Re: [openpgp] Keyholder-configurable fingerprint schemes?
"brian m. carlson" <sandals@crustytoothpaste.net> Tue, 10 November 2015 02:19 UTC
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 485D21B2DB6 for <openpgp@ietfa.amsl.com>; Mon, 9 Nov 2015 18:19:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.411
X-Spam-Level:
X-Spam-Status: No, score=-1.411 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_12=0.6, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3RIQyWIIkDop for <openpgp@ietfa.amsl.com>; Mon, 9 Nov 2015 18:19:50 -0800 (PST)
Received: from castro.crustytoothpaste.net (castro.crustytoothpaste.net [173.11.243.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B2A11B2D71 for <openpgp@ietf.org>; Mon, 9 Nov 2015 18:19:50 -0800 (PST)
Received: from vauxhall.crustytoothpaste.net (unknown [IPv6:2001:470:1f05:79:f2de:f1ff:feb8:36fd]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id D64F328094 for <openpgp@ietf.org>; Tue, 10 Nov 2015 02:19:48 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1447121989; bh=OtQyKDN9vgE3DqZZWFXhR9WzcOvV9hjLO701yBnxwsI=; h=Date:From:To:Subject:References:In-Reply-To:From; b=EEd1ARuSSEx0Vk5e9pu7Mpwx7tUzcIRGcBFbJACvh36Gp9Jnq1T1fgUKRkfv6s0Cs Lp8OeSffAWRxuW7b+9UQ2VY3cMu0JYCrPTmbcNkEjcDklEh2YB+eHn70S+HjNcY4W9 bSBkTexSzvsaBBcPeWCnY9p+Xgry/67DpvQ+/fgBkrlz2Tf+TKnMC7qoniBj79UMJX X87wrrIqYKppmBHAQ77TERmOIzhgroPHwL7GHGEH0zU6D7sV1E2OEvXQald8lyJJEH w35HjUc7uct0k4yJt4iVIaoHHKQIA3vnW2WWgtpeTV7VfqyyaJM0jIsGSnSbKG+YzN 7J3NZ/dEHc4c3ndP84kpS/1v0GxRj5orhyVN2Ngmf5Pzg1Ic7WZZMgR700pA8Jxr72 3HhTi+ZsfH+PQycx88QzDJ/eA+ZKDaarLAax2VRyZteAkE4eXGfzAWPgYBhmzCstDx O1yNAWTRzxeke45GTbCtgKFrVr8VQf5XKLlBhKKyTj4Nss6vzfV
Date: Tue, 10 Nov 2015 02:19:43 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20151110021943.GH3896@vauxhall.crustytoothpaste.net>
References: <43986BDA-010F-4DBF-8989-53E71B74E66A@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="fU0UwhtRbpo05rnG"
Content-Disposition: inline
In-Reply-To: <43986BDA-010F-4DBF-8989-53E71B74E66A@gmail.com>
X-Machine: Running on vauxhall using GNU/Linux on x86_64 (Linux kernel 4.2.0-1-amd64)
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/Ri5VE-HP-yAFjsrmQnqkooNWSYw>
Subject: Re: [openpgp] Keyholder-configurable fingerprint schemes?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2015 02:19:51 -0000
On Sat, Nov 07, 2015 at 12:31:43PM +0900, Bryan Ford wrote: > This approach to fingerprint generation has the slightly-odd > (certainly unconventional) property that a single public/private > keypair does not have only one possible, deterministically-computed > fingerprint (i.e., a hash of the public key), but rather may in > principle have many different possible fingerprints (parameterized by > the PoW and the salt that will inevitably be required in that PoW). > This might seem to violate the “fingerprint consistency” property that > was discussed at the meeting. However, as summarized above, my > perception is that the main fingerprint consistency concern is that we > do not want to subject users to multiple different fingerprints *for a > single key*. In Christian’s scheme, while any key could “in > principle” have many different fingerprints, as long as the user > generating the key (or the user’s OpenPGP implementation) picks one > particular fingerprint and binds that fingerprint to the key in a > fully verifiable fashion as part of the self-signed public-key record, > the fact that fingerprint-generation is parameterized creates no > user-perceivable fingerprint-consistency issue that I can discern. I think not having a single unique fingerprint is in general a bad idea. Earlier discussion on the list reflected wanting to remove creation timestamps so we had a fingerprint that was consistent and represented the actual key bits uniquely. Using a parameterized proof-of-work scheme defeats that goal. Furthermore, one of the benefits of elliptic curve algorithms is the tiny keys. You could theoretically send an entire EC public key in a QR code and still get the same fingerprint on both sides. Including a proof-of-work makes that impossible. Finally, there's been a lot of discussion about simplifying the standard. This doesn't seem like a move in that direction. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
- [openpgp] Keyholder-configurable fingerprint sche… Bryan Ford
- Re: [openpgp] Keyholder-configurable fingerprint … ianG
- Re: [openpgp] Keyholder-configurable fingerprint … ianG
- Re: [openpgp] Keyholder-configurable fingerprint … brian m. carlson
- [openpgp] Fingerprint schemes versus what to fing… Bryan Ford
- Re: [openpgp] Fingerprint schemes versus what to … Werner Koch
- Re: [openpgp] Fingerprint schemes versus what to … Peter Gutmann
- Re: [openpgp] Fingerprint schemes versus what to … Werner Koch
- Re: [openpgp] Fingerprint schemes versus what to … Bryan Ford
- Re: [openpgp] Fingerprint schemes versus what to … Werner Koch
- Re: [openpgp] Fingerprint schemes versus what to … Bryan Ford
- Re: [openpgp] Fingerprint schemes versus what to … Bill Frantz
- Re: [openpgp] Fingerprint schemes versus what to … Derek Atkins
- Re: [openpgp] Fingerprint schemes versus what to … Peter Gutmann
- Re: [openpgp] Fingerprint schemes versus what to … Derek Atkins
- Re: [openpgp] [FORGED] RE: Fingerprint schemes ve… Peter Gutmann
- Re: [openpgp] [FORGED] RE: Fingerprint schemes ve… Derek Atkins
- Re: [openpgp] [FORGED] RE: [FORGED] RE: Fingerpri… Peter Gutmann
- Re: [openpgp] Fingerprint schemes versus what to … Derek Atkins
- Re: [openpgp] [FORGED] RE: Fingerprint schemes ve… Peter Gutmann
- Re: [openpgp] Fingerprint schemes versus what to … Derek Atkins
- Re: [openpgp] [FORGED] RE: Fingerprint schemes ve… Mark D. Baushke
- Re: [openpgp] Fingerprint schemes versus what to … Werner Koch
- Re: [openpgp] [FORGED] RE: Fingerprint schemes ve… Werner Koch