IETF Logo Mail Archive

Re: [openpgp] Version 1 image header bits that MUST be 0

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 08 May 2023 16:06 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C702FC13AE41 for <openpgp@ietfa.amsl.com>; Mon, 8 May 2023 09:06:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.304
X-Spam-Level:
X-Spam-Status: No, score=-1.304 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="OpPKBdm7"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="cgJ/iDIE"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJSOpjo3A6qo for <openpgp@ietfa.amsl.com>; Mon, 8 May 2023 09:06:50 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11D8FC13AE48 for <openpgp@ietf.org>; Mon, 8 May 2023 09:05:51 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1683561950; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=wpoOzaXQlsSR5CmmdolKMbtnVKb/F29rI1YKO4cuFWc=; b=OpPKBdm7liDlKdv5v4jk92t2fSDW2Rg4dkfeXOKEhnf9Ih05dRuRD0pix/BRoqtlykG3h UpGx4tMGHe0IMs9Dw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1683561950; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=wpoOzaXQlsSR5CmmdolKMbtnVKb/F29rI1YKO4cuFWc=; b=cgJ/iDIEo27qk+f7b/ZLyIs7d49DnMmDSu1i9WGtiV8RC7uBMBZCOOg5GVcNFg93Jqk6d E1EUPKR9Nvz3qx9sPMDPnbn1aKQRVgDnYQhGnFEJu8hcvctqRxrXr4Y5lD8A3FczsBnWT/G rb7MufrYOhwZ7ZPYGQ1bS2dsnVzuv2M9IbLb1BrEfveWGa6DrOBxckCDRPVr4Bi0bOAei9i FLvtwJIlQepTEdxFVlq9j08DjG/KZNIqACIM+1ZOFK77IFA7aV3D5Oj0wzv4x+pEy1SDT1l b18z23ovlGGlPEJE8mcCydjnHbm4TCpjA3t3op+AsWYwTTD9jZwhYNvdBkXA==
Received: from fifthhorseman.net (unknown [76.145.2.105]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 6BBDAF9AD; Mon, 8 May 2023 12:05:50 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 1119B20658; Mon, 8 May 2023 12:05:46 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Paul Wouters <paul@nohats.ca>, "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <8211a864-3ce5-bb60-2aa8-6e73e82213ef@nohats.ca>
References: <8211a864-3ce5-bb60-2aa8-6e73e82213ef@nohats.ca>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Mon, 08 May 2023 12:05:45 -0400
Message-ID: <87lehy95ba.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FytBc1tsde6qYigbpwV8OmsI8QA>
Subject: Re: [openpgp] Version 1 image header bits that MUST be 0
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2023 16:06:54 -0000

On Wed 2023-04-19 18:33:03 -0400, Paul Wouters wrote:
> Current text states:
>
>  	The fourth octet of a version 1 image header designates the encoding format of the image.
>  	The only currently defined encoding format is the value 1 to indicate JPEG.
>  	Image format types 100 through 110 are reserved for private or experimental use.
>  	The rest of the version 1 image header is made up of 12 reserved octets, all of which MUST be set to 0.
>
> Where possibly, I'd like to extend claims of "MUST be x" with "and MUST
> be ignored if not x". In general, this allows forward compatibility
> without old clients dying because of reserved bits now being in use.
>
> I just wanted to run this by the WG to ensure this can be done here as
> well. I don't think this would be a security issue, unless we would
> want the entire image to fail upon seeing a single unknown bit.

I have no data to show that making this change would be a problem, but i
also don't know how well it would work in practice.  Do you have data
that suggests existing implementations wouldn't choke on this?  I don't
see anything in the interoperability test suite that indicates what
would happen if these bits of an image attribute subpacket are actually
set.  For example, if including such an image attribute in a certificate
would cause an existing implementation to be unable to encrypt to that
cert, or to verify a signature from it, that would be bad news.

As an alternate approach, i expect it would be more straightforward to
deprecate these bits (and much of this flexibility) entirely.  The root
of the issue is that there is too much unused extensibility here.  A
simplifying approach might be:

 - drop the Image Attribute Version registry
 
 - drop the Image Attribute Encoding Format registry
 
 - redefine the "1" row of the User Attribute type registry to be "JPEG"
   (and define that format with a wire image that matches the current
   common use)

Then we still have a lot of flexibility (maybe even too much still: user
attribute packets can still have an arbitrary sequence of attribute
subpackets), but we've moved the flexibility into a single table that
describes those subpackets, the User Attribute type registry.  "Have one
joint and keep it well-oiled" is the way i've heard this philosophy
expressed elsewhere in the IETF.

At any rate, i don't think my simplifying proposal above is in-scope for
the current WG charter, but maybe a future incarnation of the WG can
consider it.  I've opened
https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/167 to track it.

            --dkg

v2.23.0 | Report a Bug | By Email