pep-keysync/draft-birk-pep-keysync-NN.txt
author Iraklis Symeonidis <iraklis.symeonidis@esat.kuleuven.be>
Tue, 07 May 2019 14:38:44 +0200
changeset 729 f1a466a66c40
parent 683 909cbf8778ce
permissions -rw-r--r--
Security and privacy threats a requirements (first draft)
     1 
     2 
     3 
     4 
     5 Network Working Group                                            V. Birk
     6 Internet-Draft                                                H. Marques
     7 Intended status: Standards Track                          pEp Foundation
     8 Expires: September 15, 2019                               March 14, 2019
     9 
    10 
    11         pretty Easy privacy (pEp): Key Synchronization Protocol
    12                        draft-birk-pep-keysync-NN
    13 
    14 Abstract
    15 
    16    The pretty Easy privacy (pEp) propositions for email are based upon
    17    already existing email and encryption formats (i.e., PGP/MIME) and
    18    designed to allow for easy implementable and interoperable
    19    opportunistic encryption.
    20 
    21    The goal of pEp KeySync is to automatize operations in order to make
    22    handling of multiple devices usable by a wider range of Internet
    23    users, to achieve wide application of confidentiality and privacy
    24    practices in the real world.
    25 
    26    ...
    27 
    28 Status of This Memo
    29 
    30    This Internet-Draft is submitted in full conformance with the
    31    provisions of BCP 78 and BCP 79.
    32 
    33    Internet-Drafts are working documents of the Internet Engineering
    34    Task Force (IETF).  Note that other groups may also distribute
    35    working documents as Internet-Drafts.  The list of current Internet-
    36    Drafts is at https://datatracker.ietf.org/drafts/current/.
    37 
    38    Internet-Drafts are draft documents valid for a maximum of six months
    39    and may be updated, replaced, or obsoleted by other documents at any
    40    time.  It is inappropriate to use Internet-Drafts as reference
    41    material or to cite them other than as "work in progress."
    42 
    43    This Internet-Draft will expire on September 15, 2019.
    44 
    45 Copyright Notice
    46 
    47    Copyright (c) 2019 IETF Trust and the persons identified as the
    48    document authors.  All rights reserved.
    49 
    50    This document is subject to BCP 78 and the IETF Trust's Legal
    51    Provisions Relating to IETF Documents
    52    (https://trustee.ietf.org/license-info) in effect on the date of
    53 
    54 
    55 
    56 Birk & Marques         Expires September 15, 2019               [Page 1]
    57 
    58 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
    59 
    60 
    61    publication of this document.  Please review these documents
    62    carefully, as they describe your rights and restrictions with respect
    63    to this document.  Code Components extracted from this document must
    64    include Simplified BSD License text as described in Section 4.e of
    65    the Trust Legal Provisions and are provided without warranty as
    66    described in the Simplified BSD License.
    67 
    68 Table of Contents
    69 
    70    1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
    71    2.  Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . .   2
    72    3.  General function  . . . . . . . . . . . . . . . . . . . . . .   3
    73    4.  Sync Handshake Signals  . . . . . . . . . . . . . . . . . . .   4
    74    5.  Sync State Machine  . . . . . . . . . . . . . . . . . . . . .   5
    75    6.  Sync Messages . . . . . . . . . . . . . . . . . . . . . . . .   7
    76    7.  Security Considerations . . . . . . . . . . . . . . . . . . .   9
    77    8.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   9
    78    9.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   9
    79    10. Implementation Status . . . . . . . . . . . . . . . . . . . .   9
    80      10.1.  Introduction . . . . . . . . . . . . . . . . . . . . . .   9
    81      10.2.  Current software implementing pEp  . . . . . . . . . . .   9
    82    11. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  10
    83    12. References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
    84      12.1.  Normative References . . . . . . . . . . . . . . . . . .  10
    85      12.2.  Informative References . . . . . . . . . . . . . . . . .  10
    86    Appendix A.  Excerpts from the pEp Reference Implementation . . .  11
    87    Appendix B.  Document Changelog . . . . . . . . . . . . . . . . .  11
    88    Appendix C.  Open Issues  . . . . . . . . . . . . . . . . . . . .  12
    89    Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  12
    90 
    91 1.  Introduction
    92 
    93    When a user has different devices, it is convenient to read existing,
    94    send new and receive messages from any of those devices, and to share
    95    the same identity on all of them (e.g., a specific email address).
    96 
    97    In this part of the pretty Easy privacy (pEp) protocols, a way to
    98    synchronize private key material is presented, which is non-
    99    centralized and easy to implement.
   100 
   101    For pEp implementations, pEp KeySync for key synchronization is part
   102    of the pEp Sync protocol.
   103 
   104 2.  Terms
   105 
   106    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   107    "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   108    document are to be interpreted as described in [RFC2119].
   109 
   110 
   111 
   112 Birk & Marques         Expires September 15, 2019               [Page 2]
   113 
   114 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   115 
   116 
   117    o  pEp Handshake: The process when Alice - e.g., in-person or via
   118       phone - contacts Bob to verify Trustwords (or by fallback:
   119       fingerprints) is called pEp Handshake.
   120       [I-D.marques-pep-handshake]
   121 
   122    o  Trustwords: A scalar-to-word representation of 16-bit numbers (0
   123       to 65535) to natural language words.  When doing a Handshake,
   124       peers are shown combined Trustwords of both public keys involved
   125       to ease the comparison.  [I-D.birk-pep-trustwords]
   126 
   127    o  Trust on First Use (TOFU): cf. [RFC7435]
   128 
   129    o  Man-in-the-middle attack (MITM): cf. [RFC4949]
   130 
   131    o  Device Group: All devices that share a common mailbox to exchange
   132       user keys, trust, calendar and other information.
   133 
   134    o  Beacon (message): A text message that is stored inside the mailbox
   135       which contains control commands and serves as communication
   136       channel between the devices of the device group
   137 
   138 3.  General function
   139 
   140    Assume two devices from Alice configured with pEp-implementing
   141    messaging clients, Alice_A and Alice_B and sharing the same identity
   142    for some communication channel (e.g., an email address).  Both
   143    devices will already have a key pair, which was automatically
   144    generated by the pEp protocol.  Neither device knows anything about
   145    the other nor are the chances realistic that the independently
   146    created key pairs match.
   147 
   148    If Alice wants to communicate from both of her devices, she expects
   149    not only that messages be readable across the devices, but also that
   150    she can send messages expecting the same level of privacy she's used
   151    to with just using one device, i.e., she wants all of the trust she
   152    gave her contacts synchronized.  That is, the trust should be
   153    reflected on any device she uses.  This requires her to have her
   154    devices be part of a so-called Device Group.
   155 
   156    This scenario can be fulfilled using the following steps, assuming
   157    the process is started with device Alice_A:
   158 
   159    1.  Alice automatically invokes a broadcast from the first device,
   160        which is connected, e.g.  Alice_A: its public key is attached.
   161 
   162    2.  Both devices, Alice_A and Alice_B, might see the beacon message.
   163 
   164        *  Alice_A will ignore the message, as it was the sending device.
   165 
   166 
   167 
   168 Birk & Marques         Expires September 15, 2019               [Page 3]
   169 
   170 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   171 
   172 
   173    3.  Alice_B picks up on the message and does a Handshake Request:
   174        that device's public key is attached.
   175 
   176    4.  If the devices do not yet form a Device Group, Alice_A now sends
   177 
   178    a Handshake Request to Alice_B.
   179 
   180    1.  On both devices, the user confirms the Trustwords.  This
   181        establishes trust.
   182 
   183    2.  Alice_A and Alice_B now send each other all of their secrets,
   184        i.e., their private keys.
   185 
   186    3.  The oldest key is used as the Group Key for the established
   187        Device Group: it's the one now used for any outside communication
   188        with other peers.
   189 
   190    In any case, both devices can now read any message encrypted with
   191    either encryption key: be it Alice_1's or Alice_2's public key, which
   192    was involved in some former communications with the outside world.
   193 
   194    FIXME: Refine; sketch update processes.
   195 
   196 4.  Sync Handshake Signals
   197 
   198    From the reference implementation, src/sync.h:
   199 
   200          typedef enum _sync_handshake_signal {
   201              SYNC_NOTIFY_UNDEFINED = 0,
   202 
   203              // request show handshake dialog
   204              SYNC_NOTIFY_INIT_ADD_OUR_DEVICE,
   205              SYNC_NOTIFY_INIT_ADD_OTHER_DEVICE,
   206              SYNC_NOTIFY_INIT_FORM_GROUP,
   207 
   208              // handshake process timed out
   209              SYNC_NOTIFY_TIMEOUT,
   210 
   211              // handshake accepted by user
   212              SYNC_NOTIFY_ACCEPTED_DEVICE_ADDED,
   213              SYNC_NOTIFY_ACCEPTED_GROUP_CREATED
   214 
   215          } sync_handshake_signal;
   216 
   217 
   218 
   219 
   220 
   221 
   222 
   223 
   224 Birk & Marques         Expires September 15, 2019               [Page 4]
   225 
   226 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   227 
   228 
   229 5.  Sync State Machine
   230 
   231    Finite-State-Machine from reference implementation from sync/
   232    devicegroup.fsm:
   233 
   234    include ./fsm.yml2
   235 
   236       protocol DeviceGroup {
   237           // all messages have a timestamp, time out and are removed after timeout
   238 
   239           broadcast sendBeacon;
   240           broadcast sendGroupUpdate;
   241           broadcast sendUpdateRequest;
   242           unencrypted sendBeacon;
   243 
   244           fsm DeviceState filename=sync {
   245               condition storedGroupKeys();
   246               condition keyElectionWon(Identity partner);
   247 
   248               state InitState {
   249                   on Init {
   250                       if storedGroupKeys()
   251                           go Grouped;
   252                       go Sole;
   253                   }
   254               }
   255 
   256               state Sole end=1 {
   257                   on KeyGen // injected by generate_keypair()
   258                       do sendBeacon;
   259                   on CannotDecrypt
   260                       do sendBeacon;  // cry, baby
   261                   on Beacon(Identity partner) // this event will not happen for already
   262                                               // rejected partners
   263                       do sendHandshakeRequest(partner);
   264                   on HandshakeRequest(Identity partner) {
   265                       do sendHandshakeRequest(partner);
   266                       go HandshakingSole(partner);
   267                   }
   268               }
   269 
   270               state HandshakingSole timeout=600 (Identity expected) {
   271                   on Init{
   272                       if keyElectionWon(partner) {    // an already existing group
   273                           do notifyInitFormGroup(partner);
   274                       } else {
   275                           do notifyInitAddOurDevice(partner);
   276                       }
   277 
   278 
   279 
   280 Birk & Marques         Expires September 15, 2019               [Page 5]
   281 
   282 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   283 
   284 
   285                   }
   286 
   287                   on HandshakeRejected(Identity partner) {
   288                       do rejectHandshake(partner);             // stores rejection of partner
   289                       go Sole;
   290                   }
   291                   on HandshakeAccepted(Identity partner) {
   292                       do acceptHandshake(partner);
   293                       if keyElectionWon(partner) {    // an already existing group
   294                                                       // always wins
   295                           do sendGroupKeys(partner);
   296                           do notifyAcceptedGroupCreated(partner);
   297                           go Grouped;
   298                       }
   299                       go WaitForGroupKeysSole(partner);
   300                   }
   301                   on Cancel go Sole;
   302                   on Timeout {
   303                       do notifyTimeout(expected);
   304                       go Sole;
   305                   }
   306               }
   307 
   308               state WaitForGroupKeysSole timeout=600 (Identity expected) {
   309                   on GroupKeys(Identity partner, Stringlist keys) {
   310                       // TODO ensure partner == expected
   311                       do storeGroupKeys(partner, keys);
   312                       do notifyAcceptedDeviceAdded(partner);
   313                       go Grouped;
   314                   }
   315                   on Timeout {
   316                       do notifyTimeout(expected);
   317                       go Sole;
   318                   }
   319               }
   320 
   321               state Grouped end=1 {
   322                   on Init
   323                       do enterGroup;
   324                   on KeyGen
   325                       do sendGroupUpdate;
   326                   on CannotDecrypt
   327                       do sendUpdateRequest; // TODO: narrow request to missing key
   328                   on UpdateRequest
   329                       do sendGroupUpdate;
   330                   on Beacon(Identity partner)
   331                       do sendHandshakeRequest(partner);
   332                   on HandshakeRequest(Identity partner) {
   333 
   334 
   335 
   336 Birk & Marques         Expires September 15, 2019               [Page 6]
   337 
   338 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   339 
   340 
   341                       do sendHandshakeRequest(partner);
   342                       go HandshakingGrouped(partner);
   343                   }
   344                   on GroupUpdate(Identity partner, Stringlist keys)
   345                       do storeGroupKeys(partner, keys);
   346               }
   347 
   348               state HandshakingGrouped timeout=600 (Identity expected) {
   349                   on Init
   350                       do notifyInitAddOurDevice(partner);
   351                   on HandshakeRejected(Identity partner) {
   352                       do rejectHandshake(partner);             // stores rejection of partner
   353                       go Grouped;
   354                   }
   355                   on HandshakeAccepted(Identity partner) {
   356                       do acceptHandshake(partner);
   357 
   358                       // an already existing group always wins
   359                       do sendGroupKeys(partner);
   360 
   361                       go Grouped;
   362                   }
   363                   on Timeout {
   364                       do notifyTimeout(expected);
   365                       go Grouped;
   366                   }
   367               }
   368 
   369               tag Init 1;
   370               tag Beacon 2;
   371               tag HandshakeRequest 3;
   372               tag GroupKeys 4;
   373           }
   374       }
   375 
   376 6.  Sync Messages
   377 
   378    ASN.1 reference implementation from asn1/devicegroup.asn1:
   379 
   380          DEVICEGROUP
   381              { iso(1) org(3) dod(6) internet(1) private(4)
   382                enterprise(1) pEp (47878) sync(1) keysync(1) }
   383 
   384          DEFINITIONS AUTOMATIC TAGS EXTENSIBILITY IMPLIED ::=
   385 
   386          BEGIN
   387 
   388          EXPORTS DeviceGroup-Protocol;
   389 
   390 
   391 
   392 Birk & Marques         Expires September 15, 2019               [Page 7]
   393 
   394 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   395 
   396 
   397          IMPORTS Version, Identity, IdentityList FROM PEP;
   398 
   399          Beacon ::= NULL
   400 
   401          HandshakeRequest ::= SEQUENCE {
   402              partner Identity /* identity of the receiver */
   403          }
   404 
   405          GroupKeys ::= SEQUENCE {
   406              partner Identity, /* identity of the receiver */
   407              ownIdentities IdentityList
   408          }
   409 
   410          GroupUpdate ::= SEQUENCE {
   411              ownIdentities IdentityList
   412          }
   413 
   414          /* TODO: narrow request to single key */
   415          UpdateRequest ::= NULL
   416 
   417          /* for the tags see end of sync.fsm */
   418 
   419          DeviceGroup-Protocol ::= SEQUENCE {
   420              header SEQUENCE {
   421                  version     Version,
   422                  sequence    INTEGER,  /* always increases */
   423                  me          Identity, /* identity of the sender */
   424                  state       INTEGER,  /* state the sender is in */
   425                  devicegroup BOOLEAN
   426                  /* signals if this message is coming from
   427                     a device group member */
   428              },
   429 
   430              payload CHOICE {
   431                  beacon [APPLICATION 2] Beacon,
   432                  handshakeRequest [APPLICATION 3] HandshakeRequest,
   433                  groupKeys [APPLICATION 4] GroupKeys,
   434                  groupUpdate [APPLICATION 5] GroupUpdate,
   435                  updateRequest [APPLICATION 6] UpdateRequest
   436              }
   437          }
   438 
   439          END
   440 
   441 
   442 
   443 
   444 
   445 
   446 
   447 
   448 Birk & Marques         Expires September 15, 2019               [Page 8]
   449 
   450 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   451 
   452 
   453 7.  Security Considerations
   454 
   455    [[ TODO ]]
   456 
   457 8.  Privacy Considerations
   458 
   459    [[ TODO ]]
   460 
   461 9.  IANA Considerations
   462 
   463    This document has no actions for IANA.
   464 
   465 10.  Implementation Status
   466 
   467 10.1.  Introduction
   468 
   469    This section records the status of known implementations of the
   470    protocol defined by this specification at the time of posting of this
   471    Internet-Draft, and is based on a proposal described in [RFC7942].
   472    The description of implementations in this section is intended to
   473    assist the IETF in its decision processes in progressing drafts to
   474    RFCs.  Please note that the listing of any individual implementation
   475    here does not imply endorsement by the IETF.  Furthermore, no effort
   476    has been spent to verify the information presented here that was
   477    supplied by IETF contributors.  This is not intended as, and must not
   478    be construed to be, a catalog of available implementations or their
   479    features.  Readers are advised to note that other implementations may
   480    exist.
   481 
   482    According to [RFC7942], "[...] this will allow reviewers and working
   483    groups to assign due consideration to documents that have the benefit
   484    of running code, which may serve as evidence of valuable
   485    experimentation and feedback that have made the implemented protocols
   486    more mature.  It is up to the individual working groups to use this
   487    information as they see fit."
   488 
   489 10.2.  Current software implementing pEp
   490 
   491    The following software implementing the pEp protocols (to varying
   492    degrees) already exists:
   493 
   494    o  pEp for Outlook as add-on for Microsoft Outlook, release
   495       [SRC.pepforoutlook]
   496 
   497    o  pEp for Android (based on a fork of the K9 MUA), release
   498       [SRC.pepforandroid]
   499 
   500 
   501 
   502 
   503 
   504 Birk & Marques         Expires September 15, 2019               [Page 9]
   505 
   506 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   507 
   508 
   509    o  Enigmail/pEp as add-on for Mozilla Thunderbird, release
   510       [SRC.enigmailpep]
   511 
   512    o  pEp for iOS (implemented in a new MUA), beta [SRC.pepforios]
   513 
   514    pEp for Android, iOS and Outlook are provided by pEp Security, a
   515    commercial entity specializing in end-user software implementing pEp
   516    while Enigmail/pEp is pursued as community project, supported by the
   517    pEp Foundation.
   518 
   519    All software is available as Free Software and published also in
   520    source form.
   521 
   522 11.  Acknowledgements
   523 
   524    The authors would like to thank the following people who have
   525    provided feedback or significant contributions to the development of
   526    this document: [[ TODO ]]
   527 
   528    This work was initially created by pEp Foundation, and then reviewed
   529    and extended with funding by the Internet Society's Beyond the Net
   530    Programme on standardizing pEp.  [ISOC.bnet]
   531 
   532 12.  References
   533 
   534 12.1.  Normative References
   535 
   536    [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
   537               Requirement Levels", BCP 14, RFC 2119,
   538               DOI 10.17487/RFC2119, March 1997,
   539               <https://www.rfc-editor.org/info/rfc2119>.
   540 
   541    [RFC4949]  Shirey, R., "Internet Security Glossary, Version 2",
   542               FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007,
   543               <https://www.rfc-editor.org/info/rfc4949>.
   544 
   545    [RFC7435]  Dukhovni, V., "Opportunistic Security: Some Protection
   546               Most of the Time", RFC 7435, DOI 10.17487/RFC7435,
   547               December 2014, <https://www.rfc-editor.org/info/rfc7435>.
   548 
   549 12.2.  Informative References
   550 
   551    [I-D.birk-pep-trustwords]
   552               Birk, V., Marques, H., and B. Hoeneisen, "IANA
   553               Registration of Trustword Lists: Guide, Template and IANA
   554               Considerations", draft-birk-pep-trustwords-03 (work in
   555               progress), March 2019.
   556 
   557 
   558 
   559 
   560 Birk & Marques         Expires September 15, 2019              [Page 10]
   561 
   562 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   563 
   564 
   565    [I-D.marques-pep-handshake]
   566               Marques, H. and B. Hoeneisen, "pretty Easy privacy (pEp):
   567               Contact and Channel Authentication through Handshake",
   568               draft-marques-pep-handshake-01 (work in progress), October
   569               2018.
   570 
   571    [ISOC.bnet]
   572               Simao, I., "Beyond the Net. 12 Innovative Projects
   573               Selected for Beyond the Net Funding. Implementing Privacy
   574               via Mass Encryption: Standardizing pretty Easy privacy's
   575               protocols", June 2017, <https://www.internetsociety.org/
   576               blog/2017/06/12-innovative-projects-selected-for-beyond-
   577               the-net-funding/>.
   578 
   579    [RFC7942]  Sheffer, Y. and A. Farrel, "Improving Awareness of Running
   580               Code: The Implementation Status Section", BCP 205,
   581               RFC 7942, DOI 10.17487/RFC7942, July 2016,
   582               <https://www.rfc-editor.org/info/rfc7942>.
   583 
   584    [SRC.enigmailpep]
   585               "Source code for Enigmail/pEp", March 2019,
   586               <https://enigmail.net/index.php/en/download/source-code>.
   587 
   588    [SRC.pepforandroid]
   589               "Source code for pEp for Android", March 2019,
   590               <https://pep-security.lu/gitlab/android/pep>.
   591 
   592    [SRC.pepforios]
   593               "Source code for pEp for iOS", March 2019,
   594               <https://pep-security.ch/dev/repos/pEp_for_iOS/>.
   595 
   596    [SRC.pepforoutlook]
   597               "Source code for pEp for Outlook", March 2019,
   598               <https://pep-security.lu/dev/repos/pEp_for_Outlook/>.
   599 
   600 Appendix A.  Excerpts from the pEp Reference Implementation
   601 
   602    This section provides excerpts of the running code from the pEp
   603    reference implementation pEp engine (C99 programming language).  [[
   604    TODO: Maybe rewrite sentence a bit ]]
   605 
   606    [[ TODO ]]
   607 
   608 Appendix B.  Document Changelog
   609 
   610    [[ RFC Editor: This section is to be removed before publication ]]
   611 
   612    o  draft-birk-pep-keysync-00:
   613 
   614 
   615 
   616 Birk & Marques         Expires September 15, 2019              [Page 11]
   617 
   618 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   619 
   620 
   621       *  Initial version
   622 
   623 Appendix C.  Open Issues
   624 
   625    [[ RFC Editor: This section should be empty and is to be removed
   626    before publication ]]
   627 
   628    o  Include shared file (cf. other drafts)
   629 
   630    o  Major update
   631 
   632    o  Verify Dummy Sections
   633 
   634       *  Implementation Status
   635 
   636       *  Acknowledgements
   637 
   638       *  Excerpts from the pEp Reference Implementation
   639 
   640       *  Open Issues
   641 
   642    o  Remove unused references
   643 
   644    o  Remove unused Terms
   645 
   646    o  Check List of Authors
   647 
   648    o  shorten overlong lines in code examples
   649 
   650 Authors' Addresses
   651 
   652    Volker Birk
   653    pEp Foundation
   654    Oberer Graben 4
   655    CH-8400 Winterthur
   656    Switzerland
   657 
   658    Email: volker.birk@pep.foundation
   659    URI:   https://pep.foundation/
   660 
   661 
   662 
   663 
   664 
   665 
   666 
   667 
   668 
   669 
   670 
   671 
   672 Birk & Marques         Expires September 15, 2019              [Page 12]
   673 
   674 Internet-Draft     pretty Easy privacy (pEp) Key Sync         March 2019
   675 
   676 
   677    Hernani Marques
   678    pEp Foundation
   679    Oberer Graben 4
   680    CH-8400 Winterthur
   681    Switzerland
   682 
   683    Email: hernani.marques@pep.foundation
   684    URI:   https://pep.foundation/
   685 
   686 
   687 
   688 
   689 
   690 
   691 
   692 
   693 
   694 
   695 
   696 
   697 
   698 
   699 
   700 
   701 
   702 
   703 
   704 
   705 
   706 
   707 
   708 
   709 
   710 
   711 
   712 
   713 
   714 
   715 
   716 
   717 
   718 
   719 
   720 
   721 
   722 
   723 
   724 
   725 
   726 
   727 
   728 Birk & Marques         Expires September 15, 2019              [Page 13]