Re: [openpgp] Fingerprints
Derek Atkins <derek@ihtfp.com> Mon, 20 April 2015 15:17 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3914F1B2EC8 for <openpgp@ietfa.amsl.com>; Mon, 20 Apr 2015 08:17:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4T_J4bRcD1fr for <openpgp@ietfa.amsl.com>; Mon, 20 Apr 2015 08:17:28 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0D6A1B2EC7 for <openpgp@ietf.org>; Mon, 20 Apr 2015 08:17:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 14003E2038; Mon, 20 Apr 2015 11:17:27 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 06068-06; Mon, 20 Apr 2015 11:17:24 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id D8CD8E2035; Mon, 20 Apr 2015 11:17:24 -0400 (EDT)
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t3KFHN84020704; Mon, 20 Apr 2015 11:17:23 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <CAMm+LwhbB+-MnGRBCvprgAGOuu+5CJ2rgod7EBGOQR5UNVrspQ@mail.gmail.com> <87d232lkb6.fsf@alice.fifthhorseman.net>
Date: Mon, 20 Apr 2015 11:17:22 -0400
In-Reply-To: <87d232lkb6.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Fri, 17 Apr 2015 13:46:21 -0400")
Message-ID: <sjmlhhmakxp.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/XDgjaeSNC995Jj5SqLrna9Kw7ig>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2015 15:17:32 -0000
Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes: > Here's my attempt at clarification for why i find myself in this > position: > > As an exercise, i tried to write down all the places that i expect > fingerprints to be useful. Perhaps surprisingly, i think there are not > that many good use cases for fingerprints. I came up with: > > 0) keyserver lookup -- Finding or retrieving a key on the basis of a > fingerprint. If you have hte fingerprint, you should be able to get > a copy of the key. > > 1) key verification -- I have a copy of a key that i think might be > yours, and i want to confirm that it's yours without a mechanized > byte-for-byte comparison of the entire key. This covers the "put it > on a slip of paper for out-of-band confirmation" use case. > > Are there actually any other use cases for the fingerprint? Specified Revokers use the (binary) full fingerprint, not the (truncated) keyID. > Truncated fingerprints (which we call keyids) are also used in some > workflows, for example, by some tools to provide a human-accessible > handle for the key. I don't think this is appropriate, as i've argued > elsewhere: > > https://www.debian-administration.org/users/dkg/weblog/105 It's important to have a keyserver API to lookup a key based on the keyID in a signature. > I should also be clear: i *don't* think we want a many different > fingerprint variants. I actually don't think we want more than one for > OpenPGPv5. And i don't think we should choose a design that will > encourage people to pick their favorite fingerprint algorithm. > > Fingerprints are useful because everyone uses the same one. I don't > want to put have to two v5 fingerprints on my business card for the same > key to satisfy two different fingerprint camps. the transition period > where i need a v4 fingerprint and a v5 fingerprint is going to be bad > enough, let's not make that persistent. If i put one form of a v5 > fingerprint on mine, and you put another, then any implementation that > copes with them (keyservers; manual verifiers) will have to understand > and work with them both. > > > The fingerprint decisions i made came from these factors: > > * version detection: how do we know that this is fingerprint format X? Leading byte with the FPVNo. (FingerPrint Version Number) > * truncation: how long is the fingerprint? Is it acceptable to > truncate further? If so, by how much? Werner's note is also > relevant here as we move to ECC keys: > > > Short fingerprints are important; if they are getting too long > > they won't serve a purpose because the public key could be used > > directly. > > If we use a 256-bit fingerprint for a 255-bit curve25519 key, what's > the point? > > * digest algorithm; we need preimage resistance; we do not need > collision resistance. So you're saying we can stick with SHA1? ;) > * what material gets digested; at a minmum, this is: > - the algorithm for the key (incl. any parameters) > - public key values (mpi's, bitstrings) > it's not clear to me that there is any advantage to adding > anything else here. I still believe that the creation time (and key expiration time, if it exists) should be included. > * what structure is used to frame the material before digest; v4 uses > an approximation of the public key packet format as a framing device, > but this ends up including the creation date. we could use the ASN.1 > SubjectPublicKeyInfo format (as phb suggests), though some people are > (probably understandably) allergic to ASN.1. Or we could make up our > own structure, yuck! Personally I like the current framing (because I do believe the creation date should be included). > * human-representable form of the digest: e.g. hex, base32, common > hyphenation patterns, etc. there are legibility/usability factors > here that i don't know enough to comment on. I prefer either hex or base32. > Did i miss any factors? > > --dkg -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Werner Koch
- [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Tom Ritter
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Stephen Paul Weber
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints David Shaw
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Designated Revokers Vincent Breitmoser
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Daniel Ranft
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- [openpgp] [RFC4880bis PATCH] Deprecate "Revocatio… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Neal H. Walfield
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Werner Koch
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Paul Wouters
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… Daniel Kahn Gillmor