IETF Logo Mail Archive

Re: [openpgp] Followup on fingerprints

Wyllys Ingersoll <wyllys@gmail.com> Thu, 30 July 2015 15:16 UTC

Return-Path: <wyllys@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B9F31A92FB for <openpgp@ietfa.amsl.com>; Thu, 30 Jul 2015 08:16:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.1
X-Spam-Level:
X-Spam-Status: No, score=-0.1 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JO27rzlPQkgo for <openpgp@ietfa.amsl.com>; Thu, 30 Jul 2015 08:16:43 -0700 (PDT)
Received: from mail-ig0-x22b.google.com (mail-ig0-x22b.google.com [IPv6:2607:f8b0:4001:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2121B1A6FF9 for <openpgp@ietf.org>; Thu, 30 Jul 2015 08:15:55 -0700 (PDT)
Received: by igr7 with SMTP id 7so168939067igr.0 for <openpgp@ietf.org>; Thu, 30 Jul 2015 08:15:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=zzfR/wlqCddZGUYNAqiIyAtJUqD7IFD2g4K6LLF8dOk=; b=CFrmnhKJcc7Kh1m8GmsqI2OzOXZdWYRjve6U3uTn0NzRWqjSBh9oL0fZj0D2ptBwxW 2GMlEmJApGmPwxclHa/sES5Ux75onjLmJCrTP2IPac4mRmPTVktVrAYtdqEAKeFgHpNi 0b57QhgpxgwROcL4cv3ChChG0b4x6Sbm/YDUzF9VLPgDHfm558Ykiyxr9nGdTuk3Prwd wjq6FFGbk4C+O1G8fEBsK2Bl6MnSFNGwXYDP+hP8yO6R92sn4OrxZzH8VssrsHCu+4e4 Iyn4kYlax6wMNIc9br/GYWSoAajDQW/tE5jRpCdX5l910OO5ZzuwZyU3ozAiw9ODy+S1 7EUQ==
X-Received: by 10.50.1.43 with SMTP id 11mr6099782igj.76.1438269354600; Thu, 30 Jul 2015 08:15:54 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+LwgTcn8CY+Zk-f9gzXQtMJezG97T+kx2=C7PR5g7zFer_A@mail.gmail.com> <87twsn2wcz.fsf@vigenere.g10code.de> <CAMm+LwgRJX-SvydmpUAJMmN3yysi4zzGSpO2yY4JAMhD-9xLgQ@mail.gmail.com> <87zj2ecmv8.fsf@alice.fifthhorseman.net> <CAMm+LwgKmcTes=V7uS3MjCQixWCo-i7PY=VE7eCHSqt3Ho3OSg@mail.gmail.com>
In-Reply-To: <CAMm+LwgKmcTes=V7uS3MjCQixWCo-i7PY=VE7eCHSqt3Ho3OSg@mail.gmail.com>
From: Wyllys Ingersoll <wyllys@gmail.com>
Date: Thu, 30 Jul 2015 15:15:45 +0000
Message-ID: <CAHRa8=V==25stupwmzo4tDEhryrgvMnj4iDY4qwfX2aHJorTsg@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: multipart/alternative; boundary="047d7bdc15daf8efdd051c192d2b"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/l_U4Hp9d0s3QJ9uPB1G6Ltf678k>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Followup on fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2015 15:16:45 -0000

>
>
> OK, 'at least the 512 bit fingerprint'...
>
> Which you do probably depends on if you are using ECC or RSA. With RSA,
> those 2048 bit keys start to bulk up...
>
> For my particular implementation, I want to be able to rotate encryption
> keys on a monthly basis or any time a device is added or removed from a
> user's profile. so I am using fingerprints of key signing keys rather than
> end-entity keys.
>
> As a general rule, it seems that you can solve pretty much any usability
> problem at the cost of an additional key. Back in 1995, this would have
> ground the whole net to a halt. Today it isn't a problem. Right now on my
> testbed Alice has a personal profile of 3 keys, plus a device profile of 3
> keys per device, plus individual keys for each use in application (1+1 per
> device for email, 1 for 2 factor auth, 1 for admin, 1 for data encryption,
> 1 for drive encryption). So assuming Alice has 2 desktops, a laptop, a
> tablet, a phone and a watch, that is 3 + 18 + 7 + 6 = 30 keypairs and an
> additional one per month.
>
> It might sound a bit extreme, but since I started in the business,
> machines have gotten roughly a million times faster and have a million
> times the memory. 30 keypairs instead of one does not seem like a big deal.
>


Really?  It sure does to me.  PGP suffers from numerous usability issues,
some of which are a result of implementation artifacts and some are
unavoidable due to the nature of security and the spec itself.  Making
things more complicated or breaking compatibility with widely used existing
implementations in order to satisfy an odd niche use case does not seem to
me like its advancing the cause in a helpful way.

People today balk at managing a single PGP keypair across multiple devices
and applications, how in the world would they be expected to deal with 30+
(and growing) keys?  Perhaps this is all handled automatically by whatever
scheme you are developing and the user would never know or care that there
are 30+ keys in their domain, but as described it seems way complicated.

Im in agreement with Werner that we should tread carefully in redefining or
overloading the meaning of a "fingerprint" beyond how it is already
specified in 4880.




> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
>

v2.23.0 | Report a Bug | By Email