[openpgp] Re: Outstanding questions re Key Replacement draft
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 15 March 2025 05:43 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7E08DB7DBD1 for <openpgp@mail2.ietf.org>; Fri, 14 Mar 2025 22:43:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="FQ6PI7hG"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="3+L+7xP+"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MxO6li1QlK9A for <openpgp@mail2.ietf.org>; Fri, 14 Mar 2025 22:43:33 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id CD127B7DBB4 for <openpgp@ietf.org>; Fri, 14 Mar 2025 22:43:33 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1742017413; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=RHgiqmxoiWy6iZG6tWP9qqwuuFCtOQuhpGyy6kCGPVo=; b=FQ6PI7hGr5KumZAUVXFt+2ZJbMCHPH0nt6BVj7MmSQdRRryewFsHIKxR/PxMyYrrGykru GKgbpLGWMFDlMG3CA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1742017413; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=RHgiqmxoiWy6iZG6tWP9qqwuuFCtOQuhpGyy6kCGPVo=; b=3+L+7xP+n/JyhB07rY2Jv5oGfspHbDkBZW+9KiHlUYo2ZKHE4RQVVp0rLAIpmgtTeyCZH jRy1Lbgvb6LrU2Gyver/KkNfttYEIgXZDDuDvt+QSalBADcAf2kaD+38kXWax18RPxbXh7M NO+ZS3ZjrsJPKH2PM/JOxvAqdI0jmHWUWOP7elXK/Ktv+Xho+JOKkcV9NmyXD8i5qAMKDPN byQmzEYAoz02S6xvOTd/ATQCT3eVOoga02St95GR3ar5BHL8gQNoDr8nBGFH+F23GOJGonb 9M2LskR6E6Ra7mhwYSrSLKSRJy+3+jgrptOR+g8VZrj7Ysd7bQPwQ/1KxD8g==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 1232BF9B2; Sat, 15 Mar 2025 01:43:32 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 7EA9113F6A1; Sat, 15 Mar 2025 01:43:19 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>, IETF OpenPGP <openpgp@ietf.org>
In-Reply-To: <D3636DB1-6E54-4F19-94B9-CB4AEDC7C997@andrewg.com>
References: <D3636DB1-6E54-4F19-94B9-CB4AEDC7C997@andrewg.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HNFzxk a2dAZmlmdGhob3JzZW1hbi5uZXQ+wsARBBMWCgB5AwsJB0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcS78JIJ7JbALqPiKEmva7/Pp16WwXWm9hbe5+B/UvnfwMVCggCmwEC HgEWIQTUdwQMcMIValwphUm7fpEBSV5r9wUCZadfkAUJBdnwRQAKCRC7fpEBSV5r9yNXAP442N0c zvisBroQSKKpo+OWm2JpnEJWoVheeJvoRtkBGQEA+edHylby8IGcNccq7rmM2rAXdofvrU1o6qow V+mmDwbOMwRnio4OFgkrBgEEAdpHDwEBB0Cw9HzJFl9lZn3UBaUqSMSgxjcdbd0MwNVcGZ8t8wdN EcLAvwQYFgoBMQWCZ4qODgkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9p YS1wZ3Aub3JnhcN+tn41cAg01Kk56zcAfpdsh8j98PDe00mqKPfFvaYCmwK+oAQZFgoAbwWCZ4qO DgkQeAuFTtnCtJZHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnxsD8Sk5P Wgx8c/Zseo6OlCjyDC+Ogm17gTaUUIpxjWYWIQRjrBGOWy5dZsiKhad4C4VO2cK0lgAAdcQA/1RG dmrmvVxkBY2qNPjtERNwPga8Pf4IdlenrZ03NXM4AQC+TDHMpD7d5obEvUy8GYI3oThzYItPP8vv ChY+wbaIBRYhBNR3BAxwwhVqXCmFSbt+kQFJXmv3AAAKbgD+K1MZXnRKPdmA8DgNysyGRZY8cSVH HQcC7ZAAtV3i2+wA/0CyOYrbFYbyTRALgoERR07OHFoP+fJopQLMNQARVUELzjgEZ4qN+RIKKwYB BAGXVQEFAQEHQDTGlR+Qmn334e+bPqvojJVdFsiBf0leAAHP+ESqop8NAwEIB8LAAAQYFgoAcgWC Z4qN+QkQu36RAUlea/dHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnA5Lw b3wOOcoodImuVNw4PYq1U65FDC1Q2JMFIcJXqF0CmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wAA 6egA/j3QANSmogZ5VTF5KlI+BBye9ud/w9j7RLcCHU6u8AA1AQC3FGaNuv+uWOSa+eeEoI/aZrGd X5el8b/m6aXDDxDjDg==
Date: Sat, 15 Mar 2025 01:43:19 -0400
Message-ID: <87frjevog8.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Message-ID-Hash: UY6O7DJDE6E645LFYR3TJF7NU255DCNP
X-Message-ID-Hash: UY6O7DJDE6E645LFYR3TJF7NU255DCNP
X-MailFrom: dkg@fifthhorseman.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: Outstanding questions re Key Replacement draft
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/eZGLUp13y_glT2zZwo4zz_spU-8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
On Wed 2025-02-12 12:43:48 +0000, Andrew Gallagher wrote:
> The interim meeting did not reach a consensus on the issue of optional fallback encryption. To summarise, the basic options presented were:
>
> 0. Fallback is always possible (no change to current draft)
> 1. Fallback to each particular original is possible IFF a flag is set in the target record (granular control, wire format change)
> 2. Fallback to all originals is possible if a flag is set in the class octet (all or nothing, no wire format change)
with no formal hats on, but as an implementer and a consumer of the
spec:
I also prefer option 0. Each layer of flags/etc is a layer to
potentially get wrong (or at least for each implementer to get subtly
different from one another, which is just as bad). And they cause a
generating application to punt to the user some additional
very-hard-to-answer questions, which also isn't great. And, this
particular semantic might itself at least partially duplicate semantics
we already have.
Keep it simple.
--dkg
- [openpgp] Outstanding questions re Key Replacemen… Andrew Gallagher
- [openpgp] Re: Outstanding questions re Key Replac… Daniel Huigens
- [openpgp] Re: Outstanding questions re Key Replac… Daniel Kahn Gillmor
- [openpgp] Re: Outstanding questions re Key Replac… Andrew Gallagher