IETF Logo Mail Archive

Re: [openpgp] primary key binding signature requirement

Aron Wussler <aron@wussler.it> Mon, 05 December 2022 09:25 UTC

Return-Path: <aron@wussler.it>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C433C14F6E7 for <openpgp@ietfa.amsl.com>; Mon, 5 Dec 2022 01:25:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1qwoId9mQTuJ for <openpgp@ietfa.amsl.com>; Mon, 5 Dec 2022 01:25:34 -0800 (PST)
Received: from mail-4317.proton.ch (mail-4317.proton.ch [185.70.43.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 493FCC14F722 for <openpgp@ietf.org>; Mon, 5 Dec 2022 01:25:33 -0800 (PST)
Date: Mon, 05 Dec 2022 09:25:25 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail3; t=1670232330; x=1670491530; bh=QdDrGGoAx0cA+g3aFlAfH7q9S8CRClhUiO9jJs8Benk=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=cPB6LhgZovKt6Yqt9uV34ejAGatBq6iLQcs3lNlZYZ2qbmABXSr9Avz3rvgjZl0tA dT088gxVSoa+Y8RGd/WkwqwSePnCZ2WiIN5xWLBcXM9dZ94quU8+u8dtAhA0TRoWGA egtsPz7sKa/G+IK6SRsYKvfbPxU5Bp3HL6UoiwsclnIciKZkL8mQNWFxvJWoQ788ZQ QJgwVqJEH3bwrWc7Z+G+XQZwm3hJkQ96SWNVaWlCk6lHErdrLr278zZyfBCrll8aPZ G7/g1KM10UJVtwY0qNqfIU4DMbTiRxEZCMbdNNICmmTJqbxGGHq0uyyKrUfJX2HNT8 fffalsd0mHtoQ==
To: "Neal H. Walfield" <neal@walfield.org>
From: Aron Wussler <aron@wussler.it>
Cc: Paul Schaub <vanitasvitae@riseup.net>, openpgp@ietf.org
Message-ID: <O8BktgQ3FoR9pxaaJpfRCzCYW9Httn_81Tr2eiAIB8ApnYBvfPKkLoD5J4Yliw_l6kl3QvNT42GmyRzYQGfJGtSRNDoYs0p8KfBF5_sg8Ro=@wussler.it>
In-Reply-To: <871qpe47fs.wl-neal@walfield.org>
References: <87v8mv4gfe.wl-neal@walfield.org> <4xf4guGg2quiLcVvBQI78yHRQmwuV3NK-tyKFMw9pdwv5MXBmgnAUIu0vDxYK0L8dz3zQdwV5JoPozx98gIoCtgFVbNBg03UQSt8YfE_7YM=@wussler.it> <DAD8D9FD-E0CD-4D7A-BD8F-776F07207C06@riseup.net> <877cz84jue.wl-neal@walfield.org> <pM_Lyx3OlnFSNprDwYOLg4Ssx2vScAGr8XqGFXUYB3OUcZr1u4PUQ8rwOxlUe0_rl_c_sCF8KIcPF4lxUCAyjW7sC4sh-UxOaUNWVKlble8=@wussler.it> <87359v4am4.wl-neal@walfield.org> <U6n2VVpBN9sbBojynnUb4gHkIl7nUZfhqOMfPjVBhu4DnOc_4bxGfrQ-fxNf7xDHcKTzTp65A5nhsejJuvGLVG3fKTUdpkfajN2ju6crZHc=@wussler.it> <871qpe47fs.wl-neal@walfield.org>
Feedback-ID: 10883271:user:proton
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------1766a268f8a9564c1bbdbb53975515a98db6c7c892dc6420d9242e9e877aa467"; charset="utf-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/XSpFccUQ-GALGAPUwubxGr5p3Ow>
Subject: Re: [openpgp] primary key binding signature requirement
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2022 09:25:39 -0000

Hi Neal,

As far as I understand WKD returns only one unrevoked certificate by design.

   The HTTP GET method MUST return the binary representation of the
   OpenPGP key for the given mail address.  The key needs to carry a
   User ID packet ([RFC4880]) with that mail address.  Note that the key
   may be revoked or expired - it is up to the client to handle such
   conditions.  To ease distribution of revoked keys, a server may
   return revoked keys in addition to a new key.  The keys are returned
   by a single request as concatenated key blocks.

This is another change that I would like to pursue with the superseded signature (other thread), to change WKD to return at most one non-revoked or non-supersed certificate.

Cheers,
Aron

--
Aron Wussler
Sent with ProtonMail, OpenPGP key 0x7E6761563EFE3930



------- Original Message -------
On Monday, December 5th, 2022 at 08:48, Neal H. Walfield <neal@walfield.org> wrote:


> On Sun, 04 Dec 2022 23:13:35 +0100,
> Aron Wussler wrote:
> 

> > > Did you consider using an offline primary that tsigns the intermediate
> > > keys?
> > 

> > Doesn't this require users to download both keys? It would probably save us some effort with trusting the offline key, but they must be individually fetched, and AFAIK this would be a change with how OpenPGP-CA works. Not against this model, but in general I agree with Heiko that there is insufficient support from the verifying side here, to allow for a seamless UX like TLS (or even close to that).
> 

> 

> How do you currently get the top-level CA certificate? WKD? If so,
> you can store all of the certificates there. And since they all use
> the same email address, getting the top-level certificate gets all of
> the intermediate certificates.
> 

> > > I suspect that having this discussion now will further delay the
> > > crypto refresh (in addition to thinking that it is out of scope).
> > 

> > True. So in your opinion we should not specify here whether certification subkeys are acceptable behaviour?
> > Or shall we standardize the "status quo": certification subkeys are not allowed?
> 

> 

> I'm for leaving it as it is, for now.
> 

> Neal

v2.23.0 | Report a Bug | By Email