-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello David,
On Fri, 27 Jun 2003 10:03:58 -0400, you wrote:
[818D9699]*** PGP SIGNATURE VERIFICATION ***
[818D9699]*** Hash: SHA1
[818D9699]*** Status: Good Signature from Invalid Key
[818D9699]*** Alert: NEVER TRUST A V4 KEY.
[818D9699]*** Signer: David M. Shaw <dshaw(_at_)jabberwocky(_dot_)com>
[818D9699]*** Note: Signing Key is a Sub-Key!
[818D9699]*** Key ID: 0xE2665C8749E1CBC9
[818D9699]*** Fingerprint: FC2A 0E9B 5122 7D7B 5923 2CE6 E266 5C87 49E1
CBC9 [818D9699]*** Signed: 6/27/2003 4:03:58 PM
[818D9699]*** Verified: 6/27/2003 11:58:15 PM
[818D9699]*** BEGIN PGP VERIFIED MESSAGE ***
On Thu, Jun 26, 2003 at 04:56:43PM +0200, Imad R. Faiad wrote:
As I understand it, sub keys are only justified in the following
circumstances:-
1) When the public key algorithm does not support encryption (e.g. DSA).
2) In agreement with a school of thought, which recommends that
it is good practice not to use the same key for signing and
encryption.
Any other arguments beyond the above, are just eccentricities,
and will be better addressed by creating another key.
One person's eccentricity is another person's operational requirement.
OpenPGP should be flexible enough to accomodate both.
Exactly, it's an operational requirement, therefore, please by all
means exclude such requirements from a standard, which as I understand
it, defines OpenPGP packet formats. Operational requirement, depends
on one's taste. And needless to say, tastes differ, so please do not
burden that standard with one's groups view of what these operational
requirement should be... I am sure, with some thoughts, you or anyone
for that matter can come up with something, to meet those requirements,
with just the humblest of OpenPGP keys. If on the other hand
you feel that these operational requirement are the best thing
since sliced bread, than by all means, spawn another RFC
to standardize them.
I do not share your view that OpenPGP should be flexible when that
flexibility leads to complexity. OpenPGP should be as simple as possible,
without compromising security that is, it should be easily implemented,
unambiguous, and understood by it's users.
A lot of users have a hard time as it is, understanding the concepts
of Public Key Encryption. We are creating barriers for users,
and implementors. As I understand it, OpenPGP is supposed to be
a standard whose end users are supposed to be the masses.
I cannot see how the masses can be served with the operational
requirements of paranoids, I mean those of us who feel impelled
to have off and on line boxes, super duper master keys to be
used in a super duper secure environments, with lesser sub keys which
expire on the hour... Hey what are you guys protecting? Nukes?
If that is the case, maybe you guys need something more that
Pretty Good Privacy...
Therefore, for the sake of simplicity, please permit me to propose
that an OpenPGP key be a Master Key of an OpenPGP public key algorithm
suitable for signing, and ONE optional encryption sub key of an
OpenPGP public key algorithm suitable for encryption (and / or signing
if the owner so desires), PERIOD.
I guess I don't really see how this helps. Remember that both
multiple subkeys and signing subkeys are from 2440. These are not new
inventions in 2440bis, and are already widely supported in the field.
All versions of PGP (5+) and GnuPG support multiple subkeys. All
versions of GnuPG and PGP 8 support signing subkeys.
The reason that I have proposed the above, is because I am very concerned
about v4 keys in general, and in particular sub keys. Also, I do
believe in the principle that less is better, especially so
for crypto software.
What is under discussion here is a simple fix for a design weakness in
signing subkeys. Forcing all v4 keys to have one and only one subkey
would effectively declare every current OpenPGP implementation
noncompliant, and even then not solve the problem at hand with
sign+encrypt subkeys.
The problem is a lot more than that. V4 keys are flowed to begin
with. Please re-read what I stated in my previous message,
in particular the sections which you sniped.
I think, that this is an problem which should be addressed.
David
No offense,
and with all respect,
Best Regards
Imad R. Faiad
[818D9699]*** END PGP VERIFIED MESSAGE ***
-----BEGIN PGP SIGNATURE-----
Version: 8.0.2irf
Comment: KeyID: 0xBCC31718833F1BAD
Comment: Fingerprint: 75CD 96A7 8ABB F87E 9390 5FD7 2A88 4F45
iQEVAwUBPvzIqbzDFxiDPxutAQIqAQgAjkRMqXuNRWGycNNd8g4yh0tS88TQMsbC
VGLkiwi1qcYZPzH5OvEaoG549jXLn+/N609OkSmS71CRsCDr/mUrmKclLVfdeHCw
XqCE1qFNzq9bUFb7HXzVzWAPDpebmN9Ys/WdOj8Fbe3/1+t9iOZHxiuQLFY1RPzt
W+JOBdUE5em4g867OKdQrY6ShWHmbZJICmObuWDTJWwRPIAEeR1L/jHgV9Pvascr
N/voRsxQ+jXTR91p6QuzYiJk9cnMHXVI1XUtg+tF8nUIsQP/B0s7j6wywqkjtPDZ
rjmeWcnn8DtQbREa1pPMbWFaZ46dZUotzhO6xc4A68Ws40F4WWu5hA==
=MwPc
-----END PGP SIGNATURE-----