[openpgp] Proposed text for V5 fingerprint
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 18 August 2016 03:49 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D779E12D501 for <openpgp@ietfa.amsl.com>; Wed, 17 Aug 2016 20:49:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15XUmzgH8ppQ for <openpgp@ietfa.amsl.com>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874A912D099 for <openpgp@ietf.org>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
Received: by mail-qt0-x232.google.com with SMTP id u25so3083560qtb.1 for <openpgp@ietf.org>; Wed, 17 Aug 2016 20:48:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=IvEgti20SEw8K0ADn2wfUN5YC0pMepCQwOeurSkax8w=; b=GoFOQxB/Z6MXSOJJs+jMlou2oBfLwsA+CYCeLpgZg66+MaSqBjYUUK1jf1EUSU+jCp njmmJtYd9ilGrnvimm/Sf7mtyYUe5fqpXWYyEKJ2w4jdd4DGTQjhtCJ8vX3DOTC58oLt 3fP6km5OEOLOzN4gkFk44JaB8SC//a6SPVZ99gJAtqCUxgrwhZwqMCGbAmbWiVl7FWW/ voS2j4k8nwW/mtT13aRKv60oYKecuReCcRA1p3+uYOHtkzVHrHuiJr2ph16YrT98sypu uDIoY3yiF+5F+ZrYx/SpG/wSacSWmitJ3C54QEkXDFHOi3e+Abjq5++UXhcXGyPj3rKT wmKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=IvEgti20SEw8K0ADn2wfUN5YC0pMepCQwOeurSkax8w=; b=HwfKtORiBJidHOI/rxqIK+XE+tGLjwAMW0vIrWpgpZC/qzdkyYRMPNYTTRu0kkUMl1 jXoTDsBDdGw/Zhr3BzkOdNKr5fWpFS7PkLKML3moKQ1a6UxZAzWw7ukrTbQFffR1cXqk aZvMwJXPLyJFFYxBcghTAhubcEYkaeyq+/7LQWHWrGOuKEtBOSWcXgXxuIsOYT7/1f2z t0dM+FnnyA7OlMMujWcyayF6dlFO0rlL27A3jDCApVl9asxczjtPAddHxFnkRQqb++sV NlzvW6oVGELJSL8PBqRj54iXenJsgrk6JcjhQ2d7PBayeYpvNUcGLvusB/QMrRKQvQn7 vjLw==
X-Gm-Message-State: AEkoousm9lB9AwXq6IBAmVp3UIxHI5H3wgQUcUqptFZ01i+kxz+vR1YZ04tKGZmiBTHxLEMPLLzl60jX5ZlBzw==
X-Received: by 10.200.53.214 with SMTP id l22mr60416qtb.117.1471492137536; Wed, 17 Aug 2016 20:48:57 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.55.168.151 with HTTP; Wed, 17 Aug 2016 20:48:57 -0700 (PDT)
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 17 Aug 2016 23:48:57 -0400
X-Google-Sender-Auth: S3TW2JznsnqbMSFdHvtHXzwy89U
Message-ID: <CAMm+Lwhz973u20W0TETFrE0Y_frKQth=B0QcisP5bD2jskta4g@mail.gmail.com>
To: IETF OpenPGP <openpgp@ietf.org>
Content-Type: multipart/alternative; boundary="001a113b89c425d47e053a5076ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/icskxUwvAvM27taliTa-PQ1ZVVs>
Subject: [openpgp] Proposed text for V5 fingerprint
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2016 03:49:01 -0000
This is a very first draft. What I am doing here is extracting the mechanism from my UDF draft and presenting the case for OpenPGP as a standalone example. I have stripped out all the explanation of why things are done in the particular way they are since this is for a specification, not a requirements doc. I would see this slotting into the current draft as Section 12.3 It looks like I need to work more on harmonizing with the house style of the OpenPGP spec. I would also like to add an example. Unfortunately I can only work on this at night as my office is at 90 degrees right now (AC is bust). ##V5 Fingerprint calculation and presentation A V5 fingerprint value is a sequence of bits that provides a sufficiently unique identifier for a public key. In addition to generating and accepting the text string presentation used in earlier versions of OpenPGP applications MAY support such additional presentation formats as are found to be useful. Conforming V5 OpenPGP implementations MUST support the V5 Fingerprint text presentation format for display and entry of fingerprint values. Support for all other fingerprint values is optional. ###V5 Fingerprint value calculation The OpenPGP V5 fingerprint value is calculated as follows Fingerprint = <Version-ID> + H (<Content-ID> + ‘:’ + H(<data>)) Where: Version-ID = 0x60 Content-ID = "application/pgp-v5-key" <<MIME Content-Type string TBS by IANA>> H(x) = SHA-2-512(x) <data> = <pgp-v5-key> <pgp-v5-key> = a.1) 0x99 (1 octet) a.2) high-order length octet of (b)-(d) (1 octet) a.3) low-order length octet of (b)-(d) (1 octet) b) version number = 5 (1 octet); c) algorithm (1 octet): 17 = DSA (example); d) Algorithm-specific fields. The value of Version-ID is intentionally chosen so that the first character of every V5 fingerprint in the text presentation format is 'M', a character that is guaranteed not to appear in a V4 or earlier fingerprint format where hexadecimal values were used. Thus ensuring that V5 fingerprints are not accidentally confused. The construction of the data sequence over which the hash value is calculated follows the construction used in V4 with the omission of the key creation timestamp field. This ensures that a given set of public key parameters has exactly one V5 fingerprint value. The Content-ID is a MIME content type identifier that indicates that fingerprint value is of data in the pgp-v5-key format specified above and is intended for use with an OpenPGP application. If a fingerprint value is to be calculated for a public key value specified in a different format (e.g. a PKIX certificate or key) or for a future version of OpenPGP with a different <data> format, a different Content-ID value MUST be used. ###V5 Fingerprint Text Presentation. The Binary Fingerprint Value is truncated to an integer multiple of 25 bits regardless of the intended output presentation. The output of the hash function is truncated to a sequence of n bits by first selecting the first n/8 bytes of the output function. If n is an integer multiple of 8, no additional bits are required and this is the result. Otherwise the remaining bits are taken from the most significant bits of the next byte and any unused bits set to 0. For example, to truncate the byte sequence [a0, b1, c2, d3, e4] to 25 bits. 25/8 = 3 bytes with 1 bit remaining, the first three bytes of the truncated sequence is [a0, b1, c2] and the final byte is e4 AND 80 = 80 which we add to the previous result to obtain the final truncated sequence of [a0, b1, c2, 80] A modified version of Base32 [!RFC4648] encoding is used to present the fingerprint in text form grouping the output text into groups of five characters separated by a dash ‘-‘. # IANA Requirements Register a new content type for application/pgp-v5-key
- [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker
- Re: [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker
- Re: [openpgp] Proposed text for V5 fingerprint Thijs van Dijk
- Re: [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker
- Re: [openpgp] Proposed text for V5 fingerprint Thijs van Dijk
- Re: [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker
- Re: [openpgp] Proposed text for V5 fingerprint Thijs van Dijk
- Re: [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker
- Re: [openpgp] Proposed text for V5 fingerprint Phillip Hallam-Baker