IETF Logo Mail Archive

Re: [openpgp] [eX-bulk] : Re: Fingerprints

"Christopher LILJENSTOLPE" <cdl@asgaard.org> Wed, 06 May 2015 18:34 UTC

Return-Path: <cdl@asgaard.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97D5F1A8028 for <openpgp@ietfa.amsl.com>; Wed, 6 May 2015 11:34:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7azCEF7ZOuO3 for <openpgp@ietfa.amsl.com>; Wed, 6 May 2015 11:34:51 -0700 (PDT)
Received: from smtp5.emailarray.com (smtp5.emailarray.com [65.39.216.39]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75BDD1A1E0B for <openpgp@ietf.org>; Wed, 6 May 2015 11:34:51 -0700 (PDT)
Received: (qmail 19422 invoked by uid 89); 6 May 2015 18:34:50 -0000
Received: from unknown (HELO ?204.29.149.87?) (Y2RsQGFzZ2FhcmQub3JnQDUwLjc2LjM0LjE4NQ==) (POLARISLOCAL) by smtp5.emailarray.com with (DHE-RSA-AES256-SHA encrypted) SMTP; 6 May 2015 18:34:50 -0000
From: Christopher LILJENSTOLPE <cdl@asgaard.org>
To: Vincent Breitmoser <look@my.amazin.horse>
Date: Wed, 06 May 2015 11:34:42 -0700
Message-ID: <3658B688-5B15-4E0F-8D5C-422AC10A982E@asgaard.org>
In-Reply-To: <FDF01BE3-8D9D-4BAF-BE02-EE8899C799E8@asgaard.org>
References: <CAMm+LwhbB+-MnGRBCvprgAGOuu+5CJ2rgod7EBGOQR5UNVrspQ@mail.gmail.com> <87d232lkb6.fsf@alice.fifthhorseman.net> <sjmlhhmakxp.fsf@securerf.ihtfp.org> <871tiupupe.fsf@littlepip.fritz.box> <1430869683.28399.109.camel@scientia.net> <CAMm+LwgE0eOD1JgLYUwA_4Gh+pm-vGGd9hPX9KoUqQ9=RHBygg@mail.gmail.com> <87y4l2noqd.fsf@littlepip.fritz.box> <87wq0mt1si.fsf@vigenere.g10code.de> <87wq0mncy0.fsf@littlepip.fritz.box> <FDF01BE3-8D9D-4BAF-BE02-EE8899C799E8@asgaard.org>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=_MailMate_D636DFBC-BBB3-4444-9140-D6836E4C8C4E_="; micalg="sha1"; protocol="application/pkcs7-signature"
X-Clacks-Overhead: GNU Terry Pratchett
X-Mailer: MailMate (1.9.1r5084)
X-PolarisMail-Flags: x
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/1nfpiQ0iAqRPPTF3GydXRKJftGM>
Cc: Werner Koch <wk@gnupg.org>, Christoph Anton Mitterer <calestyo@scientia.net>, Phillip Hallam-Baker <phill@hallambaker.com>, IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] [eX-bulk] : Re: Fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 May 2015 18:34:53 -0000

Ooops, forgot to reassert the bit....


</proto-hat off>


On 6 May 2015, at 11:33, Christopher LILJENSTOLPE wrote:

> <proto-hat off>
>
>> On 6 May 2015, Werner Koch wrote:
>>> To be future proof we should get away from SHA-1 for fingerprints
>>> and use SHA-256 (or SHA-512) instead.
>>
>> I have no quarrel with changing the hash algo.  If it improves security
>> at no cost of usability or complexity - go for it.
>>
>>> The external representation and even the internal use in OpenPGP is a
>>> different issue and I am all in favor for truncating it to 32 bytes
>>> for internal use and printing only up to 20 bytes.  This avoids extra
>>> work and SHA-256 is anyway required.
>>
>> Sounds good to me.  I'm just afraid that if "something stronger" is
>> available, people are going to use it.  Design decisions and established
>> culture on top of the standard tend to be maximum conservative.  Sort of
>> if you don't use the "full fingerprint" you're not doing "everything you
>> can" and people will use all 32 bytes no matter if it was ever intended
>> that way.  That's not a huge deal, we just need to keep it in mind.
>>
>> I would leave the fingerprint length at 20 bytes in the standard, if an
>> implementation chooses to use more internally that's up to them.
>> Defining the fingerprint to be 32 bytes, then adding "for printing, it
>> SHOULD be truncated to 20 bytes" seems silly.
>
> I think this is a reasonable approach.  The phrasing I would use would be something along the lines of:
>
> Any implementation MUST accept a 20 byte fingerprint for validation, consisting of the first 20 bytes of the calculated fingerprint.
> An implementation MAY output, or accept, a longer fingerprint, if desired.
> An implementation MAY output, or accept, the legacy SHA-1 fingerprint, for interoperability, but it's use SHOULD be discouraged.
>
> The use of RFC 4648 would make things easier, btw, and also signal the new fingerprint model.
>
> The concept will be familiar to anyone who uses git, btw.
>
>
> 	Christopher
>
>>
>> - V
>> _______________________________________________
>> openpgp mailing list
>> openpgp@ietf.org
>> https://www.ietf.org/mailman/listinfo/openpgp
>
>
> --
> 李柯睿
> Avt tace, avt loqvere meliora silentio
> Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc
> Current vCard here: http://www.asgaard.org/cdl/cdl.vcf
> keybase: https://keybase.io/liljenstolpe_______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp


--
李柯睿
Avt tace, avt loqvere meliora silentio
Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc
Current vCard here: http://www.asgaard.org/cdl/cdl.vcf
keybase: https://keybase.io/liljenstolpe

v2.23.0 | Report a Bug | By Email