IETF Logo Mail Archive

Re: [openpgp] v5 sample key

Werner Koch <wk@gnupg.org> Fri, 03 May 2019 10:05 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A69611200E5 for <openpgp@ietfa.amsl.com>; Fri, 3 May 2019 03:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oeuCzdiVTmBn for <openpgp@ietfa.amsl.com>; Fri, 3 May 2019 03:05:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9754C12006D for <openpgp@ietf.org>; Fri, 3 May 2019 03:05:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=pSJsoZ8UYtdIevzH7i1wVeWfTF5a6oN7jhtWxSak83g=; b=JgIPWUWqyUqFeTa7aO/q6I3sFY eJhJ5u3ZHgohM/QrDnT/QquiMTTYKLvzOTI8g4MWCUqaR7NfcoYY/Uie9hiS5AdnaJmZYOuSPuf9u EJ1w8yGwmT8fm6xvNtG9N2CVgiML5U4juVqRbPZAmwkHE971Yv62sGWA8HJ6yDx91l4g=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1hMV41-0008Ep-1y for <openpgp@ietf.org>; Fri, 03 May 2019 12:05:09 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1hMV0D-0002Ko-3k; Fri, 03 May 2019 12:01:13 +0200
From: Werner Koch <wk@gnupg.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
References: <87sgvh1ugy.fsf@wheatstone.g10code.de> <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net> <871s1tyvkl.fsf@wheatstone.g10code.de> <20190425091133.ayz4wyxzfe3xwdwf@earth.li> <87sgtwo5k4.fsf@fifthhorseman.net>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
Date: Fri, 03 May 2019 12:01:07 +0200
In-Reply-To: <87sgtwo5k4.fsf@fifthhorseman.net> (Daniel Kahn Gillmor's message of "Thu, 02 May 2019 18:27:39 -0400")
Message-ID: <87d0kz6en0.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Merlin_Standoff_GIGN_Fort_Hancock_Locks_Information_Terrorism_world="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SUxp2zgJwhB0o4ntSq2bR0cPbo0>
Subject: Re: [openpgp] v5 sample key
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2019 10:05:14 -0000

On Thu,  2 May 2019 18:27, dkg@fifthhorseman.net said:

> to 4-octet length representation during fingerprint and signature
> calculations is intended to allow for significantly larger keys if there
> are any post-quantum algorithms that need it.

Right, that is the required change to allow the addition of PQ algos to
OpenPGP.

> they're aiming for smallness.  We're only talking about 4 octets in RAM
> when calculating the key fingerprint or the signature, right?

Right.  Snippet from code for fingerprint hashing:

  if (is_v5)
    {
      gcry_md_putc ( md, 0x9a );     /* ctb */
      gcry_md_putc ( md, n >> 24 );  /* 4 byte length header */
      gcry_md_putc ( md, n >> 16 );
      gcry_md_putc ( md, n >>  8 );
      gcry_md_putc ( md, n       );
      gcry_md_putc ( md, pk->version );
    }
  else
    {
      gcry_md_putc ( md, 0x99 );     /* ctb */
      gcry_md_putc ( md, n >> 8 );   /* 2 byte length header */
      gcry_md_putc ( md, n );
      gcry_md_putc ( md, pk->version );
    }


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

v2.23.0 | Report a Bug | By Email