IETF Logo Mail Archive

Re: [openpgp] Followup on fingerprints

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 30 July 2015 03:53 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED3051B2AAE for <openpgp@ietfa.amsl.com>; Wed, 29 Jul 2015 20:53:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3cy-Tkv-Ya0B for <openpgp@ietfa.amsl.com>; Wed, 29 Jul 2015 20:53:27 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 22C961B2AAD for <openpgp@ietf.org>; Wed, 29 Jul 2015 20:53:27 -0700 (PDT)
Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id 818E9F984; Wed, 29 Jul 2015 23:53:25 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 577E42009A; Thu, 30 Jul 2015 05:53:25 +0200 (CEST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Werner Koch <wk@gnupg.org>, Phillip Hallam-Baker <phill@hallambaker.com>
In-Reply-To: <87si870zqy.fsf@vigenere.g10code.de>
References: <CAMm+LwgTcn8CY+Zk-f9gzXQtMJezG97T+kx2=C7PR5g7zFer_A@mail.gmail.com> <87twsn2wcz.fsf@vigenere.g10code.de> <CAMm+LwgRJX-SvydmpUAJMmN3yysi4zzGSpO2yY4JAMhD-9xLgQ@mail.gmail.com> <87si870zqy.fsf@vigenere.g10code.de>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Wed, 29 Jul 2015 23:53:21 -0400
Message-ID: <873806e1xq.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/AMxUmpDD3qc9yKqqbdtbz1XaQoE>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Followup on fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2015 03:53:29 -0000

On Wed 2015-07-29 11:06:45 -0400, Werner Koch wrote:
> By truncation I mean an arbitary truncation like what we do with keyids.
> Those 64 keyids are for example used to locally lookup the secret keys
> for decryption - there is no need to have security here because it is
> just a convenience method (cf. wild card keyids)

I'm not sure we should try to specify this kind of implementation
shortcut.  If a machine has a full fingerprint available to it (as it
does if it has the keys themselves), expecting any lookup to be indexed
by the full fingerprint seems like a reasonable expectation, and there's
no need to get into hashtable-style bucketing implementation details as
part of the RFC.

> Again, OpenPGP does not specify how to format a fingerprint.  That is
> and should stay out of scope for _this_ RFC but may be an additional
> item for the WG.

The sense i got of the room in Prague was that there were mixed feelings
about this point.  In practice, the fingerprint seems to be most often
used when there is a human in the loop, and in that scenario, the
textual representation of the fingerprint is indeed relevant.  If two
humans are comparing fingerprints, or a human wants to pass a
fingerprint to another human on a business card or sticker, then an
unambiguous strong representation (not bits on the wire) is important.

The only place where the fingerprint is used explicitly as part of wire
format in RFC4880 is in the designated revoker subpacket, and on this
list in the past there seems to have been no objection to replacing that
with a full public key packet as a way of avoiding concerns about weak
fingerprinting entirely (i'm hoping we can address this change in
4880bis).  So the wire format concerns aren't relevant to this case.

The other place where a fingerprint is used concretely is in HKP, as a
lookup string.  But again, here, it's not a bit-for-bit wire format.
The fingerprint in hkp is transmitted as an ascii string of hexadecimal,
which is human-readable (to map to an HTTP query parameter that a human
could type or paste into a web form).

As a result, it looks to me like a visual/textual representation of a
fingerprint could be in-scope for a 4880bis, if the WG wants to take it
on.

>> sufficient would be if a completely radical change to the format was being
>> considered such as moving all the structures to YANG, CBOR, JSON or JSON-B.
>
> The OpenPGP format is the OpenPGP format and not BER, PER, XML, or JSON.

If we're suddenly defining an entirely new OpenPGP packet format, then
we could indeed move to one of these other models.  But that seems like
a pretty radical change to me, though, and not the incremental
improvement/cleanup we're chartered for.

        --dkg

v2.23.0 | Report a Bug | By Email