IETF Logo Mail Archive

Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 06 August 2019 11:26 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC98120077 for <openpgp@ietfa.amsl.com>; Tue, 6 Aug 2019 04:26:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=AHxXs385; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=G+R81fea
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o_lhn6MJ8JuF for <openpgp@ietfa.amsl.com>; Tue, 6 Aug 2019 04:26:54 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 946EA1200B7 for <openpgp@ietf.org>; Tue, 6 Aug 2019 04:26:54 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1565090813; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=j0DdWgw9wlpGmLw/cKIUyYDeVy3G2py2wj2xFonb4ZM=; b=AHxXs385nBubaIr9kInHPUHvb3fTzgwja26pIXUIUri1xaAY51l6DZwB T3D7FTlD4iCoeIr2+2FAs0zgKzW0Bw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1565090813; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=j0DdWgw9wlpGmLw/cKIUyYDeVy3G2py2wj2xFonb4ZM=; b=G+R81feaq7LOeGg4TG/heCiuHOAuSynW4DdZufqGXrYslNWR+6tb/yZa F/5YL/Ptl7tG1o2fP+Rd+UumiokgM26UAqFoBWVhw0ci8o7G4WRUPPUtQY 3QfvR7AYkO5EQC1NcetqRnhWe7cvukKPz+kgaWJDy/zGFhYx7AF15buZu6 KADDdJGH2XIv1FZvqBT5Q1xhE2o5ZaQNmmYRyAseNonQvAmaozlowFMnje s7Wyuxmt/DGG4OSnQN49Xc+OINe2msPmcnfI+LVN879inSSRucDeypDe3E kFnBS3ndIyCatSHFtI3akj82CUgvt1MwIgyvdMS/RnVS5XuONFf1Sg==
Received: from fifthhorseman.net (unknown [98.11.158.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 42902F99E; Tue, 6 Aug 2019 07:26:51 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 29DA1204B5; Mon, 5 Aug 2019 16:11:43 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Paul Wouters <paul@nohats.ca>, Werner Koch <wk@gnupg.org>
Cc: IETF OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <61041EDB-DE08-48B9-AB01-EC1B12E700F1@nohats.ca>
References: <87iocqepta.fsf@littlepip.fritz.box> <20190731203444.4822-1-dkg@fifthhorseman.net> <87wofrmrry.fsf@wheatstone.g10code.de> <61041EDB-DE08-48B9-AB01-EC1B12E700F1@nohats.ca>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Mon, 05 Aug 2019 16:11:42 -0400
Message-ID: <87wofrpe2p.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/7oEnucNu5LeNjA1UZbSjp5LClL4>
Subject: Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Aug 2019 11:26:57 -0000

On Mon 2019-08-05 14:24:22 -0400, Paul Wouters wrote:
>> On Aug 5, 2019, at 13:44, Werner Koch <wk@gnupg.org> wrote:
>> 
>> I view this as problematic in the light of our preparations to allow for
>> larger key material.  With PQC we may need megabyte large keys and then
>> including an entire key would double the size of a keyblock.
>
> There is only one proposal in the NIST competition with that issue
> (McEliece) , and unlikely to be the winner, precisely because of that.

I also note that PQ key material is most significantly relevant today
for *encryption/decryption* keys, which *are not* likely to be
designated revokers (McEliece itself is rarely used for signing, aiui).

           --dkg

v2.23.0 | Report a Bug | By Email