[openpgp] Scoped trust (signatures)

Leo Gaspard <ietf@leo.gaspard.ninja> Fri, 18 May 2018 20:26 UTC

Return-Path: <ietf@leo.gaspard.ninja>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5989C12DA6C for <openpgp@ietfa.amsl.com>; Fri, 18 May 2018 13:26:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=leo.gaspard.ninja
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T40dW22uDH1E for <openpgp@ietfa.amsl.com>; Fri, 18 May 2018 13:26:07 -0700 (PDT)
Received: from smtp.gaspard.ninja (grym.ekleog.org [94.23.42.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 527C912DFDB for <openpgp@ietf.org>; Fri, 18 May 2018 13:26:06 -0700 (PDT)
Received: by smtp.gaspard.ninja (OpenSMTPD) with ESMTP id 6d4f939c for <openpgp@ietf.org>; Fri, 18 May 2018 20:26:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=leo.gaspard.ninja; h=to:from:subject:message-id:date:mime-version:content-type :content-transfer-encoding; s=grym-20170528; bh=HcNhi9xtpp1TrKmJ l+DImTpxfKc=; b=gPIgdViPRhAUqU5cvgAFUkTKL14A2fH7PYn9gwNSvr+i/7nf lEEEnVO18ZGVP+jgUT46XsJzOB/U/DbwyDuvjgrAXZR5Naw+xlWygeU/r0NSnW4F a2tQVC29TFH2io47p3MBtUiEu+0q8ZeXRkesHjtOuFtYz1hWvPpYBmVMSfw=
Received: by smtp.gaspard.ninja (OpenSMTPD) with ESMTPSA id e4a31ff2 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO) for <openpgp@ietf.org>; Fri, 18 May 2018 20:26:03 +0000 (UTC)
To: openpgp@ietf.org
From: Leo Gaspard <ietf@leo.gaspard.ninja>
Openpgp: preference=signencrypt
Autocrypt: addr=leo@gaspard.io; prefer-encrypt=mutual; keydata= xsFNBFXhpEQBEADhOlZssy/qmNV0acTKB/ucRTGhsPt25v0R0HQ0AlpU/bY0rWbTMEYAJhFM 0owTsdJ1ATHvQCbRz9EWNGSL10nTjdX7LDrpCBURUu8LabQ0VpKvyvj6WqmeiOP0bQaIAHMA FHWCaq4FAXCcWl6DvN3h5yYbkN3k0IoCPoOnvSg7qYXwhMOzk2wHc+6T40cCj2PmTqP4lrnl vpl8UZubRlrCDihCTxvzKU5vlywgj6xeCsKUykPH/i62NWW6M0n/ChERkD2IFXYK+1zGVHpq SLyEpsC4ShJ1wswbI6e5Pw0W4XHjEr+voq6ljdrFZiyGbjdDSx+euZdXb4Y/3y3Y9HdXWLBj uN1+yY47ikpVBVoG6yEFarOhYz/SeWObFj8AUUphlUgqbn8W+7hRCDIOXMgA5YuSoeS1hQ+n 0fwpUYgPd1AvNz61P6sNO5Z4vgxmBQATv4z1/MuVMmstsVwPHnCVF9xX9ebcaU/RvJI6EmaW AnhiPLfeFZ+hYvIkk69elEgAhKNcDdKVeQY8K0n+wfb1S8kZxNTne2twILr0rLZ1BzRe7DUG yg0x4s6Jx0ChzwI0Non0csecaCM7bHIhv1+kc20KD9uNlAWmlRrQRpcRVaq1Y230SHS/hS5K saKRsWeQDsfmMxgesz2v5dxc2Dx32GxXPnxoZwk/93EQqhbbeQARAQABzRxMZW8gR2FzcGFy ZCA8bGVvQGdhc3BhcmQuaW8+wsGABBMBCAAqAhsBBQsJCAcCBhUICQoLAgQWAgMBAh4BAheA AhkBBQJaDFmwBQkGIQDsAAoJEGWY8jXyP7KuzEwP/A4rynzccNlRuJgV1giMvRBb+osRW+2H FYXu6gOdRTpkcRD903nstbYbC+LiQB5wwAhoJrWxOChY8fwVJqbrpD3ZbBlAYBZ79NKCSzYA iJsVgpYXMXe+7F0g/eldJccluR82ipHQgUaCnGMMUWTgbmPVH7K0ytobCbHaFIALG0uqe+XH PJ5OGD9giefox5ntuQKDhJRs7783CObwHa/0pk3hPCbYE6DtfhWx5teiW6+GsEf0kAIZ5E+7 cEfCiNj/0AqVph0M+3A68x4nOMV//maM3yWVv77zumeyaPsRlWiqK/9YTYUh/lZtbPezBytP hGtsqEStGdmhAoc2M02gPIXzmBjUTzXSnfWWOJsxsptqAo2LIZrRBCsM1laRBX5EAQrfFeZg eFKIJfRzX+IA/UbfdDKSjEU7Ei+ChQdW3mXOFlJkcsTICurgjwrGIrh6k0ifkerVdTX/0agn kDImfMenj5x7Xf6d+M62PIcX0efVe7BtSji/nJPowEcOlWhzQH3W5bup50ZWnowcyT2CJx8b 1J7aIn1dPnmKmUvl2HiOGF6XtyVivQLrth941Tr3o5u/b/R3hsIoL+azlRWXonPBnBc21KGR 7GVdDjAPcMAqjx0KJfUSKVGkE1WxHJH+xwieFNZlPwnrCx5xOAF5rN6BYWg5adkqC20Y5zyw 5VH/zsDNBFhATnYBDADJd9VSNqYfQ6xnQ+SH3pBuAd721I00JG+ewmtChbTFC1Hw19Ks6c2K 3IXl7f1aVIjJzz0eQ+rG9FhmlswPnMtsWu0phV1EtuOWZPpvQMEikc/tzJ8SGgt4g80LPUSU ew04q5Q21MtoTAYqY4PfWZSp8YkvTjpTLWnmrNVBcqctHfWzElEYpPDD+j1ID7GJbVKFuTXs ZvGktr8Quyb3rIiRESvn08w2usviiHIvIypa4r8jOEnwAAEcSz/2By9zhCdie/r78co7bWHK hAX/oThylKXgTEwmiDRl2/iu0MBT8PmYavu8Cmjg09HWUFXdZNkPOPLD9bymb9mARRS3/OMb Uu5Vg/d6TgLFjao8/KKdlFK1k3asM9mXxz98VtUOxgtOP/DOEuIPaYJLnhV0AyezmuddPLYk 5s1BYk9wBolOf7+iq4MlnUzgKT6gfQiB3NZkhdChULLeaZZifRKrENQ/beDqhbzA63xg2vzJ T+AyL4fKAjS8fiTaplUta59Tc0kAEQEAAcLBZQQYAQgADwUCWEBOdgIbDAUJAeEzgAAKCRBl mPI18j+yrsu+D/9v13WE8OJxlqsVnrOcsLw2Gnd78lqHwGu4FOBiGJfg2Kt9YcSbFvdg6Agm erNgt+W1Xdair4CXyr4CRSCAfqLdZSNLetjudy6rKrrzWPxiCAkW/HQrqI5RGTx8GPFDLLhd 4avAPA1270W3gWUVYPk/R5SdUVIKHA/2Hum/aR0+6zHA/NOmX3P6KAPixDY+raKLdSTy5wWo 8j6YArJIpwol0N98EqXBpT+H4++eY+x/fr4V3w1YnASKRRIETsTVFP6uk7v5EH32cXSSHW+O HIMUMP/4f0KC1sVqVjiZT6uRKTkujYaZbg01s5SM4jR11zXKQEQOIEfisQ8Kb0o8uRQkE//I Adf5u/d9Ed0UTPYiyWU8wPqndpwmvCX7ddfzaiZbSYXQvQ7KFVVqUnbdbcqSqTuEkzk2+Zkz OS2ZQaw/ZVjs6X2PjTrzqTF1S/1kvZ96fLsxJ/xHLjFQJlUykF5LxtNUyBiPvSmqwGnYSMqj 3u8e65kHVhcRgHxKqfg+TXGgHsfdsXw42ofMiAIoi39oWkQC+qRFGrfvSeg2h3jHER/d6ryA 2Lm1Fwe1GFx4lnhBZ+hsyAPNP+37BS2aNixnoFSQR5JHsF1EfcsSAOnZqHrtz0fC6UpnggKI QJgn62UqdB16FG80fI/Ic9BpEJmB6W0kQyty1DUq7YGUfK5mN8LBZQQYAQgADwIbDAUCWgxa GQUJA8JXIwAKCRBlmPI18j+yrnGYEACKZYR8/hjckHSrwfbdltS5NOrBOpNM/pQv1ZXO2jm1 pYZLf8qSwQSy7NRd1A8ebk6LiqKZeMvOxP+zFWpABdjOlgrGGaVtIqWKvqBhw/Db7sXvsPvr gGiKYupKwGe3K/LIrp7aCq1Rx42mp6ZaclDry2JoD/4orx8zlZIDx27LwOdLMHTQD1rVKdrr dKUXFxwNWT1QF94/uxI3Qs5UJPD7/uONFmPPdz/e0OrCVusNvvwVumJdP0WRXgsWcbtP7wZl YzIi/tVzXd+seq/ZCdgQZiw909wlmG4vA4wOwbJE/CTiGaJGRmGc+dNTziGadsndRN2QmXUt z1/6AP2eufnoDyQ2IffEL3iCVhMZ21hjpT3Km8pGddcROSu4sCCiWStAgRk4BfqR74vZMo+8 oybArbnMF5CnC6Aak8sBz17B4jqKIck+1Krge/EgbbBt25hEokdRZJXfvecYEVpj8EGG1KBz JZI+Zgz8Za1hjoAlPbqlYMqR6gn9cq8kmAjWFBU3ajkvcL0SMrmAJdYQ0rE0+Jz8ceBLZqUy rwoipQp5C+ShkUiwXZRv5OQvWkHa6fKLQMKBpPhL7TfPzyljnRRSkXtOcYhV1pdKzK5nPrvs z53hmaWDgBqsbXyfPhckLi+GHPQXFn0ib8CINJiGn3g6imILS2/30RtVcwGiCBMtzw==
Message-ID: <39e598e1-2bc0-32c9-3489-4bb6ca2a631b@leo.gaspard.ninja>
Date: Fri, 18 May 2018 22:26:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/yPBm64aKDjF8eSIb-IBFMOocZvA>
Subject: [openpgp] Scoped trust (signatures)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2018 20:26:11 -0000

Hello,

I have subscribed to this list only recently (late 2016), so please
forgive me if this has already been discussed, as I couldn't find it in
the ML archives. I also hope I didn't miss something fundamental while
writing down this idea.

As I understand it, currently, with OpenPGP, it is possible to simulate
the Certificate Authority model:
 * The clients wishing to use it assign full trust to the root CAs
 * Root CAs use 255-trust trust signatures for subordinate CAs
 * Subordinate CAs sign the verified OpenPGP keys

I think it would be great to also be able to simulate the DNSSEC model,
so that as a client I would be able to say “I trust [this key] to make
statements about [this set of keys].” I see it as, is in a way, a
logical follow-up of Web Key Directory.

As I understand it, RFC4880 already has a provision for such a model,
with §5.2.3.14 _Regular Expression_.

However, there is from my reading an issue with (the wording of) this
section: it only restricts one-level trust signatures. In other words,
from my reading, if:
 * User U trusts(255, r".*<.*@ca-a.com>") "A <root@ca-a.com>"
 * root@ca-a.com trusts(255, r".*<.*@example.org>") "B <b@ca-a.com>"
 * b@ca-a.com signs "C <c@example.org>"

Then, from A's point of view:
 * root@ca-a.com has trust(255, r".*<.*@ca-a.com>")
 * b@ca-a.com has trust(254, r".*<.*@example.org>")
 * c@example.org is valid

However, I don't think c@example.org should be valid, as user U only
wanted to give permissions on r".*<.*@ca-a.com>" to root@ca-a.com. So I
think all regular expressions in the trust chain should have to match in
order to not be rejected -- in a similar fashion as the DNSSEC model.

So the “wrong” line here would be b@ca-a.com's trust, which should be
calculated as trust(254, r".*<.*@example.org>" AND r".*<.*@ca-a.com>")a.com>").

Another issue of this scheme, obviously, is that noone “in the wild”
currently uses regular expression subpackets (that I know of). However,
I hope this could change, were this change to allow creation of scoped
CAs, that would interact nicely with WKD.

For instance, a mail provider could set up such a “CA”, that would
automatically sign all keys that would pass the WKD test, and for which
the UID would be confirmed as valid by the internal database. Then,
users could start trusting such mail-provider-provided CAs, for
additional validation of the user ID (in addition to the localpart
already “validated” by HTTPS), while still restricting them for only
being valid for the domain(s) they own. For easy discovery,
mail-provider-provided CAs could have a path at
.well-known/openpgpkey/mail-provider-key, and the user could decide to
add some trust to this CA.

The aim of this proposal being to make OpenPGP easier to use by
introducing ways to reduce the work required for setting up a secure
channel, while leaving control over these to the user (or to the
implementer, for opinionated implementations)

What do you think about this?

Cheers,
Leo