IETF Logo Mail Archive

Re: [openpgp] Clarifiction on v5 signatures

Wiktor Kwapisiewicz <wiktor@metacode.biz> Thu, 25 October 2018 17:01 UTC

Return-Path: <wiktor@metacode.biz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6024130EC5 for <openpgp@ietfa.amsl.com>; Thu, 25 Oct 2018 10:01:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=metacode.biz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PNttkfFpDcr5 for <openpgp@ietfa.amsl.com>; Thu, 25 Oct 2018 10:01:53 -0700 (PDT)
Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9526E130EC0 for <openpgp@ietf.org>; Thu, 25 Oct 2018 10:01:53 -0700 (PDT)
Received: by mail-lj1-x22c.google.com with SMTP id y22-v6so2290968lji.10 for <openpgp@ietf.org>; Thu, 25 Oct 2018 10:01:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metacode.biz; s=2017; h=to:references:cc:from:openpgp:autocrypt:organization:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=F49nco/PTkjruJj/I3urvg8h1sWLbvcjEAGzHG4FO8k=; b=UIknfjQXkuj9aH3eUmw44J/IOw3nP/N3R6LLn1UTLO2K1CdKK0dLwyyG9tM53dLBn4 VTLXwSJbV18cOX8d4RDaJ2ki9tP51YXr77+w0ZeGTcvD3w3fukgdT+Q8jOHEAmpD2ZhH KgePwU4RgvlRqjkROC2ug1nPY1YawX7g0fNX78v+QA5YhPeyVW3SPbSHF5qPIPIiRvKH ZebHoFdOp7yz4H/+DloUi75KheKuiKGKXOyqZZPD83/PvlVGw2nDzXaCOR4VVCvwkju1 CXeSf0/u8Nap9hz87dcQufLHmsvLlbm++JRPILGWA13Q6MCIx8wrUhUfLxsRYvB6BwB/ Co8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:references:cc:from:openpgp:autocrypt :organization:subject:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=F49nco/PTkjruJj/I3urvg8h1sWLbvcjEAGzHG4FO8k=; b=cTf/XGO8H4hd+D2LKuQQFEVKJMU2P24D2QxF0+c3Uy1pk5dX+atXxf4GzbJMRo7D6g IsDiPlXP65AO5JamWY7gF/eOADIYn8EtK/bSxfGKKCadJOq1xPobOTWIb635riqcVjeb CInoAzIbH3G/2TIIac3aUyApcI+kdMWbQlDZHi2yhgrEooc3ia13ERHuGr6EW6rWYmhr Bem3S/H1owZpulvqplewibPAceBZTV2p1Sl3Mt5oTyisktnECB82m/cLdHVvcf+byoOG 9O0+9s9Fr1xSAnkHVrXbdG283AcEkWLeVaQiR85dT26qxKgtahCu86n7JP4dpaf5FAZE oODQ==
X-Gm-Message-State: AGRZ1gIVUoJXFenEJTt2vPPHm0G/LK3+XnlYnV199kAJokqOKcjo2d4T uz54tVRfBVRUKwsK/DWdkera0hemu3k=
X-Google-Smtp-Source: AJdET5cYppZzP+Jpi0F0q0+w0gBKaeeIB04FvfoeU1bjdamS3PEKuKex4UcQOsA4Q+ypWEqp0H4XMg==
X-Received: by 2002:a2e:7217:: with SMTP id n23-v6mr15520ljc.71.1540486911060; Thu, 25 Oct 2018 10:01:51 -0700 (PDT)
Received: from ?IPv6:2a02:a317:4e3d:4680:f6ed:4b3c:7510:34c3? ([2a02:a317:4e3d:4680:f6ed:4b3c:7510:34c3]) by smtp.googlemail.com with ESMTPSA id 1-v6sm1215883ljc.46.2018.10.25.10.01.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Oct 2018 10:01:50 -0700 (PDT)
To: Werner Koch <wk@gnupg.org>
References: <877ei9szyc.fsf@wheatstone.g10code.de> <dda2d47e-b06e-cd6c-9bab-d8f30149c2ad@gmx.net> <87mur2nyt6.fsf@wheatstone.g10code.de> <f2770475-3b73-3849-33cf-91aaf52c1999@metacode.biz> <87tvlam1iz.fsf@wheatstone.g10code.de>
Cc: Heiko Stamer <HeikoStamer@gmx.net>, openpgp@ietf.org
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Openpgp: url=https://metacode.biz/@wiktor/openpgp/key
Autocrypt: addr=wiktor@metacode.biz; keydata= xsFNBFhoYHoBEADzmg9UuwDrtvyejU01gDY1J1iJiCi4XGJ4lCfYeLC2jSagIxU/5Lu0lRft 0Loi2tsjpo0c8docP7HFxafEEvnnt/iabd6I536llMuw0uno4PgnD3ljcCMZLT+vn+amIDta lzVoMnSqzoNUotMNMtjIFuAaQ/wr4/Mp9CIgJdviGUc3PscqUiiUVVtk6uF0x657NULZgSIT /Mrqlr2i4RuyPwXe2Qt0uEA3KWWjF0l2NpAMVrqz+nHsLoNOaAsfdx94bzKQrrSeSQqEO2f+ /eO/hbUAFAmEhrotmUO8wJNygo8TgkdlzFI+UE4p8/KW0aCgGGgR8YkCvHq2OQhAAYFNJoNz Hqw0FGxdsY8qWFkYpoSB8zKspNy8KliofCamMYXoPF7eVIxIiKvxrAykGP4jNnzSoV0cn+bY fXnox1IhnqbnoJIT7kTmXv4JmWoYm8ThHqpEgcQOUUQzSRXb9OiNwiXT71ijeO1qswMRpsgk 6AGKSZGWxa3c4ive/p8z1Ax27BFZSh2FceIcMCcGLrDjnQYgeFsAJ1jSxZQXkGuJFHfb4nff Big7aq/vyKrQFQXG0NQQL7rZAdk/s665vifos0yPmRDu7yDT1ggdyBp4Pa4re+ZJcNRNzNHo zU9al+CoImCQjnTtKMXmOe/BzGrpHI4QR3NNzVa423WCIWkHfwARAQABzSlXaWt0b3IgS3dh cGlzaWV3aWN6IDx3aWt0b3JAbWV0YWNvZGUuYml6PsLB7gQTAQoAmAIbAQgLCQgHDQwLCgUV CgkICwIeAQIXgHMUgAAAAAAqAEB0aW1lc3RhbXArYml0Y29pbi10cmFuc2FjdGlvbkBtZXRh Y29kZS5iaXphZmNiMDkyYzVjYTY0MDk1MjZkMThhZTljZjIyZDNiNTVkMzdlNzIzZWIxYjc0 ZTNmODRmN2U2YjA1MmExNjJhBQJaLoPdBQkDwPuGAAoJEGyIV+DY6PB0CNkQAKGTFHzG4YO6 yne5jfMlGcF8JUYq0EGHE9DRK6oAyGo+1TGFbf1bS4wULvA6LFBOLd+aI7uuN062kDdtHVUf 0S0AZ9ByjIBdQJsqx47W6uXsRX/pB0a70QqS6NbS3AL/fdwZOj/TBk8bdsfg7Z+hH+ykMcOs EYLmdMLmrqYgl9EyP4FmsnU9H8x4yKp0/Kv4BQYfjn68CFvyM2NQU3MR/H3sqvM/uY5AJwTp A8X1ZbN8pjZO5YRTiQtMrXekNzhP3p0ep1+cu2UxQO6jXV6Sjdm8D8RJzGaxCuhN/VhLNSvh cb2T5sejBAhU8JmKNle4+z5wZWB4bl5Dfkg1NpSEEdv7so+KXCnszo89UJJijlfgBFtm5WjK u7gCR8CVOeGQwQolEzi18zihCwRy1rg/xKokk7q6ZBEvxM1sBYNd81mi1PgrNwgH4jPULfQk UJtU7HLRVNLbnrIyEQbLOJegBLaWHgR4T69blBGg1oqiq/1PHnZuJauZhhNEAViX42VKJP1z w6PIfvbjg27wf4OjEDtVVXCrxqqljHRilagFQHGlU+iF6Ii2C3pNod11+lqJC0riFylxK/wu zHpoZdFg10gqMWIE2Exm7nJ6ToKv5kZqKC97mWrmh6FFEr6HmjDDuo+N4RER3VGj0dSey5nc eFQ2vry17IGN1ljV9TiARDgizsBNBFs/lS0BCAC5oX3r3luF7czMF8UFxJz55XuvNRs4tEjo Hzqcqoe4+RJyfNDtspgevYIq1WTKw/H3ZYsd2wZpkM3I+BJn9eeHZKs77qXQZGN5PBB65rZo LjMx+qHa6wH4lIYMYW7eB9HHMsT/5E3ILBSRzZIwJimd/QdIMKSrJ5mPMkAd+9+xob5zKHO5 L5pbQtJSGS0m17/hA0kCTLI885hLtT3JsI/KWwuAYDrTwsayzh/hG/NgdA3I8xlrQCLC0EFJ oxHkN9tCyXeKPlrIPYyMB1jHTo1iNV0CQGpk+zf6DA/ySGfJxd30ksJZ8y5qxD43zS0YffYM C01CeuqPoGZ2Fy9VxhODABEBAAHCwXwEGAEKACYWIQRlOQmi8ON8EG9fr1RsiFfg2OjwdAUC Wz+VLQIbDAUJAeEzgAAKCRBsiFfg2OjwdKQ4D/wIb8s2Tw8MhbbwASutzTwg3g3KReDRHgSz z7RJtePIM8HC6qm9++9sxoqww7qm35vb604HtMRORYmfXgVSocsYg/eAk8LoBVfCZidDVBia /i/dYx/8LHeX/0PqPluSusQh64BFUoVetUCP+kISbK8vgDt4HfDSgtenC5lpTAdk257A84p2 zDnUtVr8XNv09m7ASft6Wh5Wrn+aWlJrf6T6eysk9OIw8VpSuq0oG3vcEoTbHKJN8TDliPUc QVz5Qti0tgB40PLrqOpTdENdxbiaUNFpHm3Tkk+n7CEFcOayFvy5vU6Nih0hu+LFC2XHzQRw sLnuQ2EilWtXRulcwvFo6A3Vp+gidxc6UwC+LBFJjvDMv5hmsdhSm08r2hd2k61oL6NCGVB3 fxuJT85UHsEC04N72Fa26+Spkh3DtJMrKqJlBBas7oJYh6644DB4rccd6VT3n7Zv1pd2uIWv gjORztfBzRJEysOeHoNpr4hEocg62beu9cnGHpYB9j3mhv+E2IYPnJKqit18G7xb7QnyQU7L YfctLO0GLNdTBavWJggHPzUp09vb3uGS3dMdAYbWTBtnXttkdYuLx/oCe1LVUQYotsX7s83V kVc2n6xzrcaebmgoFtGUfUmOV0U0xbqv6Mxg27qctYh1QidvRyt0xqGA0Qhz/vvoQdfQeMlO Tg==
Organization: Metacode
Message-ID: <d9ece307-8153-24ce-2de4-07792e3c1ffb@metacode.biz>
Date: Thu, 25 Oct 2018 19:01:45 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <87tvlam1iz.fsf@wheatstone.g10code.de>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/piwM_b-xfqeYjVdsB8FwZYmwhgw>
Subject: Re: [openpgp] Clarifiction on v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2018 17:01:57 -0000

On 25.10.2018 18:31, Werner Koch wrote:
> I posted combined diff of Heiko's pacthes.  Here is his timestamp patch.
> IIRC, we have talked in the past about it.

Oh, got it, I'll try to find the previous discussion. The second octet
key flags (ADSK and timestamping) look really interesting but the
details are scarce as far as I can see. I've been thinking previously
about the possibility of having separate signing subkeys for different
usages (e.g. code-signing subkey on one hardware token, e-mail signing
in a more accessible place).

Thanks for the info!

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor

v2.23.0 | Report a Bug | By Email