Re: [openpgp] Fingerprints
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 16 April 2015 17:46 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FA4F1B33A1 for <openpgp@ietfa.amsl.com>; Thu, 16 Apr 2015 10:46:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.278
X-Spam-Level:
X-Spam-Status: No, score=-3.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, GB_I_LETTER=-2, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EMU6uG3nPpoZ for <openpgp@ietfa.amsl.com>; Thu, 16 Apr 2015 10:46:29 -0700 (PDT)
Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C5891B33A2 for <openpgp@ietf.org>; Thu, 16 Apr 2015 10:46:28 -0700 (PDT)
Received: by labbd9 with SMTP id bd9so62538997lab.2 for <openpgp@ietf.org>; Thu, 16 Apr 2015 10:46:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=dGxHYrJ9zChSjIF0+GMFKqasUgQOXk1OI2xLwxC1nok=; b=NwvQ3OnAONuFrAibuTmpgcp+gzQ1q3TN+mFKlbEd7A3YGcQ6JVh2oNhQtZMSTiOo15 4RU+xHnhVQjj/26J2GYRT05AMWYF6k8KfZ7PSxYSC1XpGvYegoMpNuYIdzOUzu7uHrnA 4eEj2C07RVrt6Do59EQqMRvkIulAbnDVryodfroCzP8jv1U9oqvZIquQcMamkeCjCyMy KbFLJrIChrstVt6VV92rvMmXn6SFT3dYkkj0Ir1lqPVDqjuiVQoWeeJwyPgBqlirxkGb Qdt/OqEuTuE9pSf24+KeZgLUNCmRa46t680bA6ViQ6/fHIWCHhJflbhsFUoCrAkgKZFN vXNQ==
MIME-Version: 1.0
X-Received: by 10.152.4.136 with SMTP id k8mr29654769lak.103.1429206386908; Thu, 16 Apr 2015 10:46:26 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.147.165 with HTTP; Thu, 16 Apr 2015 10:46:26 -0700 (PDT)
In-Reply-To: <sjmegnkccau.fsf@securerf.ihtfp.org>
References: <CAMm+LwhbB+-MnGRBCvprgAGOuu+5CJ2rgod7EBGOQR5UNVrspQ@mail.gmail.com> <87y4m0ozlt.fsf@vigenere.g10code.de> <20150415135105.GJ3106@singpolyma-liberty> <FE2717DC-3950-4536-B83D-BD005D2F26A6@callas.org> <1429128262.1702.41.camel@scientia.net> <E07D3736-038C-4C97-B96B-77284A5A9B02@jabberwocky.com> <1429131461.1702.52.camel@scientia.net> <sjmegnkccau.fsf@securerf.ihtfp.org>
Date: Thu, 16 Apr 2015 13:46:26 -0400
X-Google-Sender-Auth: oJI_TfoR_8RTW5h6WORwZIk8qEI
Message-ID: <CAMm+LwjtuogtN1on_zzckOMxAcCKBbKPQeTFvmWq-TLmXMibZQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Derek Atkins <derek@ihtfp.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/GV3ptEaEyMMYpDspERWNYQSuhVE>
Cc: Christoph Anton Mitterer <calestyo@scientia.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Subject: Re: [openpgp] Fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2015 17:46:31 -0000
Responding to multiple threads, trying to inject some precision... If people are happy with what I propose here, I can get a draft started. Just to be clear here, there are two separate places where an identifier might occur: Fingerprint = <Fingerprint-ID> + Hash ( <Content-Type> , <Data> ) Registering a new <Fingerprint-ID> code should be rare. We don't yet have consensus on whether <Content-Type> is needed but it certainly does not hurt and adding it solves many of the problems that would otherwise require us to cut a new <Fingerprint-ID>. In this scheme there is no need to cut a new ID for the PKIX KeyInfo blobs I want for vanity crypto or for a SAML assertion or a JOSE key blob. Which means that we also have complete flexibility to introduce a completely different PGP key format at a later date. [Detail] To be precise, the option is Fingerprint = <Fingerprint-ID> + H( <Content-Type>, <Data> ) Where H (c, d) might be Hash (c +d) or Hash (c + Hash (d)). Using the second form allows existing hashes to be converted to data fingerprints. And that can come in handy in a lot of situations. And for completeness, and to get everything straight, let me add: DisplayedFingerprint = Base32-ify (Fingerprint , n) TruncatedFingerprint = Trunc (Fingerprint, n) URIEncoding = <Prefix-TBS> + ":" + DisplayedFingerprint Note that there is no need for a length on the Displayed fingerprint. The precise definition of Base32-ify (x, n) and Trunc (x, n) are not yet specified. Since Base32 encodes 5 bytes at a time and this is not a multiple of 8, there is a possibility that the fingerprint does not 'round trip' between ASCII and binary forms. We can discuss that in detail later and the question of whether we want to include some sort of checksum on each block. If we are working in blocks of 5 characters, we might want to use one bit for a running parity which has the pleasing effect that each 5 character block represents 3 binary bytes. <Fingerprint-ID> At the moment the consensus proposal seems to be that Fingerprint-ID is a numeric code that has exactly two entries. I suggest: 96: SHA-2-512 144: SHA-3-512 These numbers are not completely random. While the codes themselves don't matter, using 0x60 and 0x90 has the pleasing and convenient effect that SHA-2-512 fingerprints will always start with the letter M (for Merkle-Damgard) and SHA-3-512 fingerprints will always start with the letter S (for Spongeworthy). <Content-Type> I suggest that we use a choice of either <Mime-content-type> + ":" <urn> This does not need to be a closed registry. The only requirement is that the identifiers be unique and unambiguous. In normal circumstances the content type for a key in PGP format is simply 'application/pgp-key'. Allowing any entry in the URN repository means we get OIDs for free: Lets say you want to use Ed2555 and this does not (yet) have a PGP number assigned: http://www.ietf.org/mail-archive/web/openpgp/current/msg07321.html The text representation of the OID is 1.3.6.1.4.1.11591.15.1. So the content type identifier is "urn:oid:1.3.6.1.4.1.11591.15.1" This approach is preferred over using the byte encoding of the OID because it does not require an encoder. People can use any crypto they like including experimental and vanity crypto without any impact on the IETF or IANA. <Prefix-TBS> The group has not discussed a URI form of the fingerprint but allocating a URI for any identifier should be routine. Given the key role fingerprints play, it is obvious someone will want a URI somewhere. Just defining the URI is probably enough to use the key with SAML for example. If specified, there should be exactly one prefix and it is probably best if we define something that is neutral. Something like 'Uniform Data Fingerprint' (UDF). Security considerations: Fingerprints are brittle. While it is very difficult to cause a collision even with a short fingerprint, unintended variations in the calculation of a fingerprint can occur unless great care is taken.
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Werner Koch
- [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Tom Ritter
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Stephen Paul Weber
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints David Shaw
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Designated Revokers Vincent Breitmoser
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Daniel Ranft
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- [openpgp] [RFC4880bis PATCH] Deprecate "Revocatio… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Neal H. Walfield
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Werner Koch
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Paul Wouters
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… Daniel Kahn Gillmor