[openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt

Daniel Huigens <d.huigens@protonmail.com> Fri, 01 November 2024 15:47 UTC

Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D59B6C15153C for <openpgp@ietfa.amsl.com>; Fri, 1 Nov 2024 08:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lcZ1YtFz5Urb for <openpgp@ietfa.amsl.com>; Fri, 1 Nov 2024 08:47:39 -0700 (PDT)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A9A9C14F706 for <openpgp@ietf.org>; Fri, 1 Nov 2024 08:47:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1730476057; x=1730735257; bh=Y6B9GCBD3rPfR5EYNrU+z6H+g2R17h/1wZMKG2FJGaU=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post; b=PxrbdwXbSS4azjURk0YzdSSOC/ihHc6ByRYAsqswqtbCq1nyAg5hk05rI8w551iP7 iuqJpebaOKMGrrUY/nNDIFct1D/1/1A3ROU4Ga7JfKcmB6NKB9p1tv5iM4yFZdQFRZ wiqtFNDlEn+joPpi+GcUM5hWFpYQy8l5yGMmYGSlemy1grgFSLyGmqtzqMAJUe8Evb Ku+xLOHv08NzUpPiVq1nzaP9Yx2DjoNhniTpwb1HeBLCcmSKROmu8BWORu8spoVN5e MY137X7mUr7IUR1kSSfzmEUGVnHwG180Fhn4grXvyzOJLsv8KO0vzpnpQ1c5ZTIgeD 7Iugc80TFvv8A==
Date: Fri, 01 Nov 2024 15:47:32 +0000
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <tTD49Q9CCd7cUJK2anZkb4NYq2JS5f4Krv0N3IwmyeYOl2sSotwa2uheNT4il9BzhQtx26q7Avlwufd5Zr09t0cOqa-x74MjNdrjNUE6f_o=@protonmail.com>
In-Reply-To: <F082F1E1-8779-45AA-897B-CDE8DDF95B40@andrewg.com>
References: <172954607466.2080527.11129941200377024335@dt-datatracker-78dc5ccf94-w8wgc> <B498EDD0-1FE4-405B-81AD-8E4854720B6F@andrewg.com> <F082F1E1-8779-45AA-897B-CDE8DDF95B40@andrewg.com>
Feedback-ID: 2934448:user:proton
X-Pm-Message-ID: 9b4cd896b52c0c17b53410f37ce59ad31c16d55f
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 3YKBLI6QQ6XKG6RDTHVQYKGWC427TVOM
X-Message-ID-Hash: 3YKBLI6QQ6XKG6RDTHVQYKGWC427TVOM
X-MailFrom: d.huigens@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "openpgp\\\\\\\\@ietf.org" <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/JSMU1TBGdo4wgjChFOCIpfb-RR0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

Hi Andrew,

Thanks for proposing text :)
IMHO, this guidance assumes a fairly low-level interface, asking the
user to manage individual TSKs, and so on.

I would like to get to a point where we offer the user a single button,
"refresh keys" (or similar), which is only displayed if the current keys'
algorithms are considered out of date, and which updates all private
keys in one go.

Whether this involves adding a subkey, or adding a primary key with a
key equivalence binding, should be relatively transparent for the user -
after all, the goal of this draft is to make that transparent for their
contacts, as well.

So I wouldn't ask users to mark one key as a replacement for another,
and so on; rather the implementation can decide whether a new primary
key is needed, and if so mark it as a replacement of the previous
primary key(s) automatically.

This roughly matches my proposal for sop in [1], but also makes for a
more intuitive and high-level UI, IMHO.

At the very least, I'd argue the guidance shouldn't preclude such a UI.

Best,
Daniel

[1]: https://gitlab.com/dkg/openpgp-stateless-cli/-/issues/99#note_2100646405


On Friday, November 1st, 2024 at 16:18, Andrew Gallagher wrote:

> Hi, all.
> 
> On 22 Oct 2024, at 15:08, Andrew Gallagher andrewg=40andrewg.com@dmarc.ietf.org wrote:
> 
> > * Do we need further UX guidance, and if so what should be included? [2]
> 
> 
> Please consider the following proposed text before next week’s meeting:
> 
> —
> 
> On creation of a new primary key, or on triggering an expert option, an implementation SHOULD:
> • If used interactively, ask the user whether this is a replacement key for an original key or keys
> • If a list of original keys is supplied (either interactively or via an expert option), obtain/refresh the corresponding certificates and make a selfsig over the new primary key with an inverse replacement key subpacket
> • If any of the original private keys are available, make a new selfsig on the corresponding certificate(s) with a forwards replacement key subpacket to create key equivalence bindings
> 
> On revocation of an existing primary key, or on triggering an expert option, an implementation SHOULD:
> • If used interactively, ask the user whether this key has a replacement key
> • If a replacement key is supplied (either interactively or via an expert option), obtain/refresh the corresponding certificate and add an inverse replacement key subpacket to the revocation sig over the original primary key
> • If the replacement private key is available, make a new selfsig on the corresponding certificate with a new or updated inverse replacement key subpacket, to create a key equivalence binding
> 
> On receipt of a new or updated certificate, an implementation SHOULD:
> • Check to see if it contains an unpaired replacement key subpacket that refers to any of the available private keys
> • Notify the user that a unidirectional reference exists
> • If used interactively, ask the user to confirm that they wish to complete the equivalence binding
> • If the user indicates (whether interactively or via an expert option) their acceptance of the equivalence binding, make a selfsig over the affected primary key(s) with the corresponding replacement key subpacket
> 
> —
> 
> A
> _______________________________________________
> openpgp mailing list -- openpgp@ietf.org
> To unsubscribe send an email to openpgp-leave@ietf.org