Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-
Vincent Breitmoser <look@my.amazin.horse> Wed, 28 August 2019 16:28 UTC
Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B91312088D for <openpgp@ietfa.amsl.com>; Wed, 28 Aug 2019 09:28:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=my.amazin.horse
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xXXVjgvLDFX4 for <openpgp@ietfa.amsl.com>; Wed, 28 Aug 2019 09:28:40 -0700 (PDT)
Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE53D120836 for <openpgp@ietf.org>; Wed, 28 Aug 2019 09:28:39 -0700 (PDT)
Received: from localhost (p2E5DC69E.dip0.t-ipconnect.de [46.93.198.158]) by mail.mugenguild.com (Postfix) with ESMTPSA id 67DEC5FB71; Wed, 28 Aug 2019 18:28:37 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my.amazin.horse; s=mail; t=1567009717; bh=97Niy7HmkslThUDKuXm1LENxqV79r4A3H264Udw/xq4=; h=Date:From:To:Subject:Autocrypt:From; b=UbRGZeHdnIDp6laEJqftH+XT9iTP72cErFwu3R53ZANvbBMnkRzdxyTkBsp8W5XsS pUKVm4B2z1e7VHWfQ7LY1i8VdJyj0NRPL/nNfOg0uk9FFsVllfBd4KoRMSBeJVyO1h vpHERpCaG1D3qVAu7KOgh5w35UVTmbfJPlTV4Atw=
Message-Id: <1ZTOJUW5WAINU.3HYIYUHGVZ588@my.amazin.horse>
In-Reply-To: <87blw94tfg.fsf@wheatstone.g10code.de>
References: <87blw94tfg.fsf@wheatstone.g10code.de> <87tva1am9t.fsf@fifthhorseman.net>
Date: Wed, 28 Aug 2019 18:28:29 +0200
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Vincent Breitmoser <look@my.amazin.horse>
To: Werner Koch <wk@gnupg.org>
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Heiko Stamer <HeikoStamer@gmx.net>, openpgp@ietf.org
Autocrypt: addr=look@my.amazin.horse; keydata=mQINBFAB3UABEADCyB/vbIBA3m1Bwc yjTieEMLySwYgt54EQ2hglOocdtIhqC+b05t6sLSkwx2ukxrU2cegnCBkdyF/FZ/+Et638CUEBbf 4bjplwpt2IPLazQgjkwjMuhz0OcYDpMhwimTvh3mIl+0wzpOts6mEmMw0QZdl3RXvIW+NSynOn7q mz/fAv4Htt6lv2Ka0s6R2voyi+5U7CcIqizPad5qZVn2uxmovcFreTzFt6nk37ZbbTfvA3e5F0bR RQeH3viT5XxpJF4Y76v/Ua+5N3Kd18K0sX85rD1G7cmxR2CZ5gW1X24sDqdYZdDbf10N39UIwjJH PTeuVMQqry792Ap0Etyj135YFCE0loDnZYKvy2Y1i0RuEdTUIonIHrLhe2J0bXQGbQImHIyMgB9/ lva8D+yvy2gyf2vjRhmJEEco7w9FdzP7p3PhKrUiTjRsjHw8iV8LOCFx9njZOq9mism9ZZ16tZpx 9mXOf11HcH1RtVuyyQRS/4ytQPzwshXdSDDW6Btkmo9AbZQKC54/hSyzpp3Br2T2xDH7ecnonDB/ jv8rWuKXSTbX3xWAIrNBNDcTYaNe4jkms4HF7jJE19eRlqsXMMx6Fxvrh4TtKICwJYJ3AUmXrK3X Ti/mjqYfJ1fpBn54rWs8nhSR1fuZPD+aMlcP8BDUPlNKPKtj0DGSh3/VlnnwARAQABtClWaW5jZW 50IEJyZWl0bW9zZXIgPGxvb2tAbXkuYW1hemluLmhvcnNlPokCOAQTAQIAIgUCVTNZmgIbAwYLCQ gHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQe9GDIN6t+hHcVg//aeiijNqsQ3pjbFQn3VvND7hNfJ vrVcLZ+U4kOzXPF818aVdOnDyNXyE17vBDDcvaZ730sCsZIRZJ3KhUJ+nPvdttKjUIGLARmx+pA3 Jl3IIv2uLtOb3I0TMuyfIGJVGF+q10/CeDMKVjKlmyOVrR0opkel+KEoN7VLq3Hf3zPKENO1HBgp LHeP31tlb9cgs+u4o2wLrVe9myHbuFBW7EjWbSvdz2zliwbsFeFVLMNcWrKAU0GkkiH69SgnwmXU RkhGma4L27GLtkHHufsxfbcPqPtmtCttsGZU4EmrghGUqVyDOxnn8ZqybzLrRfpin+OCIX+aHJz5 r2L8qtrP0LorNMX3Gopd26vfhNvq/wq8xk++bW1R5FmkaUhx9h+DhO2ybcg7p/E8JHc8zrWv+bb3 0o9lkrOaU8GxXrgtb1cjtbb+MxFvjm0Elw7MSZDG7sF/APFU6cwuIA9Nai/OGAUCSt/W2ecS8Zox cWWbGSEiDvjtEctkpmHjfVuGoL34966Olm41VdH+NjgoSYUJKx4Mty8DRcZxdyoXll84LvDkEEYK ZqOIACsJf8CDFvUkmhXc+moCj15Yxtj3/RslRVEiOUyrpDwB72zWcZG8YnzoyGxhcRIc/gFejO/y SI8bzCpYngeuTb5NjFG+ChGiInHbQcFeHBlaHtKi2o/B5axIO5Ag0EVDvOgQEQALJby/ztliToGE u1lslvWQUQ6teKZVUQ7hy9bM4N83G0AGLatUBHtY6PkJBe4XkIw3sK7LoFCV2W4GSt4zWp9l+kG3 /J8Ow7EFjN0F7DrCg0M0lMg9dQz9jYSoBR8skaH3BRzCq9AKIVKV94poL/G65289L7zKDHoZnnyF qbBtedYZir0SZx+kiouZ1qnmxRPaYmH2fkuiuvYEAyzLDLYM8F5gQhdZM4YVtuvSICYPet0z4CDi JX/vZmDi3AzzoEVaKeAM/0H9f9Ni547J2+8dZSllgTrA+fq0aMJVScAObIxTAQtEq0DoNBzPpVrm W10b4bmgePrAvNkifqSr5StymSBgwvoeW6GrJiyN4XhoLOadZzwgjqioR1nXw5tXtrr5sYdkZ06b 1WWHkxtu1hFTdLC7RYNxY07ytLNM+C2lplCwCwlWB7RwI9BL1Dhre4kv8uaaX2Gksaq9mDf9MSDW qQ0TJ/RAiwMGmFrzBEYI1J2Oyeshi/dqW4/OiZAukOIlxOnt6u8zU2KL6Qjxqqna0oTbS4Zv3fRd YkuUCL6CDEJdkuRAiW+Gw+lKcMjXqApEqixhaDkoB/kwtu+2gIFTzAxMfwFN1YtNc0kJZWnFkGIW MrrwTcOwAFzlFz7wn/EyMFtg+ERcqMX0+olXDwM8MODI2+BzulPuEDEteCw09hABEBAAGJAh8EGA ECAAkFAlQ7zoECGwwACgkQe9GDIN6t+hFjuQ//UQyg49f8TytUYQaBb8R0UfI+KhQFs1Nsz2z8a3 0CD1MeiHHYWdAcomVvTkg4g5LbnYHVDrj/XagY3FN/AIE97usFbsTG+rsWAOLi7N2dN2ehWZ634k MvrgyC9uTiOdkw31+B8K5MpyySgD8e6SAzRfiu06/bcQOUyJifw8Hudpj9by4uyGhSH+kHu4afrp OduUighbsGFtcuRwwQ/w/oSk68XvPUgiOQWMZh/pVoXdFyFvrt/hgArCi8dfy5UPK58nl7jPnu/I uQXrJ50nNAFIIxPVeo2/B83KAnEZPU+qWZsdba0V+FIIQQVizLtQFMuJJk4/UTAOfJ2tBpQ9PADX 6/scqDE7unXNWdxcHTjK7KmWjXC8CyhGOx8V/rb7Ial4mZo4cTED6SNlO7dV1XYwnSctL2HCYNM3 RUe4eJ7JWuu7/Nbf6yip2eq7BQKZ9hAH/se/OSZNYsEkZ4pxUc8W5U3uAZImUwC6L74SM0jBZIuD mQhOYX6sZZ6urIn/MYlj4/hqSBFS4vTK7nXRLmtr7+5T5U5srVseUiYc+l9pu9/XD8zGIu+M2xEd 41NwP44GDQTQm0bFljRv5fSblwmi56YHPFQUIh2RZNX3kOJgeyQ3enw5uY+7ocKRVP38hpnffliL lJcO6TtHWnElS3pACbTQM0RHJox3zqU3q6K3c=
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SnunY38VRszLkv43AGK9if49zuk>
Subject: Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 16:28:43 -0000
> Putting this into a standard-self signature is troublesome because this > requires to update and distribute the self-signature as soon as one > uploads to a keyserver. I also have reservations about how this interacts with certification self-sigs, simply because there are already a lot of implicit expectations and behaviors around these. > We need to have a way do include more key signatures. This can easily be done > with several of such self-signatures using the same creation date or another > mechanism to connect them. Sounds good. > The requirement to sort the hashes is not really helpful because that > requires that the implementation must check the order and decide what to > do if they are not sorted. In practice the implementation will sort them > anyway (in particular if several self-signatures are required). Agreed. > To accomplish this a new signature-class can be used just for this > purpose. The subpacket definition should include a version number or > digest algorithm to be future prove. Sounds good. > We should of course use SHA-256 and not SHA-512. Yup. - V
- [openpgp] 1PA3PC: first-party attested third-part… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch
- Re: [openpgp] 1PA3PC: first-party attested third-… Vincent Breitmoser
- Re: [openpgp] 1PA3PC: first-party attested third-… Vincent Breitmoser
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Ángel
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Benjamin Kaduk
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch