Re: [openpgp] Clarifiction on v5 signatures
Werner Koch <wk@gnupg.org> Fri, 26 October 2018 10:15 UTC
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31491130DD0 for <openpgp@ietfa.amsl.com>; Fri, 26 Oct 2018 03:15:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tpaj6vMJlbbC for <openpgp@ietfa.amsl.com>; Fri, 26 Oct 2018 03:15:15 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7828130DCD for <openpgp@ietf.org>; Fri, 26 Oct 2018 03:15:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gr9bQxVll5DvSGeIJPRkk8kXvp5hSNIbIDI3MAewa/8=; b=gs7Sg8tNyPCvbOUlUF6PotWcEA 6QqSNNbWxLhdrLoJCtSdz7DGzhQ7uLRWswyzDZAuKKcWZHV6+B86B3039FmNEJl38+EHIlowFxCpb gKLSmDHgRVQi0vTd08OThMnqKpt0lVx+Lgf2oNNQgUFQWszpIwpWoCOBGbYzFVfqwl+4=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1gFz93-0004nZ-BF for <openpgp@ietf.org>; Fri, 26 Oct 2018 12:15:09 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1gFz7g-00086w-97; Fri, 26 Oct 2018 12:13:44 +0200
From: Werner Koch <wk@gnupg.org>
To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>
Cc: Heiko Stamer <HeikoStamer@gmx.net>, openpgp@ietf.org
References: <877ei9szyc.fsf@wheatstone.g10code.de> <dda2d47e-b06e-cd6c-9bab-d8f30149c2ad@gmx.net> <87mur2nyt6.fsf@wheatstone.g10code.de> <f2770475-3b73-3849-33cf-91aaf52c1999@metacode.biz> <87tvlam1iz.fsf@wheatstone.g10code.de> <d9ece307-8153-24ce-2de4-07792e3c1ffb@metacode.biz>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>, Heiko Stamer <HeikoStamer@gmx.net>, openpgp@ietf.org
Date: Fri, 26 Oct 2018 12:13:43 +0200
In-Reply-To: <d9ece307-8153-24ce-2de4-07792e3c1ffb@metacode.biz> (Wiktor Kwapisiewicz's message of "Thu, 25 Oct 2018 19:01:45 +0200")
Message-ID: <87lg6lm2w8.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=illuminati_FBI_MD5_interception_Soviet_smuggle_terrorism_assassinate"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/gqoC_B4EHndzmxmGxvquCQiims4>
Subject: Re: [openpgp] Clarifiction on v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 10:15:16 -0000
On Thu, 25 Oct 2018 19:01, wiktor=40metacode.biz@dmarc.ietf.org said: > Oh, got it, I'll try to find the previous discussion. The second octet > key flags (ADSK and timestamping) look really interesting but the The ADSK (Additional Decryption Subkey) is an idea of mine on how to ease ease encryption to several devices. You would install the separate private subkeys on each device and if the sender supports the ADSK it would encrypt to these subkeys. This is similar to what OpenKeychain does but a more selective approach. OTOH, I am not sure whether one can find a threat model where such a scheme would be useful. We also have 2 other flags (group key and split key) which are also not well defined, so the ADSK does not hurt too much. I have no problems to drop that flag, though. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
- [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Heiko Stamer
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Wiktor Kwapisiewicz
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Wiktor Kwapisiewicz
- Re: [openpgp] Clarifiction on v5 signatures Heiko Stamer
- Re: [openpgp] Clarifiction on v5 signatures Wiktor Kwapisiewicz
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Wiktor Kwapisiewicz
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch
- Re: [openpgp] Clarifiction on v5 signatures Paul Fawkesley
- Re: [openpgp] Clarifiction on v5 signatures Vincent Breitmoser
- Re: [openpgp] Clarifiction on v5 signatures Heiko Stamer
- Re: [openpgp] Clarifiction on v5 signatures Wiktor Kwapisiewicz
- Re: [openpgp] Clarifiction on v5 signatures Werner Koch