:29 qznc said : #10

A somewhat related article about signing emails using mail headers: http://beza1e1.tuxen.de/articles/pgp_header.html

tuesday 23 october 2012 à 10:39 Tanguy said : #11

@Simon : I may be able to help, yes. Think you for the information.

@qznc : Actually, this is the way Usenet control messages are signed, IIRC. Too bad it is not implemented by most user agents.

wednesday 24 october 2012 à 01:10 Dave said : #12

Would there be a need to specify a key to use for the encryption in the header (or an additional one)?

wednesday 24 october 2012 à 11:10 Tanguy said : #13

@Dave : There should not, since someone that requests encrypted reply should also sign his original message, thus indicating his PGP ID. Now, since it would be relevant to merge my proposal with Aaron Toponce's, it would be possible, yes.

Write a comment

What is the last letter of the word xhqjc? :