Re: [openpgp] Non-SHA-1 fingerprints in signatures [was: Proposal for a separable ring signature scheme...]
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 14 March 2014 02:26 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 058F11A06C3 for <openpgp@ietfa.amsl.com>; Thu, 13 Mar 2014 19:26:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LmLZ1GnEOkGW for <openpgp@ietfa.amsl.com>; Thu, 13 Mar 2014 19:26:56 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id DCD821A06C1 for <openpgp@ietf.org>; Thu, 13 Mar 2014 19:26:55 -0700 (PDT)
Received: from [192.168.13.159] (lair.fifthhorseman.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id 22F5EF984; Thu, 13 Mar 2014 22:26:47 -0400 (EDT)
Message-ID: <532268E5.8090001@fifthhorseman.net>
Date: Thu, 13 Mar 2014 22:26:45 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.2.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <80674820640dbeb5ae81f81c67d87541@smtp.hushmail.com> <23C2DE82-93B7-48A6-95A6-14B4F5DD1F42@callas.org> <3e9143bf60d2252a67149eb4b984bcdb@smtp.hushmail.com>
In-Reply-To: <3e9143bf60d2252a67149eb4b984bcdb@smtp.hushmail.com>
X-Enigmail-Version: 1.6
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="Pj5O3lcXRxdsBvj1VwKlTJoQaCM8BdPVH"
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/jpei6Eb4L_fwl7BMMlQA3aogxnQ
Cc: Vincent Yu <v@v-yu.com>
Subject: Re: [openpgp] Non-SHA-1 fingerprints in signatures [was: Proposal for a separable ring signature scheme...]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Mar 2014 02:26:58 -0000
On 03/13/2014 09:28 PM, Vincent Yu wrote: > In past threads, there were discussions about supporting non-SHA-1 > fingerprints [1] and including full issuer fingerprints in signatures > [2]. You forwarded to this list a proposal for a new fingerprint [3]. > Did anything concrete come out of that proposal or other discussions? > > In my proposal, I am using key IDs (i.e., the rightmost 8 octets of > SHA-1 fingerprints) in a new signature subpacket, but I would like to > switch to non-SHA-1 fingerprints if there is a standard or consensus > about how they should be formatted. This is an opportune time to > introduce such fingerprints since backward compatibility is not a > relevant consideration. the OpenPGP fingerprint revision discussions have not yet terminated in a clear conclusion -- the last stage we reached was was "wait until SHA-3 has settled down and then reconsider". You should *not* use keyIDs as distinct identifiers in the subpacket body of the ring signature design; the use of keyIDs in the traditional issuer subpacket is a mistake that i hope we don't propagate if/when OpenPGPv5 ever gets standardized. Your I-D should have the subpacket body built from either OpenPGPv4 fingerprints, or full public key packets. the search space for key IDs is too small to distinguish "bad signature" from "i don't have the appropriate key" with sufficient confidence, which causes all sorts of nasty UI edge cases. --dkg
- [openpgp] Proposal for a separable ring signature… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Daniel Kahn Gillmor
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Jon Callas
- [openpgp] Non-SHA-1 fingerprints in signatures [w… Vincent Yu
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Daniel Kahn Gillmor
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Vincent Yu
- Re: [openpgp] Non-SHA-1 fingerprints in signature… David Shaw
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Peter Pentchev
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Vincent Yu
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Daniel Kahn Gillmor
- Re: [openpgp] Proposal for a separable ring signa… Daniel Kahn Gillmor
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Peter Pentchev
- Re: [openpgp] Non-SHA-1 fingerprints in signature… Jon Callas
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Daniel Kahn Gillmor
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Daniel Kahn Gillmor
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Daniel Kahn Gillmor
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Ben Laurie
- Re: [openpgp] Proposal for a separable ring signa… Jon Callas
- Re: [openpgp] Proposal for a separable ring signa… Nicholas Cole
- Re: [openpgp] Proposal for a separable ring signa… Nicholas Cole
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… Nicholas Cole
- Re: [openpgp] Proposal for a separable ring signa… Vincent Yu
- Re: [openpgp] Proposal for a separable ring signa… vedaal
- Re: [openpgp] Proposal for a separable ring signa… Falcon Darkstar Momot
- Re: [openpgp] Proposal for a separable ring signa… Nicholas Cole
- Re: [openpgp] Proposal for a separable ring signa… ianG
- Re: [openpgp] Proposal for a separable ring signa… Jon Callas
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Ben Laurie
- Re: [openpgp] Proposal for a separable ring signa… Werner Koch
- Re: [openpgp] Proposal for a separable ring signa… Ben Laurie