IETF Logo Mail Archive

Re: [openpgp] Fingerprint requirements for OpenPGP

Derek Atkins <derek@ihtfp.com> Tue, 12 April 2016 14:39 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE3CD12E470 for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 07:39:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2PQ_iVCHw6LZ for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 07:39:18 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFAA312DB86 for <openpgp@ietf.org>; Tue, 12 Apr 2016 07:39:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 47CDDE2039; Tue, 12 Apr 2016 10:38:45 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 15940-07; Tue, 12 Apr 2016 10:38:40 -0400 (EDT)
Received: from securerf.ihtfp.org (tacc-24-54-172-229.smartcity.com [24.54.172.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 34040E2030; Tue, 12 Apr 2016 10:38:40 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1460471920; bh=jsQHrnDTxHKBTLbFSMuxGs9+cKap6t4Ekk5prrdmqUE=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=LNUNR20w85WONNiKyuKzH1Y4btGsDQ5geZPk+6/tH7ALMW6Pc0KrqgJuq/aTg25aw rawiPcu+RZ0T7/hilPYT9yIq54uDveXMP/NR2p6wSE2ez7tpasG09TUnYoALWkJvN0 LrckNqNAI2qjsB3ddvX5hkm3jx3I/kuYrVKgUhGU=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u3CEcU4r030130; Tue, 12 Apr 2016 10:38:30 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <87vb3nslqh.fsf@alice.fifthhorseman.net>
Date: Tue, 12 Apr 2016 10:38:29 -0400
In-Reply-To: <87vb3nslqh.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Mon, 11 Apr 2016 20:40:22 -0400")
Message-ID: <sjmbn5e3na2.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/9zFXvA10t03Hh-7oqGmVrouY3B4>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Fingerprint requirements for OpenPGP
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2016 14:39:20 -0000

Hi,

Thank you for your writeup....

Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:

[snip]
> I tend to agree with the discussion elsewhere in this thread that
> "internal database ID" is *not* the defining use case for the
> fingerprint, so i'm not including it here.
>
> I think there are only two use cases:
>
>  a) looking up a particular OpenPGP key in some remote database like a
>     public keyserver
>  
>  b) confirming that a particular key matches some out-of-band
>     communication

I would argue that (b) is more important than (a).  Your use-case (a)
sounds more like a DB Handle, so arguably it should be elided because
you've scoped your specification saying that "internal database ID is
not the defining use case".   Or are you saying that we have both an
internal database ID and an external database ID?

Beyond that, I agree with the rest of what you said.

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

v2.23.0 | Report a Bug | By Email