IETF Logo Mail Archive

[openpgp] AS2+OpenPGP protocol extension review request

Ben McGinnes <ben@adversary.org> Tue, 12 February 2019 04:08 UTC

Return-Path: <ben@adversary.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AE8D12D4E9 for <openpgp@ietfa.amsl.com>; Mon, 11 Feb 2019 20:08:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.919
X-Spam-Level:
X-Spam-Status: No, score=-0.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_DYNAMIC=0.982, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FieLg1qU2SRY for <openpgp@ietfa.amsl.com>; Mon, 11 Feb 2019 20:08:39 -0800 (PST)
Received: from devious.adversary.org (ec2-52-29-175-128.eu-central-1.compute.amazonaws.com [52.29.175.128]) by ietfa.amsl.com (Postfix) with ESMTP id BC90B12426E for <openpgp@ietf.org>; Mon, 11 Feb 2019 20:08:38 -0800 (PST)
Received: from adversary.org (localhost [127.0.0.1]) by devious.adversary.org (Postfix) with ESMTP id 2AC7448440; Tue, 12 Feb 2019 04:08:35 +0000 (UTC)
Date: Tue, 12 Feb 2019 15:09:14 +1100
From: Ben McGinnes <ben@adversary.org>
To: cryptography@metzdowd.com
Cc: openpgp@ietf.org
Message-ID: <20190212040914.23kkncp2fptccwp6@adversary.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="xq3wct3wmu25zsh5"
Content-Disposition: inline
OpenPGP: "id=DB4724E6FA4286C92B4E55C4321E4E2373590E5D; url=http://www.adversary.org/ben-key.asc; preference=signencrypt"
Codes-of-Conduct-policy: "url=https://gitlab.com/Hasimir/project-participation-policy"
User-Agent: NeoMutt/20180716
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ahdwjd8L0ejDljvdDSX3v1ZGBFM>
Subject: [openpgp] AS2+OpenPGP protocol extension review request
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Feb 2019 04:08:40 -0000

Hi all,
	For those of you either not subscribed to gnupg-devel or who
may not have paid as much attention to it over the new year period;
I've been working on a little thing which is ready for some form of
peer review.

Essentially it's a design for extending the W3C's ActivityStream
version 2.0 (AS2) and ActivityPub (AP) protocols for federated social
networks (e.g. Mastodon and Pleroma) with OpenPGP in order to provide
a host of features not inherently built into AS2 and AP.

The AS2 and AP designers considered it, but realised that they didn't
have enough cryptographic knowledge to design it in a way that
wouldn't shoot someone in the foot; and so they did the responsible
thing in not making assumptions.  Instead leaving things open for that
void to be filled later.

I found their work early last year and, upon reading the specs,
realised that I was looking at a transport protocol.  Not only that,
but all the most essential cryptographic functions which needed
filling were already thoroughly addressed by another existing
protocol: OpenPGP.

My post on this thing to the gnupg-devel mailing list is here:

https://lists.gnupg.org/pipermail/gnupg-devel/2019-January/034167.html

The W3C AS2 and AP specifications are here:

https://www.w3.org/TR/activitystreams-core/
https://www.w3.org/TR/activitypub/

My extension proposal is the second draft and the first draft that has
been posted publicly (the actual first draft was sent to the W3C AS2
designers, a couple of GnuPG developers and a handful of others).  My
design document is available here:

https://files.de.adversary.org/crypto/ac/index.html

The supplemental files (including public and private keys used in the
examples) are here:

https://files.de.adversary.org/crypto/ac/supplemental.zip

Note: files.de.adversary.org is an AWS S3 bucket, so it will trigger
an SSL cert error.  Ignore it or drop back to HTTP at your own
preference.

Anyway, there are a number of people on this list in particular who I
think could make sure that I haven't catastrophically cocked the whole
thing up.  I don't think I have, but that's precisely when you should
double-check to be sure.

So if as many of you as can spare the time could please weigh in and
try to pick it apart; that'd be greatly appreciated.  It'll help make
it stronger.  Those of you who've already been down the protocol
design path are amongst those I'm particularly keen on checking this
thing.

I do realise there are still matters to discuss and finalise with
regards to transmission of keys; currently there are multiple options
included and I expect some discussion around that.  There's also two
versions of the Encrypted Note and I'm inclined to favour the second,
slightly more complex version for a number of reasons; including
working with other functions (like nesting a Signed Note inside it in
a similar manner to signed & encrypted PGP/MIME emails).


Regards,
Ben

P.S.  I'm cross-posting this to the IETF OpenPGP WG mailing list on
      the off chance that there might be subscribers to that who are
      not also subscribed here or to gnupg-devel.  That may not be
      very likely, but it is possible and so a copy there doesn't
      hurt.  Apologies to those who will see it twice as result,
      though.  Especially since you're the ones I'm most keen to want
      reviewing this work.

v2.23.0 | Report a Bug | By Email