IETF Logo Mail Archive

[openpgp] Revoking Keys: Adding a superceded-by parameter

"Neal H. Walfield" <neal@walfield.org> Mon, 20 July 2015 10:36 UTC

Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF39B1A1BBC for <openpgp@ietfa.amsl.com>; Mon, 20 Jul 2015 03:36:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.348
X-Spam-Level:
X-Spam-Status: No, score=0.348 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P9G5cJybKrYk for <openpgp@ietfa.amsl.com>; Mon, 20 Jul 2015 03:36:50 -0700 (PDT)
Received: from mail.dasr.de (mail.dasr.de [217.69.77.164]) by ietfa.amsl.com (Postfix) with ESMTP id EAF8E1A21B2 for <openpgp@ietf.org>; Mon, 20 Jul 2015 03:27:15 -0700 (PDT)
Received: from p50813dfc.dip0.t-ipconnect.de ([80.129.61.252] helo=mail.huenfield.org) by mail.dasr.de with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from <neal@walfield.org>) id 1ZH8Hw-0004Im-0w for openpgp@ietf.org; Mon, 20 Jul 2015 10:27:12 +0000
Received: from grit.huenfield.org ([192.168.20.253]) by mail.huenfield.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <neal@walfield.org>) id 1ZH8Hv-0000kx-5B for openpgp@ietf.org; Mon, 20 Jul 2015 12:27:12 +0200
Received: from ip6-localhost.huenfield.org ([::1] helo=grit.huenfield.org.walfield.org) by grit.huenfield.org with esmtp (Exim 4.84) (envelope-from <neal@walfield.org>) id 1ZH8Hu-00064I-5e for openpgp@ietf.org; Mon, 20 Jul 2015 12:27:10 +0200
Date: Mon, 20 Jul 2015 12:27:10 +0200
Message-ID: <87wpxvjf9d.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: IETF OpenPGP <openpgp@ietf.org>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (Gojō) APEL/10.8 EasyPG/1.0.0 Emacs/24.4 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-SA-Exim-Connect-IP: 192.168.20.253
X-SA-Exim-Mail-From: neal@walfield.org
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 17:06:47 +0000)
X-SA-Exim-Scanned: Yes (on mail.huenfield.org)
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/dhgtLOHGESAv3nV9Gxl3Fsm-DXg>
Subject: [openpgp] Revoking Keys: Adding a superceded-by parameter
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 10:36:51 -0000

Hi,

Section 5.2.3.23 describes the reason-for-revocation subpacket.  One
reason is that the key has been superseded.  Unfortunately, there is
no standard, machine-readable way to indicate what the new key is.

I propose that the description field be augmented to include optional
email style headers.  Further, we specify the following header to
specify the new key:

  Superceded-by: fingerprint

Finally, we add that if this extension is used, the whole message
should be signed by the new key (to show that the user controls both
keys).

This amendment has the advantage that it is completely backwards
compatible with existing implementations.

Thoughts?

Thanks,

Neal

v2.23.0 | Report a Bug | By Email