Re: [openpgp] Marker packet for OpenPGP-NG (was: Confirming open questions discussed at IETF 114)
"Neal H. Walfield" <neal@walfield.org> Wed, 12 October 2022 15:30 UTC
Return-Path: <neal@walfield.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B204DC152715 for <openpgp@ietfa.amsl.com>; Wed, 12 Oct 2022 08:30:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cc_e_fvGNZid for <openpgp@ietfa.amsl.com>; Wed, 12 Oct 2022 08:30:16 -0700 (PDT)
Received: from mail.dasr.de (mail.dasr.de [202.61.250.5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6433CC14F743 for <openpgp@ietf.org>; Wed, 12 Oct 2022 08:30:15 -0700 (PDT)
Received: from 92-67-104-170.biz.kpn.net ([92.67.104.170] helo=chu.walfield.org) by mail.dasr.de with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <neal@walfield.org>) id 1oidgS-00053r-OG for openpgp@ietf.org; Wed, 12 Oct 2022 17:30:12 +0200
Date: Wed, 12 Oct 2022 17:30:11 +0200
Message-ID: <87fsftdpq4.wl-neal@walfield.org>
From: "Neal H. Walfield" <neal@walfield.org>
To: openpgp@ietf.org
In-Reply-To: <87sfjtdr3b.fsf_-_@wheatstone.g10code.de>
References: <87tu6wneqh.fsf@fifthhorseman.net> <87y1tm635e.fsf@fifthhorseman.net> <bc30b65f-3dc7-fa1a-e3a9-9b7171192d92@cs.tcd.ie> <87sfjtdr3b.fsf_-_@wheatstone.g10code.de>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (Gojō) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/znyHXAU-pEfl8_cBOoNIa30tDsg>
Subject: Re: [openpgp] Marker packet for OpenPGP-NG (was: Confirming open questions discussed at IETF 114)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2022 15:30:20 -0000
On Wed, 12 Oct 2022 17:00:40 +0200, Werner Koch wrote: > 1. All data including key packets shall make use of a marker packet > > 5.8. Marker Packet (Tag 10) > > This packet was used by certain PGP versions and flagged as obsolete > in RFC-4880. With this specification it is repurposed to mark the > data and keys constructed as specified by this specification and its > successors. > > The body of this packet consists of: > > - The three octets 0x60, 0x67, 0x70 (which spell "pgp" in UTF-8). (I think you mean 0x70, 0x67, 0x70.) > Implementations SHALL use this packet to indicate packet formats > described by this specification. It SHALL be the first packet of > each OpenPGP Message or sets of OpenPGP Keys. Note that the old > marker packet used three different octets. I agree with this suggestion, but for different reasons. Currently, fingerprinting a PGP message is tricky. Consider the file(1) command / libmagic(3) library. libmagic implements a domain specific language (magic) to fingerprint files. To confidently (>= 48 bits of entropy) fingerprint binary OpenPGP keys, I wrote a relatively complicated parser: https://github.com/file/file/blob/master/magic/Magdir/pgp-binary-keys Compare this with, say, the ogg audio format, which is identified in just one line of magic: https://github.com/file/file/blob/master/magic/Magdir/vorbis#L25 (The rest of the file extracts some meta-data.) Basically, the file contains a fixed string ("OggS") at a fixed location (offset 0). I think it would be good if OpenPGP also had such a string. And, the marker packet is a pretty good way to add it in a non-intrusive way, I think. Neal
- [openpgp] Meeting Minutes for OpenPGP at IETF 114 Daniel Kahn Gillmor
- Re: [openpgp] Meeting Minutes for OpenPGP at IETF… Daniel Huigens
- Re: [openpgp] Meeting Minutes for OpenPGP at IETF… Daniel Kahn Gillmor
- [openpgp] Confirming open questions discussed at … Daniel Kahn Gillmor
- Re: [openpgp] Confirming open questions discussed… Stephen Farrell
- [openpgp] Marker packet for OpenPGP-NG (was: Conf… Werner Koch
- Re: [openpgp] Marker packet for OpenPGP-NG (was: … Neal H. Walfield
- Re: [openpgp] Marker packet for OpenPGP-NG (was: … Paul Wouters
- Re: [openpgp] Marker packet for OpenPGP-NG (was: … Daniel Kahn Gillmor
- Re: [openpgp] Confirming open questions discussed… Daniel Kahn Gillmor