IETF Logo Mail Archive

Re: [openpgp] Weird OIDs in the 4880bis draft

Werner Koch <wk@gnupg.org> Fri, 10 February 2023 08:54 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD2BFC14CEE5 for <openpgp@ietfa.amsl.com>; Fri, 10 Feb 2023 00:54:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rCpabjFo_YzI for <openpgp@ietfa.amsl.com>; Fri, 10 Feb 2023 00:54:12 -0800 (PST)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0AABC14EB17 for <openpgp@ietf.org>; Fri, 10 Feb 2023 00:54:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=aICw4uT7EUaug6SGJy30IiopparVJh0SlkvlolHn0t0=; b=jIFhmrDGIy0Ap2zuogKW8OJUXc iXb97K1fw93Rjxkrt0vC/1AKHcNYDLJBM+/fDRi7vpucu5XgvBt2KNTcRS/Sz6R1RlyHr4nDZVrGv khOS4dzW17YTipcw74rzmfr0cay+1dc+gEOXan9y66VNgWEfLkeB/U458D8Q4TUD+Epo=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1pQPAZ-0006yG-Jh for <openpgp@ietf.org>; Fri, 10 Feb 2023 09:54:11 +0100
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1pQPAQ-0005XL-G9; Fri, 10 Feb 2023 09:54:02 +0100
From: Werner Koch <wk@gnupg.org>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
References: <SY4PR01MB6251BD1B19BAD5DE910A1C0EEED99@SY4PR01MB6251.ausprd01.prod.outlook.com> <87r0uzuhzr.fsf@wheatstone.g10code.de> <SY4PR01MB6251ACE71B0B13D3CFB63A7DEED99@SY4PR01MB6251.ausprd01.prod.outlook.com>
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Jabber-ID: wk@jabber.gnupg.org
Mail-Followup-To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Fri, 10 Feb 2023 09:54:02 +0100
In-Reply-To: <SY4PR01MB6251ACE71B0B13D3CFB63A7DEED99@SY4PR01MB6251.ausprd01.prod.outlook.com> (Peter Gutmann's message of "Thu, 9 Feb 2023 12:54:46 +0000")
Message-ID: <87ilg9vr2t.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=NATOA_BZ_Black-Ops_satellite_imagery_AVIP_explosion_Beyond_Hope=stak"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SNR77y_-bvC7QaT3f3wUZ8hCEZ8>
Subject: Re: [openpgp] Weird OIDs in the 4880bis draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Feb 2023 08:54:16 -0000

On Thu,  9 Feb 2023 12:54, Peter Gutmann said:

> the perfect opportunity to fix this problem.  If people really have pushed out
> implementations based on an in-progress draft then they can still accept the

Actually rfc6637 allows the specification of curves using arbitrary
OIDs.  FWIW:

  Date: Tue, 21 Jul 2015 04:02:45 +0000
  From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
  To: Werner Koch <wk@gnupg.org>, NIIBE Yutaka <gniibe@fsij.org>
  CC: "gnupg-devel@gnupg.org" <gnupg-devel@gnupg.org>
  Subject: RE: [TESTING] Curve25519 encryption support (update)
  
  Werner Koch <wk@gnupg.org> writes:
  
  >The only question is whether we should use the above OID (from Peter
  >Gutmann's arc) or use our own one.  Peter: do you know whether your OID is
  >already in use?
  
  If you mean whether it's still reserved for 25519 rather than being assigned
  to something else then no, it's permanently assigned to 25519 so won't get
  used for anything else.  If you mean is anything else using it for 25519 then
  I don't know, 25519 is so new, and non-standardised for ASN.1 use, that I'm
  not sure whether anything's using it with things like certs.  That's why I set
  up that OID for it, to allow it to be used in ASN.1 objects.
  
  Peter.


There is mass market hardware with support for these curves and thus,
via the fingerprint, these OIDs.  For example Yubikeys are widely used
with OpenPGP.


Shalom-Salam,

   Werner


-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein

v2.23.0 | Report a Bug | By Email