IETF Logo Mail Archive

Re: Identifying revoked certificates

Werner Koch <wk@gnupg.org> Fri, 07 September 2001 06:18 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA02221 for <openpgp-archive@odin.ietf.org>; Fri, 7 Sep 2001 02:18:29 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id f8768NR26001 for ietf-openpgp-bks; Thu, 6 Sep 2001 23:08:23 -0700 (PDT)
Received: from kasiski.gnupg.de (porta.u64.de [194.77.88.106]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f8768LD25990 for <ietf-openpgp@imc.org>; Thu, 6 Sep 2001 23:08:21 -0700 (PDT)
Received: from uucp by kasiski.gnupg.de with local-rmail (Exim 3.22 #1 (Debian)) id 15fFjZ-0005xk-00; Fri, 07 Sep 2001 09:07:25 +0200
Received: from wk by alberti.gnupg.de with local (Exim 3.22 #1 (Debian)) id 15fEtW-0001Yy-00; Fri, 07 Sep 2001 08:13:38 +0200
To: ietf-openpgp@imc.org
Subject: Re: Identifying revoked certificates
References: <p05100309b7baf2e20a43@[192.168.1.180]> <010901c135ad$a7233000$fac32609@transarc.ibm.com> <p05100325b7bd794fd6a4@[192.168.1.180]> <20010906154624.C750@akamai.com> <p0510032fb7bd98d93fcc@[192.168.1.180]>
From: Werner Koch <wk@gnupg.org>
Organisation: g10 Code GmbH
X-PGP-KeyID: 621CC013
X-Request-PGP: finger://wk@g10code.com
Date: Fri, 07 Sep 2001 08:13:38 +0200
In-Reply-To: <p0510032fb7bd98d93fcc@[192.168.1.180]> (Jon Callas's message of "Thu, 6 Sep 2001 14:33:10 -0700")
Message-ID: <87bsknplyl.fsf@alberti.gnupg.de>
Lines: 37
User-Agent: Gnus/5.090004 (Oort Gnus v0.04) Emacs/20.7
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

On Thu, 6 Sep 2001 14:33:10 -0700, Jon Callas said:

> Now then, a question for implementors: If this gets put in, would you
> implement it? "Yes, but not right away" is a fine answer, as are "Yes" and

No. 

I don't see a reason for the revocation target specifiers.  The only
sound handling of self-signature revocations (and that's what we are
talking about) is to use the latest valid self-signature, be it a
revocation or a real self-signature.  All other ways makes the
protocol more complex and ambiguous and is error prone.  Checking the
timestamps of valid revocations and self-signatures is sufficient in
about all cases.  There are only 2 problems I can identify with this:

  * 2 signatures done in the same second. 

Solution:  Don't do this and if you receive one, choose one of them
by whatever means.

  * Sequence of packets messed up. 

This should not happen, but if it does there is the same chance that
the UIDs or subkeys and their self-signatures are out of order and so
one would need to specify the UID in the self-signature.  Solution:
Either drop these packets because they don't comply to OpenPGP or
reorder them which might take a couple milliseconds.  From experience
I know that the reordering is only rarely needed and in most cases due
to buggy keyserver implementations.
  

  Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus

v2.23.0 | Report a Bug | By Email