IETF Logo Mail Archive

Re: [openpgp] Fingerprints

Christoph Anton Mitterer <calestyo@scientia.net> Sat, 25 April 2015 00:57 UTC

Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B0EA1B321B for <openpgp@ietfa.amsl.com>; Fri, 24 Apr 2015 17:57:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P5OWG36aP4ox for <openpgp@ietfa.amsl.com>; Fri, 24 Apr 2015 17:57:02 -0700 (PDT)
Received: from mailgw01.dd24.net (mailgw-01.dd24.net [193.46.215.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7A641B3218 for <openpgp@ietf.org>; Fri, 24 Apr 2015 17:57:01 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-01.live.igb.homer.key-systems.net [192.168.1.26]) by mailgw01.dd24.net (Postfix) with ESMTP id 979385FAD2 for <openpgp@ietf.org>; Sat, 25 Apr 2015 00:57:00 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-01.live.igb.homer.key-systems.net
Received: from mailgw01.dd24.net ([192.168.1.35]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-01.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10235) with ESMTP id wj7KT1iW9s8V for <openpgp@ietf.org>; Sat, 25 Apr 2015 00:56:58 +0000 (UTC)
Received: from heisenberg.scientia.net (p579DF58E.dip0.t-ipconnect.de [87.157.245.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw01.dd24.net (Postfix) with ESMTPSA for <openpgp@ietf.org>; Sat, 25 Apr 2015 00:56:58 +0000 (UTC)
Message-ID: <1429923418.4659.58.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: openpgp@ietf.org
Date: Sat, 25 Apr 2015 02:56:58 +0200
In-Reply-To: <87h9saepjh.fsf@littlepip.fritz.box>
References: <CAMm+LwhbB+-MnGRBCvprgAGOuu+5CJ2rgod7EBGOQR5UNVrspQ@mail.gmail.com> <87d232lkb6.fsf@alice.fifthhorseman.net> <sjmlhhmakxp.fsf@securerf.ihtfp.org> <1429543533.24823.73.camel@scientia.net> <87h9saepjh.fsf@littlepip.fritz.box>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-XLmX+jKEdB+o5/6Mq7Y4"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/j5KgX2JCqKlA-BkMbYv8VQK43bQ>
Subject: Re: [openpgp] Fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Apr 2015 00:57:03 -0000

On Mon, 2015-04-20 at 18:18 +0200, Vincent Breitmoser wrote: 
> Definitely in favor of including key usage flags. I can't think of a
> reason these should ever be mutable over the lifetime of a key, at least
> in the incarnation of the key material identified by one fingerprint.
> 
> > Or actually, we should perhaps make primary keys to be generally
> > certifying-only keys.
> 
> Not sure about that, primary keys with more than C capability can have
> legitimate use cases.
But that in case makes a valid use case where one wants to change the
the usage flag.
E.g. consider you have a private key where you want to add/remove enc or
signing flags.

IMHO, having subkeys is extremely cheap, probably even for very lowcost
embedded systems (don't even the OpenPGP cards support multiple keys
these days).

So there should be no reason where you every really need to change the
usage of an existing primary/sub key,... just create a new one (which is
probably even more secure).


It may be even possible to let the keyservers benefit from this:
Conceptually the keyservers should never remove primary keys (and their
direct signature) for security reasons (this would mean one would also
loose revocations, etc.)
For historical reasons, I'd also say, they should never remove signing
subkeys (because another user may need it 20 years later to verify a
signature).
But in principle there's no strong reason to keep the enc keys after
these have been revoked or expired (of course the revocation and the
subkey binding sigs must be kept).



Cheers,
Chris.

v2.23.0 | Report a Bug | By Email