Re: [openpgp] Deprecating SHA1

Phil Pennock <ietf-phil-openpgp@spodhuis.org> Sun, 25 October 2020 01:19 UTC

Return-Path: <ietf-phil-openpgp@spodhuis.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D0A93A0B29 for <openpgp@ietfa.amsl.com>; Sat, 24 Oct 2020 18:19:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=spodhuis.org header.b=CSib/2EA; dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=spodhuis.org header.b=Svbz+Mhz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QejVlJaW0fll for <openpgp@ietfa.amsl.com>; Sat, 24 Oct 2020 18:19:31 -0700 (PDT)
Received: from mx.spodhuis.org (smtp.spodhuis.org [IPv6:2a02:898:31:0:48:4558:736d:7470]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03AFA3A0B22 for <openpgp@ietf.org>; Sat, 24 Oct 2020 18:19:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=spodhuis.org; s=d202008; h=OpenPGP:In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:From:Reply-To:Subject:Date:To: Cc:Content-Transfer-Encoding:Content-ID:Content-Description:OpenPGP: Organization; bh=RKHKYk/I/tcKYjJbYA8swJDPfnWC9wbLI5FPKmgghec=; t=1603588771; x=1604798371; b=CSib/2EAW3rRxsU7C/nxHU9Gzsq5HtUUGIRvc0nyppgNoapNe+lfRENWUBUj atrKF/BZ9eL42qJr1mHNiqP66TgGTquB/d7No42L4NV6fGe0o5fH052b7Og02tYinIKq5EgckK2ma 3DKb3pKFdS2k7jhBWb9Y3fIdIbxWNKGEMhd3pMTFEVuFm/N4bJbYMF1mtxomYH4LmpB6G0Vk3fa65 MxeZ7ekQqKLyn7D8ljmrKqjNkl9ktdRmadWWVjmVD9eFedHBOpFeKwKE7DUy72P1z4bOBqLHaO5Ho 8N8OJyQNZeAM+AQubLrQ2DgBUt3eYyFIp51cwiF2Dw9EmnWatxA==;
DKIM-Signature: v=1; a=ed25519-sha256; q=dns/txt; c=relaxed/relaxed; d=spodhuis.org; s=d202008e2; h=OpenPGP:In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:From:Reply-To:Subject:Date:To: Cc:Content-Transfer-Encoding:Content-ID:Content-Description:OpenPGP: Organization; bh=RKHKYk/I/tcKYjJbYA8swJDPfnWC9wbLI5FPKmgghec=; t=1603588771; x=1604798371; b=Svbz+Mhzvwh7aLxZLACUlxSo4O+8r0UgCh+/Buau7umrQ0s1zFmx4JxOz4dF i4oWQc+bqjp29HDcqvROPNX1Cw==;
Received: from authenticated user by smtp.spodhuis.org with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) id 1kWUgx-0007Ll-E1; Sun, 25 Oct 2020 01:19:27 +0000
Date: Sat, 24 Oct 2020 21:19:24 -0400
From: Phil Pennock <ietf-phil-openpgp@spodhuis.org>
To: Jonathan McDowell <noodles@earth.li>
Cc: openpgp@ietf.org
Message-ID: <20201025011924.GB1089002@fullerene.field.pennock-tech.net>
Mail-Followup-To: Jonathan McDowell <noodles@earth.li>, openpgp@ietf.org
References: <87sga5xg03.wl-neal@walfield.org> <20201023192317.GA444398@fullerene.field.pennock-tech.net> <20201024085725.GB2594@earth.li>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20201024085725.GB2594@earth.li>
OpenPGP: url=https://www.security.spodhuis.org/PGP/keys/keys-2013rsa-2020cv25519.asc
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/kDXKlaq44ywstS_M-C-57YxXZJk>
Subject: Re: [openpgp] Deprecating SHA1
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Oct 2020 01:19:32 -0000

On 2020-10-24 at 09:57 +0100, Jonathan McDowell wrote:
> On Fri, Oct 23, 2020 at 03:23:17PM -0400, Phil Pennock wrote:
> >     gpg --expert --cert-digest-algo SHA256 --sign-key $YourKeyId
> 
> I'm one of the people with a SHA1 self signature. I've been aware of it
> for some time, and it's been on my todo list to sort out, but when I
> last tried GPG did not make it possible. What version of GPG is
> necessary for the above to work? The somewhat aged versions on the
> airgapped machine my master key lives on do not seem to want to update
> the type of the self sig with that command.

[ not to list-cop, just to make sure that I'm not blindly taking this
  down a rat-hole not germane to the IETF list, since I'm the one who
  raised GnuPG in the first place: ]
Since this affects the ease of a deprecation, I'm considering this
on-topic enough for me to reply here; if the follow-ups are specific to
GnuPG, then gnupg-users might be a better mailing-list?  If it's about
the real-world practicalities of migrating and the impact on IETF
standardization then perhaps not.

I see commit messages about "Honor --cert-digest-algo when recreating a
cert." from 2012:

  commit 2b3cb2ee94625498e7a7f939216c9bcddef6ec20
  Author: David Shaw
  Date:   Tue Jan 31 21:30:05 2012 -0500

  commit 60c58766aeb847b769372fa981f79abac6014500
  Author: Christian Aistleitner
  Date:   Sun Oct 14 20:30:20 2012 +0200

Using `git tag --contains $COMMIT_SHA`, it looks like gnupg-2.1.0
onwards include it.  If memory serves, there's an "odd minor is dev,
even minor is release" pattern used here, so 2.2 would have been the
first "real release" even though lots of places had 2.1 packaged.

<https://gnupg.org/download/> has an EOL table; GnuPG 1.4 is dead-end
with no support for modern algorithms; 2.0 started on 2006-11-11 and
reached EOL on 2017-12-31.  GnuPG 2.2 cites 2014-11-06.

If the modern GnuPG approach to partitioning up the work in managing a
keyring is of concern, then I suspect Neal will be happy to help with a
migration to Sequoia PGP.  :)

-Phil