Re: [openpgp] v5 in the crypto-refresh draft

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 27 June 2021 15:11 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33F1C3A10B8 for <openpgp@ietfa.amsl.com>; Sun, 27 Jun 2021 08:11:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KBZzzEC51C_i for <openpgp@ietfa.amsl.com>; Sun, 27 Jun 2021 08:11:27 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [180.189.28.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F0C23A10B6 for <openpgp@ietf.org>; Sun, 27 Jun 2021 08:11:26 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2168.outbound.protection.outlook.com [104.47.71.168]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-39-w8D219ZnPneIFoicJtxfhA-1; Mon, 28 Jun 2021 01:11:17 +1000
X-MC-Unique: w8D219ZnPneIFoicJtxfhA-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SYCPR01MB3389.ausprd01.prod.outlook.com (2603:10c6:10:32::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.18; Sun, 27 Jun 2021 15:11:10 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::51a7:5858:c7ef:880f]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::51a7:5858:c7ef:880f%5]) with mapi id 15.20.4264.026; Sun, 27 Jun 2021 15:11:09 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] v5 in the crypto-refresh draft
Thread-Index: AQHXXbr+7O9O+mcMl02kzvDvrO7x3asjXH2AgAS1USg=
Date: Sun, 27 Jun 2021 15:11:09 +0000
Message-ID: <SY4PR01MB62514F3D266BB726CD378A40EE049@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <SY4PR01MB6251ADA05B055670FCFF080CEE359@SY4PR01MB6251.ausprd01.prod.outlook.com>, <871r8rwavo.fsf@fifthhorseman.net>
In-Reply-To: <871r8rwavo.fsf@fifthhorseman.net>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [14.1.79.216]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 618be4ee-0661-4cd7-1aee-08d9397dcb78
x-ms-traffictypediagnostic: SYCPR01MB3389:
x-microsoft-antispam-prvs: <SYCPR01MB3389276AB46293C59F86A4F7EE049@SYCPR01MB3389.ausprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: GlPkKojLcnpgAiZjjlQaAMMFGaxoAJLE3OWhJm15g2SopKy0dR8l33nZ/xHmOxpyb8fpGYN9wXfaYIBWKKfA61ahx3TUfOapv23P8/lybU0vwejhxEB1EvT0Dgb1DyTTH8scwp+2ycCFGaYRv//LS47CLs/weymdU15uhVfDESlpnhyhuIhhYdfZtKwONPoqb769TOjhz5zuEMOze6E/CU0DT8r/nbI+e3+GvOG0bmpta+fiFN5TvbsWPlqoH4nrL/8nFP9/4SJAjDSqhgxIrjGlc+Z2w6ClmdpZ708G0pho0FNXxzA974dKfIQbQSYkNd+UmEXc+7nBpIp2IAHFWXfXClmKye9du4daSv224cDv/No8Hj34fG2HRCssZjpu6uyx3MkCCCMkm7Dcllb1ZzsfSXbCMGbiv9yVxMt3vM0SX3eFNC3nvENP7/5ztiQMp9XdXbMpZ+mctp0H+5qOnqQBITfVZ+F16InKYZ8eErkMQ1225USfsTYLUuZhXbxYsmLabybfq01CWQfbukQEkExqBFdxkZ6NVYWG1NRol3BIZWD1f7MIb30l7RmOemZPhSwMShVKXttDJZIbfieBnt7CDTdKz4lOong8E5S9J/b/ZwrvjIguf2XzE4qrdnwO7XiXgEVubbQHUQ38ky+Alg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(346002)(366004)(376002)(396003)(39860400002)(64756008)(66446008)(86362001)(66556008)(66476007)(66946007)(8676002)(186003)(316002)(8936002)(786003)(2906002)(9686003)(52536014)(76116006)(55016002)(53546011)(478600001)(110136005)(6506007)(122000001)(26005)(5660300002)(38100700002)(33656002)(71200400001)(7696005)(83380400001)(2004002); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?Windows-1252?Q?n6BtBLriRMPKhS5236NZYcXfcI+7PnkBasCS6gcTGRnR5T4gdx2ekXjm?= =?Windows-1252?Q?RkqBSFpfmhW10WNirXMf67de33vyywBVJkGIXZUJvo8mo6+Mw1zaz/+R?= =?Windows-1252?Q?ibiy9NYT8OvdaPv80sX/qkcHMVlexH1sYiAhgYcZWwHU9F2PwBwot0Pn?= =?Windows-1252?Q?IltBINvUUVNRCE+N2dqpi4s1T/WEdN4ZUgEJERAE63d5v3LoFt3rK5CL?= =?Windows-1252?Q?TwLawzs7re9tn2FWtjYA3PFcLftBOegH6l2F2cIqm1mA9I24U0N5qyFz?= =?Windows-1252?Q?OpXLXO9S7co5HVmaqE0eQlcydxJaEftLegWhBh8M8CKtlZStSOrPjrUs?= =?Windows-1252?Q?CAmCGjwQwLEnO44/u3q7QOGs6BaQ4A9PXIGAbKlfG7RZeAyKeNcPKglX?= =?Windows-1252?Q?wZDtSRwgQHLPVCfUtQX0DeJNvhxW0s4Y1MJWHvv/eLQTmc34NahMv/ao?= =?Windows-1252?Q?co0VUDGINYGbFgwrwEqoxMYpin4PXeaJ7vzpgyB22vf6pBTDLPrRHXF+?= =?Windows-1252?Q?aLigf1H6f7K9CrlUrmCApqsZUyvhxBFgjwFJts8pJKDW2LNNm5tD1NQg?= =?Windows-1252?Q?OY0489wv1DbttcQZWCoLsr7yUuUR/k+EwCPxiia7/YJS3waKuGVrz8vY?= =?Windows-1252?Q?OdBVZA5VaGeNRkjzjioHH/+PMZhNkr6WD/Wr9PjmVaCUmnWnBf9+7Q1R?= =?Windows-1252?Q?yj50ULQqR9h0MvOBFnEzpR5P7lLjoE17iEF5f6VQo92vdttq3kpQaI3f?= =?Windows-1252?Q?S35lCjpEF2xSpyjz1lmv7qZF/C5ohHdsp0qXQx7eFlC0WT1suaJVWIhH?= =?Windows-1252?Q?7LcwK4308cobnIm6UXG7YU3EO9uKxLIb0prI0RNxIyrD7GILeh75Vr6J?= =?Windows-1252?Q?5mq4GQyOIXDopgKNts0vFzCJgT5g5UIlQZgU230cEXU/bv6vKbhEGrNf?= =?Windows-1252?Q?2LhPpx1+Fvm7EwzLlTjnlN/y+Ji82Cnr5UyPrtqE+PlG0GIAbXQqUweN?= =?Windows-1252?Q?BVFyR03EKXxvdmw0rfDJSm6Ly9OS+BmJ5u8pVudvvtltYTuLqxfCRIkj?= =?Windows-1252?Q?Kjnz+5fUMEoHlItr7JJVlcg/ft8J9GaGBHVQpwRG4DGp/hCeiwIJvOiC?= =?Windows-1252?Q?ickGtG1lrlbhcdpMQ9voJeu4RgIyS7RoctP8lJDvZVKXfzJuFy7+nA50?= =?Windows-1252?Q?7QTbb58pkeYPyPTwvGwi8I9gsvdcrNsnUfFFO08uR9PWZw/dNg31Is98?= =?Windows-1252?Q?0FR2NAcGTmyaEOl29G/Zkwd6+8/x88SWnEs6e1CB+GtfS/xnbOLBftkl?= =?Windows-1252?Q?nePyfvNg/FYKAqYXFX7wV/tZLgXwewP5uEo1K90EnsxBDjBPas6AXS3M?= =?Windows-1252?Q?uoAcX7MLlzW7yr6r/rXM0n7jdrzGIicgg4Q=3D?=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 618be4ee-0661-4cd7-1aee-08d9397dcb78
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jun 2021 15:11:09.1640 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +39NCwLGZ4K/hxD4/rtDuO+ffNfg6e70oE/jrqVUE0r/qABuF4o8/R6lWBuVBYOX3ssWXg73GLaGRQSDdwaGYmaab/dr4bvDIeMpDYjS4zs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYCPR01MB3389
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FkubI_ixf8plT4_cpZ1mViHZE9A>
Subject: Re: [openpgp] v5 in the crypto-refresh draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jun 2021 15:11:32 -0000

>I would welcome a proposal for brief text that describes this use for the
>revision of RFC 4880

Do you mean the -bis draft or the -refresh draft?  If it's the -refresh draft
do you have the current text covering fingerprints?  The posted draft -03
predates the current discussion.

Peter.


________________________________________
From: openpgp <openpgp-bounces@ietf.org> on behalf of Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Sent: Friday, 25 June 2021 03:16
To: openpgp@ietf.org
Subject: Re: [openpgp] v5 in the crypto-refresh draft

On Thu 2021-06-10 05:40:34 +0000, Peter Gutmann wrote:
> Daniel Kahn Gillmor writes:
>
>>Key ID or fingerprint comparison has been recommended in the past by the
>>OpenPGP community as a reasonable way that one communications peer can
>>confirm that they have the "right key".
>
> Ah, good point, so it's a human-factors thing rather than just (say) mapping
> a signature to the key that signed it, where even if you can create a
> collision to point to a different key the signature check will still fail.
>
>>which i'll call the "comparison-verification" practice:
>
> Is it worth mentioning this in the text?  The current text just says "this
> thing is the fingerprint" with an implicit use elsewhere in the doc of
> "the thing used to identify which key is being used", without mentioning its
> second, non-protocol use, to verify someone's key.

I would welcome a proposal for brief text that describes this use for
the revision of RFC 4880, though i think a full description of
fingerprint-based verification (and other alternatives for key
confirmation) is probably beyond the scope for the crypto refresh
document.  It gets complicated, and the best practices are still pretty
unclear.

> (Is this still done?  When was the last time someone here attended a key
> signing party?).

Yes, it is "still" done, though i'm not sure it's ever been done to the
extent that the OpenPGP community has traditionally imagined it would
be.  "key signing party" is not the only context, either.  i've got
dozens of business cards or small slips of paper which contain OpenPGP
fingerprints (either as text or as QR codes) that people have given me
at free software conferences, and i've given them out myself.

do people *actually* verify them effectively?  that's another story…

   --dkg