[openpgp] Signature and message semantics draft
Andrew Gallagher <andrewg@andrewg.com> Thu, 07 November 2024 23:48 UTC
Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7567AC1D874F for <openpgp@ietfa.amsl.com>; Thu, 7 Nov 2024 15:48:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xeOrr68M2fBF for <openpgp@ietfa.amsl.com>; Thu, 7 Nov 2024 15:48:15 -0800 (PST)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED162C1D5C4B for <openpgp@ietf.org>; Thu, 7 Nov 2024 15:48:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1731023291; bh=GtL3qdDsbUGbz3VZVAfS13VshzLvnHfyeiEPW8P6Tqg=; h=From:Subject:Date:To:From; b=UhrWdFIQbLEDGiiKFHVUnXbGvQBopnQHRps6khPHQQFQvg6/RxXzU8i15OED4Rz9m kzpaSQkhIW72HlQRoF9VyXbzki3eFVD51Hy0Az9uczQwaA9hZG0Ay3xpW0LMvztm3g 87DE5BBurRpYvYv2kEs3mRIgYGRDIuAwUALrWZyyldHI7cBD9JVsT5yc0GdUEYEDLA LlrVSO9UoXF8cxxGR4VhfgJ+wiKIQrd1dJr/k0eUtwN+kKpjwIirWWL6Ut0wZj9wIe VuYXcFa7HrxrGG3aoDq7lrwmllJpGWFBlX/HNKg6D5e9c/cTvMO/e4Wuyq/sJOQAS4 bf3ppdsizx5KQ==
Received: from smtpclient.apple (serenity [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id 615725E354 for <openpgp@ietf.org>; Thu, 7 Nov 2024 23:48:11 +0000 (UTC)
From: Andrew Gallagher <andrewg@andrewg.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_E0CB1AEB-8DDE-4A5B-A1D1-59B16F443C06"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.2\))
Message-Id: <AA26C985-0E62-4C4E-985C-E12903CE3D61@andrewg.com>
Date: Thu, 07 Nov 2024 23:47:55 +0000
To: "openpgp\\\\@ietf.org" <openpgp@ietf.org>
X-Mailer: Apple Mail (2.3731.700.6.1.2)
Message-ID-Hash: FLSSAPFSN7DEOLSNSLIRQJNXOJ34DUCD
X-Message-ID-Hash: FLSSAPFSN7DEOLSNSLIRQJNXOJ34DUCD
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Signature and message semantics draft
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/RIfuhWD7mh-MLfdODrS6PwvGvZI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hi, all. I’ve been gathering a collection of signature and message grammar problems over the past while, and have finally collated them into a single document: https://datatracker.ietf.org/doc/html/draft-gallagher-openpgp-signatures-00 I believe this work falls within the current WG charter, which states: > • Semantics: Define semantics of mechanisms provided by OpenPGP. > This includes, but is not limited to, defining validity of signatures, acceptance and placement of signature subpackets, as well as structure and meaning of certificates and messages. While it is nowhere near ready for adoption, and is not at the top of my priority list, I have published it for discussion purposes and as a reference. It is complementary to (and heavily references) dkg’s revocation and 1pa3pc drafts. It deprecates quite a few constructions that are currently valid under RFC9580, but which are *probably* not generally implemented. Comments and suggestions welcome :-) Now, back to the key replacement draft… Thanks, A
- [openpgp] Signature and message semantics draft Andrew Gallagher