ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprint schemes versus what to fingerprint

2016-04-07 01:40:31
from [Werner Koch] [Permanent Link] 
On Wed,  6 Apr 2016 20:15, brynosaurus(_at_)gmail(_dot_)com said:


1. What fingerprint scheme(s) should OpenPGP move to going forward?


A SHA-256 hash of the artificial OpenPGP key packet as we use it right
now.  The open question is whether to 

  - include a creation timestamp,
  - a timestamp but fixed to 0 (as Google End-to-End does),
  - some other static info data to surely separate that fingerprint from
    other protocols fingerprint using the same key (i.e. token based)
  - no creation timestamp

The rationale for SHA-256 is that this is the only fast algorithm on all
platforms.

A related question is how to identify the new fingerprint scheme in
OpenPGP objects which store a fingerprint:

  - Implicit by the length of the fingerprint,
  - or by a prefix byte with the hash algorithm,
  - or by a prefix byte with the key version number,
  - or by a prefix byte with the length of the fingerprint.

All but the first options allow to store a truncated fingerprint in some
object (the forthcoming Issuer-Fpr signature subpacket, the updated
Revocation Key subpacket).  I tend to prefer the second option because
this reflects existing usage:

  5.2.3.25.  Signature Target

   (1 octet public-key algorithm, 1 octet hash algorithm, N octets hash)

The public-key algorithm byte does not make much sense, though.


2. What exactly should the OpenPGP “application” fingerprint with that scheme?

To clarify, I propose to define a “fingerprint scheme” as an algorithm
that takes a raw octet string and produces an ASCII string of some


You describe how a fingerprint is presented to the user.  This has been
out of scope for OpenPGP.  Implementations have settled for a de-facto
standard outside of the protocol.  I think we should keep it this way
and at best give only a suggestion for a human readable format.

Humans are bad at comparing fingerprints; this should in general be left
to the software and additional protocols to establish a connection
between an identity and a key/fingerprint.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Mining protection in fingerprint schemes, Jon Callas
Next by Date:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Peter Gutmann
Previous by Thread:  [openpgp] Fingerprint schemes versus what to fingerprint, Bryan Ford
Next by Thread:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bryan Ford
Indexes:  [Date] [Thread] [Top] [All Lists]