Re: [openpgp] OpenPGP Web Key Directory I-D

Ian Jackson <ijackson@chiark.greenend.org.uk> Fri, 09 November 2018 10:50 UTC

Return-Path: <ijackson@chiark.greenend.org.uk>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 787E01277D2 for <openpgp@ietfa.amsl.com>; Fri, 9 Nov 2018 02:50:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1ORg4sBo-Dh for <openpgp@ietfa.amsl.com>; Fri, 9 Nov 2018 02:50:32 -0800 (PST)
Received: from chiark.greenend.org.uk (v6.chiark.greenend.org.uk [IPv6:2001:ba8:1e3::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF00F130DD0 for <openpgp@ietf.org>; Fri, 9 Nov 2018 02:50:31 -0800 (PST)
Received: by chiark.greenend.org.uk (Debian Exim 4.84_2 #1) with local (return-path ijackson@chiark.greenend.org.uk) id 1gL4Mw-0007sm-1y; Fri, 09 Nov 2018 10:50:30 +0000
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23525.26229.995360.750323@chiark.greenend.org.uk>
Date: Fri, 9 Nov 2018 10:50:29 +0000
To: Werner Koch <wk@gnupg.org>
Cc: openpgp@ietf.org
In-Reply-To: <874lcsyr3p.fsf@wheatstone.g10code.de>
References: <23523.16831.292658.490356@chiark.greenend.org.uk> <874lcsyr3p.fsf@wheatstone.g10code.de>
X-Mailer: VM 8.2.0b under 24.4.1 (i586-pc-linux-gnu)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/JnwS82FeCqh7Ia_P5CkY_FauLAU>
Subject: Re: [openpgp] OpenPGP Web Key Directory I-D
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2018 10:50:35 -0000

Werner Koch writes ("Re: OpenPGP Web Key Directory I-D"):
> On Wed,  7 Nov 2018 20:49, ijackson@chiark.greenend.org.uk said:
> > Suggested modification: Replace this part of the URL with the
> > URL-encoded email address.
> 
> Nope: That breaks existing implementations and would not allow to serve
> the data from static files.

It certainly would allow serving the data from static files.  If you
wanted case-insensitivity and can't configure your webserver to smash
the case, then then in practice you could make three files.

Overall, I described this protocol to Simon Tatham (author of PuTTY)
in the pub last night and he spluttered into his cider and said "is it
April the 1st in a different timezone?"

> > III. Normative status of this document
> 
> |   Internet-Drafts are draft documents valid for a maximum of six months
> |   and may be updated, replaced, or obsoleted by other documents at any
> |   time.  It is inappropriate to use Internet-Drafts as reference
> |   material or to cite them other than as "work in progress."
> 
> OTOH, it is a standard practise that RFCs are based on existing
> implementations and we have that implemented in in GnUPG 2.1.12 (May
> 2016) and thus for example also in Debian Stretch

I don't think most of the Debian folks realise they are participating
in a protocol design experiment.

Since you are still in the protocol design phase, you would no doubt
welcome implementation and deployment of an alternative simpler
protocol ?

Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>;   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.