IETF Logo Mail Archive

Re: [openpgp] How to re-launch the OpenPGP WG

Benjamin Kaduk <kaduk@MIT.EDU> Thu, 19 March 2015 22:44 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 844191A90F0 for <openpgp@ietfa.amsl.com>; Thu, 19 Mar 2015 15:44:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BdUu5elHEMGW for <openpgp@ietfa.amsl.com>; Thu, 19 Mar 2015 15:44:06 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE0F81A90EB for <openpgp@ietf.org>; Thu, 19 Mar 2015 15:44:03 -0700 (PDT)
X-AuditID: 1209190c-f792b6d000000d1f-34-550b5132aa54
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 2B.56.03359.2315B055; Thu, 19 Mar 2015 18:44:02 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id t2JMi2ft018769; Thu, 19 Mar 2015 18:44:02 -0400
Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id t2JMi0kQ030620 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 19 Mar 2015 18:44:01 -0400
Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id t2JMhxY7013014; Thu, 19 Mar 2015 18:43:59 -0400 (EDT)
Date: Thu, 19 Mar 2015 18:43:59 -0400
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Christoph Anton Mitterer <calestyo@scientia.net>
In-Reply-To: <1426788650.13059.16.camel@scientia.net>
Message-ID: <alpine.GSO.1.10.1503191843080.3953@multics.mit.edu>
References: <878uf2iehi.fsf@vigenere.g10code.de> <1426218768.22326.80.camel@scientia.net> <874mppgyez.fsf@vigenere.g10code.de> <sjm3859nhe1.fsf@securerf.ihtfp.org> <1426564752.18487.35.camel@scientia.net> <5507E916.4040307@sumptuouscapital.com> <1426719900.4249.40.camel@scientia.net> <alpine.GSO.1.10.1503191359220.3953@multics.mit.edu> <1426788650.13059.16.camel@scientia.net>
User-Agent: Alpine 1.10 (GSO 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrJIsWRmVeSWpSXmKPExsUixCmqrGsUyB1qcP+sgcXH21dYLBr+PWR3 YPJYsuQnk0fHm5XMAUxRXDYpqTmZZalF+nYJXBk/9mUUXOeo2DHlH1sD40e2LkZODgkBE4mt yzYwQ9hiEhfurQeKc3EICSxmkljZOB+sSEhgI6PEueu6EIlDTBJz725mhHAaGCVW3d3BCFLF IqAtse7eTLBRbAIqEjPfbATq5uAQAVrx8UMqiMksICJx57AliCksYCYx+6orSDGngKnE7Yv3 GUHCvAIOEseO10IM/8MkMWXOB7CBogI6Eqv3T2EBsXkFBCVOznwCZjMLaEksn76NZQKj4Cwk qVlIUgsYmVYxyqbkVunmJmbmFKcm6xYnJ+blpRbpGurlZpbopaaUbmIEh6gkzw7GNweVDjEK cDAq8fAu4OMOFWJNLCuuzD3EKMnBpCTKyx0AFOJLyk+pzEgszogvKs1JLT7EKMHBrCTCm+AJ lONNSaysSi3Kh0lJc7AoifNu+sEXIiSQnliSmp2aWpBaBJOV4eBQkuB97Q/UKFiUmp5akZaZ U4KQZuLgBBnOAzT8KEgNb3FBYm5xZjpE/hSjopQ4712QhABIIqM0D64XlkJeMYoDvSLM6wFy Nw8w/cB1vwIazAQ0+F8tF8jgkkSElFQDo0ViTVXxrOXi82v2nZ0ss31Z9Csb/5qLv46dsD/B JdHs0z8jnGvlzDlr06+V2+96yuW06ZlyzOJXk1S2iMQ/+bbxsnfqof+8T5//8Fv7JjngVur9 xDrHI3MqfttoSE7dfWpyl/GLW6u1k3+FfexQPnZ8icJEbeu+DfmbT55oYrjOVCqt8Fx7a5YS S3FGoqEWc1FxIgBeLyAM/AIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/hSQ_R1JFUMSmBCHJjUQSwb4pDSQ>
Cc: openpgp@ietf.org
Subject: Re: [openpgp] How to re-launch the OpenPGP WG
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Mar 2015 22:44:07 -0000

On Thu, 19 Mar 2015, Christoph Anton Mitterer wrote:

> On Thu, 2015-03-19 at 14:00 -0400, Benjamin Kaduk wrote:
> > What happens when the policy listed at the policy URL changes?  It seems
> > that a local resource would be needed.
> Well first, the different signature levels (if they rely on a policy
> document, which they effectively do due to their vague definition)
> wouldn't help you in such case either.

I wasn't trying to say that the existing technology is better than your
proposal, just that your proposal needs to take this concern into account.

> Second, it's IMHO in the responsibility of the signer to keep the old
> policies available, of course it wouldn't be enough for the URL to just
> contain the key ID... (it would need at least the valid from / through
> dates and probably more values like signing key finger print and more...
> or even better a hash on the signature packet).

Sure, it's their responsibility.  But some signers are going to fail to
adhere to it, and the client trying to use such a signature needs to know
how to behave in that case.

-Ben

v2.23.0 | Report a Bug | By Email