Re: [openpgp] Hashing literal (meta)data fields
Werner Koch <wk@gnupg.org> Mon, 10 October 2022 14:08 UTC
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80DDAC14F73D for <openpgp@ietfa.amsl.com>; Mon, 10 Oct 2022 07:08:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NTQmU0Oh21DE for <openpgp@ietfa.amsl.com>; Mon, 10 Oct 2022 07:08:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1FE7C14CE20 for <openpgp@ietf.org>; Mon, 10 Oct 2022 07:08:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=aDfymDIKvhbrTw2g4C6NbEv5/+Gpvy4z9kMEG4ldcoA=; b=M7g0ndA0GU2FzpXCKWCeAM4QTt 0QEoaOmIzu7DMe7Jzwktc0sYZRRqHU9aPIVQQmsPm+599664yrYgx9bXYVrO4PnPochNaJuOeY5Bj EJxTFp/2duRK59+P/7H2rBUzDwO93A5XVfKXKJNWaXKDkW7zhUG6JXin+en16O5vN5HI=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1ohtRw-0001G2-K6 for <openpgp@ietf.org>; Mon, 10 Oct 2022 16:08:08 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1ohtQ7-0000zx-Vy; Mon, 10 Oct 2022 16:06:15 +0200
From: Werner Koch <wk@gnupg.org>
To: Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org>
Cc: IETF OpenPGP WG <openpgp@ietf.org>
References: <QiAK3LsKi6K_UDPKI3S2vWACTHIL2CWil-AmjadkkA9XQrrdoDSuAT5UwwQCqseLMaStR4XuM04rfSoTSzXZEsNLIp3Z8_7C7Xu4Nxab1eE=@protonmail.com>
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Jabber-ID: wk@jabber.gnupg.org
Mail-Followup-To: Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org>, IETF OpenPGP WG <openpgp@ietf.org>
Date: Mon, 10 Oct 2022 16:06:09 +0200
In-Reply-To: <QiAK3LsKi6K_UDPKI3S2vWACTHIL2CWil-AmjadkkA9XQrrdoDSuAT5UwwQCqseLMaStR4XuM04rfSoTSzXZEsNLIp3Z8_7C7Xu4Nxab1eE=@protonmail.com> (Daniel Huigens's message of "Mon, 10 Oct 2022 11:33:41 +0000")
Message-ID: <87lepng4dq.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Burst_Uzbekistan_Rootkit_Avian_CIM_National_preparedness_Lightning=L"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/kclgatn42lm3C35bJqsTtOZi4IY>
Subject: Re: [openpgp] Hashing literal (meta)data fields
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2022 14:08:15 -0000
On Mon, 10 Oct 2022 11:33, Daniel Huigens said: > signer to hash these fields. This maintains the possibility to convert > a detached signature (that doesn't have this subpacket) to an attached > one (if we don't require it), and similarly, to convert an attached I consider the ability of OpenPGP to do so an unintentional oddity. It has been used but it also raised problems due to the different canonicalized rules implementened in practise. Better don't rely on that. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
- [openpgp] Hashing literal (meta)data fields Daniel Huigens
- Re: [openpgp] Hashing literal (meta)data fields Werner Koch
- Re: [openpgp] Hashing literal (meta)data fields Daniel Huigens
- Re: [openpgp] Hashing literal (meta)data fields Justus Winter
- Re: [openpgp] Hashing literal (meta)data fields Daniel Huigens
- Re: [openpgp] Hashing literal (meta)data fields Daniel Kahn Gillmor
- Re: [openpgp] Hashing literal (meta)data fields Daniel Huigens
- Re: [openpgp] Hashing literal (meta)data fields Daniel Kahn Gillmor