Re: [openpgp] v5 sample key
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 02 May 2019 22:27 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E52151200BA for <openpgp@ietfa.amsl.com>; Thu, 2 May 2019 15:27:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=+y2selga; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=meViTfsB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UkqknTn4b6Pt for <openpgp@ietfa.amsl.com>; Thu, 2 May 2019 15:27:47 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF82F1200A1 for <openpgp@ietf.org>; Thu, 2 May 2019 15:27:46 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1556836065; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=2sOj4B0a6POL0f/qtic2wwU2YQzBteJg8Fcg1kHUVSA=; b=+y2selgapBko9zkK4MmfcHwzhrqvn9/6XScR4oUk56Jq3kX8Ta5vmqqK 8Q1mGp8ggbj3UdW1o+Cm1u4rYK55BQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1556836065; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=2sOj4B0a6POL0f/qtic2wwU2YQzBteJg8Fcg1kHUVSA=; b=meViTfsBMrdAdZhpiSTo6EIDxMKuaIs6EFnDWR9GYuju/GME9Vtv1mjN AwsX65pSMBNt7zby+TQ69T7UC1YJVZOs5BbN4g26Tw/hncNrVZsI7g28yW a+M/yvvBC8e/GH0pJgljYPFs0+Po3A1GhC+KnBVD6QEkoz5kCroH2c8thA cUiLfAdP4B2bFo5qwTfc/eV/Vkif4RYWsIcuiF047BNbGYAbXvEJ+jkgpA m11RfhvFJ38kXv5rlUUZoSiBESzAK2EDHsgqpKjHJXub/y7WcTqeavL+Ip B6y110VowuGJXtK+KTCYrVMxYlMqIQ7fkXBgLcMZhK6KV7zaFg92uQ==
Received: from fifthhorseman.net (unknown [IPv6:2001:470:1f07:60d:4864:1fff:fe17:5aa8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 5FD71F99D; Thu, 2 May 2019 18:27:44 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id A96602015C; Thu, 2 May 2019 18:27:39 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
In-Reply-To: <20190425091133.ayz4wyxzfe3xwdwf@earth.li>
References: <87sgvh1ugy.fsf@wheatstone.g10code.de> <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net> <871s1tyvkl.fsf@wheatstone.g10code.de> <20190425091133.ayz4wyxzfe3xwdwf@earth.li>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Thu, 02 May 2019 18:27:39 -0400
Message-ID: <87sgtwo5k4.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/4oTqIQoqvga4v_EfOm_ZbzCjH4E>
Subject: Re: [openpgp] v5 sample key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 22:27:49 -0000
On Thu 2019-04-25 10:11:33 +0100, Jonathan McDowell wrote:
> A move to easily enable key material > 2^16 bytes seems to be in
> conflict with dkg's work on trying to reinvigorate the usefulness of key
> servers + the suggestion to limit key material packets to < 8383 bytes.
For existing OpenPGP key types, i do hope that sane implementations will
keep to the limits i've suggested in
draft-dkg-openpgp-abuse-resistant-keystore. But i think Werner's change
to 4-octet length representation during fingerprint and signature
calculations is intended to allow for significantly larger keys if there
are any post-quantum algorithms that need it.
If we get to a world where PQ keys of that size are necessary, the
guidance on abuse-resistant keystores will need to be updated to
accommodate the new algorithms, of course. But presumably any
cryptographically-validating keystore will need significantly more work
to implement the PQ algorithms, so a change to those suggested limits is
pretty minor in comparison -- not too big a deal.
And to be clear: this isn't mandating a 4 octet length on the wire for
all keys -- keys in transport can still use OpenPGP's weird
packed-type-length encoding and shave off a couple bytes that way when
they're aiming for smallness. We're only talking about 4 octets in RAM
when calculating the key fingerprint or the signature, right?
so i agree with Jonathan that it's not tightly aligned with the work to
set forward simple guidance for abuse-resistant keystores, but i don't
think it's in direct conflict with it either, and i support the move to
a 4-octet length in fingerprint and signature calculations for v5.
--dkg
- [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Jonathan McDowell
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Daniel Kahn Gillmor
- Re: [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Daniel Huigens
- Re: [openpgp] v5 sample key Heiko Stamer