Re: [openpgp] Registration of the 'proof' notation

Jon Callas <> Sat, 03 October 2020 22:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 779D63A0962 for <>; Sat, 3 Oct 2020 15:36:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cYQjQaeRwsDB for <>; Sat, 3 Oct 2020 15:36:24 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F048B3A095F for <>; Sat, 3 Oct 2020 15:36:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=1a1hai; t=1601764583; bh=Z64PzG7da3Wcpie0HHRka3VK3S5FP9ubapuN02Y40DE=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To; b=wUmja/gai3ms6NhTui3q3QcX6jP5C7qRQDDSKsl7ykB76ktUlLCT8EP9bgi7FHTyX vvWOgLhxvIYjD1jmRTSzdWlwhVKGUNP3zwVxmDXhTvupcggQlLdGTBC3V/Jwj99e+/ 3az/o5L0NAwLntUAmoVwB5YZ4ODnEIy88YOJhF1g0hRNMM171yg0YcIKnB1/0vmPf/ zfqGyMgH6NX5oshRQ/LAD0n2JQNphilQJbDFeNmMbXRQVXkDqLn5NucBZSmFTAcHA/ IpSAcme5w5WzeIuQ1k/+42XAQtBJv2R6EjKEWga4/6VWMRH7e7yhmh9Ut4gn7wnR2K RecmZlNr59gFQ==
Received: from [] ( []) by (Postfix) with ESMTPSA id 03B17B40363; Sat, 3 Oct 2020 22:36:22 +0000 (UTC)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
From: Jon Callas <>
In-Reply-To: <>
Date: Sat, 3 Oct 2020 15:36:22 -0700
Cc: Jon Callas <>, Wiktor Kwapisiewicz <>, "" <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <>
To: "Neal H. Walfield" <>
X-Mailer: Apple Mail (2.3608.
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-10-03_17:2020-10-02, 2020-10-03 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=2 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2006250000 definitions=main-2010030191
Archived-At: <>
Subject: Re: [openpgp] Registration of the 'proof' notation
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 03 Oct 2020 22:36:26 -0000

> On Oct 1, 2020, at 3:41 AM, Neal H. Walfield <> wrote:
> Hi Jon,
> Thanks for your comments.
> I'm a bit confused, however, how PGPtickets are analogous to social
> proofs.  A social proof is an identity ("my handle on this service is
> X").  PGPtickets are authorizations.  When I create a social proof,
> I'm not normally delegating any authority; I'm advertising an
> identity.  And, an authorization in the o-cap world is normally free
> of identity information (authorization-based, not identity-based,
> access control is the mantra).

One point is that they don't have to be embedded in the OpenPGP key. They're separate statements with their own syntax. Just because OpenPGP is a nice hammer doesn't mean that everything's got to be a nail. It's okay to have other hardware.

While I agree with you that these social proofs correspond reasonably well to an identifier, especially more than making them be a notation, there's no reason to jam them into even that. Wiktor has his own uses, and the fact that he's suggested an approach different to what you and I thought says to me that perhaps we don't quite get his use case.

Thus, why not just go take something and do it? Other people have done it before. When Vinnie and Tony were doing the tickets, they could have done it so that it was a notation as well. In their case, the sysadmin could have signed the actor's key with a notation, even, and had it work that way. It also makes sense to make it be a wholly separate object, purpose built to its need. Moreover, it doesn't require the likes of us to agree to it.

That's why I suggested it. Among the implementation options is for Wiktor to go off to the side and do his social proofs with another syntax. Moreover, the consumer of the proofs only has to verify the signature around the proof and then parse the proof on its own, without having to go to the trouble of parsing a whole OpenPGP key.