IETF Logo Mail Archive

Re: [openpgp] Clarifiction on v5 signatures

Paul Fawkesley <paul@fluidkeys.com> Fri, 26 October 2018 13:42 UTC

Return-Path: <paul@fluidkeys.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72AD21277C8 for <openpgp@ietfa.amsl.com>; Fri, 26 Oct 2018 06:42:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.122
X-Spam-Level:
X-Spam-Status: No, score=-1.122 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fluidkeys-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CDWLLZ8cK_Zd for <openpgp@ietfa.amsl.com>; Fri, 26 Oct 2018 06:42:50 -0700 (PDT)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84D7E1271FF for <openpgp@ietf.org>; Fri, 26 Oct 2018 06:42:49 -0700 (PDT)
Received: by mail-wr1-x433.google.com with SMTP id n5-v6so1387165wrw.12 for <openpgp@ietf.org>; Fri, 26 Oct 2018 06:42:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fluidkeys-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to; bh=91ZIg9GQLEeqa5ahvTHjLvpxSdPiR3hcwfYKLICArEg=; b=htRqiwAWWhnIlq0On0FJYY4XKaetwQz/olqq9HSD3zqjC3X91ViBZP1YYCxtHtEFcU lfIpp84kYyjhinD9HY99nwObszg1zNLWUFCH5FPBfRk7K42BWP5C/CES35CNJyqnVKPG E2x5ic9ZtwZ/A+IRfl9IuthrNK6uqcW4fgrcYdUqHe9sWl/uQn0pj08ze+xVfe2TEq/N ELiVtFbMV7LWaHicwDtt8VPNWP8ngdsLSxoDA8Am3LPHR2y/NkRqteqh/skyls30myi8 Jj7gusPkeBNw8KpUHpqv05Z3kqwCghY6yv17tViOPPDUO9pMyuGR2VJrJspg5X4r1OWM LIqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to; bh=91ZIg9GQLEeqa5ahvTHjLvpxSdPiR3hcwfYKLICArEg=; b=sENswoBw9pCaCU1NWnsqAt96PrYl1wCXGKvj4lxVg4vB18DWDDFcAwmee5ovTElVoF zTJIVcndgg0dLG3Y1+5KULMlYrHOjSPJ344dtIseR+PtNwKOAa14jbUIXY9J3lcVK+A8 CYBL46TU4VYIQxM4tfxt3WFHPrG1bflorzynQyOdxQJRHovCD/LPJ3svYdA4dSSZpGaV NUQUdMrSKj+w6rxSOLq5D8pH0Xxsm3ABTCNBW3970x7z0byV5Eo6F+scgjdjHlxvv0FK ScDCPuixGJi/rh/WJeW68s3ZuJcd3FHTvEMOpiKSA8nnP3PL6DKF6uAaZ5GqA1VuBZdG yy9A==
X-Gm-Message-State: AGRZ1gKTLSvbkhqJLPgMiNWaeNcPzVWtEqdz6MiMhZA5Fq8VorrTHBXG J4c0/mQeWj8yNe4wdCMaO6Tc5XUgMMjQ
X-Google-Smtp-Source: AJdET5cL2gitYsDOe2n9Zulo0HkmnfRx8jhJsN0e1hk8RoRLXrA0p+GNZ+uE0S8TPQ3wyRlUuLCF5A==
X-Received: by 2002:adf:c90e:: with SMTP id m14-v6mr5918965wrh.6.1540561367615; Fri, 26 Oct 2018 06:42:47 -0700 (PDT)
Received: from [10.0.31.25] (cust-doesliv.fab.liv.balticbroadband.com. [185.135.106.6]) by smtp.gmail.com with ESMTPSA id c2-v6sm9025600wrt.77.2018.10.26.06.42.46 for <openpgp@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Oct 2018 06:42:47 -0700 (PDT)
To: openpgp@ietf.org
References: <877ei9szyc.fsf@wheatstone.g10code.de> <dda2d47e-b06e-cd6c-9bab-d8f30149c2ad@gmx.net> <87mur2nyt6.fsf@wheatstone.g10code.de> <f2770475-3b73-3849-33cf-91aaf52c1999@metacode.biz> <87tvlam1iz.fsf@wheatstone.g10code.de> <d9ece307-8153-24ce-2de4-07792e3c1ffb@metacode.biz> <87lg6lm2w8.fsf@wheatstone.g10code.de> <486d2345-69c1-c329-d887-f164b5dc90d4@metacode.biz> <8736ssn94c.fsf@wheatstone.g10code.de>
From: Paul Fawkesley <paul@fluidkeys.com>
Openpgp: preference=signencrypt
Autocrypt: addr=paul@fluidkeys.com; keydata= xsFNBFuOr7IBEADj5wnhRc07sX1rNNqEvMEZIXYZgElhxNRpN4qc4ES4Xp9rlckLIgqARyiY Nc87arYP3CIgfbTFJTy7g7q3jjbm7jmYSvpxe1J40kgbKMOjAtula2vdKzddXcgNkmDiWHsc bvoG2cxNSqx5lUU9SsPO2lVU1C44g3k0A1NgueEwus9blb2/qwHB6Zn7L/jOSM+AV6zpWeSH gRWigN+1m21GE2i09Um0W/W8WhFJDV5M4+IfYVvysReLcfFvzGJjZMlkVWOfE/nWPhBQpQOC u4Wtu5490hmtTt4/hXBrqYBDOgXFYDZAsyUgTctXUiH0/bBNWZ2hHrMWeMOvGI0p6DhGfuAk M793lttcjsWX1ff6Nz+vBSucqZnXD/tOAhFjTaWggFEMPwb8Shvy79a+0F+LP8Qk0e88y9Jn 5wSlstMee7EYx8CH1KaJuvSchyK3Dvf2QQLVJ1axPTsDrqvbtmETUN5Wo/G/sKwlXcdn8rd9 Z9iCuvremUddN75LcRSOEg2drncK95b08JP0mn4oDrmVLVskEtF24IXxkmyPVE8yH51sMpRf B7VUDS3SftCINOmH0Xh3qtRQapmMp6HJ/Bs2P3DPDLS1NK+8gPA/2vd6zlLwTqWJVJvlKoIZ GShxBb8XI7zriY6Bgmn4OaMJUB9vj3dNjjj7Cvic5gwGzEJWdQARAQABzRQ8cGF1bEBmbHVp ZGtleXMuY29tPsLBeQQTAQoALQUCW8DK0AkQcyekTCFXp1gCGwMFCQBzH04CGQEFCwkIBwMF FQoJCAsEFgIBAAAArSYQAJA3oxxceY+spH+TgTMe35R+oVquZOzdqCCyM5DLVMt7mx0LV7pX VYJwY7TweqnL5rMnz+65W6VRkluE/XQYH7Kdy7EI2KWICmAs7z1IaMZXB7KYzWB3l2YUttmf RBtgdq4xanEFKhRbFX9XyRmh1kXD/MFLHqH4F1Nkn5ZT6TtGsMc1tpTBkWOWmMbnQetSQfrQ UYCTM7o0c3S11lhqNA47uk8rAcj+DS8HRZHz5S2b4/BUVpOHqxuKGVXGqTsMY4woTPzm++jB +UYDuCVAw1HPpMIPUmmnAETyikIfyaK58v0owwn97Wdi4mFTWftEVjYbDsvfLLa0d3THTxO3 GmaVRbLCbSWisCrUP678jUfJUqalN8ZrdBBXjUMtabaVxF/gK020czCxiZIm88PzG8sxO4ln WUqqw9p1zUCV6mzFR+VmB0S4GYLsWHm9jCcdrzF397zMSNlySBE21tcNcFi1sbRKnC8hcdcT qtNx/KpNvxVAC0nvDKS6XYG3VWK6N+Aa4XAamrITu5ZG6U1AkWp7PcyXorTK9IONAEroxX99 0ANE0Bd+IKWt6baO0D5LKXXdKtpjwKSe2PZoCXd5orK/hVgamSp7GEcNUBULha9k4O8OMj8N cFXO2rJ9NgK1KFhF/1WDEcv4rskIclRhqLZ9Cz/XLzbIs9BAtOz4kRIrzsBNBFu12cIBCADN I/U4wOQzsbrXSgCj5ARkqvHYnOwtybXVi5ufP7xvnUMzghjo5QbiChVk4owYNL2sOTCl+UGw qcr0cAONFvKY04340kXHrvqbJOgY27HEs1SiopmDQ2sANydz6HB4tKrh1KXjZz9xPtEllGeq LgByGES78ZuLS8KcDWLXZ5BL2TUkT9SiULsgejqNF7DXM+8bBihTO7YolVPk9iI7dVi3NHTQ D0EVil5Ta2Ni65TfRNRvcvhH1E4bGfF84hbmmZddyq7muc0qR3xiFXIeWifxSq0iINaMjGkQ eTyWBSQA9oLJCfzBPXSt+whr8Iiu8O8fP7UcK7+lRPu5m+HJe3ghABEBAAHCwWUEGAEIABkF Alu12cIJEHMnpEwhV6dYAhsMBQkAS/U9AAAGeQ//XhOKIg04EfrMjnZ4OhLfmXZNHpzGnel1 6UWLWcXWkplO1nFi1dHnyKSedCIvMTIs3G26CCpVGF89/46ChHfKTLkwkgyhk0Lfk+5xEd4b I47KVfPGAyrfzp2NVwk6iOZ1nxM8Wo2OvmmXpSYlI2bxGj0VWDOzB0KZwyJhAUKnLf3xF3kG lZWG5hJrJidbOrAzfXDrb633oxksAl1ScSbzZ82MkJ5xEVfPSvVP+U/0vWPplIZO3f/MPI4D Yy0RmsuYqmtYxoDf3YrIC1S+mvjCRnCPzD5TfHID4iuLA3/rfvJ18aFAQGprG6IyTvm0xAnx lDu3sh6hfN1/Ugt/nrAuirXh+Ub2RFX/ZgUva4quNtiLY0kMTXgEFh1lZWaN0cdvU9s8Es33 iRUSIq3BWm6ZEd4NeqI/el3FZ7+1eLQagARUgnLKa21jyBkTyuv+LA/qKAcAJI7AelzoL2SY iBKrPzcohmfnduNM7uBmMh4TLNKCVeMd6DITqTz4xD+DMdgC32i5r/9Cgc1HT5oP+637rrcX /GS54l2EGsEvK27KhD0EiYDSbzLCHQmtS83Q1HogSHRk2GeNLC97b+eDVaa4tAaxWVU5SU5x i+pL5T+m8gsZR7wC0WZY52pCIcgmUOq4HTbu4K5zFxHCQF1taHSkwpiU1ZPm0GiG+mp3FOHz uEw=
Message-ID: <de0d4b33-b7ca-d17a-6abb-323112ce48ee@fluidkeys.com>
Date: Fri, 26 Oct 2018 14:42:45 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <8736ssn94c.fsf@wheatstone.g10code.de>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="uUq0BdoJzA07KimCAFh4VljxRMbDQKjyS"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/rdLkCRu1uCz1nTIPQ-eKSxNGoTA>
Subject: Re: [openpgp] Clarifiction on v5 signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 13:42:52 -0000

Hi folks,

> 
> AFAIK, OpenKeychain encrypts to all non-expired subkeys.  I think this a
> bit to course of an action.  For example if a subkey has been created
> with future timestamp to help with key rollover.  Thus the idea to
> explicitly mark suitable subkeys.

I feel OpenKeychain's approach here is sensible. Less complexity is
better: it's a huge burden on implementors to support yet-another-flag.

If a key has multiple valid encryption subkeys, it's advertising that
it's OK to pick *any* of those subkeys. That's pretty arbitrary. I don't
see why picking *all* would be any worse than picking an arbitrary one.

> The ADSK (Additional Decryption Subkey) is an idea of mine on how to
> ease ease encryption to several devices.  You would install the separate
> private subkeys on each device and if the sender supports the ADSK it
> would encrypt to these subkeys.  This is similar to what OpenKeychain
> does but a more selective approach.  OTOH, I am not sure whether one can
> find a threat model where such a scheme would be useful.

Not sure I understand what you mean about threat model here?

A team I previously worked in abandoned email encryption altogether
because they couldn't access emails on their phones.

Now they use unencrypted email - is that the sort of threat model you
were thinking of?

Paul

v2.23.0 | Report a Bug | By Email