Fixing the secret keys, and a small apology
Jon Callas <jon@callas.org> Tue, 04 September 2001 21:48 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA28967 for <openpgp-archive@odin.ietf.org>; Tue, 4 Sep 2001 17:48:56 -0400 (EDT)
Received: by above.proper.com (8.11.6/8.11.3) id f84LcBw00885 for ietf-openpgp-bks; Tue, 4 Sep 2001 14:38:11 -0700 (PDT)
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f84LcAD00881 for <ietf-openpgp@imc.org>; Tue, 4 Sep 2001 14:38:10 -0700 (PDT)
Received: from [192.168.1.180] (64.69.113.115) by merrymeet.com with ESMTP (Eudora Internet Mail Server 3.0.3) for <ietf-openpgp@imc.org>; Tue, 4 Sep 2001 14:38:04 -0700
Mime-Version: 1.0
X-Sender: jon@merrymeet.com
Message-Id: <p05100309b7baf2e20a43@[192.168.1.180]>
Date: Tue, 04 Sep 2001 14:28:50 -0700
To: ietf-openpgp@imc.org
From: Jon Callas <jon@callas.org>
Subject: Fixing the secret keys, and a small apology
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
I screwed up the footers on the last draft, saying 2000 where it should have said 2001 or 2002. Sorry. Now then, one of the remaining things really on our agenda is to discuss fixing the secret key format. There are a few options for a solution we've discussed: * Change the secret key version number and add in a check. The plus here is that it causes the fewest visible changes. The downside is that it causes skew between the public and private versions, and is going to create problems and confusion down the road. Enough people expressed disgust at this that I don't think it needs to be discussed further. * Change the entire public key version number to 5, and add in a check. This is the "right" way to the above. From a standards point of view, this is the most correct way to solve it. However, the downside is that it will force a lot of client software to have to be revised (nigh unto all of it). Secret key packets typically do not wander further from the disk than main memory, and it would be a pity to force everyone to upgrade software everywhere for this. Lots of people just won't. (See my previous note ECC.) I'm probably one of them, too. I am reminded of the aphorism that in theory, theory is the same as practice, but in practice, this turns out not to be the case. While this may be the best solution from a standards point of view, it is arguably the worst one from a practical point of view. * Change the String-to-Key specifier. The solution here is adding in the tag 254 to 3.7.2.1 and have 254 denote an improved S2K. The benefit here is that it causes the least change to user software, and is as secure as anything else. The downside is that if someone uses a cipher algorithm there, then they can't use algorithm 254. However, not only is using a cipher algorithm deprecated, but our present max cipher number is 10. I can't get too upset about this, myself, and it appears this is the best solution. Comments? Jon
- Fixing the secret keys, and a small apology Jon Callas
- Re: Fixing the secret keys, and a small apology Michael Young
- Identifying revoked certificates Michael Young
- Re: Fixing the secret keys, and a small apology Florian Weimer
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Michael Young
- Re: Fixing the secret keys, and a small apology Werner Koch
- Re: Fixing the secret keys, and a small apology Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates David Shaw
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Jon Callas
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch
- Re: Identifying revoked certificates Michael Young
- Re: Identifying revoked certificates Werner Koch