Re: [openpgp] How to re-launch the OpenPGP WG
Derek Atkins <warlord@MIT.EDU> Fri, 13 March 2015 13:42 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 719D71A7012 for <openpgp@ietfa.amsl.com>; Fri, 13 Mar 2015 06:42:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lIIUlH6AhXTu for <openpgp@ietfa.amsl.com>; Fri, 13 Mar 2015 06:42:20 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE9E21A700F for <openpgp@ietf.org>; Fri, 13 Mar 2015 06:42:19 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 293F5E2038; Fri, 13 Mar 2015 09:42:18 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 07392-06; Fri, 13 Mar 2015 09:42:15 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id B2E63E2036; Fri, 13 Mar 2015 09:42:15 -0400 (EDT)
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t2DDgEMI005132; Fri, 13 Mar 2015 09:42:14 -0400
From: Derek Atkins <warlord@MIT.EDU>
To: Werner Koch <wk@gnupg.org>
References: <878uf2iehi.fsf@vigenere.g10code.de> <1426218768.22326.80.camel@scientia.net> <874mppgyez.fsf@vigenere.g10code.de>
Date: Fri, 13 Mar 2015 09:42:14 -0400
In-Reply-To: <874mppgyez.fsf@vigenere.g10code.de> (Werner Koch's message of "Fri, 13 Mar 2015 08:16:20 +0100")
Message-ID: <sjm3859nhe1.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/e_H8RdxFNPoBs3NfNHW0ze-k1V0>
Cc: Christoph Anton Mitterer <calestyo@scientia.net>, openpgp@ietf.org
Subject: Re: [openpgp] How to re-launch the OpenPGP WG
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Mar 2015 13:42:21 -0000
Werner Koch <wk@gnupg.org> writes: > On Fri, 13 Mar 2015 04:52, calestyo@scientia.net said: > >> 1) More general things >> - The WG should consider whether to just bring OpenPGP up to date... or >> whether to completely overhaul or even re-design it. > > The please give the thing another name. Recall the outcry whn I removed > PGP-2 support from 2.1. > >> - The basic meshed web of trust must obviously be retained, but apart > > OpenPGP does not define the Web of Trust. There is no standard for it. This was explicitly out of scope from the former OpenPGP WG. I think that was a GOOD THING, and I believe it should remain out of scope. IMHO we shouldn't define how OpenPGP is used, only what it inputs and outputs. >> - Since the X.509 PKI infrastructure in the internet is inherently >> broken and since DANE would only partially improve things (one still >> has several CA's above which could be evil), the time may come in >> which at least some security conscious people would want to use TLS >> or similar with a fully meshable PKI as OpenPGP. >> For that we might need similar things as X.509 got eventually,... >> things like SubjectAlternativeNames for IP, DNS, email, etc. > > We already have this. You may either use a plain user ID with signed > attributes to implement this or, better, extend the attribute packet, > which is currently only used for photo ids, but designed for what you > want. You may already start with this using the 100--110 subpacket > types. For the record, draft-atkins-openpgp-device-certificates already extends the Attribute Subpacket with a String ID (similar to the UserID). > Regarding the rest of your mail, I think it is better to postpone a > detailed discussion for now. > > > Shalom-Salam, > > Werner -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH warlord@MIT.EDU PGP key available
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG DataPacRat
- Re: [openpgp] How to re-launch the OpenPGP WG James P. Howard
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG David Leon Gil
- Re: [openpgp] How to re-launch the OpenPGP WG David Leon Gil
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Kristian Fiskerstrand
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Benjamin Kaduk
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Benjamin Kaduk
- Re: [openpgp] How to re-launch the OpenPGP WG Phillip Hallam-Baker
- Re: [openpgp] How to re-launch the OpenPGP WG Wyllys Ingersoll
- Re: [openpgp] How to re-launch the OpenPGP WG Phillip Hallam-Baker
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG ianG
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Daniel A. Nagy
- Re: [openpgp] How to re-launch the OpenPGP WG Kristian Fiskerstrand
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Stephen Paul Weber
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG Johan van Selst
- Re: [openpgp] How to re-launch the OpenPGP WG Tom Ritter
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Jon Callas
- Re: [openpgp] How to re-launch the OpenPGP WG NIIBE Yutaka
- Re: [openpgp] How to re-launch the OpenPGP WG Daniel Kahn Gillmor
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG Christoph Anton Mitterer
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Franklin Wang
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Derek Atkins
- Re: [openpgp] How to re-launch the OpenPGP WG Werner Koch
- Re: [openpgp] How to re-launch the OpenPGP WG Paul Wouters
- Re: [openpgp] How to re-launch the OpenPGP WG DataPacRat
- Re: [openpgp] How to re-launch the OpenPGP WG Tom Ritter