[openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt
Andrew Gallagher <andrewg@andrewg.com> Fri, 15 November 2024 18:56 UTC
Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51EB7C28EB30 for <openpgp@ietfa.amsl.com>; Fri, 15 Nov 2024 10:56:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gXBV6TEDevTP for <openpgp@ietfa.amsl.com>; Fri, 15 Nov 2024 10:56:48 -0800 (PST)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38341C28EB0B for <openpgp@ietf.org>; Fri, 15 Nov 2024 10:56:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1731696984; bh=u7XiBR1C2pCaoJBhRBiImxrrnCyzgPo6siecKDfwMrc=; h=From:Subject:Date:References:To:In-Reply-To:From; b=SIPD5a/RDOrt85z4pWK/9ih05KXBgCmXGWajyX4UyLKxwjTQMYrrMRutKwt6Y6Nr6 RKD857EkCnHi1v8C9PqUJZGSESdaaCmeHtR8rvxv2NIzn5p1WRhxFh4N6pLNXov5J9 9bSDwNoEN9ZzqIlJouPg6FaZo0ptzM53tZrtUJd+IyNlwt+D6iAy2E0LjkBkGn0TqT 8PF2JLaYl/c1QV8JF73+G7+dIOAJvvlAVyq6oTuCZekXmnUMmu/pfNcQJoq+Sm5JNk fLBJnsunYxih8eLa+bunqs0Z/zc9HqnXsSUmylf45K7vQLbHTnEaCBEezsWCK5BSeb L1TDVxHKjs/Fw==
Received: from smtpclient.apple (serenity [IPv6:fc93:5820:7349:eda2:99a7::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id E94365E68F for <openpgp@ietf.org>; Fri, 15 Nov 2024 18:56:23 +0000 (UTC)
From: Andrew Gallagher <andrewg@andrewg.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_A2E80BF5-B61F-4CBD-9922-8D22E74EEF1D"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.2\))
Date: Fri, 15 Nov 2024 18:55:58 +0000
References: <172954607466.2080527.11129941200377024335@dt-datatracker-78dc5ccf94-w8wgc> <B498EDD0-1FE4-405B-81AD-8E4854720B6F@andrewg.com> <F082F1E1-8779-45AA-897B-CDE8DDF95B40@andrewg.com> <tTD49Q9CCd7cUJK2anZkb4NYq2JS5f4Krv0N3IwmyeYOl2sSotwa2uheNT4il9BzhQtx26q7Avlwufd5Zr09t0cOqa-x74MjNdrjNUE6f_o=@protonmail.com> <85D1D96A-EEC1-4C0A-9A6F-E7BF14554567@andrewg.com> <ai21-U0l-5xqlffeNXg9qeRMY6Kp4dv5Hhxe8dYF5DcWPkLI0Ab6KpGs4qnaVvhytkTR9jtgHtS646sdEuU051bS4IXADvOowyteudKHkpA=@protonmail.com>
To: IETF OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <ai21-U0l-5xqlffeNXg9qeRMY6Kp4dv5Hhxe8dYF5DcWPkLI0Ab6KpGs4qnaVvhytkTR9jtgHtS646sdEuU051bS4IXADvOowyteudKHkpA=@protonmail.com>
Message-Id: <8AF30CAC-9E83-4629-9100-6F6DCFA4584A@andrewg.com>
X-Mailer: Apple Mail (2.3731.700.6.1.2)
Message-ID-Hash: SD5YMRYOO2GXNZY43PV3LIIGUKGZBZRI
X-Message-ID-Hash: SD5YMRYOO2GXNZY43PV3LIIGUKGZBZRI
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: I-D Action: draft-ietf-openpgp-replacementkey-01.txt
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/vRq7ODydoM9xJrrKP0gNBthexpM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hi, all. Justus reminded me[1] that there is no standard definition (yet!) of hard v soft revocations, so I’ve included some text in the latest gitlab copy to cover that omission. It currently reads: — * "hard-revoked" means the key has been revoked with a Reason for Revocation subpacket specifying "Key material has been compromised" or "No reason specified"; the absence of a Reason for Revocation subpacket is equivalent to "No reason specified”. * "soft-revoked" means the key has been revoked with a Reason for Revocation subpacket specifying "Key is superseded" or "Key is retired and no longer used”. If a Key Revocation signature contains a Replacement Key subpacket, a Reason for Revocation subpacket MUST also be included, to prevent it from being interpreted as "No reason specified", which is a hard revocation. * if the Replacement Key subpacket has the "no replacement" bit set, the Reason for Revocation subpacket SHOULD indicate "Key is retired and no longer used”. * if the Replacement Key subpacket does not have the "no replacement" bit set, the Reason For Revocation subpacket SHOULD indicate "Key is superseded”. — The requirement for an explicitly soft Reason for Revocation subpacket flows directly from the normal interpretation of hard revocations as meaning “no signatures made by this key are trustworthy, including this one”. A Replacement Key subpacket in a hard revocation signature is therefore non-functional, so we have to provide a soft Reason for Revocation subpacket, which is constrained to either “Key is superseded” or “Key is retired and no longer used”. However, this appears to duplicate the semantics of the 0x80 “no replacement” bit in the scenario where a key has been revoked. The only context where the “no replacement” bit still appears to have distinct semantics is in the case where a) the current key is *not* revoked, b) there is no other preferred or fallback key, and c) the key owner wishes to make an explicit statement to that effect. But since a) plus b) represents the default scenario, it seems unnecessary to cater for such an explicit non-statement. So I’m going to throw a last-minute spanner in the works and ask: do we still need the “no replacement” bit? I know that Daphne and I both previously argued that we do, but the particular scenario that I had in mind was being able to differentiate between “revoked, no replacement” and “revoked, replacement unspecified” which seems to be already covered by Reason for Revocation values, and is in any case not meaningful to an automated process. A [1] https://gitlab.com/andrewgdotcom/openpgp-replacementkey/-/issues/25
- [openpgp] I-D Action: draft-ietf-openpgp-replacem… internet-drafts
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Daniel Huigens
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Heiko Schäfer
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Daniel Kahn Gillmor
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Daniel Huigens
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… andrewg
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Daniel Huigens
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Daniel Huigens
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher
- [openpgp] Re: I-D Action: draft-ietf-openpgp-repl… Andrew Gallagher