Re: [openpgp] Weird OIDs in the 4880bis draft
Justus Winter <justus@sequoia-pgp.org> Fri, 17 February 2023 21:14 UTC
Return-Path: <justus@sequoia-pgp.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 600BFC1526F7 for <openpgp@ietfa.amsl.com>; Fri, 17 Feb 2023 13:14:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.693
X-Spam-Level:
X-Spam-Status: No, score=-6.693 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=sequoia-pgp.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YEHDw9rrr_8f for <openpgp@ietfa.amsl.com>; Fri, 17 Feb 2023 13:14:27 -0800 (PST)
Received: from harrington.uberspace.de (harrington.uberspace.de [185.26.156.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AA56C1527A6 for <openpgp@ietf.org>; Fri, 17 Feb 2023 13:14:26 -0800 (PST)
Received: (qmail 6265 invoked by uid 500); 17 Feb 2023 21:14:23 -0000
Authentication-Results: harrington.uberspace.de; auth=pass (plain)
From: Justus Winter <justus@sequoia-pgp.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <87sff4jfrp.fsf@fifthhorseman.net>
References: <SY4PR01MB6251BD1B19BAD5DE910A1C0EEED99@SY4PR01MB6251.ausprd01.prod.outlook.com> <5bbca9f6-9fc5-3e8b-51eb-103637a6a4b5@cs.tcd.ie> <877cwg9n2y.fsf@europ.lan> <87sff4jfrp.fsf@fifthhorseman.net>
Date: Fri, 17 Feb 2023 22:14:22 +0100
Message-ID: <874jrk9eq9.fsf@europ.lan>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
X-Rspamd-Bar: --
X-Rspamd-Report: MIME_GOOD(-0.2) SIGNED_PGP(-2) BAYES_HAM(-0.171327)
X-Rspamd-Score: -2.371327
Received: from unknown (HELO unkown) (::1) by harrington.uberspace.de (Haraka/3.0.1) with ESMTPSA; Fri, 17 Feb 2023 22:14:23 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sequoia-pgp.org; s=uberspace; h=from; bh=ynpqvPkFawe5R7AQC5K9g50nrV4819U/i6gOuYMrOgA=; b=s53NZPyNYTBJjsmvufZzEEvnzSGXhkzC0Ij673SNDcgjMuWQ8r5EkFy0Cmn5IUl48Vo06tpVnW mLfKhbsApPZVlVurzKqsjLMfEjIjGrvkG0adwjGf18OvTEt1hC0L3qoKYEFF8KdaCq/gdLR4f9Pg 3Dx5us68T6mAPJomMHNgmQlKiyKRlUDH0/sdxW5w4ch5r8W1NDo61cvwvGpzfyYDB7s8ZBMVN2zQ FXolfA8W13GCFVACEMWJ+aPB3/9ISCTYg5mIAKLrzYGDzmGLHAu9l0AjmlX3ub1P7uMAn9MmLaUG YmLemccFuQG9ZThm6Bd2PxwBLq/0f7x0vgtuyCEEtIlkNffD1SRa5v7ad1+5J3Waiv7jHCdTiBqM H1PlrIq/E3bqT7YNp2sZzprKtSlo6RrQh2ij2VOg5fKSab9ebbXPEUFcdsMjkYGVz8/AMIyoYbn8 qW5op2EnBMjxKO8zmZYEjxnd6g5vsdj+bfQvRqU7im3oBxy1r5JkD9Zvvu/T5ercL4uck5ZvYp7N YSX8QAU4fyKu23q9zg3fIFm+hv/kcrLz9q4npmYcXzy5G+uNtrPQws0Kd/tqfXweurhzQV8H0CCk AJLQUPisOMCA3I0XDvobcyQaZMul8BIRDyJdYg72HDbFMzl9JF8tAofCSZTMwpFtBw5WTdp3JA/e c=
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/bdC0x5Gw_v07tqRVemZrwAjepAE>
Subject: Re: [openpgp] Weird OIDs in the 4880bis draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Feb 2023 21:14:32 -0000
Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes: > On Fri 2023-02-17 19:13:57 +0100, Justus Winter wrote: >> Stephen Farrell <stephen.farrell@cs.tcd.ie> writes: >> >>> That said, if someone were to create a merge-request >>> in the next day or two with a suggested change, and >>> if we see a clear WG consensus for that specific change, >>> then that could just about make it into the next rev. >> >> Here you go: >> >> https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/240 >> >> The gist is: >> >> Use x509's OIDs for Ed25519 and X25519, see RFC8410. >> >> Also, use the opaque signature wire format for Ed25519, and opaque >> secrets for X25519. >> >> Keep the currently used OIDs for compatibility with v4 key material. >> Forbid its generation in v6 material. > > Thanks for writing this up, Justus. > > Are you advocating for it, or are you just providing it as a point of > discussion? Is anyone on this list advocating for it? I am advocating for it. I think it is a reasonably small change which makes the spec simpler and more consistent, and will reduce confusion in implementations. > This proposed change includes two entries for Ed25519 in the > #ecc-oid-usage table, one of which is marked "v4 only", and the other is > not marked any way at all. Does this mean that the newly introduced > variant is allowed/encouraged when generating v4 keys, or should it only > be used in v6 keys or later? I imagine most implementations will > generate v4 keys by default for a while after this draft comes out. If > they're generating a 25519-based key, will they know which forms to > choose? That is a good question. I think in the interest of interoperability, implementations should generate v4 keys with the legacy OID. > Would this change be clearer if it introduced a variant name for the > deprecated form of Ed25519, to make it clear that it is distinct? That'd be good, I think. I hesitated to change the curve name, but I guess it is a symbolic name local to the spec. > For the adjustments to the tables, does it make sense to have a > parenthetical "v4 only" and "deprecated", or should there instead be a > new column marked explicitly for this kind of deprecation? Having a > distinct column might make it easier for an implementer to make sense of > these things. > > I imagine that an implementer who doesn't know the history here could be > pretty confused about what to do, and i'd hope that anyone advocating > for these changes would try to make them as clar as possible. Yeah. I'll add the column and more warnings. Best, Justus
- [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Werner Koch
- Re: [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Huigens
- Re: [openpgp] Weird OIDs in the 4880bis draft Werner Koch
- Re: [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Paul Wouters
- Re: [openpgp] Weird OIDs in the 4880bis draft Werner Koch
- Re: [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Wiktor Kwapisiewicz
- Re: [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Paul Wouters
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Paul Wouters
- Re: [openpgp] Weird OIDs in the 4880bis draft Werner Koch
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Huigens
- Re: [openpgp] Weird OIDs in the 4880bis draft Wiktor Kwapisiewicz
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Justus Winter
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Kahn Gillmor
- Re: [openpgp] Weird OIDs in the 4880bis draft Justus Winter
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Huigens
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Peter Gutmann
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Huigens
- Re: [openpgp] Weird OIDs in the 4880bis draft Stephen Farrell
- Re: [openpgp] Weird OIDs in the 4880bis draft Wiktor Kwapisiewicz
- Re: [openpgp] Weird OIDs in the 4880bis draft Aron Wussler
- Re: [openpgp] Weird OIDs in the 4880bis draft Paul Schaub
- Re: [openpgp] Weird OIDs in the 4880bis draft Heiko Schäfer
- Re: [openpgp] Weird OIDs in the 4880bis draft David Runge
- Re: [openpgp] Weird OIDs in the 4880bis draft Jonathan McDowell
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Kahn Gillmor
- Re: [openpgp] Weird OIDs in the 4880bis draft Vincent Breitmoser
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Kahn Gillmor
- Re: [openpgp] Weird OIDs in the 4880bis draft Paul Wouters
- Re: [openpgp] Weird OIDs in the 4880bis draft Daniel Kahn Gillmor
- Re: [openpgp] Weird OIDs in the 4880bis draft Justus Winter