Re: [openpgp] Issuer Fingerprint
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 14 June 2016 16:29 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3C5D12D80F for <openpgp@ietfa.amsl.com>; Tue, 14 Jun 2016 09:29:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1CWNoJXz8Ako for <openpgp@ietfa.amsl.com>; Tue, 14 Jun 2016 09:29:37 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 6F25312D80B for <openpgp@ietf.org>; Tue, 14 Jun 2016 09:29:37 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id D8FE4F98B; Tue, 14 Jun 2016 12:29:35 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 292F222AFF; Tue, 14 Jun 2016 12:29:35 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Werner Koch <wk@gnupg.org>, openpgp@ietf.org
In-Reply-To: <87mvmp5rmi.fsf@wheatstone.g10code.de>
References: <87mvmp5rmi.fsf@wheatstone.g10code.de>
User-Agent: Notmuch/0.22+69~gd812194 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Tue, 14 Jun 2016 12:29:35 -0400
Message-ID: <87y46720pc.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/M790eX5t-NLNgukTsVbEzeNmnws>
Subject: Re: [openpgp] Issuer Fingerprint
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jun 2016 16:29:39 -0000
Hi there-- On Mon 2016-06-13 06:07:33 -0400, Werner Koch wrote: > --8<---------------cut here---------------start------------->8--- > @@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification > 30 Features > 31 Signature Target > 32 Embedded Signature > + 33 Issuer Fingerprint > 100 to 110 Private or experimental > > An implementation SHOULD ignore any subpacket of a type that it does > @@ -1615,6 +1616,16 @@ #### {5.2.3.26} Embedded Signature > in Section 5.2 above. It is useful when one signature needs to refer > to, or be incorporated in, another signature. > > +#### Issuer Fingerprint > + > +(1 octet key version number, N octets of fingerprint) > + > +The OpenPGP Key fingerprint of the key issuing the signature. The > +only possible key version number is 4 and thus N must be 20. This > +subpacket is intended to eventually replace the issuer subpacket which > +does not not unambiguously specify the key. It SHOULD be part of all > +signatures. > + > ### {5.2.4} Computing Signatures > > All signatures are formed by producing a hash over the signature data, > --8<---------------cut here---------------end--------------->8--- I like this proposal. I wonder if there should be some text about its interaction with the Issuer subpacket beyond "is intended to eventually replace" ? something like "If an Issuer subpacket is included in the same packet as an Issuer Fingerprint subpacket, the Issuer Fingerprint subpacket MUST be version 4, and the Issuer subpacket MUST be the low 64 bits of the fingerprint. If the Issuer Fingerprint subpacket version is greater than 4, there MUST NOT be an Issuer subpacket included in the same packet." --dkg
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Peter Gutmann
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Daniel Kahn Gillmor
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Joseph Lorenzo Hall
- Re: [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint Vincent Breitmoser
- [openpgp] Issuer Fingerprint Werner Koch
- Re: [openpgp] Issuer Fingerprint (issue#3) Werner Koch
- Re: [openpgp] Issuer Fingerprint (issue#3) Werner Koch