[openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 03 November 2024 19:46 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C323AC169422 for <openpgp@ietfa.amsl.com>; Sun, 3 Nov 2024 11:46:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.231
X-Spam-Level:
X-Spam-Status: No, score=0.231 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="D3Q1qZae"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="UUzaq7N4"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8E9X9sZl5ikV for <openpgp@ietfa.amsl.com>; Sun, 3 Nov 2024 11:46:34 -0800 (PST)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62A05C151069 for <openpgp@ietf.org>; Sun, 3 Nov 2024 11:46:33 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1730663189; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=8ZzGdIq5yyFsSi3xI5pQqo9EShh69XMtQzEmnYNhkEs=; b=D3Q1qZaeUzU8Lkdw29cvTlAvuCHt/QvtJRsE32kiU8STID0ztiAdSp0hZUj8lsw5Kp2gh xi1Ee2V/tq4HPRuAQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1730663189; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=8ZzGdIq5yyFsSi3xI5pQqo9EShh69XMtQzEmnYNhkEs=; b=UUzaq7N456e2xEvb3nVjQZteWTVybFr3TsoXLygpa49QvFfzqjPt70yvpwhlKj3hl1j8O flGn30EeC+vVhKZN07pAPxg2OfxkTXBTc/Xfs0DLJdV8v0E4vWCJTvm9O3/XScujTGe78JD Y8lQ8AbGZh1S2w/agL2cJBSuwtOpPJescRFcGu1azisuBIUOTjtKM0uU1ICp2Sfnn1E2L/0 0T44GGz6sMvvvdhwp60xPIqs2wnqVryb/bdoMhoyO/vTh96KZuiw9PxDgKFRibI/Zu7nob1 dMNSS0TcAFseJEc9e+Pd7+UXd4quFqq/6h3P6w5UfKN2dguq/X2SKMmdquqg==
Received: from fifthhorseman.net (unknown [83.147.155.194]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 28EDAF9B1; Sun, 3 Nov 2024 14:46:20 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id DBE3813F684; Sun, 03 Nov 2024 08:14:00 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
In-Reply-To: <B20FD242-AD3D-4A30-86F4-8AA8A9157DC8@andrewg.com>
References: <d3d5e59e-2ddb-4b4d-867e-b8a7f1df203c@posteo.de> <B20FD242-AD3D-4A30-86F4-8AA8A9157DC8@andrewg.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HCi QQfFgoAMQWCZadnIAUJBdtHCwMLCQcDFQoIApsBAh4BFiEE1HcEDHDCFWpcKYVJu36RAUlea/ cACgkQu36RAUlea/edDQD+M2QjnoEyu/TjI+gRXBpXQ5jCsnnp9FdYhaSSUW/vZ8kBAJByWlj A9aMfVaVrmvgcYw7jzJz+gmZspBRB++5LZ20NzRc8ZGtnQGZpZnRoaG9yc2VtYW4ubmV0PsLA EQQTFgoAeQMLCQdHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEu/CS CeyWwC6j4ihJr2u/z6delsF1pvYW3ufgf1L538DFQoIApsBAh4BFiEE1HcEDHDCFWpcKYVJu3 6RAUlea/cFAmWnX5AFCQXZ8EUACgkQu36RAUlea/cjVwD+ONjdHM74rAa6EEiiqaPjlptiaZx CVqFYXnib6EbZARkBAPnnR8pW8vCBnDXHKu65jNqwF3aH761NaOqqMFfppg8GzjMEZXEJyxYJ KwYBBAHaRw8BAQdAjX25Fq2Q9IUFeHy6yByIQPBnFOedFliuEiCIUzJsENDCwMUEGBYKAS1HF AAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnwqKWsw56uoWVLIFcs7ZecJ gwpsSNevWCzbviKQ8yRLUCmwK+oAQZFgoAbwWCZXEJywkQdy0WHjXNS4FHFAAAAAAAHgAgc2F sdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEIJSOxuw2y/UJmg5M3BLpN0JYjODZpXiEVFu 1byARzMWIQR0vATEPYYIS+hnLAZ3LRYeNc1LgQAAsH8BAKg1C5LK/D7pSkXCD+jfTSP+CqM58 iHLjh4vKhpOKsTJAQCHldtEjxJ1ksPTFgG9HihHH7qc6/wvvLw77ETMpwlrAxYhBNR3BAxwwh VqXCmFSbt+kQFJXmv3BQJlp1+rBQkCF4lgAAoJELt+kQFJXmv3ydsA/2roQZ2Jm/7iUrg/2C5 ClWA/xbvPC31LyMkGGH2/rq8tAP9BgqLuCPnNTVPqeX9+9qqMmaFq7wmvjq5I+yycAw9CDc44 BGVxCcsSCisGAQQBl1UBBQEBB0BZMsRrRaaeFSYMF1ZdfRmVgBriDUIr99eDQ085BK14DgMBC AfCwAYEGBYKAG5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnsazAWX tEHUPmSTmcRZAIsAsNiO8k0hdjsfRlRVipgJgCmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wU CZadfqwUJAheJYAAKCRC7fpEBSV5r90AjAPwLgY1iKiFJEj32SVD5f721929l79VxQB5FlQss x1n5kQEA6Uct2tPvbB6T7p5KG3Gl+tbi7oJAuxFmpkpW5/N2Owg=
Date: Sun, 03 Nov 2024 13:14:00 +0000
Message-ID: <87v7x4qx2f.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Message-ID-Hash: 3S4YIHLJSMPPXGAWWKNFKJ637QD2PKZ4
X-Message-ID-Hash: 3S4YIHLJSMPPXGAWWKNFKJ637QD2PKZ4
X-MailFrom: dkg@fifthhorseman.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Andrew Gallagher <andrewg@andrewg.com>, Heiko Schäfer <heiko.schaefer@posteo.de>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/VcibZVH0pOAoKJQi9O6GNwGW_T4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

Thanks for doing this work, Andrew.

With no chair hat on, my preference is for a mandatory imprint with an
optional fingerprint (i think that's your option 3b).

I would include guidance like:

------------

- If the imprint is identical to the fingerprint, the fingerprint can be
  safely omitted.  The generator SHOULD omit the fingerprint in this case.

- If the imprint is identical to the fingerprint, the generator SHOULD
  NOT omit the fingerprint, unless it has reason to believe that all
  consumers have a straightforward way to retrieve the referenced
  certificate without depending on its fingerprint.

------------

I don't think there is a large implementation cost for this -- the
codepaths will already be mostly in place.

This allows an isolated implementation ecosystem that expects to have no
interaction with the keyserver network to not consume the extra space,
but generally discourages it, which is the appropriate approach for the
current scenario.

As for the UX guidance, i'd be pretty wary about the level of detail
that you've proposed for the process of *generating* the replacement key
data in this thread.  I agree with Daniel Huigens that the ideal UX
shouldn't expose any information about specific
certificates/keys/algorithms to the user.

I like Daniel Huigen's proposal for augmenting "sop update-key" to be
able to make use of this specification, as i think it matches the level
that would be appropriate for most applications.

That said, i like the idea of describing more of the workflow for the
*consumption* of a certificate with such a reference.  I'm not convinced
about the part of the notifying the user or asking the user part,
though.  again, i'm not sure that we want to involve the user so deeply
at this level.  But i think it would be really useful to walk through
the steps that need to be taken, and the higher-level tradeoffs that
might be made there (e.g., whether there are privacy implications of
trying to fetch the associated keys, and if affordances should be made
for privacy-sensitive scenarios).

     --dkg