Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable)
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 29 August 2019 16:59 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96635120A39 for <openpgp@ietfa.amsl.com>; Thu, 29 Aug 2019 09:59:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=xb+u3TD6; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=2OHdLIRw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ayBgIh11PQnN for <openpgp@ietfa.amsl.com>; Thu, 29 Aug 2019 09:59:54 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2F98120A38 for <openpgp@ietf.org>; Thu, 29 Aug 2019 09:59:53 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1567097992; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=ifsVZ3YLGQOOoQe0rrArrNewbQ3Q6fpa7ut4oyB1C0Y=; b=xb+u3TD66/+3opbTwcHn0chhkKhS+trtNkpbSG3YzYyE44gEBxqHpcCn 8zutcXnZZAazZUTGRBSXQpSruZseDw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1567097992; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=ifsVZ3YLGQOOoQe0rrArrNewbQ3Q6fpa7ut4oyB1C0Y=; b=2OHdLIRwM8uSTNmuVXersiUJj2cPJB7LrFP/ng5Upu3aWdj6yddtoXya D7dPLnpY2kZocarpQQiI2iamyceKUxD8j/q6zeJqB9HGL4sAdgiAvEjEav MGANah73pimzDWLeFdOohyfCAane/MFUwCkC9000+SGpY339Ewbsm2P8Ms 6j0I/SX+S/DTXCPRVRg9BB/bVypOv5QmBxIUBeflujaiJlutIiC1sQ8VUK hkleVmffY3+0/yG2EmRzNk9OjwzAJXblLyK3nZQS4jUu7muY91GR28vxWm rnm4PU1b0MG7FxGqwxGG5/L3t3iB739SDTYlZMAkNgbDpGpd0YJIOQ==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id E30DEF99D; Thu, 29 Aug 2019 12:59:51 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 262682025E; Thu, 29 Aug 2019 12:59:49 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Werner Koch <wk@gnupg.org>
Cc: Heiko Stamer <HeikoStamer@gmx.net>, openpgp@ietf.org
In-Reply-To: <87h860ag31.fsf@fifthhorseman.net>
References: <87tva1am9t.fsf@fifthhorseman.net> <87blw94tfg.fsf@wheatstone.g10code.de> <87h860ag31.fsf@fifthhorseman.net>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Thu, 29 Aug 2019 12:59:48 -0400
Message-ID: <8736hjaovv.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ZlQCf4MGX5Hwjp7ZDHZtF8nEyc0>
Subject: Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Aug 2019 16:59:57 -0000
On Wed 2019-08-28 21:57:38 -0400, Daniel Kahn Gillmor wrote: > I've made some new demonstration certificates with this new approach > (and my example does use SHA256): > > The signer's certificate (the "third party"): > > -----BEGIN PGP PUBLIC KEY BLOCK----- > > xjMEXWcuXBYJKwYBBAHaRw8BAQdAIjn6AW4wgrQ7hI66BZkaCzL2X/bRX+yf1tm8 > 4OxSkULNJkNlcnRpZmljYXRlIEF1dGhvcml0eSA8Y2FAZXhhbXBsZS5jb20+woQE > ExYIACwFAl1m9hwCGwECFQgCF4ACGQECHgEWIQTBvMlvJO6/G++jDVQ953dEaeBc > DQAKCRA953dEaeBcDc8hAP9it7GkIgG1Sisa8e46SJIZRfWAcT1vzAmv8k57jY/P > HAEAizCu8jGLKp5AHWLNIU2ah9tEEEch5q4GI7tqMbu5IQU= > =rn/T > -----END PGP PUBLIC KEY BLOCK----- > > The first party, along with a standard self-sig, a third-party > certification, and an Attestation Key Signature attesting to the > third-party certification: > > -----BEGIN PGP PUBLIC KEY BLOCK----- > > xjMEXWcuXBYJKwYBBAHaRw8BAQdAPeDThwKKsiEAR8GwQBzv94FnDhyc9+NtXoH+ > 4LGxhh7NHFRlc3QgVXNlciA8dGVzdEBleGFtcGxlLmNvbT7ChAQTFggALAUCXWb2 > HAIbAQIVCAIXgAIZAQIeARYhBHZ7/PJBbYUZS/wOEE/bnIu8dqmjAAoJEE/bnIu8 > dqmjYvcA+wbxprn1NQfP6uY19plBu/WRPnCAj6Tnte4KUThl48dMAQCuIURYGmK4 > znKmav/bnDgp+bLSrfo/4tE1SK1/fudRAMJ1BBAWCAAdBQJdZvYmFiEEwbzJbyTu > vxvvow1UPed3RGngXA0ACgkQPed3RGngXA3pGAEAzyIb8BtrLb6Oi1eY/JLje/i/ > lmWO46EoWe0Rh8J8gC8BAPV6/txR65Qa4DaMw26GyHk8uGTzxiRyH6q62Xpwcx8K > wpcEFhYIAD8FAl1m9jAhJTA+FEO+y68KkjvvIGaLNBfj/pHb2IeYj2/C6ecXEJgy > FiEEdnv88kFthRlL/A4QT9uci7x2qaMACgkQT9uci7x2qaOxNwD/SLpQxMKZX4ys > nmjuV2+VwpwOhlBBAZsX+eRkqDlPUicBAI9EZo/fmuzXzG3D6FrUB0rfgVdiDTy6 > EB6DaIpVWGQJ > =FDhV > -----END PGP PUBLIC KEY BLOCK----- The above examples had some silly timestamp issues due to a confusion in my generation toolchain between localtime and UTC. I've fixed that problem now. Here is an improved example: The signer's certificate (the "third party"): -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEXWgC1BYJKwYBBAHaRw8BAQdA847Q7k21jU2Io+IZ6ltc4zSxZp8ttgOZZDeG iySNTOPNJkNlcnRpZmljYXRlIEF1dGhvcml0eSA8Y2FAZXhhbXBsZS5jb20+woQE ExYIACwFAl1oAtQCGwECFQgCF4ACGQECHgEWIQQfVCvVCBoTud0bdgbSKXzdeDUV twAKCRDSKXzdeDUVt2PHAP0YiwR2ZRrfJbzH46U6eB2AOtdSpIqfTcNnHLQH2bFC 5QD8CC8Jr0Ym5Ai+qAD9GxkDJtsRkFBXq983oq52DJRJJA0= =taR1 -----END PGP PUBLIC KEY BLOCK----- The first party, along with a standard self-sig, a third-party certification, and an Attestation Key Signature attesting to the third-party certification: -----BEGIN PGP PUBLIC KEY BLOCK----- xjMEXWgC1BYJKwYBBAHaRw8BAQdA/V1P+p5pp8EloIYF1sqeu5hobtj+BLpEn7zO XJKZtznNHFRlc3QgVXNlciA8dGVzdEBleGFtcGxlLmNvbT7ChAQTFggALAUCXWgC 1AIbAQIVCAIXgAIZAQIeARYhBBVqOHIbKPae6A3uusaUcjoTcOqxAAoJEMaUcjoT cOqxTYUA/1ypaVgyqz8KiMtz7sOhbXuS7RJ1gb0RGrtMpL8TaAsuAP4hWDFkLgKy huz4Aky8l2xJHq/bnzwO9ChDwPxccy/dA8J1BBAWCAAdBQJdaALeFiEEH1Qr1Qga E7ndG3YG0il83Xg1FbcACgkQ0il83Xg1FbfACwEA72frsa6cbvfwF3gt7TyCWN5f +U3vxv/PksT5to5PfggA/RHrasr4bWtkvTFiPTLZzsPlJ7JU3JY7S1Zfa+3oY60P wpcEFhYIAD8FAl1oAughJaeUxunM/i80xn4H94lPu9FZD/rmajysr/7YbfFNGJeU FiEEFWo4chso9p7oDe66xpRyOhNw6rEACgkQxpRyOhNw6rH/DAEA1rISPgumTkpx +eKpjV+qyb0FnlM4wOFrh6b3+lpgV6IBAIx35b6rr4yAR1P/gooCQpMfkdV1fbh9 jrjOspJMP8cG =HMMo -----END PGP PUBLIC KEY BLOCK----- Importing these with gpg 2.2.17 yields the following warning messages: gpg: key D2297CDD783515B7: public key "Certificate Authority <ca@example.com>" imported gpg: key C694723A1370EAB1: 1 bad signature gpg: sig issued by C694723A1370EAB1 with class 22 (digest: ff 0c) is not valid over a user id or a key id, ignoring. gpg: key C694723A1370EAB1: public key "Test User <test@example.com>" imported gpg: Total number processed: 2 gpg: imported: 2 This is noise from the new signature class is what i would expect, but the result is that the attestation signature itself is simply discarded by GnuPG. Works for me -- that seems like a sensible response from a legacy client that doesn't know about attestations. --dkg
- [openpgp] 1PA3PC: first-party attested third-part… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch
- Re: [openpgp] 1PA3PC: first-party attested third-… Vincent Breitmoser
- Re: [openpgp] 1PA3PC: first-party attested third-… Vincent Breitmoser
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Ángel
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Benjamin Kaduk
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Daniel Kahn Gillmor
- Re: [openpgp] 1PA3PC: first-party attested third-… Werner Koch