Re: [openpgp] How to re-launch the OpenPGP WG
Christoph Anton Mitterer <calestyo@scientia.net> Tue, 17 March 2015 03:59 UTC
Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25CE41ACE01 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 20:59:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dJJKeBqPYX7S for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 20:59:17 -0700 (PDT)
Received: from mailgw02.dd24.net (mailgw-02.dd24.net [193.46.215.43]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A8091ACDFF for <openpgp@ietf.org>; Mon, 16 Mar 2015 20:59:17 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.27]) by mailgw02.dd24.net (Postfix) with ESMTP id 8FE805FB8A; Tue, 17 Mar 2015 03:59:15 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-02.live.igb.homer.key-systems.net
Received: from mailgw02.dd24.net ([192.168.1.36]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10236) with ESMTP id l5V_h14sz4hc; Tue, 17 Mar 2015 03:59:13 +0000 (UTC)
Received: from heisenberg.fritz.box (ppp-93-104-121-105.dynamic.mnet-online.de [93.104.121.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw02.dd24.net (Postfix) with ESMTPSA; Tue, 17 Mar 2015 03:59:13 +0000 (UTC)
Message-ID: <1426564752.18487.35.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: Derek Atkins <warlord@MIT.EDU>
Date: Tue, 17 Mar 2015 04:59:12 +0100
In-Reply-To: <sjm3859nhe1.fsf@securerf.ihtfp.org>
References: <878uf2iehi.fsf@vigenere.g10code.de> <1426218768.22326.80.camel@scientia.net> <874mppgyez.fsf@vigenere.g10code.de> <sjm3859nhe1.fsf@securerf.ihtfp.org>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-jVemCJWGxu7dFFr3x9Sc"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/cNVYJz-2rlILm_wnUN5JiJYbJc8>
Cc: Werner Koch <wk@gnupg.org>, openpgp@ietf.org
Subject: Re: [openpgp] How to re-launch the OpenPGP WG
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 03:59:19 -0000
Also to answer Werner's comment ("OpenPGP does not define the Web of Trust. There is no standard for it.") On Fri, 2015-03-13 at 09:42 -0400, Derek Atkins wrote: > This was explicitly out of scope from the former OpenPGP WG. I think > that was a GOOD THING, and I believe it should remain out of scope. I was probably a bit unclear in what I wrote. I've mainly meant: The functionality of OpenPGP shouldn't be limited in such a way that what we can do now with it (e.g. the web of trust, or trust hierarchies via the trust signatures) would no longer be possible. Apart from that I basically agree that OpenPGP itself (i.e. the RFC for the message format) shouldn't define a trust system (e.g. the web of trust), BUT: a) it might(!) make sense for another RFC to do this on an informal basis b) currently we have several things (well at least the different levels of user signatures 0x10-0x13) which are pretty much undefined, useless, ambiguous and therefore even dangerous. 0x10 and 0x11 have at least some "proper" definition, but they don't tell how implementations should react on them (=> dangerous). 0x12 and 0x13 are quite vague and ambiguous. > IMHO we shouldn't define how OpenPGP is used, only what it inputs and > outputs. Phew... well... perhaps not how it's used, but it should be always clear how a message is to be interpreted - I think I've mentioned some examples where this is not really the case, and these obviously also affect the trust and usage model. > For the record, draft-atkins-openpgp-device-certificates already extends > the Attribute Subpacket with a String ID (similar to the UserID). *If* attributes are to be extended (e.g. in ways as I've proposed in my previous mail) than I think this is really something that needs considerable effort to be spent upon. Properties should be well defined, there shouldn't be too many properties for actually same things but OTOH one shouldn't be to reluctant to add new ones when it makes sense. Stuffing everything in a few generic attributes would be quite bad. Cheers, Chris.
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG DataPacRat
- Re: [openpgp] How to re-launch the OpenPGP WG James P. Howard
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG David Leon Gil
- Re: [openpgp] How to re-launch the OpenPGP WG David Leon Gil
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Kristian Fiskerstrand
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Benjamin Kaduk
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Benjamin Kaduk
- Re: [openpgp] How to re-launch the OpenPGP WG Phillip Hallam-Baker
- Re: [openpgp] How to re-launch the OpenPGP WG Wyllys Ingersoll
- Re: [openpgp] How to re-launch the OpenPGP WG Phillip Hallam-Baker
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Daniel A. Nagy
- Re: [openpgp] How to re-launch the OpenPGP WG Kristian Fiskerstrand
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Stephen Paul Weber
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG Johan van Selst
- Re: [openpgp] How to re-launch the OpenPGP WG Tom Ritter
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Jon Callas
- Re: [openpgp] How to re-launch the OpenPGP WG NIIBE Yutaka
- Re: [openpgp] How to re-launch the OpenPGP WG Daniel Kahn Gillmor
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Franklin Wang
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG DataPacRat
- Re: [openpgp] How to re-launch the OpenPGP WG Tom Ritter