[openpgp] Possible to define a common key format for LibrePGP and OpenPGP-IETF?

Kai Engert <kaie@kuix.de> Thu, 14 December 2023 00:43 UTC

Return-Path: <kaie@kuix.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8D3CC14CEFE for <openpgp@ietfa.amsl.com>; Wed, 13 Dec 2023 16:43:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kuix.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rQVbBVxVItgD for <openpgp@ietfa.amsl.com>; Wed, 13 Dec 2023 16:43:32 -0800 (PST)
Received: from cloud.kuix.de (cloud.kuix.de [93.90.207.85]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 402B6C14F747 for <openpgp@ietf.org>; Wed, 13 Dec 2023 16:43:31 -0800 (PST)
Received: from [IPV6:2003:c8:af03:2300:d806:f5c8:f6e5:f959] (p200300c8af032300d806f5c8f6e5f959.dip0.t-ipconnect.de [IPv6:2003:c8:af03:2300:d806:f5c8:f6e5:f959]) by cloud.kuix.de (Postfix) with ESMTPSA id BFF33188F95; Thu, 14 Dec 2023 00:43:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kuix.de; s=2018; t=1702514609; bh=tfjucf3NwpQz3+0DHVUZVyZ49ejpIs5tXOkP4jP4rQ8=; h=Date:From:To:Subject:From; b=EvjSeYzj7jaUpkXfCj/yNCmjbn4oktQBoRISGY6yTVKDyqX09V7X0XqIw1hOhG5Ub njdf7FYpPzF8KSVKOLRwCl4cS+qHbhgmf84crBGxzpgygzjnW4SnAn6OUgSjQ6fzBV VMEEjEYojjnnjGdXGP41m00KgXc8dY8j9WBPVGenSW7Kxn6IEPwYFKIQBc03qURi9/ xZkPR44EnUMPc2S1xSaxJ5N4Rg2fr1uvxtizFZeZZYsCQ3QSwjoVVUBxYktHuCWXCj PfunuSytFhrbxR9P5cFYDipocDKaMRJfDDo2chngydoplQjsuxmhWhmuzoF8bmBlgU t26JxzRylQLVQ==
Message-ID: <fda84dd5-4279-46cd-9b6a-90f211222df3@kuix.de>
Date: Thu, 14 Dec 2023 01:43:29 +0100
MIME-Version: 1.0
User-Agent: Thunderbird Daily
From: Kai Engert <kaie@kuix.de>
Content-Language: en-US
To: "openpgp@ietf.org" <openpgp@ietf.org>, Werner Koch <wk@gnupg.org>, Daniel Huigens <d.huigens=40protonmail.com@dmarc.ietf.org>
Autocrypt: addr=kaie@kuix.de; keydata= xsFNBE8oE/UBEAC/Vx4tHVkfPdGf0BFMGcidXzAXKQ4+gI2F5rPBoV9fEtYngLHzm7+a6DL2 v5Jl5b4by9KtUbfIJysR1iniLWMJVPXZcyC4ovGouZ4MGK5cD9kMy+JdwebCs5/tj51vcvrS 08dP7r9Q0f0H7tsqhtVWuPFt+ZZEj8fIxjMgE3Z5BcyoGT1mXQ544RA0vr0fB9MngvfteD3L /wL2miDnYVtwB+VHC6kEB75Pte/yz1kFc/TDqKT8F45M3invhccY8Zwe7F88+uS+tgR5B3Ga RMc9WChZr5ed5vRxSLrGqBGSWBKomKuWXNFVMrZAOaq+W/+kOdNSXLdJSvXIAgV4Gywf1D0r ZTi8V+UoiTY8eDfT4OlBJrbbkge92/lrqaorAsuo/DVmfv7ARk7q2jvbSZD39zkWpLNsAulz gZOr+ffEHKy0f9fNwzenHpKvNtTUWGChEyDf7a6EtTBZsxAYco0xAtFOoQVwx5UzZk4tMVhv lrATrvmFdK5SLroDuwtSLUBJ5MhICyaB1kN7YSatQs33D+M5oPKVC+mn1WB/nznU475cssBW Asw+/K4VtXN08HxVFEvpV5MtpoYGe/cqsV87aVr/Igg45DVKtMMK8W5AmJDdGru3caxdVkkW fis9F1GBkk7ZPgip4cprh3KicuKsXhVrjk2mC/kCR+mrlY8ncQARAQABzSNLYWkgRW5nZXJ0 IChhdCB3b3JrKSA8a2FpZUBrdWl4LmRlPsLBlwQTAQoAQQIbAwIXgAIZAQULCQgHAwUVCgkI CwUWAgMBAAIeBRYhBCHRbmfhg5jI2p3fLhwnQjclAHckBQJkhlFMBQkXP3DXAAoJEBwnQjcl AHcka90P/Rwh5/f+RMLQss7kad6wz1y/T4Ztgaj0m+vuCyhzf246/8hs7SMp7ESscZkZkNgn iEtMSIl2ZErvXpXXuQeHXvBed5aqrBU5KqyEv8gMFLOcn/MTCPHkjImgyBwp47AP5VmRhoH7 LSYFm5GsJfMfNSA8hHGBL3WMUyVxfLAUdTfEUeBM4GgDCDyizyFmtIvmJxd3hEnl1kmWxUwv yfFjGfABLI4/E2Sw7cQ1nqxz4YjA7l4ATd1rLjt8KpUzi9ZB2SkvUfMttvjoPdLm+ngnNFjZ 59jktAVS60UpxyQQL6gO10Gty2CIQYYOfGzz22C3ajdkn1g8+GZfm7v2E97vC+9f3lNRMt1B Yexx8HhsnZe/hBxP+rWcJf5SM5smrug0mevy+CpGMIbklWYUoY6XPQKJ6/o3hJwMmoBoYB7p dkCK+AC1/w219xZGCF7D1wyLeBeFplRI66ZAU07wDO6En139REDVWOW0jwUYeRHdmjVDCGPg DKM3MJTU1pUnzx5+/r735//UI13wUrM/sQa5EKtCTbglvGBNTEF/QDg6Dh6odRyQGDdysxjS b8TKS/5MqsjZVcIHzkhsvTzE1WvRWU6F4G8iZIM/ekjpcRjcXPo8VbyNV5JmnLA/sxu1YB4n HOchWcWMijR3OFEtvhrhK0cpvYVs/SkVYg0GU1sVHHWyzsFNBE8oE/UBEADnglTT1XME4/Dj ghgg2K5AAR7KKQ7mwtP4jF57wwz5Py1eTRn1FLBRVy27wPAz5/w2NEj52+YZKB7OyI0vVmRW 43fsYzh2DtknyhkIHn9hBAILHXPurh3rxewR9Ox52X5jYZyCBtHoSk3hFtHfw3q6HAoVnDSZ 64/qbU1pEKeKFyImtd2grFdygcDHLdtqUZM8Bu85SZBqojt1jkNUU85PkjbCXVxZuSRNzHjC 7zX3SxIx5b8hvAiDuKcL+epcJIovrff4e//YZxXO8E0rwnE7lhoe4eX4YHA/pweWi0d3aqv8 FLKFgK3cJwwMddH6/BLBrAL7/NSlHlMetUtPoT+GWkBlfkdCxj0EyuWUjQCnswKWP6S9GWS6 Q19zf8IqkAvVGMNXn6yv3V98E1dtmCmynf+4IjpC4mkV1RjyOzlpg3AcIVtfzGTN0Wob3m+3 642ir8Xunt0RCLcETQfZvRziS4lfgb0ysAp3J9ivUqI9fnXcBB4hdkIT1SiA43mO8oXo8FNO 7OiawJkFr0TFuQu/64KbtD4QLhbC++ltRpouma636iqexKth6GDjJ2bk1GGB8nL5GKzWwoCm 3IDsCUNZaw/l8VkTSvF6gOtN1tfolWPFPnT0O1ZrisjSqAZO3rbknqKubqd9sXwzVXlloGZK y1YL88N2CCx+XflptAfGTwARAQABwsF8BBgBCgAmAhsMFiEEIdFuZ+GDmMjand8uHCdCNyUA dyQFAmSGUVMFCRc/cN4ACgkQHCdCNyUAdySj0Q/+PbhxtlN3WRVTFmC5nicO6ZpXoDL8PAiK 9tUD4hqx0OQDbF2AhHRgHCRAAQ4rFWlTd0SSO7SYD/2+HdByw6PfTKkz2hJippSHLljAufcF diY0xiTijPyssoBxOtkBxNAiSHcA39AIdfGAH+e6n/go8RtxjOrOChePGh8ken5o4JUhjPOG t86Lhid1MCppNNQAzzFXPbKBX1uQf/jSacmNxs9d25lG3ddf9UgsruqziDZvhZp6EfWV/Pd+ g+UYAQ+HLgwl60ix0n7N43L8esnCrbEY3BST49snw2VpL+5Klyt1y0c/HCpscjq1FT5s2uav wknqb3vqoFOTWr9UswBjuUZqZ97JXUpd2mMpqRmDvFzhwdSYiS9fvISKKJknATssIQsnAmVk 3DjZz1Q50FTeCMrgh/zoJPN5xwNAg2ueLDMudUcPS2KgOH14E6Ve9au9O6pOKpZyxb5KUcqE fgNxfrM4n8Tw011sr/i7xZzUqbcDCZRdPso8uHg0YxRjwUTILVDq4Ow0IL6fY77HZwiZqNmP 6BTyNNKOBSfYFS4GxMcOmWPzcjDqpgAm4L50j9L2Pr5Sp0ayGDdQkCxbgEILMxPWRYq38ZMS e3ZtRJ5OJpLdYnmyvc7fm0BBmy7+MeP1HN1CieRgaqCUQuPuXpUHuMjr1Ls0grKAXG5i9V/c AlI=
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/po7lHgZjnC5ozKcjmrKnlfiTqnM>
Subject: [openpgp] Possible to define a common key format for LibrePGP and OpenPGP-IETF?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2023 00:43:37 -0000

Would it be possible to define a key format that satisfies the needs of 
both the crypto-refresh and LibrePGP specifications?

I might have missed something, but after looking at the complaints and 
disagreements stated on the LibrePGP site, I didn't see an explicit 
complaint about key packets.

It seems likely that we'll see implementations that attempt to implement 
both specifications.

However, for full compatibility with all implementations, including 
those that implement only a single specifications, it seems it would be 
necessary that users own keys for both specifications.

Could this complexity be avoided, by defining a common key format? Maybe 
by amending the v6 key specification one more time (prior to moving 
crypto-refresh to an RFC), in a way that is acceptable to the LibrePGP 
supporters, and still offers the capabilities the crypto-refresh 
supporters desire? If it were possible, maybe the LibrePGP supporters 
would be willing to declare the v5 keys as deprecated, and agree to use 
the common key format? (As I understand it, v5 keys aren't yet widely 
deployed, because several Linux distributions have opted to not use them 
by default yet.)

Regards
Kai