IETF Logo Mail Archive

[openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-02.txt

Johannes Roth <johannes.roth@mtg.de> Wed, 18 December 2024 15:25 UTC

Return-Path: <johannes.roth@mtg.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A558CC1840E5; Wed, 18 Dec 2024 07:25:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtg.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gy1wJT9MkroV; Wed, 18 Dec 2024 07:25:52 -0800 (PST)
Received: from www.mtg.de (www.mtg.de [IPv6:2a02:b98:8:2::2]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52A89C180B47; Wed, 18 Dec 2024 07:25:50 -0800 (PST)
Received: from minka.mtg.de (minka [IPv6:2a02:b98:8:1:0:0:0:9]) by www.mtg.de (8.18.1/8.18.1) with ESMTPS id 4BIFPl7H024037 (version=TLSv1.3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256 verify=NOT); Wed, 18 Dec 2024 16:25:47 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mtg.de; s=mail201801; t=1734535547; bh=X3R/cZI+ZMjxINkV0e1ILBmTKtSS6TEJBKreDOx/ZmA=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=BW78DfoYxQE/02f3e9oyRKw+H6n34xe1J6Ki3nSvTY1f+ONf03falCMSFV54qG9zo Z1dgi8C3Jn7XWdG4WVJiN4lKC4DlXVgRGfO/VUVGxk4UFOwHdYTUCOV9sPSxPZl8fJ 5BR6Tf4BNnaWq18v3z2CvlgkUKvX4zS97nJT3MNI9tqWUhkFXWj259wvWCiMtNqdXI BAr+LRDaVuGjH2MMPh1bxD+sdO1/6dqDf5xg1PJMH8E4HA3f1XhECi6juJihEvEVrV 7zXTicIDw6GofEpx7EaFeuO/UUfhyrYuOFddn7dC+xfzs2SNLSqp0zzqR7GAGrci9P APhgY/O1s5JUA==
Received: from [199.99.99.52] (abahachi [199.99.99.52]) by minka.mtg.de (8.18.1/8.18.1) with ESMTPS id 4BIFPlS3028574 (version=TLSv1.3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256 verify=NOT); Wed, 18 Dec 2024 16:25:47 +0100
Message-ID: <00ccd117-bfb5-44a3-8dec-9084950899c4@mtg.de>
Date: Wed, 18 Dec 2024 16:25:54 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>
References: <173264571597.581885.1047714570419252899@dt-datatracker-5679c9c6d-qbvvv> <14B07CCC-BD69-4302-9E1C-96B853942C5F@andrewg.com> <cb1627a3-1257-4177-9917-9ea7d73652b1@mtg.de> <EEED1E4F-973E-4424-88F0-5D81BD6F997F@andrewg.com> <2649917e-59f4-4f9a-a3fb-b348061a3f35@mtg.de> <2014BBED-66A4-4C75-8F53-C272028358B7@andrewg.com>
From: Johannes Roth <johannes.roth@mtg.de>
Organization: MTG AG
Autocrypt: addr=johannes.roth@mtg.de; keydata= xsFNBGKhqeoBEADUH9qI/dqbVTron0zxwInBU+uoS/SZoJ7m0jTfPdiyLMv1zt+IAy6jG0Qo 56LVd/bo/596pbsSlRECdquzooCHQHPqxXRfgU6k/7QnJPHHLzlGu8hEQ7I2B+7FjdqqY4p3 kDdYz9IzUDiee3ypF3C/JUL7iczy8f9FSRYR5NFiVhu5Bcv8gkhE26GQE+u1mPmsbj0xdsfs 11J3DoHm47QwtpmMWu9eLFjqDrL61Vduay1+1YYolhAJqW2sXS5A3crTaKWPeQuo373V6yuA 5ONz0IvpDzNjlLmsKzUtO08S8vVWlJh/j/kXGFLsBeyfz+Jcl2sbCh87Tx8BMa24cg4VzCDh wD8gt879EfB4FlIWdZqKQUh761poiQJUFZ/xpR4pnPc2yMmfTySjfYwyn796OKBFGXJo3qLM C2riPtwa2Vosc/wvZ2J/7mZhMtZC3VDLMNWeAYM7Q29cSoIeZ60YWeWudkbIN4q5S8qot/NO b0vdSuSToFgaak5x7yEQHx7QWT3OnI108ENSrsN3BymwKSOfRPRvBy7ppyqz7CcmfhEWVwFX W2DAJyoZupSrcPNGUgTMg1KJX/wjR6e8Bcciu+g62m7uMN8SjyFuhUGYprCOixVC4uRR0+E0 HamBRA2aQDOh4dEOmC4etyqjPxj8A8l8uc1SYWP8pzydbXKKzwARAQABzSRKb2hhbm5lcyBS b3RoIDxqb2hhbm5lcy5yb3RoQG10Zy5kZT7CwYcEEwEIADEWIQRRugttm9R0TvKnn3XKTKPO 00uNxQUCYqGp6wIbAwQLCQgHBRUICQoLBRYCAwEAAAoJEMpMo87TS43FKxQP/AyXL6mQAoBP YxJw4stALgnBoExoZORCdPAU8dvEnaQ7yATTf6vpsOZ0TtbJr3s2xQfbSPxr4KQmAYQbUpgs 5bpI1FcPbCl6qgDNWk71Rk+lNjoBvNIkiev3Pda4SI2T9d/VmaF5GzsLxlyVvnhATIEnujSi 1SAzM9lVt69JoBv9Drno1FsQaET2T797HuQqr2TmGmDErTuWaQ6+i6oKNlICPFYyfhNIhM4d kB59rfg2hpp87u7qLgTLvN5qR1bKKegk+zcxDY+Xe35QGpspCnvQygrY4dKpt18/kB7Ddo33 mzgQFhg0ito3IXyffNg6F/SncMuZcamASWeHb8XY5rrXiTaiDgT8SCAebhaXDXdo4TCiysSY i6HzEWUmHTzjhXwmjXg1MliA1HQ3RDFIYJU39logYOWj5FfAE/Gpi7e3FjM9EYBXN7TASrVQ ck1a+UD9hWpb7c/NF2NPsDSPt67wMu70/gRiLBxlum8izjaD6D05vv4LQ1PY7CHnThitWENR d6cYkoNfrKcz9vLaJHlLJVYWkdzlzy33N6kJOreTxOZp6vqTO9csZYyuvCmJMnbREQwbUykZ n8UIEd4vAaYknxiATnisvftPTPmwF3pHxpJQKWEt0JWFONzo68LyHA+frV5eDgAnD9fK6b3/ 8pg94alg8h0lvHJg0gxGeV/FzsFNBGKhqesBEADXlZJFsf3aWaIKHKupztbL2HquHqp6U0AQ QPXGGkWbMAofeVxVZaH+NnQN3TXRxCv5bAjwGjKv5cDXoqVsULT990maDiNKt59sgMHcVwx4 vlc6x69M4QNobpUwTjsk5D4EtEzyHyMu2hDsEJ73SDY+6IEQkaBbkOfcE2y620ZVffVzS1sZ tqVA50d3VT12bdwZWhDydb8hG+S7Orm3+4UbYw1484PsknOYNE5oERGdd/v8B8+jtUYsDQkU mEC1YRaBTt+eRyothAVl4IaxKtQlpjedOx+oJiAhorOehqPH/qR4P4Il1Bw+fOlXzZoGCJVB lRoI6DVBDwie9+HG1VQTiv//zxd6bK0R1UQt0kFavsEcQstwnBf0j4LenP4IwZky4e/ImHzt XVODjgBifLrzQ8kPOVIoqjfRri/mM+FysV47wk/2UdcwjkAo40i7v/KpHarY+Z2D/CFMU2AF IdRl9ZyB+rWCC85/UWYaAOxLAUQbpruosqT1/ay9cN3LZXzYDkEZLABg57QkLxbml9jC8qdY 2t6Sja2FyrF/b2rzsyYLeTmx0MZ88t5LnjsVg38B581UsOo0Zk78mlMA/ByXRVw+9sRT1Dyr UDk1YM+qPmN4FBac5f6ScKqtaxI2nQIxlv264RwBZfDLPdl+LvpBx3hzbuubAH0H2QjAiQ9n IQARAQABwsF2BBgBCAAgFiEEUboLbZvUdE7yp591ykyjztNLjcUFAmKhqewCGwwACgkQykyj ztNLjcUE7w/+PHf0foXRnV80hQaxeiCSlnJ7SQLXF4M0YcBoUeCE/7gx2B2H+G85sOW9FABJ +xyPv7Uznaf2D3ZshRpgPvBh2EvoLxqTtYATJUz9d+AX6L8laYkUFk+xTjsEduKsUQ9VYtjA e5Qu4koqEgzkZtQtn+COeBe6ygpGmMFJhWofxjbWhvR7BwqiGKGSthcIIcRC9fucMjPhEzQ6 6jlUqz/GFG9xTxPkVavUv80klgEyTu/Vbs3icUgtnul4i5yMgmPyWyA71SlI4J7Twkc0fFPP ArqNn1GMVAkKxW7CQEAjr6uXlyCFeRBl2ECKDGUlOWh9PpGmHSQIgBFiczz8ZZoutu90yxqY RY/ABrXsOzE3cAXjaCBymwuGCm4ZdS3G4tD8cmx90JagUf75EasKIzjyY4OJVjwFkqMr6bJP FcEWADoGjuoL+uEd5OERPf+b4u88w8vzfLA3YgrWPEddIkM7BZFvm3y/cLMwAAmyoE0pcQJe tz1uD6+ROY/83xvhWxSH1PRh6J1ddhSr/hkwMEyUCnGZ85costM2JkXQlhbBxYg1Tj+SEkrz hFYEDcQjpynCalVJMdKRSIf7ehyVM8N9zPJlnER1osvCnuTf77gw3Wo7Ty5CB7/ANdARFxjt i6pcllqZ249A3CyjA4jH5vQwRidhKXwSX/KiIkMzYFzBk/c=
In-Reply-To: <2014BBED-66A4-4C75-8F53-C272028358B7@andrewg.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Message-ID-Hash: BSSL6HNVJK7ZEMGQ7MNVA6EFG4VGP5HC
X-Message-ID-Hash: BSSL6HNVJK7ZEMGQ7MNVA6EFG4VGP5HC
X-MailFrom: johannes.roth@mtg.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF OpenPGP WG <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-02.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/3o-mwEWGdiqgncRqwaUWedpBCNY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

thanks for addressing my points and for creating the issues. We can 
discuss the details there and I want to keep it more high level with 
this email. After reading Daniel's and your reply, my suggestions for 
the chain issue are:

1) Discourage generating chains and discourage following chains (SHOULD 
NOT). This makes reasoning about replacements simpler. That would mean, 
we will always have a simple graph with an N-to-1 structure where N 
certificates have a forward link to 1 certificate and this one points 
back to the N other certificates (or a subset). This does not follow in 
that simplicity and clarity from reading the draft but is anyway the 
"natural structure" that seems to be intended if I understood it 
correctly. Further, the process of updating the forward and inverse 
replacement packets when introducing a new replacement key should be 
outlined: you update all certificates to obtain a new N-to-1 structure 
and re-publish all certificates with the new signatures.

2) The draft should clarify that if you find a chain, the most likely 
causes are a) a malicious entity wants to trick you into a loop or b) 
you have an outdated certificate pointing to a newer certificate (that 
in the mean time got replaced as well).

3) The draft should give guidance what to do when you encounter a chain 
(e.g. due to an outdated certificate with an old replacement key 
subpacket). A simple approach that helps avoiding encountering chains at 
all would be: Update the current certificate first (if possible) to 
obtain the newest replacement key subpacket which should then directly 
point you to the correct replacement certificate. If not the 
implementation SHOULD stop following the chain to find a replacement 
certificate. It MAY follow the chain, e.g., if the current certificate 
is revoked and there is no valid alternative to use. It MUST ensure a 
proper loop prevention in that case.

Making these points explicit in the draft would help with clarity. The 
goal of the draft is simple: Specify a replacement key. But we now have 
the (useful) concepts of forward/backward links, key equivalency, and 
fallback certificates. Mixed in with this are some intricacies regarding 
revocation and trust. Further there is the problem that you may have 
some new and some old versions of certificates (destroying the graph 
structure s.t. either no replacement or not the newest replacement is 
found).
Therefore, everything should be nailed down as much as possible and all 
edge cases should be covered by the draft and whereever there are 
multiple sensible options (e.g. yes/no to stickiness, yes/no to 
following a forward replacement link, ...), there should be some guidance.

I will try to give some input in the Gitlab issues and hope it helps.

- Johannes

v2.35.0 | Report a Bug | By Email | System Status