Re: [openpgp] Fingerprint requirements for OpenPGP
Werner Koch <wk@gnupg.org> Tue, 12 April 2016 17:20 UTC
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4442012DDF9 for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 10:20:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lGJGcSnluhQO for <openpgp@ietfa.amsl.com>; Tue, 12 Apr 2016 10:20:27 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7F8E12D9A3 for <openpgp@ietf.org>; Tue, 12 Apr 2016 10:20:27 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1aq1zG-0003oR-2S for <openpgp@ietf.org>; Tue, 12 Apr 2016 19:20:26 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1aq1wy-0007kS-IB; Tue, 12 Apr 2016 19:18:04 +0200
From: Werner Koch <wk@gnupg.org>
To: Derek Atkins <derek@ihtfp.com>
References: <87vb3nslqh.fsf@alice.fifthhorseman.net> <sjmbn5e3na2.fsf@securerf.ihtfp.org>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367
Mail-Followup-To: Derek Atkins <derek@ihtfp.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, IETF OpenPGP <openpgp@ietf.org>
Date: Tue, 12 Apr 2016 19:18:04 +0200
In-Reply-To: <sjmbn5e3na2.fsf@securerf.ihtfp.org> (Derek Atkins's message of "Tue, 12 Apr 2016 10:38:29 -0400")
Message-ID: <87d1pug303.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/ubZN3CwmHIlMG_stnl3wn5sYZWc>
Cc: IETF OpenPGP <openpgp@ietf.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Subject: Re: [openpgp] Fingerprint requirements for OpenPGP
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Apr 2016 17:20:29 -0000
On Tue, 12 Apr 2016 16:38, derek@ihtfp.com said: > I would argue that (b) is more important than (a). Your use-case (a) > sounds more like a DB Handle, so arguably it should be elided because (a) is required to lookup a key for a signature. Sure this could also be done using mail address included in the signature. But a fingerprint can work even if a mail provider re-assigns a mail address (assuming the mail provider uses OpenPGP DANE or PKA). Right now a signature includes only a keyid but for rfc4880bis we will add a new subpacket for the fingerprint. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
- [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Vincent Breitmoser
- Re: [openpgp] Fingerprint requirements for OpenPGP Joseph Lorenzo Hall
- Re: [openpgp] Fingerprint requirements for OpenPGP Vincent Breitmoser
- Re: [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Salz, Rich
- Re: [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP KellerFuchs
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Jon Callas
- [openpgp] proof-of-work fingerprints [was: Re: Fi… Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Daniel Kahn Gillmor
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP Bill Frantz
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Joseph Lorenzo Hall
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP Werner Koch
- Re: [openpgp] Fingerprint requirements for OpenPGP Vincent Breitmoser
- Re: [openpgp] Fingerprint requirements for OpenPGP Joseph Lorenzo Hall
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Derek Atkins
- Re: [openpgp] Fingerprint requirements for OpenPGP Joseph Lorenzo Hall
- Re: [openpgp] Fingerprint requirements for OpenPGP Phillip Hallam-Baker
- Re: [openpgp] proof-of-work fingerprints [was: Re… Phillip Hallam-Baker
- Re: [openpgp] proof-of-work fingerprints [was: Re… Phillip Hallam-Baker