On Apr 11, 2016, at 5:40 PM, Daniel Kahn Gillmor
<dkg(_at_)fifthhorseman(_dot_)net> wrote:
Is this problem framed correctly?
If not, what's missing?
Actually, I don't think it's framed correctly.
I don't think distinguishing between local and remote databases is necessary; I
know I'm picking a nit here, but the design of many systems is such that there
isn't a difference. But moreover, a real remote database is as likely to need
to answer the question, "give me the key(s) for <identifier>" where the
identifier might be a fingerprint and might be something like an email address.
Like I wrote before, there are two major uses for a "fingerprint," a handle and
an auth string.
Moreover the auth-string use case of fingerprints is actually the auth string
of the crypto key that is the top-level signing key of the "PGP key", which is
a data structure that usually consists of at least two crypto keys.
But the handle that turns into a key id is presently derived from the
fingerprint of a subkey that's used for encryption.
I think it's completely reasonable to update the standard to take the old-style
fingerprint into better hash functions than SHA-1. It's imperfect but it's the
devil we know.
If you want to move into devils we don't know, then why *not* make an
auth-string that is a different thing than handle?
As you're describing the use cases, you've described something that you can't
solve. There's nothing wrong with noting that both circles and squares have
desirable properties, but you're not going to get space-filling circles or a
square that's got the perimeter equidistant from the center.
Jon
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp