ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[openpgp] Fingerprint schemes versus what to fingerprint

2016-04-06 13:16:12
from [Bryan Ford] [Permanent Link] 
To followup on today’s in-meeting discussion of evolving OpenPGP fingerprints 
beyond SHA-1, I want to propose that there are at least two orthogonal issues 
to decide (and I’m probably not the first to suggest this):

1. What fingerprint scheme(s) should OpenPGP move to going forward?

2. What exactly should the OpenPGP “application” fingerprint with that scheme?

To clarify, I propose to define a “fingerprint scheme” as an algorithm that 
takes a raw octet string and produces an ASCII string of some kind for users to 
cut-and-paste, compare, read off over the phone, etc.  By this definition, just 
like a cryptographic “hash scheme” or “signature scheme”, the “fingerprint 
scheme” itself doesn’t need to know or care what octet string gets fed into it.

As such there’s no reason such a “fingerprint scheme” itself needs to be in any 
way specific to OpenPGP, and I would support the proposals that Phillip and 
others have made that it would be ideal to standardize future fingerprint 
scheme(s) independently of particular protocols such as OpenPGP, and just have 
OpenPGP use that scheme.  CFRG might be the obvious place to do this.  Of 
course, I understand the logistical downsides of having an OpenPGP work-item 
depend on work elsewhere (e.g., CFRG) that isn’t even started yet…  But this 
approach might still be worth considering from a “get it right” perspective if 
there isn’t currently some kind of severe time pressure on the OpenPGP side.

The other, very OpenPGP-specific, question is of course what exact octet-string 
should get fed into whatever fingerprint scheme is chosen.  DKG  brought up the 
question of whether that octet-string should still include the Unix timestamp 
like it currently does.  I think that question leads to a bigger set of issues 
that I’ll try to tease apart in a subsequent E-mail.

But first I just wanted to propose this explicit separation of the two 
questions, “which fingerprint scheme?” (i.e., which function from octet-strings 
to ASCII-strings), and “what to fingerprint?” (how does OpenPGP get from a key 
to the octet-string to feed the fingerprint scheme?).

Thanks
Bryan

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  [openpgp] Should fingerprints be "key-canonical"?, Bryan Ford
Next by Thread:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Werner Koch
Indexes:  [Date] [Thread] [Top] [All Lists]