Re: [openpgp] Version 5 key and fingerprint proposal

[KellerFuchs <KellerFuchs@hashbang.sh>]

On Tue, Mar 07, 2017 at 06:48:05PM +0100, Werner Koch wrote:
> Hi!
> 
> Find my proposal for a V5 key and a new fingerprint scheme below and
> also with a colored diff at
> 
>   <https://gitlab.com/openpgp-wg/rfc4880bis/commit/ba4f884c6d5483071d6adbc1e43978b60980440a>

Thanks a lot for doing this.


> [...]
> =====
> From ba4f884c6d5483071d6adbc1e43978b60980440a Mon Sep 17 00:00:00 2001
> From: Werner Koch <wk@gnupg.org>
> Date: Tue, 7 Mar 2017 17:48:15 +0100
> Subject: [PATCH] Specify a v5 key version and a new fingerprint scheme.
> [...]
> ---
>  middle.mkd | 98 +++++++++++++++++++++++++++++++++++++++++++++++++++-----------
>  1 file changed, 81 insertions(+), 17 deletions(-)
> 
> diff --git a/middle.mkd b/middle.mkd
> index 462730b..1cd9f86 100644
> --- a/middle.mkd
> +++ b/middle.mkd
> @@ -1279,8 +1279,11 @@ #### {5.2.3.14} Regular Expression
>  
>  #### {5.2.3.15} Revocation Key
>  
> -(1 octet of class, 1 octet of public-key algorithm ID, 20 octets of
> -fingerprint)
> +(1 octet of class, 1 octet of public-key algorithm ID, 20 or 25 octets
> +of fingerprint)
> +
> +V4 keys use the untruncated 20 octet fingerprint; V5 keys use the
> +right truncated 25 octet fingerprint

This is the first occurence of “right truncated”, as far as I can tell.

Since it's not entirely clear (at least to me) if this means keeping the 20
rightmost octets or dropping octets right of the 25th, not introducing it
is not ideal.

Furthermore, this hints at there being a left-truncation too, and having
both seems like a source of confusion. What about simply calling this “the
truncated 25-octets fingerprint” ?


Also, but I likely missed the relevant WG thread, why truncate the
fingerprint to 200 bits? (Not that this is likely an issue.)


Best,

  kf