IETF Logo Mail Archive

Re: [openpgp] Non-SHA-1 fingerprints in signatures [was: Proposal for a separable ring signature scheme...]

Jon Callas <jon@callas.org> Fri, 14 March 2014 16:40 UTC

Return-Path: <jon@callas.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 352161A016F for <openpgp@ietfa.amsl.com>; Fri, 14 Mar 2014 09:40:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Frrgi2abr7Al for <openpgp@ietfa.amsl.com>; Fri, 14 Mar 2014 09:40:37 -0700 (PDT)
Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id B93BC1A0190 for <openpgp@ietf.org>; Fri, 14 Mar 2014 09:40:36 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id 79E1E4F334F2; Fri, 14 Mar 2014 09:40:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at merrymeet.com
Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xlnt8c6Y05qN; Fri, 14 Mar 2014 09:40:28 -0700 (PDT)
Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id 103594F334E6; Fri, 14 Mar 2014 09:40:27 -0700 (PDT)
Received: from [10.0.23.30] ([173.164.244.98]) by keys.merrymeet.com (PGP Universal service); Fri, 14 Mar 2014 09:40:28 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Fri, 14 Mar 2014 09:40:28 -0700
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Jon Callas <jon@callas.org>
In-Reply-To: <20140314142447.GA6744@straylight.m.ringlet.net>
Date: Fri, 14 Mar 2014 09:40:28 -0700
Message-Id: <734B3AC5-150D-4E34-8FE2-F3FFAB468D3A@callas.org>
References: <80674820640dbeb5ae81f81c67d87541@smtp.hushmail.com> <23C2DE82-93B7-48A6-95A6-14B4F5DD1F42@callas.org> <3e9143bf60d2252a67149eb4b984bcdb@smtp.hushmail.com> <532268E5.8090001@fifthhorseman.net> <1e053aff143a868d303cb483949bcd31@smtp.hushmail.com> <20140314142447.GA6744@straylight.m.ringlet.net>
To: Peter Pentchev <roam@ringlet.net>
X-Mailer: Apple Mail (2.1874)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/MsE0807yqaLvTtWIEsTzcAMIzGs
Cc: "openpgp@ietf.org OpenPGP" <openpgp@ietf.org>
Subject: Re: [openpgp] Non-SHA-1 fingerprints in signatures [was: Proposal for a separable ring signature scheme...]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Mar 2014 16:40:39 -0000

On Mar 14, 2014, at 7:24 AM, Peter Pentchev <roam@ringlet.net> wrote:

> 
> Hm, how exactly would this deal with the existence of multiple signing
> subkeys, all associated with the same master public key?  Your current
> proposal explicitly allows for that, using the key IDs; I guess there
> might be a need to include *both* the fingerprint of the master key
> *and* some kind of identification of the subkey actually used for
> signing.

Well, today, the KeyID is exactly that -- the identifier for a key. You have to backtrack from the signing key to its owner in your key database. There's nothing to stop me from using the same signing key in multiple masters. Despite any distress that may give, it can't be stopped, so we might as well embrace it.

	Jon

v2.23.0 | Report a Bug | By Email