IETF Logo Mail Archive

[openpgp] Re: openpgpkey policy for HKP [was: V4 signature salt notation name]

Andrew Gallagher <andrewg@andrewg.com> Mon, 24 June 2024 15:14 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FE50C14F70B for <openpgp@ietfa.amsl.com>; Mon, 24 Jun 2024 08:14:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgHtGFinqoxV for <openpgp@ietfa.amsl.com>; Mon, 24 Jun 2024 08:14:27 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 300ECC14F6B5 for <openpgp@ietf.org>; Mon, 24 Jun 2024 08:14:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1719242063; bh=riq7d1wiHIcKO6N7RCyWFS8cVUHpxojZRk1EELW7lhs=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=I5oSS/7Y5EIOvmTrrVkAPaM6OXw0eiPYLcb3AeNdj7j+VhiL/8bSneJE7E+x36FBx DfDLZaluYyj37x5wyZIGfjMCbsDAO7+DQpjGZKJJ2fBKiO1enLHgu95/HM4vGVkibp TwJk0WMSoVlyvffukj3BUhkzzYRz+DQBB9xZkqbWL0UvG8hNq4S33q7esNaasPsYnX woPKQfMlQGQhNyxmUN8K68+lRZJ1UYEPFVMOs7kt2EgDmoZ9xlKnZBh6ABs5kIIJy4 rJqanglGX+Hz051aF93MNazlZTcwG5oFoRCURBFjDGF3d1jl6JPP+SeM079SoaHcKu vXozW6Wno4Evg==
Received: from smtpclient.apple (serenity [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id 92F5A5DF55; Mon, 24 Jun 2024 15:14:23 +0000 (UTC)
Content-Type: multipart/signed; boundary="Apple-Mail=_E2687EAE-48AD-43C9-8835-51E720B2BEA0"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Andrew Gallagher <andrewg@andrewg.com>
In-Reply-To: <ZDkG9Sa3McHFmSVEUkEy99PUBLGqLzN733VxkLkuZWXr4IPz4NdWno1RDkbVcWe6vyq4rMXy_rtbCuOvkHd6L9Yg2ur7mfxG7YLeWd86Bqo=@protonmail.com>
Date: Mon, 24 Jun 2024 16:14:08 +0100
Message-Id: <1507BF45-F42A-4646-81D5-AAC87D5A0F3F@andrewg.com>
References: <CazQq0NNll4PVSx6qHx_vJvNDtBWhiHTm3dHM3EChdfgEUjuoMql4doA1RkP6l9W1eWq1sX07mYoQFamwZiEZUzcYB9u9qAVjMIbhOZSgcI=@protonmail.com> <A4CDC5F0-7F51-4155-8C9B-8625DDE41916@andrewg.com> <ZDkG9Sa3McHFmSVEUkEy99PUBLGqLzN733VxkLkuZWXr4IPz4NdWno1RDkbVcWe6vyq4rMXy_rtbCuOvkHd6L9Yg2ur7mfxG7YLeWd86Bqo=@protonmail.com>
To: Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
Message-ID-Hash: MMS4O5KHO5WKCVXUKUVVJMUUMITMD7LQ
X-Message-ID-Hash: MMS4O5KHO5WKCVXUKUVVJMUUMITMD7LQ
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF OpenPGP WG <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [openpgp] Re: openpgpkey policy for HKP [was: V4 signature salt notation name]
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/JS5OUlJaDmKg4BtSdDTxu-9XZLk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

On 24 Jun 2024, at 15:23, Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org> wrote:
> 
> On Monday, June 24th, 2024 at 15:11, Andrew Gallagher wrote:
>> Sure, but then in the worst case a client would have to make two extra requests on top of the two (or four!) required by WKD. Would this be acceptable?
> 
> I would propose that if we create a new URL we only create one,
> in the style of the "advanced" lookup method, rather than two.
> That way, we don't increase the number of required requests much.

That seems reasonable, since the direct method is only there for legacy compatibility anyway. Would everyone else be happy with this?

> That being said, I'm also not sure if the breakage I mentioned
> warrants working around this. If it only affects Proton, we can
> just implement the new draft, of course.

The other advantage of specifying a different URL is that we completely avoid any risk of specification clash with future WKD drafts.

A

v2.35.0 | Report a Bug | By Email | System Status