IETF Logo Mail Archive

Re: [openpgp] Proposed text for V5 fingerprint

Thijs van Dijk <schnabbel@inurbanus.nl> Mon, 12 September 2016 13:27 UTC

Return-Path: <schnabbel@inurbanus.nl>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3AC112B27E for <openpgp@ietfa.amsl.com>; Mon, 12 Sep 2016 06:27:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.034
X-Spam-Level:
X-Spam-Status: No, score=-2.034 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=inurbanus.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E89U_uSTAkgL for <openpgp@ietfa.amsl.com>; Mon, 12 Sep 2016 06:27:18 -0700 (PDT)
Received: from mail-vk0-x234.google.com (mail-vk0-x234.google.com [IPv6:2607:f8b0:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C73EF12B293 for <openpgp@ietf.org>; Mon, 12 Sep 2016 06:27:13 -0700 (PDT)
Received: by mail-vk0-x234.google.com with SMTP id v189so133598840vkv.1 for <openpgp@ietf.org>; Mon, 12 Sep 2016 06:27:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inurbanus.nl; s=google-inurb; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4Tlx1ZpKFkffXmggYww+P/gLiaVG21WRgisOeWE6+JU=; b=VOCNhH4tOyrbdg952/So5TSKrLnJTNB7oJ5u2KQgIvZe9bMtpQQR+GrFZ4bYtvbA5u wFcCgOeggtlwDzuKRz5fw62irPTdTZzKulXsqjB2uLLargq0xr97jjPxgq0J3javZ/EL EfbXDRkxI0v7OVtfC//BtQCSMYRaaBV4I90ik=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4Tlx1ZpKFkffXmggYww+P/gLiaVG21WRgisOeWE6+JU=; b=TjFtmnr6RAlCuew37keWSFsR3H44hFGIYMdgRn+VZ5h9WA2p0AYcEZ+sXrqfviURcT ojXyAcZl5XIDnydxsUyOatZuCf6cxvWVSb7CN91xr0eF4P3i1Gsfy0KMhiB/G0SifwlC /VxWdgmt6uRQFYl/kyGaxrszhGSPM+9RC3xhL8qqPw19Att55ON5klX2UVwuDAZ4r6kf k2NZJDCxPcUeM0jy45GB0yQrOEbtSEZde7emGNeFeIIIhP0FSOn8HXp4iFbvFWYbAWAY 9SRzChsRmrdQgSLCtf/wenuw8mN0gehyB0gevPSR3jgHXZQuIq9D3Ih+uEhbYSM36hEn jBjQ==
X-Gm-Message-State: AE9vXwPv884dUMGbG/79TyJL+KGpLakHhWSGGsUMQoWD6et/wpaLYUi9DRY7qommgqc8b15jCfqDmJbWZH/F/w==
X-Received: by 10.31.109.65 with SMTP id i62mr10336572vkc.137.1473686832452; Mon, 12 Sep 2016 06:27:12 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.81.24 with HTTP; Mon, 12 Sep 2016 06:27:11 -0700 (PDT)
In-Reply-To: <CAMm+Lwj595p1QtrBbFTeig0VX2Mg0giBXCoZNhNZwzXuKfVUNQ@mail.gmail.com>
References: <CAMm+Lwhz973u20W0TETFrE0Y_frKQth=B0QcisP5bD2jskta4g@mail.gmail.com> <CAMm+Lwj595p1QtrBbFTeig0VX2Mg0giBXCoZNhNZwzXuKfVUNQ@mail.gmail.com>
From: Thijs van Dijk <schnabbel@inurbanus.nl>
Date: Mon, 12 Sep 2016 15:27:11 +0200
Message-ID: <CADGaDpEJhvktfTtr1V6rVdd7LqORDwwZhFbbSZnz-7LdH_6qEA@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: multipart/alternative; boundary="94eb2c096ef428abff053c4f74a7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/wO63OrFeE2aWd81wXQirnL-jk1M>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Proposed text for V5 fingerprint
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Sep 2016 13:27:20 -0000

Hi Phillip,

As promised, I'll post my two cents' worth about your proposal.

In your talk last Thursday, you've revealed some details about the larger
design of which this V5 fingerprint proposal is a part. I can see now you
weren't kidding when you described it as "encumbered." Though your talk was
certainly interesting, I'll try and stay on topic and evaluate your
proposal as a self-contained unit rather than as a tiny part of a larger
design.

To wit:

+1 on dropping SHA-1 in favour of SHA-2. This is kind of a no-brainer.
+1 on prepending a version number to the output for futureproofing.
?? on embedding a content-ID field in the final hash input.
+1 on changing the default fingerprint representation from hex to base32.
+1 on changing the definition of the short/long key ID to n bits from the
start rather than from the end, so even the truncated versions will include
the version ID.

On the content-ID, it's unclear from the above draft which problem you're
trying to solve.
If I were to guess, I'd say it would open the door to unification of
OpenPGP and X509 somewhat, but currently it's not obvious how exactly this
fingerprint format would help. Could you elaborate a bit?

--
Thijs van Dijk

6A94 F9A2 DFE5 40E3 067E  C282 2AFE 9EFA 718B 6165

On 6 September 2016 at 06:47, Phillip Hallam-Baker <phill@hallambaker.com>
wrote:

> Here is the revised proposed text. I am trying to work out what the
> instructions on using gitlab mean. How does making a pull request put
> updates into a repo?
>
> There is a piece of technology that I would very much like to propose
> using but it is very much encumbered :-( So I am going to propose that
> separately and see if we can get the IPR sorted in time to use it. For the
> time being it is not in the draft.
>
> [...]
>

v2.23.0 | Report a Bug | By Email