[openpgp] Revoking Keys: Adding a superceded-by parameter
"Neal H. Walfield" <neal@walfield.org> Mon, 20 July 2015 10:36 UTC
Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF39B1A1BBC for <openpgp@ietfa.amsl.com>; Mon, 20 Jul 2015 03:36:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.348
X-Spam-Level:
X-Spam-Status: No, score=0.348 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P9G5cJybKrYk for <openpgp@ietfa.amsl.com>; Mon, 20 Jul 2015 03:36:50 -0700 (PDT)
Received: from mail.dasr.de (mail.dasr.de [217.69.77.164]) by ietfa.amsl.com (Postfix) with ESMTP id EAF8E1A21B2 for <openpgp@ietf.org>; Mon, 20 Jul 2015 03:27:15 -0700 (PDT)
Received: from p50813dfc.dip0.t-ipconnect.de ([80.129.61.252] helo=mail.huenfield.org) by mail.dasr.de with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from <neal@walfield.org>) id 1ZH8Hw-0004Im-0w for openpgp@ietf.org; Mon, 20 Jul 2015 10:27:12 +0000
Received: from grit.huenfield.org ([192.168.20.253]) by mail.huenfield.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <neal@walfield.org>) id 1ZH8Hv-0000kx-5B for openpgp@ietf.org; Mon, 20 Jul 2015 12:27:12 +0200
Received: from ip6-localhost.huenfield.org ([::1] helo=grit.huenfield.org.walfield.org) by grit.huenfield.org with esmtp (Exim 4.84) (envelope-from <neal@walfield.org>) id 1ZH8Hu-00064I-5e for openpgp@ietf.org; Mon, 20 Jul 2015 12:27:10 +0200
Date: Mon, 20 Jul 2015 12:27:10 +0200
Message-ID: <87wpxvjf9d.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: IETF OpenPGP <openpgp@ietf.org>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (Gojō) APEL/10.8 EasyPG/1.0.0 Emacs/24.4 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-SA-Exim-Connect-IP: 192.168.20.253
X-SA-Exim-Mail-From: neal@walfield.org
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 17:06:47 +0000)
X-SA-Exim-Scanned: Yes (on mail.huenfield.org)
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/dhgtLOHGESAv3nV9Gxl3Fsm-DXg>
Subject: [openpgp] Revoking Keys: Adding a superceded-by parameter
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2015 10:36:51 -0000
Hi, Section 5.2.3.23 describes the reason-for-revocation subpacket. One reason is that the key has been superseded. Unfortunately, there is no standard, machine-readable way to indicate what the new key is. I propose that the description field be augmented to include optional email style headers. Further, we specify the following header to specify the new key: Superceded-by: fingerprint Finally, we add that if this extension is used, the whole message should be signed by the new key (to show that the user controls both keys). This amendment has the advantage that it is completely backwards compatible with existing implementations. Thoughts? Thanks, Neal
- [openpgp] Revoking Keys: Adding a superceded-by p… Neal H. Walfield
- Re: [openpgp] Revoking Keys: Adding a superceded-… Werner Koch
- Re: [openpgp] Revoking Keys: Adding a superceded-… Neal H. Walfield
- Re: [openpgp] Revoking Keys: Adding a superceded-… Daniel Kahn Gillmor
- Re: [openpgp] Revoking Keys: Adding a superceded-… Neal H. Walfield
- Re: [openpgp] Revoking Keys: Adding a superceded-… Vincent Breitmoser
- Re: [openpgp] Revoking Keys: Adding a superceded-… Neal H. Walfield
- Re: [openpgp] Revoking Keys: Adding a superceded-… Vincent Breitmoser
- Re: [openpgp] Revoking Keys: Adding a superceded-… Werner Koch
- Re: [openpgp] Revoking Keys: Adding a superceded-… Werner Koch
- Re: [openpgp] Revoking Keys: Adding a superceded-… Vincent Breitmoser
- Re: [openpgp] Revoking Keys: Adding a superceded-… Werner Koch
- Re: [openpgp] Revoking Keys: Adding a superceded-… Kristian Fiskerstrand
- Re: [openpgp] Revoking Keys: Adding a superceded-… Daniel Kahn Gillmor