IETF Logo Mail Archive

Re: [openpgp] Call for adoption of draft-gallagher-openpgp-replacementkey

Andrew Gallagher <andrewg@andrewg.com> Fri, 19 April 2024 11:00 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6C81C14F5E9 for <openpgp@ietfa.amsl.com>; Fri, 19 Apr 2024 04:00:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sN6fOspcN0ML for <openpgp@ietfa.amsl.com>; Fri, 19 Apr 2024 04:00:15 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [IPv6:2a01:4f9:c011:23ad::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE4AFC14F707 for <openpgp@ietf.org>; Fri, 19 Apr 2024 04:00:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1713524410; bh=SesgONrxT/cj29arE2VA3livRwObOG1cLOYR9zpWtak=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=tTVI1avamsyB6UFgTNZCBcRMKtJA9Cj96nCzC4qzCK/NfIHl3mzn3+IBEraFODk+w +k8alH3jxb+QE2qyz7mjhZNu6kSONpM3X6yDSpPjTXpFfDmBHITboaNOHqXVkrzTjG y6ArMPInsU9S7GhyOsqitsmT9/IsAUh3mmN/34Whjw0BEyDZymrPZgloyk/VjXsOyo BYtATE0pHCAP7Gy7x6tvjhTFfFM2agkbOwAHQd5ifwBYs1zP6FI3JtejWewnT7EvIx tL5EydUdyJnaFcGtH/vO9TKFThw1tUzV7KEJvIHVFV4XHZeF7BSDUvrnhIuVOoyDoJ nTrpe5eUl0CVg==
Received: from smtpclient.apple (serenity [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id 485E95DF56; Fri, 19 Apr 2024 11:00:10 +0000 (UTC)
Content-Type: multipart/signed; boundary="Apple-Mail=_873538A0-2274-4B9F-B536-2141853B4C54"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Andrew Gallagher <andrewg@andrewg.com>
In-Reply-To: <87y199g67k.fsf@kaka.sjd.se>
Date: Fri, 19 Apr 2024 11:59:52 +0100
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, openpgp@ietf.org
Message-Id: <A0B535B4-215B-4159-9F39-0D33C24ECF2F@andrewg.com>
References: <87o7anhybr.fsf@fifthhorseman.net> <87jzkunest.fsf@fifthhorseman.net> <87y199g67k.fsf@kaka.sjd.se>
To: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/r2_SPE797wTiP0Iszxho9C0eElI>
Subject: Re: [openpgp] Call for adoption of draft-gallagher-openpgp-replacementkey
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2024 11:00:19 -0000

On 19 Apr 2024, at 08:30, Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org> wrote:
> 
> Signed PGP part
> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> 
>> My understanding is that the editors proposed some changes to address
>> Simon's concerns about scope and use patterns, but haven't released a
>> new draft with those changes.  Those proposed changes are here:
>> 
>>  https://gitlab.com/andrewgdotcom/draft-gallagher-openpgp-replacementkey/-/merge_requests/2/diffs
> 
> Those changes seems nice, but my basic question still doesn't seem to
> have a clear answer (at least that I've been able to understand): what
> is the problem this draft is intended to solve?

I’ve attempted to flesh out the introduction even more in the most recent commit, although I’m struggling to identify where the lack of clarity arises. This is probably just me being unable to see the forest for the trees, having been inside the draft for too long.

> Two rough outlines of problem statements:
> 
>   1) replace human written key transition documents
> 
>   2) enable automatic non-interactive upgrades to PQ keys
> 
> Are both these problems in scope?  Are other problems in scope?  Is
> there some problem that we know is not in scope?

Yes and No-ish, to the first two questions. I would widen option 2 to include non-PQ replacement keys, but the principle is the same. I have specifically bulletpointed these in the latest introduction.

Not sure how to answer the third question, but if there is any potential confusion then suggestions for explicit exclusion would be welcome.

> There is a bunch of different modifications I can think of for this
> draft but have hesitated to suggest.

Please suggest them anyway! The process of asking may help us find the root cause of the confusion.

> Without understanding the problem
> we are trying to solve, it is hard to evaluate if a suggested
> modification is a good idea or not.  The two goals 1) and 2) may lead to
> conflicting requirements on the protocol.  This make me unable to feel
> that I can contribute anything other than raising this question.

I don’t believe that use cases 1 and 2 are in conflict, I think they are clearly distinguished by whether the old key remains valid or is expired/revoked. A receiving implementation that first validates both keys and then orders them according to the replacement key indirection will behave sensibly in either case.

A

v2.23.0 | Report a Bug | By Email