Re: [openpgp] Embedded TPK subpacket

Justus Winter <justuswinter@gmail.com> Mon, 25 March 2019 12:51 UTC

Return-Path: <justuswinter@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F9A51203E3 for <openpgp@ietfa.amsl.com>; Mon, 25 Mar 2019 05:51:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qlX3DOJL6_Im for <openpgp@ietfa.amsl.com>; Mon, 25 Mar 2019 05:51:39 -0700 (PDT)
Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBD41120403 for <openpgp@ietf.org>; Mon, 25 Mar 2019 05:51:38 -0700 (PDT)
Received: by mail-wr1-x42f.google.com with SMTP id y7so5879362wrn.11 for <openpgp@ietf.org>; Mon, 25 Mar 2019 05:51:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:in-reply-to:references:date:message-id :mime-version; bh=zuivPlRcbMxAnL0cq+37zQ0jABAu4l/wEyNB1TRE/fs=; b=m6cNHXlvn7hF6rlNumDm5KiCqHB0iUjBpSvGugbwWcwmzBgyTUou90bFVJoh/9z+yx vXBC2ClWCiAl7sh/qw5Z3+/5FzT4GvsTAqqfibFWflqbElr/AmaDkSfIJ7lQA/CsXPjv QbvvAuuHfWVLjmygxsyLofiNuSDKxjpN/yxTHUjmc6yaJWxpGwApe78b5McPF1tKw2to Qzv/j/54Ud87ZGG0BQD5AZmd9b43IQicy0uyNyfackmKXWCLBVTNnyKVD9USlB/CThc1 pGDcgHsatCZcUaWrKVjF9ITFyWNFMSpR4iDolyhvgxmdS84+KRqbhYklNOGb/lZ8bvKo aQ/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=zuivPlRcbMxAnL0cq+37zQ0jABAu4l/wEyNB1TRE/fs=; b=qZhg0mc7cfY4xz6VOK0y63Wj9N60TDtD1akCGCiABNMgaSzi/RdmzEZKavQkNbT5DK yDkfjZjxj2GCl9mBY5BM9TB1jVZy3FxdJNcMvDpMogbRUxUbgrxEE/OO5wX4URp7uptX rDRQ9Ir7mBMpIORtJTOYeOlIrHE2zUnpXMgv+WUjUAUsmMLv+Tw/575GyztfSOa0KYLu XEWO/GLS2yNlNroPPryPhkbx44oxKn0nAs+rCkP8/tNxB09lJ9iZDROUkvuo+cONQHtG yJdcjjHjmdVAXKdLYRnXoWPO6gImuzq9FfW1YESiZlhdf4WyvwKI+rOBXXpiQshSyhJ8 HCfA==
X-Gm-Message-State: APjAAAWvQ7s0ZBPvau+Z75021RCBeTKPuNm0L/GdMOyl40HcohAGVj5F UiUJNah4f4m27SZF8mTClRtIqvua
X-Google-Smtp-Source: APXvYqz8pxSpKqJ5q5SUFzN40hE5UJJq3jLJBBVjNmMUMof2iFH8MtMnh3LFV2k0bYrJISCcJA2/dA==
X-Received: by 2002:adf:f1c6:: with SMTP id z6mr15111866wro.232.1553518297367; Mon, 25 Mar 2019 05:51:37 -0700 (PDT)
Received: from localhost (port-92-193-51-13.dynamic.qsc.de. [92.193.51.13]) by smtp.gmail.com with ESMTPSA id z11sm5680446wmf.12.2019.03.25.05.51.36 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 25 Mar 2019 05:51:36 -0700 (PDT)
From: Justus Winter <justuswinter@gmail.com>
To: Vincent Breitmoser <look@my.amazin.horse>
Cc: Marcus Brinkmann <marcus.brinkmann=40ruhr-uni-bochum.de@dmarc.ietf.org>, openpgp@ietf.org
In-Reply-To: <29A44KDN1HQXS.2GVZ2DXB0KXAS@my.amazin.horse>
References: <87bm1z6xhy.fsf@europa.jade-hamburg.de> <87ef6v71jm.fsf@europa.jade-hamburg.de> <1e6052ec-36ba-d14d-5028-b4aac973a494@ruhr-uni-bochum.de> <29A44KDN1HQXS.2GVZ2DXB0KXAS@my.amazin.horse>
Date: Mon, 25 Mar 2019 13:51:35 +0100
Message-ID: <878sx36rs8.fsf@europa.jade-hamburg.de>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/-ahELVacAEyAibTkQZc7-UHRMSQ>
Subject: Re: [openpgp] Embedded TPK subpacket
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 12:51:41 -0000

Vincent Breitmoser <look@my.amazin.horse> writes:

>> My proposal is ment to obsolete the existing mechanisms.  The fact that
>> we now have multiple incompatible mechanisms is a bit sad, and I'm
>> trying to extend OpenPGP so that we can have interoperable
>> implementations again.
>
> So what your proposal brings to the table is in-band key distribution without
> MUA involvement, but hinges on the use of signed-only mails.

Why would it be restricted to sign-only messages?  My proposal also
works with OpenPGP's usual sign-then-encrypt messages.  Marcus'es point
was about it not working with encrypt-only messages.

>> For example, if you look at Autocrypt, implementing it means that the MUA
>> needs to do a lot of low-level key manipulations.
>
> Can you elaborate on this? We designed Autocrypt to be as agnostic of OpenPGP
> implementation details as possible, especially for public key management it can
> get away with treating keys as opaque bytes blobs. IINM the required API from an
> OpenPGP implementation should be complete with just "get minimal own public
> key", "check TPK integrity", and "encrypt to keys (given as blobs)". In practice
> OpenPGP support in MUAs tends to be more involved than that, but I don't think
> there is an actual "need" for that.

"get minimal own public key" according to
https://autocrypt.org/level1.html#openpgp-based-key-data seems pretty
involved to me.  I'd be surprised if one can even implement that using
the various OpenPGP implementations out there.  Same for the filtering
of keys to be gossiped.

(I just noticed that I cannot do Autocrypt with my key because my
primary key is not signing-capable...)


Justus