Re: [openpgp] Privacy-preserving Transferable Public Keys

Heiko Stamer <HeikoStamer@gmx.net> Thu, 13 June 2019 21:59 UTC

Return-Path: <HeikoStamer@gmx.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96E9E1200EC for <openpgp@ietfa.amsl.com>; Thu, 13 Jun 2019 14:59:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xF6o-C07s70X for <openpgp@ietfa.amsl.com>; Thu, 13 Jun 2019 14:59:38 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3482112006D for <openpgp@ietf.org>; Thu, 13 Jun 2019 14:59:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1560463175; bh=5gnebi5FESzff9c3z0Zy6Cms81asFcmnP+CxfLrZc8g=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=MRJZhA4h1dj4ntz7zF7U7Qh3jnnWjU3N6e2nt2s74kNFHTyrn8tveo37tjESzxi52 RGUviMfTuXtBN1EhQhFSK+jKXyIT0qlg2QmnNw/N4H+NWPKQsZlrFM9ehRXmvPSyTN WOIlf2FlRU72VCAukYs8YUaApZLvsFlwjxqjIV0M=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.30] ([80.132.227.94]) by mail.gmx.com (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1Mjj8D-1iLMuC25JD-00lDkx for <openpgp@ietf.org>; Thu, 13 Jun 2019 23:59:35 +0200
To: openpgp@ietf.org
References: <3LBKVNEMXC3DV.3JS3W5ZE7TFEZ@my.amazin.horse>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQiSGVpa28gU3Rh bWVyIDxoZWlrb3N0YW1lckBnbXgubmV0Poh4BBMRAgA4AhsDAh4BAheAFiEEdvcwETKdJ9uN fD+XT1hOuPsr4U8FAlzqvfMFCwkIBwIGFQoJCAsCBBYCAwEACgkQT1hOuPsr4U8jZQCfbz7N emwAJ2OdrBP9mmsySktb4IQAnRWJOYy4bH3R42nh6KCUkbDXQoNhuQMNBDdYKtkQDACuGU2S WXmjpoyGIX/UHze60OolxBdtKzhvDZHhy1Sz8NNrdkI3ozuYOMxkKZZLTw/iQigVNQfwy+5f AUw6KaH8OPnwInqyeguI6PwG0qQK2cWlSTZDlTW8B2D3Qpjt8sYnnjGEIGKGb7ZAUgODmWYd sS35otyEQT0Un/kRIqjyQcvWgNH++t+LypXUxu0eD0dlD/kx46TP9kqTYsr/8vWWhD2J98x0 ZFrFMN8QDCIhO9x3p+qPyfSiAdnuI4iN1RYsKtC2ikb+cIc5bYysnRots1anAy3Pd5Q8bFtj lzxPPRh90v/Yq5RM/3IgbsbS0zDI0ldznld+DInezLs/EROsITmmbXrhIAHC8TjcXtxWR3ht nFLnIgmQ3Rag0bQesNF4Y5bXSGcw/MxwWcm6EXwcbm7Uc64k8YxXMYyNy+XX/bi1o7r5JdH0 mKUFeXTF9WLrNpF4jBylHk1RNDbR6kp6M87vPJeg/nQh19ItQQxYJGYu9KBhBGhFtDUIAyLT nTcAAwUL/2tHe52rFeCVvZo7RZ5SQy/aclx7hnPsvb3yTXcvg5c7hweOL7Zfsh/XnE3acRO0 YAfGb0LxMFJlfpHgcPuTZEd5rPgJz68GccACBPw8Z8MgQEBE5H/UiAR/HM9AQmEN+wfjeDlv 6ZGElmnY59gYIuCGUVsqw5pwCCsLBs3xlMTyCiNwDHERRao3YTGhaNy9hsCdqNHQcXdSzdF6 OtvfMnXI67QGyiNcbjVwXwQHlGAsxo4O3FMOl138o1Oa00JMSk7td8bClMAp7Hu4zrw533TZ 2Avp+6OFjUAQ4U4hdEDGePNm2hbQinKnUCd30PboqIdZDmYq4SSeNMbWKwy3Etx/a0GX39F/ gnjmveBHSWGGB+wSKcrK3yfXNXMa4OW683m/aH1msS0L0SFwbm2w7XdALp0DCV031x1JoGAn c0mVcstbVM7KNUGnCOA9D4USKHrj/IoZVoapx0b+bWPFHtfLhcm2lSDlq7F140DlQVL1xZmA nPcpLyXMmEmnS2JCZYhGBBgRAgAGBQI3WCrZAAoJEE9YTrj7K+FPcRMAnige4x75lK1p7sbK sdhZb6tv4CJPAKCpDqRn9o7nfvLlouXNaIR1nri7cw==
Message-ID: <82eb1f82-f2a2-a881-2c18-fd9427c882ed@gmx.net>
Date: Thu, 13 Jun 2019 23:59:22 +0200
MIME-Version: 1.0
In-Reply-To: <3LBKVNEMXC3DV.3JS3W5ZE7TFEZ@my.amazin.horse>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:AvYRN/m+nYm5f1vaPPg//jVSXWBW7RMTFz20KGgd9LhDQCbz0m0 aQbcdKKuTSlixYY/zwCgRohI9DbVAmSL6dmZD+bcHJGXI1oev0rYfJ8UIJrKuMiIsTaRn3D 7t8tZo6ShtqoqMI9SxZFdEpfnfAhHgy5YF2XRfimm6mbnilZSWxJefG69ggdBEm9M844RgL F0eq2NidTDjNHi76pI0yQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:K6j8/3Zrglk=:huziMqsO1JJ8IIwne4OBd1 oega0HHopkty111nHA9Csg3/o/pyTBZdrgPyjy2XdZC0PprAROqGeMpWupWDxsl3r4lcHvRIp L8xdWvisxCWmXbbs/8Cm0IykiCuDaBxJSMIC3j21mdDjyM64LdfMVUDntycvVw37M3t67Psmp J9doNJWMDiC/1EVsa91zbJRsMbKzr3NQDol9SXeiSpc52ps+tft/r9lRIe+iXhLYKX3Px2sRF I+6MQXmZuqLxT91JEgU7BJ157BQ3s8UeE11/3TSkMUoP18auFeTex08RYSYQ93oVyqMe0lh30 h8JwOwq2GREQUloQzQqMkvmN3kQ2H/oceywzqRqPGGxcNnqRqCNhaW58NB3hTWvC32s8uKGW6 +Ifp50y9i0SlMJXvsq7l0sdE1VIB6s7EfugJtw9VjW/yG4NQPELgAaiD8MsSSzW1BXUCng7Cm S69mUoTX0N1+v4PJM2DP7qaOHhmrX/zxBTz6pOA7zq45wm9DQ2MaQm/0uCIqC0538qrFX9qMI ZaT5t9Vbr2rvSiymLc4ajk5izxeQ77YmihG+rWcu1R2UCM3IJBapy4moGxErSka9a28l8YgSO jJmfdFpnK53f7Wwlj/q7XNuqhXbFIr9qBTyJuqsj6UJ9HTF2wh6x2N+qCpwQlSIXAUuY0Kn36 /Wfl4A9Br9CodYTybbbcxTbniyKhJdMO5dJETSotkB3fKfnwjaI+0U0f1Wx788S3WNHroPas5 vxoY39h1SuT4h7pSgAqSwX57UfCc1WFJ6Ojj2snW0cbbty9RRacNKJqhEl/zi4+0bTVK0EPB5 xkITXLYfr7dj9APvEWxv6U+sAgV4YYOXsiC0Xi0Qtia2hOqdhUIpG7Bu3vmgdz85d4y/1f//y hDYRLAMms/r2HYwkOIDiNVwZXynd/kTuIJmIT2lFukOhzq8oiJRNbUmFeariFoPYdhh6y/HCb rzQEOE+rEBi/V29+76/WSUesJt7W+L+QraW2PnVbmGb3u7mOn3CMP
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/w7HPlW1ASXZqE5nTaj3pDnUhDcM>
Subject: Re: [openpgp] Privacy-preserving Transferable Public Keys
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 21:59:41 -0000

On 31 May 2019 at 09:42, Vincent Breitmoser wrote:

> Strictly speaking there doesn't have to be a signature on that User ID, but in
> practice OpenPGP implementations commonly consider TPKs that carry no UserID (or
> no signed UserID) as invalid.

I'll change that in DKGPG soon, however, to avoid trouble IMHO some kind
of self-signature is still required (e.g. type 0x1f).

> I would really like to see these consideration addressed in the spec somehow.

Thus I suggest to change (in section 11.1 of draft RFC 4880bis)

    Zero or more revocation signatures

to

    Zero or more revocation or direct key signatures

to cover such use cases without user IDs or user attributes. Perhaps
already RFC 4880 had those scenarios in mind (cf. section 12.1):

    Primary-Key
      [Revocation Self Signature]
      [Direct Key Signature...]
      [User ID [Signature ...] ...]
      [User Attribute [Signature ...] ...]
      [[Subkey [Binding-Signature-Revocation]
              Primary-Key-Binding-Signature] ...]


--
Heiko