Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"

Werner Koch <wk@gnupg.org> Mon, 05 August 2019 17:45 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC6C41202BE for <openpgp@ietfa.amsl.com>; Mon, 5 Aug 2019 10:45:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.999
X-Spam-Level:
X-Spam-Status: No, score=-6.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FXhEcGdenLc0 for <openpgp@ietfa.amsl.com>; Mon, 5 Aug 2019 10:45:12 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CFFD01202AC for <openpgp@ietf.org>; Mon, 5 Aug 2019 10:45:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=h+3Ok0wQ11neF03SRMLbo/sdo6nZxjWMN5IgZqWkxGc=; b=FQoCuR+ASBXAMKfUIqiDBWG6cv gxAgamf1qklhWTe4HIg14VXoS60TLPSIKWzPAWFuN8doRCSUBfW2Dhhrre1A/wtN8B1OF8szdOe2O XST8icas/+SKKmfonOQj7oAAjHtd5cBBgRE8a0/4t7ILRIVZadMqZFC7GAHgyWOLMfIc=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1huh2i-0006B6-P7 for <openpgp@ietf.org>; Mon, 05 Aug 2019 19:45:08 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1huh1d-0006wR-Jq; Mon, 05 Aug 2019 19:44:01 +0200
From: Werner Koch <wk@gnupg.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: IETF OpenPGP WG <openpgp@ietf.org>
References: <87iocqepta.fsf@littlepip.fritz.box> <20190731203444.4822-1-dkg@fifthhorseman.net>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, IETF OpenPGP WG <openpgp@ietf.org>
Date: Mon, 05 Aug 2019 19:44:01 +0200
In-Reply-To: <20190731203444.4822-1-dkg@fifthhorseman.net> (Daniel Kahn Gillmor's message of "Wed, 31 Jul 2019 16:34:44 -0400")
Message-ID: <87wofrmrry.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=SADMS_H5N1_UMTS_MI5_.Hello_to_all_my_friends_and_fans_in_domestic=su"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FalZC6_egTYMeO1Wc84RazOYBsA>
Subject: Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Aug 2019 17:45:15 -0000

On Wed, 31 Jul 2019 16:34, dkg@fifthhorseman.net said:
> The "revocation key" subpacket is problematic.  It is the the most
> fragile piece of the specification wrt the fingerprint (collisions
> against a fingerprint can create surprising revocation effects).  And

With the move to v5 keys this will be solved en-passant.

> replaces it with a "designated revoker" subpacket that includes the
> full key, rather than the fingerprint.

I view this as problematic in the light of our preparations to allow for
larger key material.  With PQC we may need megabyte large keys and then
including an entire key would double the size of a keyblock.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.