Phillip Hallam-Baker <phill(_at_)hallambaker(_dot_)com> writes:
On Wed, Apr 15, 2015 at 8:39 PM, Christoph Anton Mitterer
<calestyo(_at_)scientia(_dot_)net> wrote:
On Wed, 2015-04-15 at 14:01 -0700, Jon Callas wrote:
There was also a mention somewhere of removing the timestamp from the
fingerprint, and that's what I really want to comment on.
When 2440 started, removing the timestamp was one of the things I
wanted to do. However, it's not such a bad thing. If you make a
fingerprint merely be a function of the key (it has no variable data),
then you lose the ability to alias the key, which is actually useful.
I think the main problem with the valid from/through dates not being a
part of the fingerprint is the following:
A user may intentionally want to limit his key for security reasons,
e.g. he makes a 1024 bit and wants to make sure that no one is
using/trusting it after two years anymore.
That is an important requirement but putting the time info into the
fingerprint is not the only way to address it.
True, but it's IMHO the best way in OpenPGP terms.
Operating PKIX, the lifetime of root keys and root certs is very
different. Rolling over a root with the same key is common. The
principal application of fingerprints is analogous to a root.
Yes, but in PKIX you have the serial number. We don't have that in
OpenPGP, and frankly I don't think we do need it or want it.
That said, if we hash <content-type> + <data> rather than just <data>,
there is no need to commit to a single approach now.
That's why I think, that creation and expiration times should be
immutable once the key has been created; at least not without
invalidating all signatures (i.e. those from other users).
At that point we are authenticating a self signed cert, not just the
key and the dynamics are different.
Not really. The creation and expiration times in the "key" are (IIRC)
included not just in the self-singatures but also in all the additional
certification signatures, too.
I agree that if the Key has a creation date and expiration date then
those items should be immutable.
If the user wants to generate a new "key" using the same key material
(generally a bad idea, IMHO) then it should be considered a different
key (and as a result have a different fingerprint).
If the user believes that they might, down the road, want to re-certfiy
their key then the way to do that, IMHO, is to leave out the expiration
date in the key packet and just use the expiration date in the
self-signature to "time out" the key.
-derek
--
Derek Atkins 617-623-3745
derek(_at_)ihtfp(_dot_)com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp