[openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt

Andrew Gallagher <andrewg@andrewg.com> Fri, 01 November 2024 21:52 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55536C1516E9 for <openpgp@ietfa.amsl.com>; Fri, 1 Nov 2024 14:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ot-mmFtxODD6 for <openpgp@ietfa.amsl.com>; Fri, 1 Nov 2024 14:52:42 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BD87C14F686 for <openpgp@ietf.org>; Fri, 1 Nov 2024 14:52:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1730497959; bh=1rYIehJG4LsUnBx3rBMlGDxohJVyIRDH2KKRWYTmtHY=; h=Subject:From:In-Reply-To:Cc:Date:References:To:From; b=FJeGhV2OI9RpCUJexOmIkvP/PErHJ8EMx4TkHJzyM6UPSyR8xYQb+W4S3iczfV/Jl fgRzBxcdd+flAcJd6IY1CK+yHQ6lPimUS80XBdhXA8cJbI7UYTl6tJWuF4kAVMYvWr apgTPwLpuzuPkelwpWRImoFtR9i2NRM98r0YIgUVr0zCFbp9p/g/egdi19wS9TeJj+ jMHuhpLMoQNikhMtrzag318pytI9dHWp1CsWdMs+3gx9OD3spzZSIgixS2Og5k7mfD IWpE+ZkdGxnXXuByPhUSeLTs09v9Ov8l7rNd8ffroEWHCy+ZM51xfxuhCMfEpjwPTC pRFahEOfLX0+A==
Received: from smtpclient.apple (unknown [176.61.115.103]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id 42AC35ED3B; Fri, 1 Nov 2024 21:52:39 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (1.0)
From: Andrew Gallagher <andrewg@andrewg.com>
In-Reply-To: <d3d5e59e-2ddb-4b4d-867e-b8a7f1df203c@posteo.de>
Date: Fri, 01 Nov 2024 21:52:27 +0000
Message-Id: <B20FD242-AD3D-4A30-86F4-8AA8A9157DC8@andrewg.com>
References: <d3d5e59e-2ddb-4b4d-867e-b8a7f1df203c@posteo.de>
To: Heiko Schäfer <heiko.schaefer@posteo.de>
X-Mailer: iPhone Mail (21G93)
Message-ID-Hash: 3QJJNLEDSM6RPAN6AEZVOTE5CA245H5G
X-Message-ID-Hash: 3QJJNLEDSM6RPAN6AEZVOTE5CA245H5G
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: openpgp@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/KJEpumqciNx3hb2fEAcoqcsikWw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

On 1 Nov 2024, at 19:22, Heiko Schäfer <heiko.schaefer@posteo.de> wrote:
> 
>  Hey Andrew, list,

Hey Heiko :-)

> I think it's very useful to specify a format for replacement, and to finalize it sooner rather than later

I said at the interim that I hoped to get the spec finalised by the end of the year, and if we can avoid scope creep I think this target is still realistic… just!

> I'd want to always see the Fingerprint included. Fingerprints are, after all, currently commonly used for keyserver lookup.
> A replacement key format that requires reworking keyserver APIs before it can be used to obtain certificates over the network seems unreasonably aspirational to me.

I agree. I have included an optional fingerprint field at the request of the interim meeting, however I am personally very wary of this option, for the reasons you have outlined.

> FWIW, I'm not convinced that including the imprint adds value that justifies the complexity it brings.


I’m sympathetic to this position. The imprint is included to bring the cryptographic strength up to the same level as an sbind or certification, but defends more against a theoretical concern than a practical one. So long as it is used as a supplement for a fingerprint and not a replacement, I can live with that.

That said, I’d really like to hear from other implementers about whether they think the added code burden is reasonable. 

A