Certification revocation -- identifying the revoked certificate
"Michael Young" <mwy-opgp97@the-youngs.org> Tue, 28 August 2001 22:16 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA22605 for <openpgp-archive@odin.ietf.org>; Tue, 28 Aug 2001 18:16:28 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id f7SLvVd08853 for ietf-openpgp-bks; Tue, 28 Aug 2001 14:57:31 -0700 (PDT)
Received: from xfw.transarc.ibm.com (xfw.transarc.ibm.com [192.54.226.51]) by above.proper.com (8.11.6/8.11.3) with ESMTP id f7SLvPD08849 for <ietf-openpgp@imc.org>; Tue, 28 Aug 2001 14:57:29 -0700 (PDT)
Received: from mailhost.transarc.ibm.com (mailhost.transarc.ibm.com [9.38.192.124]) by xfw.transarc.ibm.com (AIX4.3/UCB 8.7/8.7) with ESMTP id RAA78154 for <ietf-openpgp@imc.org>; Tue, 28 Aug 2001 17:49:35 -0400 (EDT)
Received: from mwyoung (dhcp-197-83.transarc.ibm.com [9.38.197.83]) by mailhost.transarc.ibm.com (8.8.0/8.8.0) with SMTP id RAA18468 for <ietf-openpgp@imc.org>; Tue, 28 Aug 2001 17:57:19 -0400 (EDT)
Message-ID: <01c601c1300b$f59d8840$53c52609@transarc.ibm.com>
From: Michael Young <mwy-opgp97@the-youngs.org>
To: ietf-openpgp@imc.org
References: <p05100303b7aaf65aff68@[192.168.1.180]> <008601c12c52$1b6181c0$c23fa8c0@transarc.ibm.com> <p0510031fb7ab945664e5@[192.168.1.180]> <002b01c12d74$b105fb20$c23fa8c0@transarc.ibm.com>
Subject: Certification revocation -- identifying the revoked certificate
Date: Tue, 28 Aug 2001 17:54:05 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE----- In the ensuing discussion of self-signature revocations, I didn't see an answer to a fundamental question: what does one hash in a certification revocation (type 0x30)? The specification is explicit for all of the other types, but not this one. I skimmed the GnuPG source, and it would appear to hash the target key and userID, and the usual trailing matter (including the hashed subpackets from the revocation certificate, (*not* the original). Is my reading correct, and is that what the specification intends? I note that this does not identify *which* certification is being revoked, if there is more than one. If I created multiple signatures (with different signature type, timestamp, or subpackets) for the same key/name pair, I see no way to revoke just one of them. Are multiple signatures illegal? (Clearly, multiple self-signatures are legal, and the same problem comes up there, as per the recent discussion.) This seems broken. A certification revocation should identify the original certification, and hash the same material as the original (followed by the revocation certificate material). The identification is desirable, but not strictly required -- a receiver could test all possible certifications. It would seem that a new subpacket would be in order. The original contents are absolutely essential, though. I suppose one interpretation might be that a revocation should match an original that has *exactly* the same subpackets (except for the "revocation reason"). How does this work for these things [with my guess as to an answer in brackets for each one]? v3 signatures, which use an explicit creation time instead of subpackets [use v3 revocation with same creation time]; different signature types (e.g., "persona" vs. "casual") [do not permit distinction on this]; other subpackets that might apply to both the original and the revocation (e.g., notation data) [there may not be any]; or, revocation of an earlier revocation (as Florian Weimer suggested might be valid for "no longer in use" reasons) [disallow this]. In any case, if this was the intention, the specification should say so (and GnuPG should make it easier to generate an exact match :-). I'm really not out to be pedantic here. I think it really is important to have clear rules for revocation. If multiple certifications for a key or key/name are to be allowed, or are the *recommended* way to update preferences/qualities, then it is essential that a revocation be able to target the proper one. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQEVAwUBO4wS9WNDnIII+QUHAQEUeQf+KTrpPoU8lviz/C+mn7wN34MGOG3WUqsO MCfaVlpYAe+8Ga2nEzcOWoOak8hs13clc4dpHHRstdvFBpolYGd1M3z2HD+pjMG5 sVWMRUuJVc9uicjTqjWqzLSqTUVZ0LFP845gj56VVRYosg1iS1XT1APvdJMolTl6 umQqzRoHpVv+hwRhiJeclYBknSShBf05hHmGVBWlyOnRsPa/YjMyeLutqVVAAqT/ QvxWQs1zhE2cvRxrqNbwfXjcEmWY26CUM69XpZJGuemaCGDutmtxRMPgMpyaeLA/ odpwmJ8UG2MyyNWuRbQ62KrqtS2bXGCZPV3L8R6ipwhgs09R2IYCKw== =hjzN -----END PGP SIGNATURE-----
- Diffs for next draft Jon Callas
- Re: Diffs for next draft Werner Koch
- Re: Diffs for next draft Jon Callas
- Re: Diffs for next draft Edwin Woudt
- Re: Diffs for next draft Jon Callas
- Encoding of "features" subpacket Michael Young
- Re: Diffs for next draft Michael Young
- Re: Encoding of "features" subpacket Jon Callas
- Re: Diffs for next draft David Shaw
- Re: Diffs for next draft David Shaw
- Re: Diffs for next draft Jon Callas
- Klima/Rosa attack (was: Re: Diffs for next draft) Edwin Woudt
- Encoding "secret key is hashed" Michael Young
- Re: Klima/Rosa attack (was: Re: Diffs for next dr… Ingo Luetkebohle
- Re: Encoding "secret key is hashed" Edwin Woudt
- Re: Encoding "secret key is hashed" Werner Koch
- Re: Encoding "secret key is hashed" Michael Young
- Re: Encoding "secret key is hashed" Michael Young
- Re: Encoding "secret key is hashed" Ingo Luetkebohle
- Re: Encoding "secret key is hashed" Werner Koch
- Re: Encoding "secret key is hashed" Michael Young
- Re: Diffs for next draft Jon Callas
- Re: Diffs for next draft David Shaw
- Re: Diffs for next draft Werner Koch
- How to update a self-signature? Michael Young
- Re: How to update a self-signature? David Shaw
- Re: Diffs for next draft Florian Weimer
- Re: How to update a self-signature? Werner Koch
- Re: How to update a self-signature? Derek Atkins
- Re: How to update a self-signature? Florian Weimer
- Re: How to update a self-signature? David Shaw
- Re: How to update a self-signature? David Shaw
- Re: How to update a self-signature? Derek Atkins
- Re: How to update a self-signature? Werner Koch
- Re: How to update a self-signature? David Shaw
- Re: How to update a self-signature? Werner Koch
- Keyserver thoughts (was Re: How to update a self-… David Shaw
- Certification revocation -- identifying the revok… Michael Young
- Re: Certification revocation -- identifying the r… Thomas Roessler