I-D Action: draft-dkg-openpgp-abuse-resistant-keystore-05.txt
internet-drafts@ietf.org Thu, 28 April 2022 19:09 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id AB1D5C1595FD for <i-d-announce@ietf.org>; Thu, 28 Apr 2022 12:09:00 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-dkg-openpgp-abuse-resistant-keystore-05.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 8.1.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <165117294068.6097.10792894047715176548@ietfa.amsl.com>
Date: Thu, 28 Apr 2022 12:09:00 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/d_uglA6QuP-j44G9fsEQhT6tOAg>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.34
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2022 19:09:00 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Abuse-Resistant OpenPGP Keystores Author : Daniel Kahn Gillmor Filename : draft-dkg-openpgp-abuse-resistant-keystore-05.txt Pages : 55 Date : 2022-04-28 Abstract: OpenPGP transferable public keys are composite certificates, made up of primary keys, revocation signatures, direct key signatures, user IDs, identity certifications ("signature packets"), subkeys, and so on. They are often assembled by merging multiple certificates that all share the same primary key, and are distributed in public keystores. Unfortunately, since many keystores permit any third-party to add a certification with any content to any OpenPGP certificate, the assembled/merged form of a certificate can become unwieldy or undistributable. Furthermore, keystores that are searched by user ID or fingerprint can be made unusable for specific searches by public submission of bogus certificates. And finally, keystores open to public submission can also face simple resource exhaustion from flooding with bogus submissions, or legal or other risks from uploads of toxic data. This draft documents techniques that an archive of OpenPGP certificates can use to mitigate the impact of these various attacks, and the implications of these concerns and mitigations for the rest of the OpenPGP ecosystem. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-dkg-openpgp-abuse-resistant-keystore/ There is also an htmlized version available at: https://datatracker.ietf.org/doc/html/draft-dkg-openpgp-abuse-resistant-keystore-05 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-dkg-openpgp-abuse-resistant-keystore-05 Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
- I-D Action: draft-dkg-openpgp-abuse-resistant-key… internet-drafts