IETF Logo Mail Archive

Re: [openpgp] Scoped trust (signatures)

Jon Callas <joncallas@icloud.com> Fri, 01 June 2018 07:11 UTC

Return-Path: <joncallas@icloud.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2C3F1270A3 for <openpgp@ietfa.amsl.com>; Fri, 1 Jun 2018 00:11:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.711
X-Spam-Level:
X-Spam-Status: No, score=-2.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mqbbDJVvXScv for <openpgp@ietfa.amsl.com>; Fri, 1 Jun 2018 00:11:36 -0700 (PDT)
Received: from st13p27im-asmtp003.me.com (st13p27im-asmtp003.me.com [17.162.190.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D40351270A0 for <openpgp@ietf.org>; Fri, 1 Jun 2018 00:11:36 -0700 (PDT)
Received: from process-dkim-sign-daemon.st13p27im-asmtp003.me.com by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 8.0.1.2.20170607 64bit (built Jun 7 2017)) id <0P9M00X00UCE1W00@st13p27im-asmtp003.me.com> for openpgp@ietf.org; Fri, 01 Jun 2018 07:11:35 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=04042017; t=1527837095; bh=99HyHahQZRjbxILbw5mtECbOOL7I/Jg2O7syCKt3q4g=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=oUlUfAiPgDLUtvJi+dwMcKXnlmb7E9Ren6PsoYaS6BC+E44hGSNs6ssrm228gIJ5p ZWpDkH+1cE7mhhbzqma34pgvmCkhbugjeIBDLijq+JYhVTAevtNBOQpK0/r2knKdpN uacBjuQbN9s36c+TH+Ee2OmnoTOpndqT08EHqMUdwp0+gwFaWOUz03Jg7f45tzDDzE dHJr2aHTbPGOpixS/VwBGUoEO0mYjareU6ayA9Hhb1b3b1I2NQwElPgxidT56g/MN5 QwnM0uZ15Uvijh6kx+tcqAmy4huvpxEH7pPqE41X7aOQEZMoX3k8ISD+ACypPxe96h t4O0eSRBUUNDg==
Received: from icloud.com ([127.0.0.1]) by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 8.0.1.2.20170607 64bit (built Jun 7 2017)) with ESMTPSA id <0P9M00LCAUN7M010@st13p27im-asmtp003.me.com>; Fri, 01 Jun 2018 07:11:34 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2018-06-01_05:,, signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1011 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1806010081
Content-type: text/plain; charset="utf-8"
MIME-version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Jon Callas <joncallas@icloud.com>
In-reply-to: <20180528070559.5cj2y7ebqzt7rplc@calamity>
Date: Fri, 01 Jun 2018 00:11:30 -0700
Cc: Jon Callas <joncallas@icloud.com>, "Neal H. Walfield" <neal@walfield.org>, openpgp@ietf.org, Leo Gaspard <ietf=40leo.gaspard.ninja@dmarc.ietf.org>
Content-transfer-encoding: quoted-printable
Message-id: <37E755B9-324E-4106-8889-40F2AEC96471@icloud.com>
References: <39e598e1-2bc0-32c9-3489-4bb6ca2a631b@leo.gaspard.ninja> <871sdw24yd.wl-neal@walfield.org> <AF956CFF-8FAF-4E0E-8103-01462721E8F0@icloud.com> <20180528070559.5cj2y7ebqzt7rplc@calamity>
To: Vincent Breitmoser <look@my.amazin.horse>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/MJ-MM-V1i0w7FgwmLfhydEOxEOI>
Subject: Re: [openpgp] Scoped trust (signatures)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jun 2018 07:11:38 -0000


> On May 28, 2018, at 12:06 AM, Vincent Breitmoser <look@my.amazin.horse> wrote:
> 
> I believe you've described the very problem with this approach here: A powerful
> and flexible mechanism leads to many inconsistencies between implementations,
> that's just unavoidable. For sieve scripts you might be fine with that, at worst
> some messages will go in the wrong folder once in a while. But are you really
> okay with same level of inconsistency in a trust model?

I think I’ve described the opposite.

The filtering model in Sieve is well-defined. There are differences in a GUI overlay because different communities value different shortcuts, and also put different viewpoints on the shortcuts. The Sieve scripts generated by any one of those disparate GUIs will execute the same way on another. Now I, the user, may have to create a collection of filters to do what I want because of what gets exposed to me in the GUI, but the resulting script will execute the same.

Let’s suppose Neal does what he wants — it’s just a list of domains. That’s a really easy thing for him to implement (perhaps, as I’ll reply to him next) but the regex that he generates will execute the same everywhere.

However, that’s not the real point I wanted to make. That point is that there’s a difference between being an implementer and the protocol. A good implementer makes decisions about things for their own vision, but a protocol designer has to make something that satisfies different visions. Moreover, the protocol inevitably is a compromise between differing visions. A standard is something that is a compromise, and as such is not any one person’s vision whatever it ends up with. And as we all know, a compromise is something where everyone is more or less equally unhappy with it, but not so unhappy that they walked away.

I haven’t told you what I’d do (and did) with any of this so far, but I’d be happy to later. Advice I give as an implementer is usually different than advice I give as a protocol designer. The standard as it exists is something that got the rough consensus of the working group, and that rough consensus is worthy of a little respect. Perhaps not too much, but certainly a little. The problem with making the protocol match one’s own opinions is that it’s effectively saying not only that what one thinks is right in some sense, but also that other people’s opinions are wrong and that no one else should do something different.

	Jon

v2.23.0 | Report a Bug | By Email