[Secdispatch] OpenPGP Device Certificates (draft-atkins-openpgp-device-certificates)

Derek Atkins <derek@ihtfp.com> Thu, 11 April 2019 14:26 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 41D46120045 for <secdispatch@ietfa.amsl.com>; Thu, 11 Apr 2019 07:26:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id EitifIpUikiO for <secdispatch@ietfa.amsl.com>; Thu, 11 Apr 2019 07:26:22 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 056DE120033 for <secdispatch@ietf.org>; Thu, 11 Apr 2019 07:26:21 -0700 (PDT)
Received: from localhost (localhost []) by mail2.ihtfp.org (Postfix) with ESMTP id B914EE2044 for <secdispatch@ietf.org>; Thu, 11 Apr 2019 10:26:16 -0400 (EDT)
Received: from mail2.ihtfp.org ([]) by localhost (mail2.ihtfp.org []) (amavisd-maia, port 10024) with ESMTP id 01277-10 for <secdispatch@ietf.org>; Thu, 11 Apr 2019 10:26:15 -0400 (EDT)
Received: from securerf.ihtfp.org (99-46-190-172.lightspeed.tukrga.sbcglobal.net []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (not verified)) by mail2.ihtfp.org (Postfix) with ESMTPS id C60FCE2042 for <secdispatch@ietf.org>; Thu, 11 Apr 2019 10:26:14 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1554992775; bh=9b4uN96C0YuI3EoFmD9ryg1vBebvfVatGSA5WULVu1c=; h=From:To:Subject:Date; b=U/6OZHGlBB0LkwyU4lMUdm4sp9SPxW0KuYH2Fs56hfPm+UiwRzXAW0WXY/QJMb88A JRO/sAc+eU+B6G6dWnvQZlaso0Gxy3Z2vI5/UokF7U3irx1WLtB/XDouBAyVjHeZf+ HFb32CiCU8B4Qh7qELTzNKEWqUzxAPEnwApUSd/s=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id x3BEQBTx030773; Thu, 11 Apr 2019 10:26:11 -0400
From: Derek Atkins <derek@ihtfp.com>
To: secdispatch@ietf.org
Date: Thu, 11 Apr 2019 10:26:10 -0400
Message-ID: <sjm1s28wrct.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/sTDXUPW_uZEouJ5Kw4nrl-XJlKQ>
Subject: [Secdispatch] OpenPGP Device Certificates (draft-atkins-openpgp-device-certificates)
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2019 14:26:24 -0000


A few years ago I wrote a draft on how to extend OpenPGP to support
third-party certification of IoT devices where the device has only an
encryption key (and therefore cannot self-certify).  The draft also
registers a bunch of notations in order to reduce the size of these
certificates when providing ancillary data.

The draft was incorporated into RFC4880bis (so there is consensus on
progressing the concept) but it is unclear to me when that draft will
progress.  In the meantime, I would let to get these registered.
Therefore, I would like to request AD support in progressing this
document, draft-atkins-openpgp-device-certificates.

The specific IANA registries affected are a combination of IETF and
Expert Review.

Thanks for your consideration,

       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant