[openpgp] v5 fingerprints and public keys

Ángel <angel@16bits.net> Sun, 02 May 2021 22:20 UTC

Return-Path: <angel@16bits.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 878823A0E62 for <openpgp@ietfa.amsl.com>; Sun, 2 May 2021 15:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Ah01TZxxhXv for <openpgp@ietfa.amsl.com>; Sun, 2 May 2021 15:20:11 -0700 (PDT)
Received: from mail.direccionemail.com (mail.direccionemail.com [199.195.249.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4B653A0E61 for <openpgp@ietf.org>; Sun, 2 May 2021 15:20:11 -0700 (PDT)
Message-ID: <48632bd5e0a602563870d4811062961f35e11956.camel@16bits.net>
From: =?ISO-8859-1?Q?=C1ngel?= <angel@16bits.net>
To: openpgp@ietf.org
Date: Mon, 03 May 2021 00:20:07 +0200
Content-Type: text/plain; charset="ISO-8859-15"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/QJigoyHG-rAnQMdOYVDGFuZgymE>
Subject: [openpgp] v5 fingerprints and public keys
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 May 2021 22:20:17 -0000

Some comments reviewing the recent v5 commits.

Note 0ffeeaad535232a0976a3e52ba3290df941aa47d leaked some text related
to the future AEAD string-to-key ("4 optional fields", "AEAD tag", "254
or 253"...). I'm only removing them for being unspecified in the
current document.

Best,

Ángel


diff --git a/crypto-refresh.md b/crypto-refresh.md
index 087f29f..c4e36a7 100644
--- a/crypto-refresh.md
+++ b/crypto-refresh.md
@@ -414,7 +414,7 @@ It may be ill-formed in its ciphertext.
 
 A Key ID is an eight-octet scalar that identifies a key.
 Implementations SHOULD NOT assume that Key IDs are unique.
-{{enhanced-key-formats}} describes how Key IDs are formed.
+{{key-ids-and-fingerprints}} describes how Key IDs are formed.
 
 ## Text
 
@@ -1140,7 +1140,8 @@ MUST be present in the hashed area.
 (8-octet Key ID)
 
 The OpenPGP Key ID of the key issuing the signature.
-If the version of that key is greater than 4, this subpacket MUST NOT be included in the signature.
+This subpacket MUST NOT be included in the signature if the version of that key is greater than 4.
+If the superior Issuer Fingerprint subpacket is also present, their contents MUST match (Issuer would contain the low
 64 bits of the value stored in full in the Issuer Fingerprint).
 
 #### Key Expiration Time
 
@@ -1480,7 +1481,7 @@ It is useful when one signature needs to refer to, or be incorporated in, anothe
 
 The OpenPGP Key fingerprint of the key issuing the signature.
 This subpacket SHOULD be included in all signatures.
-If the version of the issuing key is 4 and an Issuer subpacket is also included in the signature, the key ID of the I
ssuer subpacket MUST match the low 64 bits of the fingerprint.
+If an Issuer subpacket is also included in the signature (only possible for keys earlier than version 5), the content
s of the Issuer subpacket MUST match those of the Issuer Fingerprint.
 
 Note that the length N of the fingerprint for a version 4 key is 20 octets; for a version 5 key N is 32.
 
@@ -1708,8 +1709,8 @@ A version 4 packet contains:
   This is algorithm-specific and described in {{algorithm-specific-parts-of-keys}}.
 
 The version 5 format is similar to the version 4 format except for the addition of a count for the key material.
-This count helps parsing secret key packets (which are an extension of the public key packet format) in the case of a
n unknown algoritm.
-In addition, fingerprints of version 5 keys are calculated differently from version 4 keys, as described in the secti
on "Enhanced Key Formats".
+This count helps parsing secret key packets (which are an extension of the public key packet format) in the case of a
n unknown algorithm.
+In addition, fingerprints of version 5 keys are calculated differently from version 4 keys, as described in {{enhance
d-key-formats}}, "Enhanced Key Formats".
 
 A version 5 packet contains:
 
@@ -1738,7 +1739,7 @@ The packet contains:
   Any other value is a symmetric-key encryption algorithm identifier.
   A version 5 packet MUST NOT use the value 255.
 
-- Only for a version 5 packet, a one-octet scalar octet count of the next 4 optional fields.
+- Only for a version 5 packet, a one-octet scalar octet count of the next 3 optional fields.
 
 - \[Optional\] If string-to-key usage octet was 255 or 254, a one-octet symmetric encryption algorithm.
 
@@ -1748,7 +1749,7 @@ The packet contains:
 - \[Optional\] If secret data is encrypted (string-to-key usage octet not zero), an Initial Vector (IV) of the same l
ength as the cipher's block size.
 
 - Only for a version 5 packet, a four-octet scalar octet count for the following secret key material.
-  This includes the encrypted SHA-1 hash or AEAD tag if the string-to-key usage octet is 254 or 253.
+  This includes the encrypted SHA-1 hash if the string-to-key usage octet is 254.
 
 - Plain or encrypted multiprecision integers comprising the secret key data.
   This is algorithm-specific and described in section {{algorithm-specific-parts-of-keys}}.