Re: [openpgp] Expected client behaviour ambiguity in signature verification
Daniel Huigens <d.huigens@protonmail.com> Fri, 08 July 2022 14:23 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3042FC157B35 for <openpgp@ietfa.amsl.com>; Fri, 8 Jul 2022 07:23:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9tdYX1pAUDGH for <openpgp@ietfa.amsl.com>; Fri, 8 Jul 2022 07:23:02 -0700 (PDT)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24E30C14F75F for <openpgp@ietf.org>; Fri, 8 Jul 2022 07:23:02 -0700 (PDT)
Date: Fri, 08 Jul 2022 14:22:51 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1657290179; x=1657549379; bh=MIKSFg2AYtNkyzM3XYfXMTUD29QiCAey+6JjxZvV2Hk=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:Feedback-ID:From:To:Cc:Date:Subject:Reply-To: Feedback-ID:Message-ID; b=f5+DBQHpbiCEv15RXtCs6cjNhLSPCDQcHua0OcrD3PtHZGjf1OruxsCZhgGipR1r5 lG84NtHTEy+K0Xbg+RhTDSlAqihe3TWX5ya836KaVV6NrTVbzsHkMPoGp1iCFYM139 /MiiGcTGl8hLfAeHyjBsYtjRavIHaQGC2qbqcBXeWPuwk3nkgYy9LEh2MBWF0wfwf2 RJSaL9BjdE7bW4uK1TBda/RAMSkj2ZDdi3bs77grJmq5xDh9nT7Y+lhf7jEHsA05tL m9WS6ZNyTPIoIrWNplZftsKagTM5VKhHQqjP/riB3vsNof4iD1tpPdkbsBZ24Q1TNv oKm6CS0AsHefg==
To: Justus Winter <justus@sequoia-pgp.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Cc: Andrew Gallagher <andrewg@andrewg.com>, openpgp@ietf.org
Reply-To: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <ejV91k6cLZSWu6XKlMLLyVhrwpYOJWOD6q4Ekp6veU53kVA4kSNM1zZ1EoCJG2QJLlYoq2Rylxd7LWxssmPji5ozUn8iZHiD1f3x8vqJ2wc=@protonmail.com>
In-Reply-To: <87let3wxtj.fsf@europ.lan>
References: <d0483dcb-025b-37c2-9a26-e42133b506ac@andrewg.com> <rFGQzFpo7YRJdeCEIqSDMYYZhf_svkyx8UHG3GE__VMZFj2pRAbcTa-G9jjQoppUln1XNblYl6Lbjn7wMDMLqwzTJxB-hO0RwAofwLJL7wc=@protonmail.com> <87sfnbx3we.fsf@europ.lan> <HcMPnSrBDMEb2UqLScL9OTrornuJln5O0WG0ZBe2FLW3Q3YbJ9plFBKGJGdWYyVF-Wz9HA6supa9tXH5y8DfJTe05cUD5Uk0VciCnGuQNMo=@protonmail.com> <87pmifx2km.fsf@europ.lan> <Gjz95aE4GW3B-PIIf3VWobfxKwlSPyI-yU5L7B5zM-6QBv48RXZrrXvIkFQ5NUd9g64Ai9Adzqxahueo5LEqWRCY-Hjj9dRZeI2JYlaWqd4=@protonmail.com> <87let3wxtj.fsf@europ.lan>
Feedback-ID: 2934448:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/HOu-3FJM2ezVnAdnNDK6NsNe_sw>
Subject: Re: [openpgp] Expected client behaviour ambiguity in signature verification
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2022 14:23:06 -0000
On Friday, July 8th, 2022 at 15:14, Justus Winter wrote: > You said before that you prefer not to use the reordering heuristic. > But how else should the keyserver fix the certificate? I meant more that they could do a manual intervention for the keys where that happened, perhaps. (Particularly in the case where the keyserver itself broke the key, I didn't mean that they should fix up these keys in general.) Then, they could also verify the signature packets with each of the components, to check where it should be placed. Obviously if we remove the hash prefix in v5, and the bug happens again with v5 keys, and there are some third-party signatures that they can't verify, then that won't be possible. However, I don't think that's a very strong argument for keeping the hash prefix: keyservers could do any number of things to corrupt or break public keys, most of which are not recoverable. So I don't think we should necessarily design around that possibility. Best, Daniel
- [openpgp] Expected client behaviour ambiguity in … Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Jonathan McDowell
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Nickolay Olshevsky
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Jonathan McDowell
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Paul Schaub
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Peter Gutmann
- Re: [openpgp] Expected client behaviour ambiguity… Justus Winter
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher
- Re: [openpgp] Expected client behaviour ambiguity… Daniel Huigens
- Re: [openpgp] Expected client behaviour ambiguity… Andrew Gallagher