[openpgp] Move new Signatures and Keys from v5 to v6?
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 05 February 2023 17:23 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9CB0C14EAA3 for <openpgp@ietfa.amsl.com>; Sun, 5 Feb 2023 09:23:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.304
X-Spam-Level:
X-Spam-Status: No, score=-1.304 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="DAzo6zrL"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="bw65qYNs"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QiBllw9s1hTH for <openpgp@ietfa.amsl.com>; Sun, 5 Feb 2023 09:23:21 -0800 (PST)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56DD8C14EB14 for <openpgp@ietf.org>; Sun, 5 Feb 2023 09:23:21 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1675617799; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=n2tufF1sEMzEIpdmUCEveGUc8m3yWfTIQ5fizZnpclQ=; b=DAzo6zrLGTNhNv9RTwkvxo+2fB2xUSRdtndEHDiesmBCkIjjhUBlkaYZHQ9w1/Yc7TY2b oqDLH9+KyDNC2SLDA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1675617799; h=from : to : subject : date : message-id : mime-version : content-type : from; bh=n2tufF1sEMzEIpdmUCEveGUc8m3yWfTIQ5fizZnpclQ=; b=bw65qYNsWHrCkjoxdZybI5W0OqETgSFhEkPTJtsPpVO7ytgQgTf6wY1ZtobOOTCsKLYxY 5q8AUtK7aOHy40L65r5z+PkUqzMMkmkkOmKczZh47jsd7wLkq+QIvLGPXl62daPGJed/F3Z ogHIL2U1GsXQqjzlKuA6Yph2JpXO+iv0JitngRwBBOhq0JrSZWQOAg3WbLWUZJaxpDCcpK+ 4jS79m8BkbRX+x8QeMCsHHJAGmMkGTFer3xf6YzUq0YeHQ/t96aycmngCVKb/RStHQ3fyd2 iicJL3SqA89sgtsf2t2POGY6R2UTzLBmE6F3MqwQ5fFVUNiGFaQ1rU6eJOxA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id D6B85F9AE for <openpgp@ietf.org>; Sun, 5 Feb 2023 12:23:19 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id A1F821FD73; Sun, 5 Feb 2023 12:13:54 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: openpgp@ietf.org
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Sun, 05 Feb 2023 12:13:53 -0500
Message-ID: <877cwwnige.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/e8E71R2ynDVrdIaD_BbKmTXK6k4>
Subject: [openpgp] Move new Signatures and Keys from v5 to v6?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2023 17:23:25 -0000
Question to the WG: should the new key and signature formats change codepoint designations from v5 to v6? (this avoids collision with the v5 codepoint which has seen some pre-specification deployment and could cause confusion in the wild) Two interesting subquestions: - Should the fingerprint and signing octet for the new form also move from 0x9a to 0x9b? (v4's comparable octet is 0x99) - Should we also move the PKESK and SKESK definitions in this spec from v5 to v6? There is no risk of collision with deployed data for these versioned packets. An MR for moving from v5 to v6 for Keys, Signatures, and OPS (but not PKESK or SKESK), and changing the prefix octet from 0x9a to 0x9b: [!231](https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/231) Please weigh in on this thread. --dkg
- [openpgp] Move new Signatures and Keys from v5 to… Daniel Kahn Gillmor
- Re: [openpgp] Move new Signatures and Keys from v… Falko Strenzke
- Re: [openpgp] Move new Signatures and Keys from v… Daniel Kahn Gillmor
- Re: [openpgp] Move new Signatures and Keys from v… Falko Strenzke
- Re: [openpgp] Move new Signatures and Keys from v… Andrew Gallagher
- Re: [openpgp] Move new Signatures and Keys from v… Daniel Huigens
- Re: [openpgp] Move new Signatures and Keys from v… Paul Wouters
- Re: [openpgp] Move new Signatures and Keys from v… Daniel Huigens
- Re: [openpgp] Move new Signatures and Keys from v… Daniel Kahn Gillmor
- Re: [openpgp] Move new Signatures and Keys from v… Justus Winter
- Re: [openpgp] Move new Signatures and Keys from v… Aron Wussler
- [openpgp] PKESK and SKESK from v5 to v6 [was: Re:… Daniel Kahn Gillmor
- Re: [openpgp] PKESK and SKESK from v5 to v6 [was:… Stephen Farrell