Re: V5 key packet format requirements

Ben Laurie <ben@algroup.co.uk> Fri, 03 February 2006 13:04 UTC

Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1F50bo-0000bZ-Ga for openpgp-archive@megatron.ietf.org; Fri, 03 Feb 2006 08:04:16 -0500
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA22059 for <openpgp-archive@lists.ietf.org>; Fri, 3 Feb 2006 08:02:38 -0500 (EST)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13CpTco028121; Fri, 3 Feb 2006 04:51:29 -0800 (PST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id k13CpTRJ028120; Fri, 3 Feb 2006 04:51:29 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.links.org (mail.links.org [217.155.92.109]) by above.proper.com (8.12.11/8.12.9) with ESMTP id k13CpT8n028114 for <ietf-openpgp@imc.org>; Fri, 3 Feb 2006 04:51:29 -0800 (PST) (envelope-from ben@algroup.co.uk)
Received: from [193.133.15.218] (localhost [127.0.0.1]) by mail.links.org (Postfix) with ESMTP id 3DA4133C3F; Fri, 3 Feb 2006 12:51:28 +0000 (GMT)
Message-ID: <43E351D8.20308@algroup.co.uk>
Date: Fri, 03 Feb 2006 12:51:36 +0000
From: Ben Laurie <ben@algroup.co.uk>
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: Adam Back <adam@cypherspace.org>
CC: "Daniel A. Nagy" <nagydani@epointsystem.org>, OpenPGP <ietf-openpgp@imc.org>
Subject: Re: V5 key packet format requirements
References: <20060202160713.GB18144@epointsystem.org> <43E3443D.90609@algroup.co.uk> <20060203122526.GA21898@bitchcake.off.net>
In-Reply-To: <20060203122526.GA21898@bitchcake.off.net>
X-Enigmail-Version: 0.93.0.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

Adam Back wrote:
> On Fri, Feb 03, 2006 at 11:53:33AM +0000, Ben Laurie wrote:
> 
>>> 2. Scrap encrypted private keys. We already have a symmetrically
>>> encrypted container format with sufficient integrity protection, so
>>> there is no reason to maintain another one. Just put the
>>> unencrypted private key packet into that container, if you need
>>> encryption. This will reduce the number of things to worry about
>>> and make the security of OpenPGP easier to assess and maintain.
>> Yes, please!
> 
> What if you want different password on different keys?
> 
> (Think eg long term signing key vs short term signing key -- no point
> having separate signing keys unless have possibility to use different
> password.)

Eh? You can have 1 symmetric encrypted packet per key, they don't have
to share one.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff