ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprint schemes versus what to fingerprint

2016-04-07 10:28:37
from [Werner Koch] [Permanent Link] 
On Thu,  7 Apr 2016 16:44, brynosaurus(_at_)gmail(_dot_)com said:


What about Blake2?  If OpenPGP will be using Argon2 for password
hashing, then all implementations will need to have a Blake2


I was out of the room for some ninutes while this was discussed
yesterday.  I did not assume that this will be a MUST algorithm.


This is tricky: a further related question is how OpenPGP
implementations decide what “kind” of fingerprint to produce, or


That is easy: a v4 key creates a v4 fingerprint (SHA-1) and for the new
fingerprint we will requires a v5 key format.  We have a lot of
experience with that given that v3 keys used yet another fingerprint


present to the user, or expect to get, when doing something with a
particular public key.  As many people have pointed out, it will be
terrible for user experience if users have to start juggling
“new-style” and “old-style” fingerprints for the same public key:


IIRC, we agreed that there will be only one fingerprint format for a
given key.  Obviously this means that existing keys can't use the new
fingerprint format - which is not a problem at all.


- Define each pub key scheme as having one and only one corresponding
fingerprint scheme.  i.e., all existing/legacy pub key schemes remain
stuck with old SHA1 fingerprints and only new pubkeys generated under

[..]

might mean that we never get to use new fingerprints with RSA/DSA key
pairs etc, which may be a non-starter.


Why should one not be able to create an RSA, DSA, or ECDSA key with the
new format?  It will take some time until one can switch to the new
format so that most user are able to handles this.  But this
unavoidable in any case.


- Add a “preferred fingerprint scheme” field of some kind to the


Ah no, this defeats the goal of having a unique fingerprint for one
key.


Although it might be good enough to rely in practice on “de facto”
standards for fingerprint presentation, it would suck if two users


It worked well the last 20 years (modulo the need to compare date and
size of the v3 keys).


with different OpenPGP implementations had no way at all of
comparing/verifying fingerprints because one uses presentation X and


Let them enter the fingerprint into their GUI and the software does the
match.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Mining protection in fingerprint schemes, Bryan Ford
Next by Date:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bryan Ford
Previous by Thread:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bryan Ford
Next by Thread:  Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bryan Ford
Indexes:  [Date] [Thread] [Top] [All Lists]