Re: [openpgp] OpenPGP Web Key Directory I-D
Benjamin Kaduk <kaduk@mit.edu> Mon, 12 November 2018 05:58 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30E2512D4E7 for <openpgp@ietfa.amsl.com>; Sun, 11 Nov 2018 21:58:24 -0800 (PST)
X-Quarantine-ID: <LgYQR9SoDVvr>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char 9C hex): Received: ...s kaduk@ATHENA.MIT.EDU)\n\t\234by outgoing.mit[...]
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Level:
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LgYQR9SoDVvr for <openpgp@ietfa.amsl.com>; Sun, 11 Nov 2018 21:58:22 -0800 (PST)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01E19130DD6 for <openpgp@ietf.org>; Sun, 11 Nov 2018 21:58:21 -0800 (PST)
X-AuditID: 1209190e-e8fff70000000fd5-93-5be9167c3223
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id E4.11.04053.C7619EB5; Mon, 12 Nov 2018 00:58:20 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.14.7/8.9.2) with ESMTP id wAC5wJoT024050; Mon, 12 Nov 2018 00:58:19 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) �by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id wAC5wF3r020002 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 12 Nov 2018 00:58:18 -0500
Date: Sun, 11 Nov 2018 23:58:15 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Bart Butler <bartbutler@protonmail.com>, Paul Fawkesley <paul@fluidkeys.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Message-ID: <20181112055814.GA99562@kduck.kaduk.org>
References: <23523.16831.292658.490356@chiark.greenend.org.uk> <874lcsyr3p.fsf@wheatstone.g10code.de> <2bc2bffb-86f5-1457-c19c-bf8a541b8e92@fluidkeys.com> <87ftwbye1s.fsf@wheatstone.g10code.de> <e8YBN6CQZpY7QiCOtFMY7IDhHVT5-gymd9AW-BgtUrGMFTQPppr_qdhcoPAYDNYXv5IXAjZi3wPakOju_5CzUg==@protonmail.com> <87h8gptejy.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <87h8gptejy.fsf@wheatstone.g10code.de>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrNIsWRmVeSWpSXmKPExsUixCmqrFsj9jLaYNUvA4v1B9tYLBr+PWS3 WDB7G5sDs8ecOS2sHkuW/GTy6GnbxBTAHMVlk5Kak1mWWqRvl8CV8XP5S+aCBUIVm9/+ZGtg vMzXxcjJISFgIvFp1Ry2LkYuDiGBNUwSH/teMUM4GxklLs7/xALh3GWSuPiohwmkhUVAVeLZ 2g8sIDabgIpEQ/dlsA4RgU5GiQfvusESwkBzZ1y+wQZi8wLZE+a+gJp0h0ni+u3/7BAJQYmT M5+ANTALaEnc+PcSaAMHkC0tsfwfB0iYU8BY4vKVlWAlogLKEnv7DrFPYOSfhaR7FpLuWQjd CxiZVzHKpuRW6eYmZuYUpybrFicn5uWlFuka6+VmluilppRuYgSHqSTfDsZJDd6HGAU4GJV4 eBvKX0QLsSaWFVfmHmKU5GBSEuV9f+5ZtBBfUn5KZUZicUZ8UWlOavEhRgkOZiURXj6el9FC vCmJlVWpRfkwKWkOFiVx3l8ij6OFBNITS1KzU1MLUotgsjIcHEoSvFGiQI2CRanpqRVpmTkl CGkmDk6Q4TxAw3eB1PAWFyTmFmemQ+RPMSpKifMWgiQEQBIZpXlwvaA0IpG9v+YVozjQK8K8 Z0GqeIApCK77FdBgJqDBJS+fgwwuSURISTUwlq7bvPcKZ75Csk/Yg2KBDFvdRImGYM+5efJd v1LKFz/Ju/G96EeR9/b/CV8fble7XFK1nqFc11/p7wfnwnU/WdVP2DjucKyc2RKwzJztvXvV pfJU9cZ66b29FbfZbfoP28q9XH6M7WWpYgtrLMvbqn2CHfaZ/o1iLVpP9/lVPXosckR8/wEl luKMREMt5qLiRACcjxcx/gIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/EMieBIiMrOweLiPrnRG-TorkNeE>
Subject: Re: [openpgp] OpenPGP Web Key Directory I-D
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Nov 2018 05:58:24 -0000
On Sat, Nov 10, 2018 at 11:25:21AM +0100, Werner Koch wrote: > On Sat, 10 Nov 2018 00:18, bartbutler=40protonmail.com@dmarc.ietf.org > said: > > > reasons previously mentioned in this thread and discussed in Brussels > > (case sensitivity, +aliases/subaddresses, Unicode, catch-all > > addresses). The hash would be ignored. > > BTW, the sub-addressing does not seem to be a real problem. A cursory > inspection of some large keyrings showed that user-ids with > sub-addresses are quite rare and there is always the opportunity for the > user (or a tool) to create another user-id w/o the sub-address. Thus > the sub-addresses can be handled in the MUA and won't need protocol > support. > > > I think that long-term, two parameters that do the same thing and could conflict is bad and that while compatibility is a good short-term goal, we should try drop the hash and to migrate to this final form as soon as possible: > > > > ..well-known/openpgpkey/hu/?l=Joe.Doe@example.org > > I disagree but I don't think it is the time to discuss this now. Let us > first deploy a useful key discovery and then see how it can be > improved/changed. > > > should simplify this and simply mandate the 'wkd' subdomain, full > > stop, rather than having a fallback mechanism to the main domain. The > > I concur. Given that we need to drop the SRV records for silly reasons > anyway, we can also demand a fixed subdomain. Given that I don't like > the "wkd" acronym, I would prefer to use a different name, like > "openpgpkey". I'll note that the IESG is generally not super-keen on reserved leaf names in the DNS, though it is not something that is entirely disallowed when there are not usable alternatives. https://tools.ietf.org/html/draft-moonesamy-dnsop-special-use-label-registry-00 is (IIUC) supposed to be a way forward to at least provide a discoverable registry of these "reserved" names. -Ben > And regarding your other mail: Sure, a redirection can only be allowed > to use a http redirect and not with a CNAME. > > > Shalom-Salam, > > Werner > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- [openpgp] OpenPGP Web Key Directory I-D Ian Jackson
- Re: [openpgp] OpenPGP Web Key Directory I-D NIIBE Yutaka
- Re: [openpgp] OpenPGP Web Key Directory I-D brian m. carlson
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Paul Fawkesley
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Ian Jackson
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Wiktor Kwapisiewicz
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Wiktor Kwapisiewicz
- Re: [openpgp] OpenPGP Web Key Directory I-D brian m. carlson
- Re: [openpgp] OpenPGP Web Key Directory I-D Bart Butler
- Re: [openpgp] OpenPGP Web Key Directory I-D Bart Butler
- Re: [openpgp] OpenPGP Web Key Directory I-D Benjamin Kaduk
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch
- Re: [openpgp] OpenPGP Web Key Directory I-D Benjamin Kaduk
- Re: [openpgp] OpenPGP Web Key Directory I-D Benjamin Kaduk
- Re: [openpgp] OpenPGP Web Key Directory I-D Bjarni Runar Einarsson
- Re: [openpgp] OpenPGP Web Key Directory I-D Werner Koch