ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Proposed text for V5 fingerprint

2016-09-19 05:36:28
from [Thijs van Dijk] [Permanent Link] 
On 17 September 2016 at 23:43, Phillip Hallam-Baker 
<phill(_at_)hallambaker(_dot_)com>
wrote:


​That is a really bad cartoon to bring up at a standards body.



Right. Sorry.

The other reason for having the content-id in is to allow versioning within

OpenPGP. So for example, lets say that there is a V6 key format but we
don't want to change the digest value. We can change the OpenPGP content
definition format as many times as we like without having to use up any of
those scarce fingerprint version IDs.



Ah, so the version ID pertains to the fingerprint method only and not the
underlying key? That's good to know, and probably a good thing to document
for posterity if we choose to adopt this scheme.
In that case I'll have to lower my previous +1 on prepending a version
ID. I'd have loved to have been able to tell at a glance if a fingerprint
belongs to a v5 or a v6 key even if we keep the hash format the same, but I
see now that that isn't going to be possible without downloading the keys
in full.



​The current design neither forces the version ID to stay the same nor to
change it. So that isn't a decision we need to take now.

The only thing that forces a change of VersionID is a change in digest
algorithm. Which is probably the thing that would lead to a V6 format
anyway.​



That's a good point. In fact, I'll hazard a guess and say that that's
likely to be the only event to warrant a key version bump.

​I think we should kill fingerprints with a work factor of less than 2^92 ​

​as unsafe.​ No matter what, they just keep coming back and biting in bad
ways.



Fair enough.
At the other end of the spectrum, do you have any thoughts on what we can
consider the "full" fingerprint? This scheme has an implied maximum length
of 500 bits (the largest multiple of 25 less than 512+8). Apart from
specifying a minimum (100 bits), do you think we should make a
recommendation for what is an appropriate level of assurance? (E.g. 250
bits - 10 groups of 5 base32 characters, similar in size and grouping to V4
fingerprints.)


Apart from this, you'll be glad to know that I've kicked the tyres of this
proposal about all I can, and I like it a lot. Eagerly awaiting someone
else to chime in at this point.

-Thijs

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Next by Date:  Re: [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Previous by Thread:  Re: [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Next by Thread:  Re: [openpgp] Proposed text for V5 fingerprint, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]