Re: including the entire fingerprint of the issuer in an OpenPGP certification
David Shaw <dshaw@jabberwocky.com> Tue, 18 January 2011 22:05 UTC
Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0IM5w69061553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 18 Jan 2011 15:05:58 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p0IM5w40061552; Tue, 18 Jan 2011 15:05:58 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from walrus.jabberwocky.com (walrus.jabberwocky.com [173.9.29.57]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0IM5ukI061547 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-openpgp@imc.org>; Tue, 18 Jan 2011 15:05:57 -0700 (MST) (envelope-from dshaw@jabberwocky.com)
Received: from dshaw.nasuni.net (gw-comcast1.nasuni.com [173.166.63.186]) (authenticated bits=0) by walrus.jabberwocky.com (8.14.4/8.14.4) with ESMTP id p0IM5tSI019147 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <ietf-openpgp@imc.org>; Tue, 18 Jan 2011 17:05:55 -0500
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1081)
Subject: Re: including the entire fingerprint of the issuer in an OpenPGP certification
From: David Shaw <dshaw@jabberwocky.com>
In-Reply-To: <4D36010A.30205@fifthhorseman.net>
Date: Tue, 18 Jan 2011 17:05:55 -0500
Message-Id: <E8F060EE-48E5-4F92-8285-B5897A8F4950@jabberwocky.com>
References: <E1Pf1WI-0007aL-EN@login01.fos.auckland.ac.nz> <CFCF61BD-9281-4F09-AD31-C5AAC38315FE@callas.org> <4D354A08.1010206@iang.org> <87lj2isgm8.fsf@vigenere.g10code.de> <58216C60-3DFD-4312-B514-19243ED4220A@callas.org> <4D36010A.30205@fifthhorseman.net>
To: IETF OpenPGP Working Group <ietf-openpgp@imc.org>
X-Mailer: Apple Mail (2.1081)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by hoffman.proper.com id p0IM5vkH061548
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
On Jan 18, 2011, at 4:07 PM, Daniel Kahn Gillmor wrote: > On 01/18/2011 12:48 PM, Jon Callas wrote: >> If we combine it with a hash-independent fingerprint -- e.g., first byte is an algorithm ID, others are the actual hash -- then we can put it in now and then run with it. > > Daniel Nagy suggests that we also change the material being hashed in > the fingerprint (he wants to leave out the creation date). If that > proposal ends up achieving consensus then your proposal here will need > further modification. > > Does anyone feel strongly about Nagy's proposal, by the way? i'm not > sure what the tradeoffs are. > > Even without that concern, if we encourage super-flexible use like this, > user agents who wanted to use it to test for the presence of a given key > in an indexed keystore would need to index their keys with every > possible digest that might be used -- that seems excessive somehow. > (and unlikely that keyserver implementations would want a half-dozen > indexes, for that matter) Wouldn't it be better to just implement it > for today's fingerprint, and then when a new fingerprint is agreed upon, > determine (by subpacket length maybe?) whether it's the new fingerprint > or the old one. Compliant user agents would keep the two indexes around > until the v4 fingerprint goes away, and then drop the old one. > > Alternately, we could embed the algorithm ID as you suggest, and SHOULD > people into generating them using only the consensus fingerprint > algorithms so that reasonable user agents only need to create indexes > over SHA1 (now) and SHA3 (whenever that happens). I don't think we want people using other than the consensus fingerprint algorithms and methods. I suggest we make the first byte a version field, which can be set to '4' today for the current fingerprint, '5' for v5 keys, etc. I suppose we could skip that field and detect version based on size, but why use heuristics when we can know for sure with a version byte? David
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… Avi
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Peter Pentchev
- Re: including the entire fingerprint of the issue… Avi
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… Werner Koch
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Peter Gutmann
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel A. Nagy
- Re: including the entire fingerprint of the issue… Werner Koch
- Re: including the entire fingerprint of the issue… Ian G
- Re: including the entire fingerprint of the issue… Jon Callas
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… David Shaw
- Re: including the entire fingerprint of the issue… Daniel Kahn Gillmor
- Re: including the entire fingerprint of the issue… Peter Gutmann
- Re: including the entire fingerprint of the issue… Jon Callas
- including the entire fingerprint of the issuer in… Daniel Kahn Gillmor