[openpgp] Proposed text for V5 fingerprint

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 18 August 2016 03:49 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D779E12D501 for <openpgp@ietfa.amsl.com>; Wed, 17 Aug 2016 20:49:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 15XUmzgH8ppQ for <openpgp@ietfa.amsl.com>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874A912D099 for <openpgp@ietf.org>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
Received: by mail-qt0-x232.google.com with SMTP id u25so3083560qtb.1 for <openpgp@ietf.org>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=IvEgti20SEw8K0ADn2wfUN5YC0pMepCQwOeurSkax8w=; b=GoFOQxB/Z6MXSOJJs+jMlou2oBfLwsA+CYCeLpgZg66+MaSqBjYUUK1jf1EUSU+jCp njmmJtYd9ilGrnvimm/Sf7mtyYUe5fqpXWYyEKJ2w4jdd4DGTQjhtCJ8vX3DOTC58oLt 3fP6km5OEOLOzN4gkFk44JaB8SC//a6SPVZ99gJAtqCUxgrwhZwqMCGbAmbWiVl7FWW/ voS2j4k8nwW/mtT13aRKv60oYKecuReCcRA1p3+uYOHtkzVHrHuiJr2ph16YrT98sypu uDIoY3yiF+5F+ZrYx/SpG/wSacSWmitJ3C54QEkXDFHOi3e+Abjq5++UXhcXGyPj3rKT wmKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=IvEgti20SEw8K0ADn2wfUN5YC0pMepCQwOeurSkax8w=; b=HwfKtORiBJidHOI/rxqIK+XE+tGLjwAMW0vIrWpgpZC/qzdkyYRMPNYTTRu0kkUMl1 jXoTDsBDdGw/Zhr3BzkOdNKr5fWpFS7PkLKML3moKQ1a6UxZAzWw7ukrTbQFffR1cXqk aZvMwJXPLyJFFYxBcghTAhubcEYkaeyq+/7LQWHWrGOuKEtBOSWcXgXxuIsOYT7/1f2z t0dM+FnnyA7OlMMujWcyayF6dlFO0rlL27A3jDCApVl9asxczjtPAddHxFnkRQqb++sV NlzvW6oVGELJSL8PBqRj54iXenJsgrk6JcjhQ2d7PBayeYpvNUcGLvusB/QMrRKQvQn7 vjLw==
X-Gm-Message-State: AEkoousm9lB9AwXq6IBAmVp3UIxHI5H3wgQUcUqptFZ01i+kxz+vR1YZ04tKGZmiBTHxLEMPLLzl60jX5ZlBzw==
X-Received: by with SMTP id l22mr60416qtb.117.1471492137536; Wed, 17 Aug 2016 20:48:57 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by with HTTP; Wed, 17 Aug 2016 20:48:57 -0700 (PDT)
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 17 Aug 2016 23:48:57 -0400
X-Google-Sender-Auth: S3TW2JznsnqbMSFdHvtHXzwy89U
Message-ID: <CAMm+Lwhz973u20W0TETFrE0Y_frKQth=B0QcisP5bD2jskta4g@mail.gmail.com>
To: IETF OpenPGP <openpgp@ietf.org>
Content-Type: multipart/alternative; boundary="001a113b89c425d47e053a5076ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/icskxUwvAvM27taliTa-PQ1ZVVs>
Subject: [openpgp] Proposed text for V5 fingerprint
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2016 03:49:01 -0000

This is a very first draft. What I am doing here is extracting the
mechanism from my UDF draft and presenting the case for OpenPGP as a
standalone example.

I have stripped out all the explanation of why things are done in the
particular way they are since this is for a specification, not a
requirements doc.

I would see this slotting into the current draft as Section 12.3

It looks like I need to work more on harmonizing with the house style of
the OpenPGP spec. I would also like to add an example.

Unfortunately I can only work on this at night as my office is at 90
degrees right now (AC is bust).

##V5 Fingerprint calculation and presentation

A V5 fingerprint value is a sequence of bits that provides a sufficiently
unique identifier for a public key. In addition to generating and accepting
the text string presentation used in earlier versions of OpenPGP
MAY support such additional presentation formats as are found to be useful.

Conforming V5 OpenPGP implementations MUST support the V5 Fingerprint
text presentation format for display and entry of fingerprint values.
Support for all other fingerprint values is optional.

###V5 Fingerprint value calculation

The OpenPGP V5 fingerprint value is calculated as follows

Fingerprint = <Version-ID> + H (<Content-ID>  + ‘:’ + H(<data>))


Version-ID = 0x60

Content-ID = "application/pgp-v5-key"
<<MIME Content-Type string TBS by IANA>>

H(x) = SHA-2-512(x)

<data> = <pgp-v5-key>

<pgp-v5-key> =

a.1) 0x99 (1 octet)

a.2) high-order length octet of (b)-(d) (1 octet)

a.3) low-order length octet of (b)-(d) (1 octet)

b) version number = 5 (1 octet);

c) algorithm (1 octet): 17 = DSA (example);

d) Algorithm-specific fields.

The value of Version-ID is intentionally chosen so that
the first character of every V5 fingerprint in the text presentation
format is 'M', a character that is guaranteed not to appear in a V4
or earlier fingerprint format where hexadecimal values were used.
Thus ensuring that V5 fingerprints are not accidentally confused.

The construction of the data sequence over which the hash value
is calculated follows the construction used in V4 with the omission
of the key creation timestamp field. This ensures that a given set
of public key parameters has exactly one V5 fingerprint value.

The Content-ID is a MIME content type identifier that indicates that
fingerprint value is of data in the pgp-v5-key format specified
above and is intended for use with an OpenPGP application.

If a fingerprint value is to be calculated for a public key value
specified in a different format (e.g. a PKIX certificate or key)
or for a future version of OpenPGP with a different <data> format,
a different Content-ID value MUST be used.

###V5 Fingerprint Text Presentation.

The Binary Fingerprint Value is truncated to an integer multiple
of 25 bits regardless of the intended output presentation.

The output of the hash function is truncated to a sequence of n bits
by first selecting the first n/8 bytes of the output function. If n
is an integer multiple of 8, no additional bits are required and
this is the result. Otherwise the remaining bits are taken from the
most significant bits of the next byte and any unused bits set to 0.

For example, to truncate the byte sequence [a0, b1, c2, d3, e4] to
25 bits. 25/8 = 3 bytes with 1 bit remaining, the first three bytes
of the truncated sequence is [a0, b1, c2] and the final byte is
e4 AND 80 = 80 which we add to the previous result to obtain the
final truncated sequence of [a0, b1, c2, 80]

A modified version of Base32 [!RFC4648] encoding is used to present
the fingerprint in text form grouping the output text into groups of
five characters separated by a dash ‘-‘.

# IANA Requirements

Register a new content type for application/pgp-v5-key