IETF Logo Mail Archive

Re: [openpgp] marking subkeys as constrained for specific use -- new key usage flags?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 07 March 2013 13:45 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBC6E21F8CD8 for <openpgp@ietfa.amsl.com>; Thu, 7 Mar 2013 05:45:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AZETlTD2NgMC for <openpgp@ietfa.amsl.com>; Thu, 7 Mar 2013 05:45:06 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 5686D21F8CD7 for <openpgp@ietf.org>; Thu, 7 Mar 2013 05:45:06 -0800 (PST)
Received: from [192.168.13.132] (lair.fifthhorseman.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id 88CECF979 for <openpgp@ietf.org>; Thu, 7 Mar 2013 08:45:03 -0500 (EST)
Message-ID: <513899DF.60109@fifthhorseman.net>
Date: Thu, 07 Mar 2013 08:45:03 -0500
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130112 Icedove/17.0.2
MIME-Version: 1.0
To: IETF OpenPGP <openpgp@ietf.org>
References: <5135BDE6.1070200@fifthhorseman.net> <6F1173CD-290C-4A38-BD80-152C5E553D1F@jabberwocky.com> <B18461E9-7F88-4B85-AAD7-83E31C79DBD4@callas.org>
In-Reply-To: <B18461E9-7F88-4B85-AAD7-83E31C79DBD4@callas.org>
X-Enigmail-Version: 1.6a1pre
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="----enig2KNIBAQBHNFPVWGJJBVEQ"
Subject: Re: [openpgp] marking subkeys as constrained for specific use -- new key usage flags?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Mar 2013 13:45:07 -0000

On 03/05/2013 11:10 AM, Jon Callas wrote:
> In this case, we have an authentication-only subkey that's intended to be used for OTR. If you mark it as authentication-only, it's not going to be used for document signing, which is really what you want. It's possible that some other authentication protocol could grab it, but is that really a problem?

well, yes, this was my original concern.

i wrote:
>>  (e.g. it would be bad if someone who was able to compromise my
>> OTR client and steal my OTR key was able to use the secret key material
>> to impersonate me over SSH).

We already have systems in place (e.g. monkeysphere) that permit the use
of authentication-capable subkeys for ssh systems.  so if i was to mark
my OTR key as authentication-capable, and critical notations were not
widely respected, that wouldn't turn out very well.

> This brings us to the problem with criticality. It's supposed to keep some item from being used in an unknown way. But it can also fail in unexpected ways. I've seen criticality flags cause all sorts of weird issues in other systems, and the usual fix is not to make it critical.

If criticality is fraught with problems, doesn't that suggest extending
the usage flags is a more responsible way to go?

or should i create a subkey with all usage flags set to 0, and then
include a notation to indicate the use?  that way, the subkey wouldn't
be used by any existing system except the ones willing to parse and
interpret the notation, regardless of its criticality.

	--dkg

v2.23.0 | Report a Bug | By Email