Re: [openpgp] subkey revocation signatures -- RFC compliance?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 27 July 2012 16:59 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9324B11E80D2 for <openpgp@ietfa.amsl.com>; Fri, 27 Jul 2012 09:59:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 80NtwCEVYU-k for <openpgp@ietfa.amsl.com>; Fri, 27 Jul 2012 09:59:25 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id CDACA11E80BF for <openpgp@ietf.org>; Fri, 27 Jul 2012 09:59:25 -0700 (PDT)
Received: from [192.168.13.75] (lair.fifthhorseman.net [108.58.6.98]) by che.mayfirst.org (Postfix) with ESMTPSA id A19B8F975 for <openpgp@ietf.org>; Fri, 27 Jul 2012 12:59:21 -0400 (EDT)
Message-ID: <5012C8E2.5010404@fifthhorseman.net>
Date: Fri, 27 Jul 2012 12:59:14 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:10.0.5) Gecko/20120624 Icedove/10.0.5
MIME-Version: 1.0
To: IETF OpenPGP <openpgp@ietf.org>
References: <87ehnxg6lj.fsf@pip.fifthhorseman.net> <23DE1DDA-670B-4BDB-84C4-71BAF63AA928@jabberwocky.com>
In-Reply-To: <23DE1DDA-670B-4BDB-84C4-71BAF63AA928@jabberwocky.com>
X-Enigmail-Version: 1.4.1
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigDD3D03FEA1E9273CA2265C33"
Subject: Re: [openpgp] subkey revocation signatures -- RFC compliance?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: IETF OpenPGP <openpgp@ietf.org>
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2012 16:59:26 -0000

On 07/27/2012 08:53 AM, David Shaw wrote:
> it seems that this was noticed by Marc Horowitz in 2000 (see http://www.mhonarc.org/archive/html/ietf-openpgp/2000-12/msg00001.html ), but for one reason or another it wasn't resolved before publication.

thanks for digging that up.

> Nice catch!  I think this would be a good errata item for the RFC.  http://www.rfc-editor.org/how_to_report.html

I've now reported it:

http://www.rfc-editor.org/errata_search.php?rfc=4880&eid=3298

Has anyone else tried to implement this corner of the spec?  If so, how
did you handle subkey revocation signatures?  I'd like to be more
confident that we aren't breaking interoperability with anyone by making
this clarification (though arguably the interoperability is probably
already broken if anyone was writing to spec).

	--dkg