Re: [openpgp] Summary of WG status
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 18 August 2017 19:42 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29A5E1320BB for <openpgp@ietfa.amsl.com>; Fri, 18 Aug 2017 12:42:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNAsdTZRmkl4 for <openpgp@ietfa.amsl.com>; Fri, 18 Aug 2017 12:42:27 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 87ACC12426E for <openpgp@ietf.org>; Fri, 18 Aug 2017 12:42:27 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 312C0F99A; Fri, 18 Aug 2017 15:42:26 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 2DCDB215E8; Fri, 18 Aug 2017 15:42:16 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Vincent Breitmoser <look@my.amazin.horse>, "Robert J. Hansen" <rjh@sixdemonbag.org>
Cc: Stephen Paul Weber <singpolyma@singpolyma.net>, openpgp@ietf.org
In-Reply-To: <20170818165311.d2x344yp5x5ys553@calamity>
References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <a2f2973f-2b34-5e07-2651-a1910d992c6a@sixdemonbag.org> <sjmefsef9b6.fsf@securerf.ihtfp.org> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <20170818165311.d2x344yp5x5ys553@calamity>
Date: Fri, 18 Aug 2017 15:42:12 -0400
Message-ID: <87efs8fysr.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/J7CrJS8e5U7trrleVyrT0NGZpoY>
Subject: Re: [openpgp] Summary of WG status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 19:42:29 -0000
On Fri 2017-08-18 18:53:11 +0200, Vincent Breitmoser wrote: > From discussions so far I seem to be alone in my doubts that > increasing the bitsize of the fingerprint even further is a bad > idea. Still, I'm gonna submit a nay to the record here. <erstwhile chair hat off, mailing list participant hat only> I've been looking at, and thinking about, fingerprints and other identifiers a fair amount for the last several years. I want to make a couple observations: * most people don't see (or need to see) the fingerprint explicitly. for those people, this is a machine-readable value, and not something to expose. * for the minority who do actually want to "check fingerprints", fingerprint-matching need not be done by text string comparison today. there are lots of other clever ways people can do this with modern machinery, and we don't need to specify those mechanisms here. * some cryptosystems already expose full sha256 values to users in marginal cases -- modern OpenSSH fingerprints are base64-encoded sha256sums, so there's precedent. * the difference in size (in terms of transit) between a 200-bit truncation and a full 256-bit SHA256 sum is 7 octets. * sha256 has had tons of cryptographic analysis. Truncated sha256 has not had as much. I don't think there's a risk here, but why deviate from what's been directly studied? * simplicity is good. So in balance, i think i lean toward the full sha256. I recognize that the additional 7 octets is a downside in some extremely tight circumstances. But i think the balance comes out in favor of simplicity and uniformity for implementations. --dkg
- [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Werner Koch
- [openpgp] Must-Implement Algorithms (was:Summary … Werner Koch
- Re: [openpgp] Must-Implement Algorithms (was:Summ… brian m. carlson
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status vedaal
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Derek Atkins
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Vincent Breitmoser
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Stephen Paul Weber
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Vincent Breitmoser
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Kristian Fiskerstrand
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Werner Koch