[openpgp] Updated OpenPGP Samples (keys, certs, revocations)
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 16 April 2025 15:52 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E07A71D16138 for <openpgp@mail2.ietf.org>; Wed, 16 Apr 2025 08:52:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="ShEYKnLJ"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="jKtGsXV3"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o_SSPyHIBpXK for <openpgp@mail2.ietf.org>; Wed, 16 Apr 2025 08:52:31 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 3F10D1D16130 for <openpgp@ietf.org>; Wed, 16 Apr 2025 08:52:31 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1744818750; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=zj0vVyGIlD3FrEvQbi3wbA4Rn9LS4FY4hVNoEBqhb7I=; b=ShEYKnLJ/cGvbgtf262a/nmXEMTRFe7DDLOzkmDpTNkTn+BR56ff8nFXAOrCBtAI/lNxJ q0EoQdLWFB5Ynm7CA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1744818750; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=zj0vVyGIlD3FrEvQbi3wbA4Rn9LS4FY4hVNoEBqhb7I=; b=jKtGsXV30ta+wcA5b3T5q2rhcsW+zIX4rPRJzMBt5Tb/dIG8HCF6kqRe1rwFg4lHcl+g4 y7XVTmDiE/mn5a9iakO0wn+53mqS6Uc0vrr5hZRGhieqKWeEpG3xYzByqCEOf0PDxWdosbN mJRfMe/0bU96lhppDuQ4eUULprk6CjKZYr0ksIf6hd9IL+sPJ+l+LdoufV0Cktd1FEMeBbV w4N8SJHgCSs6CoW8Sct8tsUHAaro40LWD+ew62RQxf/XvmlPQeIvSe8yMmTSyIOAZryWztm gMBhUiO6fxBKioStVW47NtLOEPkKw2jLuA2VrpQBjW4TghfNsT8X6IgcI2DA==
Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id B53F4F9B1 for <openpgp@ietf.org>; Wed, 16 Apr 2025 11:52:30 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 2E3A913F6A3; Wed, 16 Apr 2025 11:52:28 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg==
Date: Wed, 16 Apr 2025 11:52:27 -0400
Message-ID: <87mscgcddw.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Message-ID-Hash: 4A72PHOTTL3XAVOCCEJHXCB4BQQUHNC7
X-Message-ID-Hash: 4A72PHOTTL3XAVOCCEJHXCB4BQQUHNC7
X-MailFrom: dkg@fifthhorseman.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Updated OpenPGP Samples (keys, certs, revocations)
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/bL-F3jPKluBuzwZYTNCtkJhD_Os>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hey folks--
After quite a bit of idleness on this draft, I've just pushed an update
to the OpenPGP Example Keys and Certificates document to the
datatracker:
https://datatracker.ietf.org/doc/draft-bre-openpgp-samples/
This is not a WG draft at the moment, and it's not currently aiming for
RFC status. It's just an attempt to have a publicly visible place where
common sample material exists.
This latest update adds "Carol", a deprecated DSA/ElGamal key+cert
(which is currently already used in the OpenPGP interop test suite to
assess deprecation status) and "David", a new, fairly minimalist v6
(ed25519+x25519) key+cert.
It's entirely possible that there are problems with these keys or
certificates, and while i hope implementers will find them useful, i
also hope people will report any problems with them or ways that they
could be improved.
--dkg
PS many thanks to the sop implementers and to those folks who wrote nice
OpenPGP debuggers/inspectors. The range of good tooling available
today makes updating a corpus like this much easier than it used to
be.
- [openpgp] Updated OpenPGP Samples (keys, certs, r… Daniel Kahn Gillmor