IETF Logo Mail Archive

Re: [openpgp] Version 5 key and fingerprint proposal

Peter Todd <pete@petertodd.org> Thu, 16 March 2017 17:35 UTC

Return-Path: <pete@petertodd.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C99781296DA for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 10:35:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 458vo5cdWFK9 for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 10:35:24 -0700 (PDT)
Received: from outmail148095.authsmtp.com (outmail148095.authsmtp.com [62.13.148.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78D04126DFB for <openpgp@ietf.org>; Thu, 16 Mar 2017 10:35:24 -0700 (PDT)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt22.authsmtp.com (8.14.2/8.14.2/) with ESMTP id v2GHZMFI041471; Thu, 16 Mar 2017 17:35:22 GMT
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id v2GHZK9Q089035 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 16 Mar 2017 17:35:21 GMT
Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 6E17B400A9; Thu, 16 Mar 2017 17:35:19 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000) id B4F9E26A4D; Thu, 16 Mar 2017 13:35:15 -0400 (EDT)
Date: Thu, 16 Mar 2017 13:35:15 -0400
From: Peter Todd <pete@petertodd.org>
To: Thijs van Dijk <schnabbel@inurbanus.nl>
Cc: IETF OpenPGP <openpgp@ietf.org>
Message-ID: <20170316173515.GA4889@fedora-23-dvm>
References: <CABcZeBMhpXy-e9Mtp8LwfqfAVW_ks3JBw1H2N3H_0c4gpQBqpg@mail.gmail.com> <DAC23A62-14BF-4AAA-8E52-09029B279E8F@icloud.com> <87varhculg.fsf@wheatstone.g10code.de> <2BC88897-B957-4E4E-B109-DFF4EFA14B4D@icloud.com> <87mvco40xf.fsf@wheatstone.g10code.de> <87mvclwjih.fsf@wheatstone.g10code.de> <20170316133414.GA3503@fedora-23-dvm> <8737edwd4b.fsf@wheatstone.g10code.de> <20170316140346.GA3816@fedora-23-dvm> <CADGaDpE+73AsAbgc-AZBH58h0K6ei8mHLu=3dT0mSEb=W6KfEg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="IS0zKkzwUGydFO0o"
Content-Disposition: inline
In-Reply-To: <CADGaDpE+73AsAbgc-AZBH58h0K6ei8mHLu=3dT0mSEb=W6KfEg@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: edef4a9c-0a6e-11e7-829f-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aAdMdwQUFVQGAgsB AmEbWlNeU1h7W2I7 bghPaBtcak9QXgdq T0pMXVMcUgcfeXZ6 D38eWhBydAAIfn9z YQg3CiUNWBVzJlt9 E0gBCGwHMGB9YGIW Bl1YdwJRcQRDe0tA b1YxNiYHcQ5YJi8+ BwArCngPMC9EKSNT ClxFLl8DCU8NEnYy RhYNEC83B0wDW20r NRs+LUUVGC4A
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system.
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/h-4RNmRWGgo_nau446GEkUKOVD0>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Mar 2017 17:35:27 -0000

On Thu, Mar 16, 2017 at 04:03:51PM +0100, Thijs van Dijk wrote:
> On 16 March 2017 at 15:03, Peter Todd <pete@petertodd.org> wrote:
> 
> > Well, if that's the case, there's no reason to use less than a full 256
> > bits,
> > either SHA256 directly, or SHA512 truncated in the standard way.
> 
> 
> Sure there is. From earlier in this thread:
> 
> On 8 March 2017 at 08:02, Werner Koch <wk@gnupg.org> wrote:
> 
> > Due to the use of the 'Issuer Fingerpint' the signatures grow in size by
> > 22 octets which is substantal for ECC signatures.  With the full V5
> > fingerprint this would increase to 25 octets (34 - 9 from the not used
> > 'Issuer' subpacket).  By truncating the fingerprint we will only use 18
> > octets which is even a saving compared to V4 keys.

Yes, I missed that message, sorry.

That said, I certainly don't find such small savings a good reason to use
"non-standard" crypto - in the grand scheme of things even on small devices
that's meaningless.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

v2.23.0 | Report a Bug | By Email