Re: [openpgp] Proposal for a separable ring signature scheme compatible with RSA, DSA, and ECDSA keys

Werner Koch <wk@gnupg.org> Fri, 14 March 2014 17:47 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C96CC1A0170 for <openpgp@ietfa.amsl.com>; Fri, 14 Mar 2014 10:47:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FoMJA2Xp3vOK for <openpgp@ietfa.amsl.com>; Fri, 14 Mar 2014 10:47:01 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by ietfa.amsl.com (Postfix) with ESMTP id CE1EC1A01C9 for <openpgp@ietf.org>; Fri, 14 Mar 2014 10:46:51 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1WOWBw-0003dc-LY for <openpgp@ietf.org>; Fri, 14 Mar 2014 18:46:44 +0100
Received: from wk by vigenere.g10code.de with local (Exim 4.82 #3 (Debian)) id 1WOW39-00021f-Vg; Fri, 14 Mar 2014 18:37:40 +0100
From: Werner Koch <wk@gnupg.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <80674820640dbeb5ae81f81c67d87541@smtp.hushmail.com> <8761nh1549.fsf@vigenere.g10code.de> <a6d56e791a2c878f34369abc6f09b71d@smtp.hushmail.com> <87y50cybh3.fsf@vigenere.g10code.de> <53233BD4.4020804@fifthhorseman.net>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=1E42B367; url=finger:wk@g10code.com
Date: Fri, 14 Mar 2014 18:37:39 +0100
In-Reply-To: <53233BD4.4020804@fifthhorseman.net> (Daniel Kahn Gillmor's message of "Fri, 14 Mar 2014 13:26:44 -0400")
Message-ID: <87lhwcy93w.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/It2tAl7Hg73-wdzeFNuoOkgeHlk
Cc: openpgp@ietf.org, Vincent Yu <v@v-yu.com>
Subject: Re: [openpgp] Proposal for a separable ring signature scheme compatible with RSA, DSA, and ECDSA keys
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Mar 2014 17:47:02 -0000

On Fri, 14 Mar 2014 18:26, dkg@fifthhorseman.net said:

> I'm not sure i agree with this line of reasoning.  older keys can be
> imported into newer software (i've done that multiple times).  if the

It is all about probability.

> goal here is simply cryptographic non-repudiability, Alice's peer is

There is no such thing as mechanically created non-reputability.  But
why make it too easy.

> it doesn't make sense to rely on non-cryptographic signals (e.g. typical
> OpenPGP implemnetation version information, etc) to rule out possible
> cryptographic signers.

I case we are speaking about this: The whole point of criminial
investigations is to collect lots of evidence from _different sources_
to prove or disprove a claim.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.