Re: [openpgp] Overhauling User IDs / Standardizing User Attributes (was: Re: Scoped trust (signatures))

Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de> Tue, 26 June 2018 20:45 UTC

Return-Path: <marcus.brinkmann@ruhr-uni-bochum.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F165130ED2 for <openpgp@ietfa.amsl.com>; Tue, 26 Jun 2018 13:45:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.291
X-Spam-Level:
X-Spam-Status: No, score=-4.291 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ruhr-uni-bochum.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Nlc-WUMjm39 for <openpgp@ietfa.amsl.com>; Tue, 26 Jun 2018 13:45:49 -0700 (PDT)
Received: from out2.mail.ruhr-uni-bochum.de (out2.mail.ruhr-uni-bochum.de [IPv6:2a05:3e00:c:1001::8693:2ae5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71CE6130ECB for <openpgp@ietf.org>; Tue, 26 Jun 2018 13:45:49 -0700 (PDT)
Received: from mx2.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by out2.mail.ruhr-uni-bochum.de (Postfix mo-ext) with ESMTP id 41FdNV5f2Pz4wVJ for <openpgp@ietf.org>; Tue, 26 Jun 2018 22:45:46 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ruhr-uni-bochum.de; s=mail-2017; t=1530045946; bh=URD9TGr6dqlXuG3dll/Iqg3YRANVuD6Gx5YD2BTtLZ4=; h=Subject:To:References:From:Date:In-Reply-To:From; b=hXwbX5B5JzDHtcpBIewsXMMCy+mnYHo8QS959gzPUBDOMHwGzqMjvTmPmGWZ5ar5h lvpgWVOdZWrm1ctePNt2hl2OvNvC3pLCXqDabYGWAMhoJkT8vVq/9C9mknsRtKzsEW 4JRe5FdESCza8m4bL50lOE7VtlwfMTFbLCw+5Cyg=
Received: from out2.mail.ruhr-uni-bochum.de (localhost [127.0.0.1]) by mx2.mail.ruhr-uni-bochum.de (Postfix idis) with ESMTP id 41FdNV4lmzz4x30 for <openpgp@ietf.org>; Tue, 26 Jun 2018 22:45:46 +0200 (CEST)
X-Envelope-Sender: <marcus.brinkmann@ruhr-uni-bochum.de>
X-RUB-Notes: Internal origin=134.147.42.227
Received: from mail1.mail.ruhr-uni-bochum.de (mail1.mail.ruhr-uni-bochum.de [134.147.42.227]) by out2.mail.ruhr-uni-bochum.de (Postfix mi-int) with ESMTP id 41FdNV4Gzdz4wVJ for <openpgp@ietf.org>; Tue, 26 Jun 2018 22:45:46 +0200 (CEST)
Received: from [192.168.142.139] (p4FE3FC17.dip0.t-ipconnect.de [79.227.252.23]) by mail1.mail.ruhr-uni-bochum.de (Postfix) with ESMTPSA id 41FdNV09QhzyVv for <openpgp@ietf.org>; Tue, 26 Jun 2018 22:45:46 +0200 (CEST)
To: openpgp@ietf.org
References: <39e598e1-2bc0-32c9-3489-4bb6ca2a631b@leo.gaspard.ninja> <871sdw24yd.wl-neal@walfield.org> <c2e6bbe7-0694-8193-bb76-dd50fde7d967@leo.gaspard.ninja> <d28d8f8b-b261-eb29-97bc-9c7159a62ce6@leo.gaspard.ninja>
From: Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
Openpgp: preference=signencrypt
Message-ID: <118e5b9d-de9e-aa14-d8b4-19ef259f3d0a@ruhr-uni-bochum.de>
Date: Tue, 26 Jun 2018 22:45:44 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <d28d8f8b-b261-eb29-97bc-9c7159a62ce6@leo.gaspard.ninja>
Content-Type: text/plain; charset="iso-2022-jp"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.99.4 at mail1.mail.ruhr-uni-bochum.de
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/6tWAM-YwGZFv7i5RZ4hlUKDWcYo>
Subject: Re: [openpgp] Overhauling User IDs / Standardizing User Attributes (was: Re: Scoped trust (signatures))
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jun 2018 20:45:52 -0000

I think the problem you are facing is Zooko's triangle: Decentralised,
meaningful names for keys can not be secure.  The PGP (implementation)
answer to this is the web of trust, but that is pretty much out of scope
for OpenPGP (the standard).  This is also apparent from your description
by the introduction of external policies ("when I want to sign X, I need
to check Y"), that are also out of scope for OpenPGP.  This might
explain the lack of response here.

Once you are adding additional policies, you can create additional
restrictions for user id fields, or introduce additional (private use?)
user attributes ad lib, and those will be the least of your worries.

OTOH, without such additional policies (that can be enforced by
conforming implementations), the proposed fields will just be more free
form fields in OpenPGP that accumulate cruft over time. There are a
couple of those already, and we have a pretty bad track record
validating those.

On 06/26/2018 05:27 PM, Leo Gaspard wrote:
> Are there really no opinions on this idea of decoupling names and email
> addresses through standardization of more User Attributes and removal of
> User ID packets in v5 keys? Not having any feedback from any software
> maintainer makes me wary of starting to write a patch for 4880bis right now.