IETF Logo Mail Archive

Re: [openpgp] Clarification re subkey binding sigs?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 18 May 2023 19:36 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C402C151535 for <openpgp@ietfa.amsl.com>; Thu, 18 May 2023 12:36:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.303
X-Spam-Level:
X-Spam-Status: No, score=-1.303 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="sKf0O6CA"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="xhr55e2D"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NzmHRioBp1Pi for <openpgp@ietfa.amsl.com>; Thu, 18 May 2023 12:35:57 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D47D4C14F726 for <openpgp@ietf.org>; Thu, 18 May 2023 12:35:57 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1684438556; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=v2/Nhl2KOfvCZ4CyYfxCMqYWrJKtq6RLp8uzunf+amg=; b=sKf0O6CA+EQzaX4OaezBl6gdevxZ7PQenJKB3GmDEc9KZSUm+gdFcr71cB+jg5YlX2+lZ FMnIVfqdZWdP432Dw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1684438556; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=v2/Nhl2KOfvCZ4CyYfxCMqYWrJKtq6RLp8uzunf+amg=; b=xhr55e2Dfh5yufj6nYIhn77Znt/5exMH0o+sgka1ITQRyM6WHgZOQvXXUUQwwTGY3jRmG Pld/k7FYb/3+PbmhxZe3YnYtXkkNjMcqGNUESTDKjTHGrpu5p7swoHRuVPQ4aELqy07kmVY yelDfZGfSyChn93g7xtSQ7hmsbp4gIgPPdfx+IZHZJ//YX2MLRWuY66Idpu1/YdQoK66CWX xRCfQhVK6nZ8a428TWaK+D2ejzq3StDystti00yPxgP7vylJh1osnryixYAkZURPaXxB/MR qJAu6oZ1wOEML2Go5C/JekV19ku/qLHZsKHJ/CaP6rOSIIJlbiMg41ChKHVQ==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 1E77BF9AD; Thu, 18 May 2023 15:35:55 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 56B4521363; Thu, 18 May 2023 15:35:24 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Andrew Gallagher <andrewg@andrewg.com>, IETF OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <EC32FB38-DD71-4DE1-8E9D-70E5D3DD2E9D@andrewg.com>
References: <EC32FB38-DD71-4DE1-8E9D-70E5D3DD2E9D@andrewg.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Thu, 18 May 2023 15:35:23 -0400
Message-ID: <87sfbth1qc.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/8y70t4jHqkT8bQ4fNhfxyTOFLCc>
Subject: Re: [openpgp] Clarification re subkey binding sigs?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2023 19:36:02 -0000

Hi Andrew--

I think the textual changes you're suggesting below are simple
clarifications of text that is already present in the draft, and make no
substantive changes.

That said, this kind of editorial cleanup and clarification is useful!

On Mon 2023-05-15 17:36:28 +0100, Andrew Gallagher wrote:
> It might also be advisable to explicitly state that v6 keys MUST only ever make v6 signatures in any context.

I've tried to make your recommended changes here, tagged with the
"non-substantive" label:

   https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/310

They didn't come out exactly the way you worded them, but i hope they
get the same clarification across.

Please comment over there if you approve or disapprove!

    --dkg

v2.23.0 | Report a Bug | By Email