IETF Logo Mail Archive

Re: [openpgp] V5 Fingerprint again

Vincent Breitmoser <look@my.amazin.horse> Thu, 02 March 2017 13:31 UTC

Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FD7C129546 for <openpgp@ietfa.amsl.com>; Thu, 2 Mar 2017 05:31:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05hDmiIMvEfd for <openpgp@ietfa.amsl.com>; Thu, 2 Mar 2017 05:31:07 -0800 (PST)
Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F0B3129464 for <openpgp@ietf.org>; Thu, 2 Mar 2017 05:31:06 -0800 (PST)
Received: from localhost (gate.ibr.cs.tu-bs.de [134.169.34.1]) by mail.mugenguild.com (Postfix) with ESMTPSA id 864A65FA58; Thu, 2 Mar 2017 14:31:05 +0100 (CET)
Date: Thu, 02 Mar 2017 14:31:05 +0100
From: Vincent Breitmoser <look@my.amazin.horse>
To: Thijs van Dijk <schnabbel@inurbanus.nl>
Message-ID: <20170302133105.3eijwflvyoddsqb7@calamity>
References: <CAMm+Lwju5i5xHt=ma6Ush4_4dfZNwOi2=2km+6Qja+sDbkvbxg@mail.gmail.com> <CADGaDpFoBt1=eZHxo4q=Yb24NYyy1sudFn_h=MTZE3_wiRVXJw@mail.gmail.com> <87lgsoah35.fsf@wheatstone.g10code.de> <9E0B568A-6BFB-402B-A445-C1B31FF4D9A6@my.amazin.horse> <CADGaDpE-OzPafDO89=JB-6X=EER3AUnrGbCGi96vaN9E0vyydg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CADGaDpE-OzPafDO89=JB-6X=EER3AUnrGbCGi96vaN9E0vyydg@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/J7sk95bJJ8CSJL7e0GA61vV0xkc>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] V5 Fingerprint again
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 13:31:08 -0000

> Interesting. How do you envision handling an updated selfsig (e.g. to move
> the expiration date forward) with a stronger hash than before?
> To me, this seems like the most obvious upgrade path (i.e. a way for users
> to force moving to a stronger hash), but when taken literally we've just
> retroactively revoked all previous signatures.

I don't think this works as an upgrade path really. Both for the reason
you mention, and also because packets can be suppressed. The best we can
probably do here is try and not allow worse than the weakest link.

> One could have a gnuk or yubikey generate the key, and if the user agent
> *defaults* to sha1 (regardless of whether or not it can support stronger
> hashes) you'll have triggered this scenario.

Seems like a good outcome if this type of misconfiguration is punished.

 - V

v2.23.0 | Report a Bug | By Email