Re: [openpgp] v5 sample key
Jonathan McDowell <noodles@earth.li> Thu, 25 April 2019 09:11 UTC
Return-Path: <noodles@earth.li>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4B0E12007A for <openpgp@ietfa.amsl.com>; Thu, 25 Apr 2019 02:11:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=earth.li
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_oTCwVT0RcS for <openpgp@ietfa.amsl.com>; Thu, 25 Apr 2019 02:11:36 -0700 (PDT)
Received: from the.earth.li (the.earth.li [IPv6:2001:41c8:10:b1f:c0ff:ee:15:900d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C859312006D for <openpgp@ietf.org>; Thu, 25 Apr 2019 02:11:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=earth.li; s=the; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject :To:From:Date:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=bSdSuZGFZLWMvIk5mQucFg4OtFil8NVUWdG5BijbWAI=; b=mvioBieXxbP+Ck/pmOIlblASor RhNw8fO9f+yTgR+cZnsK/mrYivDKWQPgGjaKwxBycO9cK6vSTNJxbx1dw1sbYftWjbVd9NUqQwgfX gmPdP6KEL0ODAl5ByLJcHuYjBSdFlUPgmcxFjVXq1m0YUL5mkLg4rIBNvyTNHInUAGkI20QjR+R++ OjEzUkXpBtLAe+FxeIVhdo+p+zU9+0FPpm3I3RLkIvlH1SEsvl9wjxi8NPOo+QsJzIhYBUTz+pX+x QNM2mKaSBUsOvX1j9p83Fw6Qq/p/1XK09vrqcnHtOAIWCeHJ7YTbcnX4RKrJ3ehKoGcCt9xOdtJiw UUAJzVLA==;
Received: from noodles by the.earth.li with local (Exim 4.89) (envelope-from <noodles@earth.li>) id 1hJaPl-0006bJ-Q9 for openpgp@ietf.org; Thu, 25 Apr 2019 10:11:33 +0100
Date: Thu, 25 Apr 2019 10:11:33 +0100
From: Jonathan McDowell <noodles@earth.li>
To: openpgp@ietf.org
Message-ID: <20190425091133.ayz4wyxzfe3xwdwf@earth.li>
References: <87sgvh1ugy.fsf@wheatstone.g10code.de> <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net> <871s1tyvkl.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="ssgqdaa43cuqvjfd"
Content-Disposition: inline
In-Reply-To: <871s1tyvkl.fsf@wheatstone.g10code.de>
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/GVUg6lTFYKr8kun_w6C1FPWJxjM>
Subject: Re: [openpgp] v5 sample key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Apr 2019 09:11:38 -0000
On Tue, Apr 23, 2019 at 10:28:26AM +0200, Werner Koch wrote: > On Mon, 22 Apr 2019 08:55, HeikoStamer@gmx.net said: > > There is no distinction between V3, V4, and V5 signatures resp. keys. > > However, GnuPG computes the hash in function hash_public_key() for V5 > > keys in a different way: starting with octet 0x9a and a four-octet > > length is given before the body of key packet is hashed. > > That is because 12.2 (Key IDS and Fingerprints) has > > A V4 fingerprint is the 160-bit SHA-1 hash of the octet 0x99, > followed by the two-octet packet length, followed by the entire > [...] > A V5 fingerprint is the 256-bit SHA2-256 hash of the octet 0x9A, > followed by the four-octet packet length, followed by the entire > > I think it makes sense to keep the signature computation in sync with > the fingerprint computation. Using the four-octet length and thus 0x9a > is important because it remove ambiguities if the key material is larger > than 2^16. A move to easily enable key material > 2^16 bytes seems to be in conflict with dkg's work on trying to reinvigorate the usefulness of key servers + the suggestion to limit key material packets to < 8383 bytes. J. -- I have seen the future - the future is Channel 3. This .sig brought to you by the letter S and the number 38 Product of the Republic of HuggieTag
- [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Jonathan McDowell
- Re: [openpgp] v5 sample key Heiko Stamer
- Re: [openpgp] v5 sample key Daniel Kahn Gillmor
- Re: [openpgp] v5 sample key Werner Koch
- Re: [openpgp] v5 sample key Daniel Huigens
- Re: [openpgp] v5 sample key Heiko Stamer