[openpgp] Context Parameters for Signing and Encryption

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 05 February 2023 17:23 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6261CC14F740 for <openpgp@ietfa.amsl.com>; Sun, 5 Feb 2023 09:23:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.303
X-Spam-Level:
X-Spam-Status: No, score=-1.303 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="oGfjw9nY"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="pNp4k+IX"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G8L3XQALRNwF for <openpgp@ietfa.amsl.com>; Sun, 5 Feb 2023 09:23:20 -0800 (PST)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBFAAC14EAA3 for <openpgp@ietf.org>; Sun, 5 Feb 2023 09:23:20 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1675617799; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=mwT2ifnHYbIoV6kprjH8btzrL1eAxVY7TqA3bQqBOBI=; b=oGfjw9nYysRl9zYmfjtxnL6Ln0Eil8Ln4f3XIGokFfAT7Aq/KjRNqYq68uUP3ZTds6Yxa 2ZFVaBUTRZ/gXvODA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1675617799; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=mwT2ifnHYbIoV6kprjH8btzrL1eAxVY7TqA3bQqBOBI=; b=pNp4k+IXaJMe/nNMA8fVWEFv12zUtgF9y8/X2b7EtZXdowSgzvRx1h5cBF0dIrbz0Dthd UQPEnXQMXTOWlajESjfg1Jsb2X3uSvItA/zsnlsUVv/Vu2TuGMirBDWxX1eXOT11wDeRgRz TVo+w8SVqhFjsaFJHNE/KZie+dPuPdL/hgJxIKfo/VTyhcVUfTvYD+wK53zol7TARwy1REg qne0unWq8EOJtd2h76ahYEA1EPoyXMDrmJ9ppt7IpjrFtmSFSH9GrWO23ISzh9WnCsQOCaL UonM8AmBzhM4zh7wM0GXg23qKcdIKZkx20R+oOlU8oKOzXw9NJrEdrFK+REg==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id CAF78F9AD for <openpgp@ietf.org>; Sun, 5 Feb 2023 12:23:19 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 3523A209A0; Sun, 5 Feb 2023 12:23:04 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Sun, 05 Feb 2023 12:23:03 -0500
Message-ID: <87y1pcm3go.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/EMgxWh4lghA9CEqr6Wkl6Zurx3g>
Subject: [openpgp] Context Parameters for Signing and Encryption
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2023 17:23:25 -0000

Hi folks --

we need to resolve whether there will be a context parameter added to
the crypto-refresh, for signing, and for encryption.  i'd like folks to
be clear aobut whether they're talking about signing or encryption, but
we can use this thread for both.

The mechanisms and use cases for signing and encryption are likely to be
different.

See https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/145 and earlier
discussion on this list for background.

The main questions:

- Should we provide a context parameter for signing for v5 signatures?

- Should we provide a context parameter for encryption for v2 SEIPD
  packets?


Interesting subquestion for either of the above:

- if so, how do we specify or register the context parameter for
  different use domains of use?  How do we even define these different
  "domains"?

An MR that says "yes, add a context parameter for both" and "don't specify any
specific context or set up a registry for either" is at:
https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/214

Please use this thread for this discussion, but remember to clarify
whether you're thinking/talking about signing and encryption.

        --dkg