On 05/25/2018 11:59 AM, Neal H. Walfield wrote:
Hi Kristian,
Hi Neal and Justus,
Justus and I have been thinking about how to realize per-device keys
and approximate forward secrecy. These two things are related: if we
want devices to do their own key rotation (and I think this is
sensible, as the alternative is to somehow regularly transfer secret
key material to each device), then the devices need to be able to
generate self-signatures. Since we don't want all devices to have
access to the primary key, each device could have its own
certification subkey.
Wouldn't you anyways break the per-device nature if using this
certification subkey to sign a third party keyblock, and the loss of one
of the devices impacted your validity calculation across the ecosystem?
Using this in such a per-device nature also seems to require rather
special attention from the user/client, I could easily imagine ending up
with a web of cross-signatures across multiple devices here.
On 05/25/2018 11:59 AM, Neal H. Walfield wrote:
Consequently, please do not remove certification subkeys from RFC
4880bis. If anything, I would prefer that RFC 4880bis clarifies that
certification subkeys should be supported.
if we are removing it and not just making the current state more precise :)
In any case; I'm not sure if this is a use-case I favor much personally,
but it is an interesting concept so thanks for bringing it up for
discussion.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
"Statistics are like a bikini. What they reveal is suggestive, but what
they conceal is vital."
(Aaron Levenstein)
signature.asc
Description: OpenPGP digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp