Re: [openpgp] time representation in OpenPGP
"brian m. carlson" <sandals@crustytoothpaste.net> Sun, 03 July 2016 16:49 UTC
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6273012D115 for <openpgp@ietfa.amsl.com>; Sun, 3 Jul 2016 09:49:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4n2wrcZXEGlL for <openpgp@ietfa.amsl.com>; Sun, 3 Jul 2016 09:49:47 -0700 (PDT)
Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5148F12D0CD for <openpgp@ietf.org>; Sun, 3 Jul 2016 09:49:47 -0700 (PDT)
Received: from vauxhall.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:6680:99ff:fe4f:73a0]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 880FB282A8 for <openpgp@ietf.org>; Sun, 3 Jul 2016 16:49:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1467564585; bh=fXL+l+h8D0uaBuroN2S4/s6T/C5wYjURvalzB8yyvkA=; h=Date:From:To:Subject:References:In-Reply-To:From; b=YM776y+5ZCfz4OQzanOcSV7TGU0wJP9ybZqBphxRP5zhijVA4IsHspzOQEj5HtdMQ OredLfO2nt2cnTwuvf4OqUKgu8C9r21MSaEWKB16nhruLBU/j8NYxm7x9GSkrf9CW6 EpaWWJeBdCaeaW8QeX3NGTn5Tp7K8mr2wQ8JvsZ7yBRQm8h8uEf/CRSDSQ45j6R2dP C6uF9SCncSJSufXlqduGC7AK6WWK/PUkqBMt0jPRacckGTyo/OejzeYHYTde70T1U/ KPgTuXRPzZfv9sRcop6yBVaZb1M9QwVOuL0u5vkFX+ZRzOsXHjXMqbSfRvatciZDdd LcGW19ZSLqGKGB3QMknaSFfIhqMEaKFgGxyy8niJEEmdiNYC8QIf69ctC5acnZWppv okP0lJ7UoZmbGsu9CaG76MiBPfrGdMOKLAf9lPEiFqqDQovwG/QP94va+b+QyASAWH icGD2VxjqOnj8VejAqkHkgqwKu/IBmEtBtRi90GOGLpuSZwLEYU
Date: Sun, 03 Jul 2016 16:49:42 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: IETF OpenPGP <openpgp@ietf.org>
Message-ID: <20160703164942.GB327700@vauxhall.crustytoothpaste.net>
References: <87d1muyh70.fsf@alice.fifthhorseman.net> <fd725ea87a9141d0883831900e072f1f@usma1ex-dag1mb1.msg.corp.akamai.com> <51e9f5c2-fe2a-a699-aa0c-15114cf948f3@sumptuouscapital.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="6sX45UoQRIJXqkqR"
Content-Disposition: inline
In-Reply-To: <51e9f5c2-fe2a-a699-aa0c-15114cf948f3@sumptuouscapital.com>
X-Machine: Running on vauxhall using GNU/Linux on x86_64 (Linux kernel 4.6.0-1-amd64)
User-Agent: Mutt/1.6.0 (2016-04-01)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Zh7jNv-oXBqE6J1hJGAJkaB_nsk>
Subject: Re: [openpgp] time representation in OpenPGP
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Jul 2016 16:49:49 -0000
On Sun, Jul 03, 2016 at 03:57:31PM +0200, Kristian Fiskerstrand wrote: > On 07/03/2016 03:48 PM, Salz, Rich wrote: > > I suggest we use ASN1 generalized time (which has only a couple of > > bytes overhead) or ISO 8601 profiled to be like the ASN1 format: > > YYYY-MM-DD-HH:MM:SS.sss with fraction optional. > > > > ASN1 sounds complex in this case, some form of ISO8601 variant might be > helpful. > > Alternatively expanding the size of the value from 32 bits to 64 bits > might be easier to deal with for backwards compatibility reasons. I'd strongly recommend simply using a 64-bit (signed?) integer. It's compact, avoids time zones (which are a source of bugs), and is the logical extension. If we use an ISO-8601 variant, it should actually conform with ISO 8601 (unlike GeneralizedTime), and provide a unique encoding for a given time. Determinism and uniqueness help avoid collisions and other types of attacks that might come down the line later, and makes validation much easier. -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204
- Re: [openpgp] time representation in OpenPGP Kristian Fiskerstrand
- Re: [openpgp] time representation in OpenPGP Werner Koch
- Re: [openpgp] time representation in OpenPGP Werner Koch
- Re: [openpgp] time representation in OpenPGP Jon Callas
- Re: [openpgp] time representation in OpenPGP Benjamin Kaduk
- Re: [openpgp] time representation in OpenPGP Kristian Fiskerstrand
- Re: [openpgp] time representation in OpenPGP brian m. carlson
- Re: [openpgp] time representation in OpenPGP Kristian Fiskerstrand
- [openpgp] time representation in OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] time representation in OpenPGP Salz, Rich