Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"

vedaal@nym.hush.com Mon, 05 August 2019 20:03 UTC

Return-Path: <vedaal@nym.hush.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5664E120099 for <openpgp@ietfa.amsl.com>; Mon, 5 Aug 2019 13:03:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hush.ai
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NsW4z3isKgQ6 for <openpgp@ietfa.amsl.com>; Mon, 5 Aug 2019 13:03:48 -0700 (PDT)
Received: from smtp2.hushmail.com (smtp2.hushmail.com [65.39.178.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FE1112008C for <openpgp@ietf.org>; Mon, 5 Aug 2019 13:03:48 -0700 (PDT)
Received: from smtp2.hushmail.com (localhost [127.0.0.1]) by smtp2.hushmail.com (Postfix) with SMTP id 3CC89A0B1C for <openpgp@ietf.org>; Mon, 5 Aug 2019 20:03:47 +0000 (UTC)
X-hush-tls-connected: 1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=hush.ai; h=date:to:subject:from; s=hush; bh=ppzyVzuqtNW+pMWwlixpN3WEf7sU3p5ybHejjs4EKGo=; b=L7PeECo/4IL105PaUpwOluFbQqQTrvi1Bk1PkdZQ21Tjy/0w2nk8aVopk3Q2vOSF6vuqt9gPLq4hV0nEOWUxjrrhY6EO0WIbfxjRIuwwHv6hcKeAGNpxjZxGT4YP/vo0DQdhEUc6X01R5qT2W0XN2gEoxi6INi2U/VepBiqIhhIEiZZUaUO1Bd+aMxnvYz3TeLSQC4VPlbXDSuzsv7wva6RhrFlKKylP1mxvE6w7iXFkkEZpyoAZj0SwNI5WNLnzUtrfuex2CAZQz3VZXekNrlXmYVUaMiwuJCiBQhE1+kYJ4UHXGe9WEbvunlVShrxUE41/r6areaTeOjoIB/wwow==
Received: from smtp.hushmail.com (w9.hushmail.com [65.39.178.29]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp2.hushmail.com (Postfix) with ESMTPS; Mon, 5 Aug 2019 20:03:46 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99) id 3BB4B20116; Mon, 5 Aug 2019 20:03:46 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 05 Aug 2019 16:03:45 -0400
To: Werner Koch <wk@gnupg.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: IETF OpenPGP WG <openpgp@ietf.org>
From: vedaal@nym.hush.com
In-Reply-To: <20190805182326.AC15E20118@smtp.hushmail.com>
References: <87iocqepta.fsf@littlepip.fritz.box> <20190731203444.4822-1-dkg@fifthhorseman.net> <87wofrmrry.fsf@wheatstone.g10code.de> <20190805182326.AC15E20118@smtp.hushmail.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20190805200346.3BB4B20116@smtp.hushmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/t7s3NYXz4q-fbB7_GNM12bEm4qw>
Subject: Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880bis PATCH] Deprecate "Revocation Key", replacing with full-key "Designated Revoker"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Aug 2019 20:03:51 -0000

On 8/5/2019 at 2:23 PM, vedaal@nym.hush.com wrote:
>
>On 8/5/2019 at 1:45 PM, "Werner Koch" <wk@gnupg.org> wrote:

>>I view this as problematic in the light of our preparations to 
>>allow for
>>larger key material.  With PQC we may need megabyte large keys 
>and 
>>then
>>including an entire key would double the size of a keyblock.
>
>=====
>
>There is a workaround which could avoid this;
>
>Generating a Revocation Certificate for the key

=====

The command:   gpg --gen-revoke  
works fine in GnuPG 2.x exactly as it did in 1.x,
although  --gen-revoke is not listed in --dump-options for GnuPG 2.x 
(--desig-revoke is listed in both).

Are there any plans to do away with the --gen-revoke option in 2.x ?
(if possible, keep it, please, please  ;-)   it really is very useful at times.

TIA

vedaal