Re: [openpgp] V5 Fingerprint again
Thijs van Dijk <schnabbel@inurbanus.nl> Wed, 01 March 2017 19:41 UTC
Return-Path: <schnabbel@inurbanus.nl>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42DE1129895 for <openpgp@ietfa.amsl.com>; Wed, 1 Mar 2017 11:41:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.334
X-Spam-Level:
X-Spam-Status: No, score=-1.334 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=inurbanus.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frt-V8QLYU4a for <openpgp@ietfa.amsl.com>; Wed, 1 Mar 2017 11:41:47 -0800 (PST)
Received: from mail-ua0-x22d.google.com (mail-ua0-x22d.google.com [IPv6:2607:f8b0:400c:c08::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 448D91298AB for <openpgp@ietf.org>; Wed, 1 Mar 2017 11:41:46 -0800 (PST)
Received: by mail-ua0-x22d.google.com with SMTP id f54so51500964uaa.1 for <openpgp@ietf.org>; Wed, 01 Mar 2017 11:41:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inurbanus.nl; s=google-inurb; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fr/hQCnF+SAHQA+kb45TPo2z+z0blxCr4rimcgzHhFM=; b=uBaX5bn8OkOQIK/1NNN2yENqB66eI69o+Gn5BQSOHGhO7Tt2s0EFqJjv7dJNMtUt9s gU0eYEcFPK5EQFcRlnBU7+lk9TPkxcBulXYvDwopEEx5Nw3N9akULBTXAP+DO9zObEMW k07BlM9KNZu+JqBV3s0iDPFi7IGlijna6EApk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fr/hQCnF+SAHQA+kb45TPo2z+z0blxCr4rimcgzHhFM=; b=mCK3PzZGLcfrHbBKdGSDHpPrqnbSnx+tvoWv4EHrAB3+6IP7S0aIK9kgCLCVJceChO 5uRnIWWi1Gq0Hs7Cy9M0rua5E0STm55+9GLCiGLJX5wCQ/ONwBsj1eQ1CoxQrh5xnqhD eY4Z48SeEVgSXF0uwH5wfNdFpMNU6eIU/yELb0F4hwEYhTSRjGNOTq2SQNjZG9FvtyLX 4QAr87jHXFM+KeELovIEHaUuIgsV3WC/0ZbSFSFVInnhGZMSjErWdnAkL/nTA+KAHC1V MKlVEbqyAYEc/BZUX9idkcmetKGug/eCT0CtvVF6HhbZM/A7XU0rCwqHwvddARRak9LI uqpQ==
X-Gm-Message-State: AMke39mLADP/7X7GijErjrVq4tMK29G/cwKsFZHd/P1ciLx+dYil3F32+QCtNZjn2fEXiPHB57SrbMvxrzy53g==
X-Received: by 10.176.22.136 with SMTP id e8mr4258465uaf.154.1488397305985; Wed, 01 Mar 2017 11:41:45 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.102.3 with HTTP; Wed, 1 Mar 2017 11:41:45 -0800 (PST)
In-Reply-To: <CAMm+Lwju5i5xHt=ma6Ush4_4dfZNwOi2=2km+6Qja+sDbkvbxg@mail.gmail.com>
References: <CAMm+Lwju5i5xHt=ma6Ush4_4dfZNwOi2=2km+6Qja+sDbkvbxg@mail.gmail.com>
From: Thijs van Dijk <schnabbel@inurbanus.nl>
Date: Wed, 01 Mar 2017 20:41:45 +0100
Message-ID: <CADGaDpFoBt1=eZHxo4q=Yb24NYyy1sudFn_h=MTZE3_wiRVXJw@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: multipart/alternative; boundary="f403045f88f2b553d10549b080e6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/RQhEx-roUVFpCaasjRsDhUR1Kvc>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] V5 Fingerprint again
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Mar 2017 19:41:49 -0000
> > Given the SHA-1 break, Could we return to the V5 fingerprint discussion? > > The issue we are seeing the the SHA-1 break is that a LOT of software is > based on the assumption that SHA-1 is unique. And this is causing software > to crash in real world applications. > Thanks for reviving this discussion. While as I previously stated your proposal for the new fingerprint format still looks good to me, I don't agree that this newest break against SHA-1 is grounds for alarm. Note, software does not require a hash break to crash, it's perfectly capable of doing that even if the hash algorithm is sound. I remember a story of some app crashing because someone reused the key material from the primary key as a subkey packet, so the subkey and primary would have shared their fingerprint regardless of the hash used. This is just something apps will have to deal with no matter what; the only thing that's different from a few days ago is that bugs like this may just have become a lot easier to reproduce. Until I see evidence to the contrary, I'm going to assume the sky is not falling. Not this week. However, there certainly are some interesting avenues of investigation in light of this recent discovery: 1) Should we deprecate SHA1 in signatures? (Or did we already?) 2) How does SKS handle disambiguation? If I submit different keys with matching fingerprints at different endpoints in the sync network, how will those keys propagate to the other nodes? 3) Does GnuPG have any way to disambiguate? Do the different automatable interfaces expose this capability? I'd say question 1 is the most pressing of the tree, and it's also the one question we could answer at the standards level. If we manage to make a decision on that, we're definitly on the right track w.r.t. letting go of SHA1. (Hint: the answer should be "yes.") -Thijs
- [openpgp] V5 Fingerprint again Phillip Hallam-Baker
- Re: [openpgp] V5 Fingerprint again KellerFuchs
- Re: [openpgp] V5 Fingerprint again Thijs van Dijk
- Re: [openpgp] V5 Fingerprint again Thijs van Dijk
- Re: [openpgp] V5 Fingerprint again Werner Koch
- Re: [openpgp] V5 Fingerprint again Werner Koch
- Re: [openpgp] V5 Fingerprint again Robert J. Hansen
- Re: [openpgp] V5 Fingerprint again Leo Gaspard
- Re: [openpgp] V5 Fingerprint again Derek Atkins
- Re: [openpgp] V5 Fingerprint again Werner Koch
- Re: [openpgp] V5 Fingerprint again Thijs van Dijk
- Re: [openpgp] V5 Fingerprint again Leo Gaspard
- Re: [openpgp] V5 Fingerprint again Vincent Breitmoser
- Re: [openpgp] V5 Fingerprint again Thijs van Dijk
- Re: [openpgp] V5 Fingerprint again Vincent Breitmoser
- Re: [openpgp] V5 Fingerprint again KellerFuchs