IETF Logo Mail Archive

Re: [openpgp] Clarify status of subkeys with certification use

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 10 May 2018 23:44 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3D0C12D7F6 for <openpgp@ietfa.amsl.com>; Thu, 10 May 2018 16:44:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1FjQXIUO2FGF for <openpgp@ietfa.amsl.com>; Thu, 10 May 2018 16:44:51 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85EBA1250B8 for <openpgp@ietf.org>; Thu, 10 May 2018 16:44:51 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id C5578F99A; Thu, 10 May 2018 19:44:45 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 327C12058C; Thu, 10 May 2018 19:44:40 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Kristian Fiskerstrand <kristian.fiskerstrand@sumptuouscapital.com>, IETF OpenPGP <openpgp@ietf.org>
In-Reply-To: <c37c7f94-edef-7f2d-9151-787112abcbfc@sumptuouscapital.com>
References: <c37c7f94-edef-7f2d-9151-787112abcbfc@sumptuouscapital.com>
Date: Thu, 10 May 2018 19:44:39 -0400
Message-ID: <87efijjct4.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/heGsx2jrrLNsc7CNa0VGuD-TnkA>
Subject: Re: [openpgp] Clarify status of subkeys with certification use
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 23:44:53 -0000

On Mon 2018-05-07 20:09:01 +0200, Kristian Fiskerstrand wrote:
> In any case, there have been discussions along the way, so I propose we
> explicitly mark certification subkeys forbidden and ignored by
> implementations.
>
> Maybe something like;
> "when generating a subkey binding signature, the implementation MUST NOT
> set the certify usage flag. When interpreting a subkey binding
> signature, implementations MUST ignore the certify subkey binding usage
> flag if it is set."

I like this proposed text.

> PS! As a tangent point, we likely also want to change the default
> behavior for no usage flag specified for v5 to be ignored as not having
> a recognized flag, instead of defaulting to all features, although I
> don't have a specific proposal for this.

This is a separate point, but it also seems reasonable to me.  I'd be
fine either way -- but we probably still want to specify that v5
implementations making a subkey MUST include a key usage subpacket in
the hashed subpackets section.

    --dkg

v2.23.0 | Report a Bug | By Email