IETF Logo Mail Archive

Re: [openpgp] Call for adoption of draft-gallagher-openpgp-replacementkey

Heiko Schäfer <heiko.schaefer@posteo.de> Tue, 09 April 2024 12:30 UTC

Return-Path: <heiko.schaefer@posteo.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68C3EC14F695 for <openpgp@ietfa.amsl.com>; Tue, 9 Apr 2024 05:30:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.393
X-Spam-Level:
X-Spam-Status: No, score=-4.393 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=posteo.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LLJqPcWkJK5P for <openpgp@ietfa.amsl.com>; Tue, 9 Apr 2024 05:30:14 -0700 (PDT)
Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46D87C14F617 for <openpgp@ietf.org>; Tue, 9 Apr 2024 05:30:12 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id 8A1D1240028 for <openpgp@ietf.org>; Tue, 9 Apr 2024 14:30:10 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017; t=1712665810; bh=KXOIOHNS90IeaEYsjmxjl5I7K0fnZmJADH28YfXWCVA=; h=Content-Type:Message-ID:Date:MIME-Version:Subject:To:From:From; b=GfcNtwMdqeR3RsGhlm+9AhiWmYf52B6ZDlomUZPxYi9WitXFi7GxGNLFei8fxpMPW ieiq4xvX+/2wpmdRGBIeVS2HKd7S7SJCbPNRYW2pp6VeaRC6TnI61Ttvz6284C/b2D LXJF1HpOcCl5j5o746E/O/024XLdNioT5RwCofYMUQk13ueYw2WNZROSJzwsg1p8Cc uZpn+qPKl6nIRkDrKeBG4Fr6lhghbxyRGLrrOqItqQf0qU61/KR5KkksISHwJkZXR8 l2UYa9l94gDiY6ec9bPT6B0GTAt/7yPpOp2wpNwdx2BAxaL9rzzyF/cPipvXi6bic9 b9axPvBWVRWBQ==
Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4VDQJy1P7tz6tm8 for <openpgp@ietf.org>; Tue, 9 Apr 2024 14:30:10 +0200 (CEST)
Received: from services.foundation.hs (services.foundation.hs [192.168.21.4]) by mail.foundation.hs (Postfix) with ESMTP id BF09C4EA82 for <openpgp@ietf.org>; Tue, 9 Apr 2024 14:30:09 +0200 (CEST)
Content-Type: multipart/alternative; boundary="------------XRfATftCxRwNgJD0WgZDI58Y"
Message-ID: <719f35dd-3505-4fa6-9749-522881f49849@posteo.de>
Date: Tue, 09 Apr 2024 12:30:08 +0000
MIME-Version: 1.0
To: openpgp@ietf.org
References: <87o7anhybr.fsf@fifthhorseman.net>
Content-Language: en-US
From: Heiko Schäfer <heiko.schaefer@posteo.de>
In-Reply-To: <87o7anhybr.fsf@fifthhorseman.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/L8AVtSTJPYTFrVwESOKRkAT_yUg>
Subject: Re: [openpgp] Call for adoption of draft-gallagher-openpgp-replacementkey
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2024 12:30:18 -0000

Hello all,

On 4/6/24 07:09, Daniel Kahn Gillmor wrote:
> This draft describes a way to signal an OpenPGP replacement key without
> revoking the current key, which is intended to be a mechanism for
> adoption of new versions or algorithms that might otherwise be difficult
> to deploy:
>
>     https://datatracker.ietf.org/doc/draft-gallagher-openpgp-replacementkey/
>
> Andrew Gallagher wrote a good description of the motivation and
> mechanism in the draft here:
>
>     https://mailarchive.ietf.org/arch/msg/openpgp/FdKennEntF4ZaR_UO82m_fe_ea0
>
> Please review the draft and consider whether you support its adoption by
> the WG.  Please share any thoughts with the list to indicate support or
> opposition -- this is not a vote.

after a careful read of the draft, as well as reading the discussion in 
this thread, I believe the concept that this draft outlines addresses an 
unpleasant papercut in OpenPGP. I think the direction is reasonable, and 
the draft thus worth adopting.

My understanding of the problem this draft addresses is:

A mechanism that allows the software of an OpenPGP user to automatically 
obtain a new certificate (or multiple) that their correspondent suggests 
for consideration.
However, trust calculations (e.g. when using web of trust calculations) 
are handled as a separate issue by this draft (after some thought and 
discussion, this seems like a good approach to me).

I imagine Simon's concerns could be (at least in part?) addressed by an 
additional section in the draft that outlines guidance for what the WG 
considers good practice.
This might include that the key holder should ask their contacts to 
verify the new key and issue third party certifications for it. It might 
also include that the key holder should issue a delegation/trust 
signature for their new certificate, using their old key.

Heiko

v2.23.0 | Report a Bug | By Email