[openpgp] Re: Call for adoption of draft-gallagher-openpgp-replacementkey
Daniel Huigens <d.huigens@protonmail.com> Mon, 06 May 2024 16:09 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8B7FC14F69D for <openpgp@ietfa.amsl.com>; Mon, 6 May 2024 09:09:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jKV4Wk5TprKZ for <openpgp@ietfa.amsl.com>; Mon, 6 May 2024 09:09:20 -0700 (PDT)
Received: from mail-40131.protonmail.ch (mail-40131.protonmail.ch [185.70.40.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C94BDC14F5E6 for <openpgp@ietf.org>; Mon, 6 May 2024 09:09:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1715011758; x=1715270958; bh=w5Q5A8JBcXiYzrPIweZ5+qpE7eAYYn3hmjXP7oo0rIU=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=IKmxo290bHGd8qmc8WoPN9Z7OAIyiwIuK+bdoZwsdDODFzvoltMyh7JxGSAO33kTK vbXvB68Bv8keWsQZ7/o3Yg2VkfX0jMD1a2FcPkLQ4Zv+TbLns4li8oqCsh8i16u71Q RIeA9N4Y8TM8borRdRHBMGD2WysQ1E12zGRxeboQqv7bbn2yloWkXXtW9wKM6+2bQ5 aC9qaW8sr/Sk3ANpXT6VPA8A45bO1a057amqfKoFmMJVRz2vNmmk4wcBFhELYxC0vB dIEg3rVYDw5bzZMPUeXwknVQzLn/qNbY1nOz/OnWNlYylVgTjJ8p4gsIwSHzKDm+BH oUuiJAgatTXzQ==
Date: Mon, 06 May 2024 16:09:14 +0000
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <usqyc7Ph4mFHGbUiT4OG0pvVZ4IIBwoODSyK8dqAdZTj7dV8i1piD_BE07Oj2nEmP-AI2xaxmBSknRK1-HAgEuj-NuV_cVBdsyWfquDxhEI=@protonmail.com>
In-Reply-To: <FFD6D69E-9330-4D31-B177-60CF0CA8CA69@andrewg.com>
References: <87o7anhybr.fsf@fifthhorseman.net> <87frvhnhx0.fsf@fifthhorseman.net> <74AAE7BF-BD6C-4F27-9BFF-A4AA972056A4@andrewg.com> <tPdBr7QK7VoBsKag0QafjtDv9mB_jBTxHI00f_gSyM8SnUPkPukP2FqmSc-zcccXkvl13s8pDhnuNr9JkzgnY_XVNJlEEpUpqWvN1Ufw2Jg=@protonmail.com> <64E6E654-BE59-4F7F-83ED-34E9AFA89E52@andrewg.com> <YdQAqCSppzuMJIV23pd0CROjA3ATRR-PLn6ojVQQLi3pJqDnd6KBbLQaDpCa5z3Qlgqe80SFzjzrl5hfwk-m08oBiFM4ppPuyAi3iOOUNr4=@protonmail.com> <25809E9B-BCD2-4205-B4E7-147F72887268@andrewg.com> <-ZhU4QDZerCI_Kt-MHZTrNXJqwhvuFppoGASttd2jNFrH_83B_arkTl8PiUuvcSAg1Rh6ReonATelYM_3muxGnkTbclv9f-3Ssms7cXlAQ4=@protonmail.com> <FFD6D69E-9330-4D31-B177-60CF0CA8CA69@andrewg.com>
Feedback-ID: 2934448:user:proton
X-Pm-Message-ID: 059ccc0cc7d3ac1d05f4196b72e4adbcfabc1999
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="b1_fsDtgolZUzpe69wOqhrisiyKZa0ExnZncO2asYstCqI"
Message-ID-Hash: X2IJEHK6JYLB3MHO3HZSMJNJ7KAFEDAF
X-Message-ID-Hash: X2IJEHK6JYLB3MHO3HZSMJNJ7KAFEDAF
X-MailFrom: d.huigens@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Simon Josefsson <simon@josefsson.org>, IETF OpenPGP WG <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [openpgp] Re: Call for adoption of draft-gallagher-openpgp-replacementkey
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Ty_EWEVRDqwKSrq0HwU6sWJ7gz0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Apologies for the late response. On Tuesday, April 30th, 2024 at 20:14, Andrew Gallagher wrote: > We could, however this would be a change in WoT semantics that people may find surprising. I'm not 100% sure it changes the semantics as specified, since they're rather vague. But it's true that implementations would probably need to change, so you're probably right practically speaking. > It also only works on keys with UserIDs, which we cannot assume in v6. Fair enough. Though, for UserID-less keys, I would expect there to be some external binding/indication of which key to use for what, like WKD does for email. But, I suppose if the application does want to use a model of "implicitly or explicitly trust the first key that's presented, but require explicit indications from that key to (silently) switch to a new key", it might be useful to have an indication of that on the key. I do think it would be better to have that indication on the new key (indeed something like a "trust equivalence" signature, perhaps), rather than on the old key, because otherwise it'll eventually be necessary to keep serving the old key purely for the benefit of this signature, while the only people who actually benefit from having this key are those who already have it locally - so we might as well only serve the signature (on the new key), to allow (eventually) removing the old key, perhaps? Best, Daniel
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- [openpgp] Call for adoption of draft-gallagher-op… Daniel Kahn Gillmor
- Re: [openpgp] Call for adoption of draft-gallaghe… Stephen Farrell
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Kahn Gillmor
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Heiko Schäfer
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Kahn Gillmor
- Re: [openpgp] Call for adoption of draft-gallaghe… Falko Strenzke
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Simon Josefsson
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Kahn Gillmor
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Huigens
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Huigens
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- Re: [openpgp] Call for adoption of draft-gallaghe… Daniel Huigens
- Re: [openpgp] Call for adoption of draft-gallaghe… Bart Butler
- Re: [openpgp] Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Daniel Huigens
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Falko Strenzke
- [openpgp] Re: Call for adoption of draft-gallaghe… Falko Strenzke
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Simon Josefsson
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Falko Strenzke
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Stephen Farrell
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher
- [openpgp] Re: Call for adoption of draft-gallaghe… Andrew Gallagher