Re: [openpgp] Weird OIDs in the 4880bis draft

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 18 February 2023 01:00 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7B69C15C533 for <openpgp@ietfa.amsl.com>; Fri, 17 Feb 2023 17:00:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M820DIMThQcZ for <openpgp@ietfa.amsl.com>; Fri, 17 Feb 2023 17:00:05 -0800 (PST)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68F28C15AE03 for <openpgp@ietf.org>; Fri, 17 Feb 2023 17:00:03 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2232.outbound.protection.outlook.com [104.47.71.232]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-52-cFw7yJ-qO_GsJFwd_9HYuw-1; Sat, 18 Feb 2023 11:59:57 +1100
X-MC-Unique: cFw7yJ-qO_GsJFwd_9HYuw-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by ME2PR01MB5985.ausprd01.prod.outlook.com (2603:10c6:220:ea::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6134.10; Sat, 18 Feb 2023 00:59:55 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::d897:3340:611b:bc0c]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::d897:3340:611b:bc0c%6]) with mapi id 15.20.6134.013; Sat, 18 Feb 2023 00:59:55 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Justus Winter <justus@sequoia-pgp.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Weird OIDs in the 4880bis draft
Thread-Index: AQHZQzQlRgG08cwIi061K8hSk7Ri1w==
Date: Sat, 18 Feb 2023 00:59:55 +0000
Message-ID: <SY4PR01MB62513961B3F63E12F7F6F4A2EEA69@SY4PR01MB6251.ausprd01.prod.outlook.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SY4PR01MB6251:EE_|ME2PR01MB5985:EE_
x-ms-office365-filtering-correlation-id: f19950b1-0619-490f-60f8-08db114b732e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: r8ugiUIKJhUPs2bpsRy+s+W5gjz+p04GEqeMShRzS+Poo2YO9k7wr+zjhOnHAmBboJZuA765lUlGAdCMeF22V8XONuS4O6rJYZhLlkDsFF11zH5RORPsUEbdjYAsOdlWrbwMCfq1+FQI79p2q4W33VLVuzo7yupnLzp2ew1e1fazhgSGCbjbAWymkI4qe43ycglG8uwWEQEvcEsk17l8xVbSSZbzH1k6YoH7ya5vIEM5Un9xjCy181QofG+oY6zYZMOaO7hmpsXBIMe8RM8Gb8o79gza6GD5ItiLNOgel0sLyqJd+yy/19T34lICTLAwSsVTe5s13SFfMP6sgsqc5O9ZaYbXpyhpeAGg1A3xKLEd/iAOqFYny5GGfY82C1FHnpWX/HNJfeoAwCu3AbTLv3MSIb1p1xua1+TicIBWkZ0rhzpJcVqlgqeF7xKIR2I+U23zq/o9h52toc0HLuGxp5WmHuQavqzjL/Qi9/tLRFUJtQGMLRLP2YnMVBVlQZS0D91wiVlchYYB0hY3AROMu4pSRWt2p/tXuBKdRdjteVvKR8oOqiJXj858rxLVyePzihYoZ/m+2oxneHw7SI/xSQtPRjJB/fQeyd7PJvEd4d1Xd878UhXR0xqN+HoIPs+I5CEpLtQj9f5M8bgBuewhDIvvUCmpXVyV5DdUrFMgqM5GxVVNz5Xfm4V6jlOGrnaQ
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(4636009)(346002)(396003)(376002)(366004)(39860400002)(136003)(451199018)(2906002)(5660300002)(6506007)(8936002)(52536014)(41300700001)(66476007)(76116006)(66556008)(966005)(66946007)(786003)(86362001)(110136005)(55016003)(316002)(9686003)(38070700005)(478600001)(64756008)(66446008)(8676002)(7696005)(71200400001)(186003)(122000001)(38100700002)(33656002)(26005)(83380400001); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Oiyfpds1qJv0UTUtXJ2Rq+g31R3SrDd2IrjQaMt3wRt/XrCojICtsMuoRPCE3i/f/hlUW+tKetyH0bKCetDfJXNaNxEU/6GY1Q/4RP6/ZBkj5MYepmkyC7DQbD+3nk0X3nPCtZXySxlGprA93zRQqsbc0dAybNorRpOhk9TFVYCbJ7Ya94j6y/QvFUsLlcwpmm6f9SaD8HaRge12DD+ck06IGoyN1s2CJ6q2ECv5Xq4Ty0Mxs1It5duaBn2naV8iVLjX9tm/ofksVANqx19MnS0hMiJQa21Xy8sXFJ5cGRutzjd7TanELzseDOTZZy1/OqsiLXcCZvXrbJcnl0XVFxAsyzetJihb1vLls8dkcle7UAAeI4l50bOiNgwImQLY2jgHCVKJr1Xrbljp0dJ7CVQ9+LcoskILhiabS07dn99fKo+8QXcaymh8V0DLDoqm1jbv7BLmJPX6hbxmWqfhBFge6TjJX/GVIirD9tAT6Ah2EjjK8HR/yuB2ByYIpEV+kxe+UHvJItpQbWcObwIdLiVXyn3VHj/CJYI+ODk8ijpVBqxoWSqvMfuue4g/nEJAu2KByVKpzSqd9YwMzVVY1NkeMMcJ36jrmBFQ8NiDUp85C+FiyanWMcVApkVe9ZNUMPjBPQZSvWG5OAi3szOE3f3TdozF+Mizyod62RxApNGDM75T7vXfjDsI4sbRZ1zvQHVuOAzR2WkE/2R28RDrU2bg8zun9l9lj/yn70aWMH9emrwOAcIuxuUA715Fqr3+vZB4skvwSBwFZE8cV4SlIpjxckrvr2BVbzr9yIRTHJtinsYjhVNoxKecFWYpOo8kJQ0/2nM1O+IjmEL3gmrKvigmy9nOiGzUVuFL5Xyb+uT7ET1/dWZtEOl8gxUzCHZDa1X98SVyRMItBq+m1+lVPRBc7esWEfwqJIwHIL17iM0AEktx34AY8QC2C3/RqVxV3ZLfWzJcwq8fltUrvNdDYB7B0l6AdysXRNpqNVLzr962qTOyfOpPq2D77LmtDtspt3mpIgepV+fuOMhOA1uJYQYvaLZhT3WA+WS0fTNYF2j7ii/Vzp7CdgwOB3VDED/aXCMjL3AT02oyoBwJQRBecWbmPpIMKTtK07WJTiM1nh375n6D9iBshPWm7N0bw3O2olOo/nl6HXAKP9wSQoPfLX7DVa73EzehMfI5JxrghTvcm9GDSBIlelOR3MOC0c3fWLzgUlfYn//XqIYXdD230zxMq4RXFyA6tDb2BoLtJS4SwPwK7ohUWmKyBsia5Sb5qvyMadHNbtuRJdp/KfwCgZMlNU4KCyFiXDv3cN5h2udjafx1jDWnA1vJkW9/wFjXscTJu/YQ9vNV3PR1bwpNqgrbcY3NU2srbxbwPZQxVSquPzf0GvTPx8LJbHbQfM9Wv8f5lbfvfbJaquijRqTIMf97QROqY8wqqsH+Xpxas+PvWFQF9bWJD6UQhpFCIbb4bQvpZTVX6ou1dlPyNjH/nSANCRuQLkJK7Bv8ZWuU5BpNq60ERcYVE7UZi7lslxf1v2xK9SxMZuLUKNLAg2PrxZkMOUzK58ek/4wCJU/g7akXe3MUE5JstzqGgSiLrwbOLhjqOj/gkZ+xvCUKb6RTsQ==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f19950b1-0619-490f-60f8-08db114b732e
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2023 00:59:55.5070 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Nv2yjecr4jWIlYorvG0NDPcq6QWAd42omvGlWgPb+VPzMnsk1bDlW8Pj78AObGU6FtRZqcs47aw6essb/zUQPK5HRjnXAEsK+O9RJRUDFKk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: ME2PR01MB5985
X-Mimecast-Spam-Score: 1
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/6Te2gvddty_pKbzu5yBzu3cx-5Q>
Subject: Re: [openpgp] Weird OIDs in the 4880bis draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Feb 2023 01:00:08 -0000

Justus Winter writes:

>I think in the interest of interoperability, implementations should generate
>v4 keys with the legacy OID.

Since this will presumably lead to "what is this thing and where did it come
from?" questions in the future, here's a capsule summary of its origins, just
to get it on the record and Google-able:

Back in 2012 the folks working on the Crypto++ library needed an OID for
Ed25519 (not Curve25519) in order to use it in Crypto++ (they often add
bleeding-edge stuff before it's standardised).  I took a random value in some
space I knew I'd never use myself, i.e. where I knew it'd be safe from being
reassigned, said "here, use this" (actually the exact words were "You have
been OIDed.  Go forth and encrypt", because "... and sign" didn't sound as
impressive), and promptly forgot about it.  A few years later, in April 2016
(draft-ietf-curdle-pkix-00), standard OIDs for that entire algorithm family
were created and eventually published as RFC 8410, which Crypto++ adopted in
September 2016 in version 5.6.4 (it's not clear if they ever used the made-up
value in an official release, none of the versions archived at
https://www.cryptopp.com/ have it, the first one is 5.6.4 with the
standardised OIDs).

So in summary its an OID value:

  That was more or less made up
  For a different algorithm
  That was presumably only ever used for testing by the people who asked for it

Since it was taken from unused OID space it's not going to be reassigned or
reused in the future, but will hopefully die out over time since we've had
standard OIDs for this since 2016.

Peter.