IETF Logo Mail Archive

[openpgp] Re: openpgpkey policy for HKP [was: V4 signature salt notation name]

Andrew Gallagher <andrewg@andrewg.com> Mon, 24 June 2024 10:14 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E77B1C180B6D for <openpgp@ietfa.amsl.com>; Mon, 24 Jun 2024 03:14:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cQYgY4uW7T-e for <openpgp@ietfa.amsl.com>; Mon, 24 Jun 2024 03:14:50 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [IPv6:2a01:4f9:c011:23ad::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0356C180B64 for <openpgp@ietf.org>; Mon, 24 Jun 2024 03:14:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1719224089; bh=CRmyOzS5fdkj4S3Rj0Xl4pAhEdaRMU4w8e3XhqrgrnU=; h=From:Subject:Date:References:Cc:In-Reply-To:To:From; b=e1mvs3I4VfTJqdzkLKUJgjV6GCelNAW7/bJRFeUJEm0oGFghWunYQNrd/o/RjXIrB fumvajKGIf5u3iB/X0Is7BH67TiP79535A/5uvzSYHYljifQIdSuUVr75YFeFqSXKt h+ZlaQ63enrfxqisp+FvVH9sdinRqEh0nFNILtjUv4mM7Bde9aeklR/s52BMVFS6pn 2xZZ9LzTlqb1gk3ucJS+LXpR3f8Ty+H2QQvsNNROLZRIk3evKmYLwKIDJ8XLnMW6Q5 tMlMaZZ2TDeBgPVXLxpAdSw7mJRuBGGS4PSD/PkagnhxBvx+cntyV22Y8eYrsqfJQh P+aoNwGrNMOvA==
Received: from smtpclient.apple (unknown [176.61.115.103]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id E31825DF55; Mon, 24 Jun 2024 10:14:48 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Andrew Gallagher <andrewg@andrewg.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 24 Jun 2024 11:14:37 +0100
Message-Id: <C4770E97-4720-4CA8-A6C6-8001741C8952@andrewg.com>
References: <8M2jNBipXPKXN7nqI1ibGNrfo4DLBT7snRKd_ttbmMIIdJgNXzXh3LOaFzX6Z-gmyxoaHnnxsfhw3L4FgJR2wuIMthsrSrcNF1ShbhYBzKE=@protonmail.com>
In-Reply-To: <8M2jNBipXPKXN7nqI1ibGNrfo4DLBT7snRKd_ttbmMIIdJgNXzXh3LOaFzX6Z-gmyxoaHnnxsfhw3L4FgJR2wuIMthsrSrcNF1ShbhYBzKE=@protonmail.com>
To: Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org>
X-Mailer: iPhone Mail (21F90)
Message-ID-Hash: TCEJJGUO2UXI5KENPOLHXXQ7C2FL34WA
X-Message-ID-Hash: TCEJJGUO2UXI5KENPOLHXXQ7C2FL34WA
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF OpenPGP WG <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [openpgp] Re: openpgpkey policy for HKP [was: V4 signature salt notation name]
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ifXynDCKK6QmGlQq0nxMaFwhREQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

On 24 Jun 2024, at 10:36, Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org> wrote:
> 
> Yeah, that sounds reasonable as well, though since that might be
> something permanent, I think it would also be reasonable to just
> specify a new policy keyword, without any domain in it.

Sure, but I’m concerned that it may break the installed base. Alternatively, we could define the “domain” to be just “hkps”, as clients are unlikely to check that the domains of namespaces they don’t support are genuine domains. 

A

v2.30.2 | Report a Bug | By Email | System Status