I-D Action: draft-dkg-openpgp-abuse-resistant-keystore-02.txt
internet-drafts@ietf.org Mon, 15 April 2019 17:33 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E52E120098 for <i-d-announce@ietf.org>; Mon, 15 Apr 2019 10:33:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-dkg-openpgp-abuse-resistant-keystore-02.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.95.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155534960102.10899.18336704047774695630@ietfa.amsl.com>
Date: Mon, 15 Apr 2019 10:33:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/aZxkrITevYYZkC7nV8gC6OT3rHw>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2019 17:33:21 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Abuse-Resistant OpenPGP Keystores
Author : Daniel Kahn Gillmor
Filename : draft-dkg-openpgp-abuse-resistant-keystore-02.txt
Pages : 34
Date : 2019-04-15
Abstract:
OpenPGP transferable public keys are composite certificates, made up
of primary keys, direct key signatures, user IDs, identity
certifications ("signature packets"), subkeys, and so on. They are
often assembled by merging multiple certificates that all share the
same primary key, and are distributed in public keystores.
Unfortunately, since many keystores permit any third-party to add a
certification with any content to any OpenPGP certificate, the
assembled/merged form of a certificate can become unwieldy or
undistributable. Furthermore, keystores that are searched by user ID
can be made unusable for specific names or addresses by public
submission of bogus data. And finally, keystores open to public
submission can also face simple resource exhaustion from flooding
with bogus submissions, or legal or other risks from uploads of toxic
data.
This draft documents techniques that an archive of OpenPGP
certificates can use to mitigate the impact of these various attacks.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-dkg-openpgp-abuse-resistant-keystore/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-02
https://datatracker.ietf.org/doc/html/draft-dkg-openpgp-abuse-resistant-keystore-02
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-dkg-openpgp-abuse-resistant-keystore-02
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-dkg-openpgp-abuse-resistant-key… internet-drafts