Client automatic configuration

The Confidant Mail client can download its configuration from a remote HTTP or HTTPS server. The user creates his GPG key pair, and then pastes the configuration URL into the configuration dialog (Identity tab) and clicks [Get Config]. Once the configuration has been downloaded, the user clicks [Save and Open] to start using his account. Service providers should supply an automatic configuration URL when a new user signs up.

The only setting that must be customized per user is the Auth Key parameter. Therefore, a service provider could provide a standard configuration URL for everyone and then require the user to manually paste in the Auth Key. However, it is better to provide a per-user URL that fills in the Auth Key automatically.

The automatic configuration server must return a text/plain file containing a series of Name: Value pairs, with the same format as the config.txt file located in the client home directory. Values not specified are left at their defaults. Unlike the config file, the server's reply must start with #BEGIN_CONFIG# on its own line, and end with #END_CONFIG# on its own line.

Here is a typical automatic configuration file to set up a server-based account. This assumes your server provides TOR and I2P forwarding, so clients are instructed to use it by default. The user who wants to install his own TOR and/or I2P can uncheck these options.

#BEGIN_CONFIG#
Transport: server=s1.myserviceprovider.com:8081,s2.myserviceprovider.com:8081
AuthKey: 03e7c01624ebdb948945312321d3691aa0c28798
EntangledServer: server=s1.myserviceprovider.com:8081,s2.myserviceprovider.com:8081
ProxyIP: False
ProxyTOR: True
ProxyI2P: True
#END_CONFIG#

The configuration URL should be too complex to guess (i.e. including an SHA1 hash) so unauthorized people cannot steal auth keys. If you are generating static files, rather than using a script, turn off the automatic index feature (Options -Indexes) in the HTTP server configuration. At the simplest, the URL for the above might look like:

https://www.myserviceprovider.com/autoconfig.php?ak=03e7c01624ebdb948945312321d3691aa0c28798

where autoconfig.php just prints a fixed configuration and plugs in the ak value from the URL as the AuthKey parameter. Alternately you might put a different hash in the URL and look up the auth key in a database.

The automatic configuration mechanism does not currently check the certificate chain, so it is vulnerable to a man in the middle attack even if HTTPS is used. Security-conscious users should verify the settings downloaded using this mechanism.

Here's the simplest useful server-side autoconfiguration program.

<?php
header('Content-type: text/plain');
echo "#BEGIN_CONFIG#\n";
echo "Transport: server=s1.confidantmail.org:8082,s2.confidantmail.org:8082\n";
echo "EntangledServer: server=s1.confidantmail.org:8082,s2.confidantmail.org:8082\n";
echo "AuthKey: " . $_GET["ak"] . "\n";
echo "ProxyIP: False\n";
echo "ProxyTOR: True\n";
echo "ProxyI2P: True\n";
echo "#END_CONFIG#\n";
?>