Re: including the entire fingerprint of the issuer in an OpenPGP certification

Werner Koch <wk@gnupg.org> Tue, 18 January 2011 09:35 UTC

Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0I9ZCCq027045 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 18 Jan 2011 02:35:12 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id p0I9ZC0D027044; Tue, 18 Jan 2011 02:35:12 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id p0I9ZATl027039 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-openpgp@imc.org>; Tue, 18 Jan 2011 02:35:11 -0700 (MST) (envelope-from wk@gnupg.org)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.69 #1 (Debian)) id 1Pf7y1-0003Au-R0 for <ietf-openpgp@imc.org>; Tue, 18 Jan 2011 10:35:09 +0100
Received: from wk by vigenere.g10code.de with local (Exim 4.72 #1 (Debian)) id 1Pf7uB-000371-4A; Tue, 18 Jan 2011 10:31:11 +0100
From: Werner Koch <wk@gnupg.org>
To: Ian G <iang@iang.org>
Cc: OpenPGP Working Group <ietf-openpgp@imc.org>
Subject: Re: including the entire fingerprint of the issuer in an OpenPGP certification
References: <E1Pf1WI-0007aL-EN@login01.fos.auckland.ac.nz> <CFCF61BD-9281-4F09-AD31-C5AAC38315FE@callas.org> <4D354A08.1010206@iang.org>
Organisation: g10 Code GmbH
OpenPGP: id=5B0358A2; url=finger:wk@g10code.com
Date: Tue, 18 Jan 2011 10:31:11 +0100
In-Reply-To: <4D354A08.1010206@iang.org> (Ian G.'s message of "Tue, 18 Jan 2011 19:06:32 +1100")
Message-ID: <87lj2isgm8.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

On Tue, 18 Jan 2011 09:06, iang@iang.org said:

> And, head towards the fingerprint, the whole fingerprint and nothing
> but the fingerprint!  Dispense with all these weird and wonderful

I agree.  Further I am not sure whether we should do this full
fingerprint proposal right now or better wait for SHA-3.  If we would
settle now for a new fingerprint signature subpacket we will for sure
need to revise that for SHA-3.  We would need to maintain code for the
current fingerprint as well as for a SHA-3 for a little eternity.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.