IETF Logo Mail Archive

Re: [openpgp] Expected client behaviour ambiguity in signature verification

Nickolay Olshevsky <o.nickolay@gmail.com> Fri, 08 July 2022 09:10 UTC

Return-Path: <o.nickolay@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91DE8C15790B for <openpgp@ietfa.amsl.com>; Fri, 8 Jul 2022 02:10:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.98
X-Spam-Level:
X-Spam-Status: No, score=-3.98 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-1.876, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xNkXBsoZnUMI for <openpgp@ietfa.amsl.com>; Fri, 8 Jul 2022 02:10:48 -0700 (PDT)
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com [IPv6:2a00:1450:4864:20::32e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B89CDC14CF17 for <openpgp@ietf.org>; Fri, 8 Jul 2022 02:10:48 -0700 (PDT)
Received: by mail-wm1-x32e.google.com with SMTP id i128-20020a1c3b86000000b003a2ce31b4f8so778585wma.1 for <openpgp@ietf.org>; Fri, 08 Jul 2022 02:10:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:to:references:from :in-reply-to:content-transfer-encoding; bh=YrGHGwRQqT5LtkOm0VlIHBy2VLPg/zftRXhwipkpKio=; b=Kxk5SP02mfJGnz/TZkHOxbpCg/vwxkw1fpSfTpRos0NQka2rUi8sg6QGJ4FtKHIXrD JyW6C0nKTjoxz1lEXv980B1ulriimFqzzuNPDscMhmyd/K8258R3jtvvItmLrbnnBJRV v2kYR0FEiscYqlpFXfmX17UglxZrNfUNYFoKlzDhciVZPOuw63GiEljS+xCTimWQ4VKv 7uvzA04V/LV4Fj1titKui6Nu8Nr6g+CVM/yun95OGZQPEVhbnfC/7Gnzok5MVMCQPUBU OMjan4bYJWk+A5eQI2FOOtrehnbELfHHLtzZ2Kdgi/ndeXNwkEG7rnvkHMwh5HZSqp3y E2cg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :to:references:from:in-reply-to:content-transfer-encoding; bh=YrGHGwRQqT5LtkOm0VlIHBy2VLPg/zftRXhwipkpKio=; b=g1xXcOp6kC416m1ltL+VVEtzph2M0Eox05cJ/aS2lJhHxHhtoMmWdc2Y5Th8PrfPV4 eGFiT5HsoNQzbLOEiRjiXBsLtYTlswKtaMt4Bvl/pwMhYdkVFNhXu/fx00SBEbLFym1T belC3vcjSUefhQ/Purd70xT28WE//KFSsie/JwWnhIVkJmVSJuX5aKRxGdAnGdpSbkIM PcNmLwrKBaWtnISmGqENA4cF0PvcicTBZ5UbnJH0LtPDclhJfjDiql2hvUSpoC9TUA6k hU+FRzR7M/Y5WS2GST7/DMfTnwk7ujiP2qoviSQMPAseZESy4ITWTZXCPA4gICgsOFG1 tkCw==
X-Gm-Message-State: AJIora8Z1ep+RVlT7CWnh77woAKxFwvyDn263PR0wvU9LjUPzZi/YsXo bqDJoi8HgXGwcJg11L2miVrMgusC3QE=
X-Google-Smtp-Source: AGRyM1synsaXfRDRFs0twBh6jcXPBC/ehHkDUyh2ykuY+JuDGR4jZHU9zIrc99uN0Bw3RkosGw+RFQ==
X-Received: by 2002:a05:600c:4f95:b0:3a1:7310:62d8 with SMTP id n21-20020a05600c4f9500b003a1731062d8mr8845377wmq.16.1657271446428; Fri, 08 Jul 2022 02:10:46 -0700 (PDT)
Received: from [192.168.88.164] ([46.229.60.172]) by smtp.gmail.com with ESMTPSA id u15-20020a5d434f000000b0021b970a68f9sm40697671wrr.26.2022.07.08.02.10.45 for <openpgp@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 08 Jul 2022 02:10:45 -0700 (PDT)
Message-ID: <80cd4c55-0132-54b2-8ade-7561817045c3@gmail.com>
Date: Fri, 08 Jul 2022 12:10:45 +0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
To: openpgp@ietf.org
References: <d0483dcb-025b-37c2-9a26-e42133b506ac@andrewg.com> <YscsLPg2I0Oaio8B@earth.li>
From: Nickolay Olshevsky <o.nickolay@gmail.com>
In-Reply-To: <YscsLPg2I0Oaio8B@earth.li>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/c3yamXLAvw_nibDugUnQncUmuyo>
Subject: Re: [openpgp] Expected client behaviour ambiguity in signature verification
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jul 2022 09:10:52 -0000

In RNP we check those lbits, and were hit (through Thunderbird) with 
this issue: https://github.com/singpolyma/openpgp-php/issues/120

So at least OpenPGP.php generates such keys.


On 07.07.2022 21:55, Jonathan McDowell wrote:
> I know the GitHub key has this problem. I ended up dropping the check
> from onak as a result, but I'd be really interested to know what client
> software is generating the incorrect keys.
>
> J.
>
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

-- 
   Best regards,
   Nickolay Olshevsky
   o.nickolay@gmail.com

v2.23.0 | Report a Bug | By Email