ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Clarifiction on v5 signatures

2018-10-26 06:19:52
On 26.10.2018 12:13, Werner Koch wrote:
On Thu, 25 Oct 2018 19:01, 
wiktor=40metacode(_dot_)biz(_at_)dmarc(_dot_)ietf(_dot_)org said:

Oh, got it, I'll try to find the previous discussion. The second octet
key flags (ADSK and timestamping) look really interesting but the

The ADSK (Additional Decryption Subkey) is an idea of mine on how to
ease ease encryption to several devices.  You would install the separate
private subkeys on each device and if the sender supports the ADSK it
would encrypt to these subkeys.  This is similar to what OpenKeychain
does but a more selective approach.  OTOH, I am not sure whether one can
find a threat model where such a scheme would be useful.

I think that would be useful to allow creating encryption subkeys
directly on the hardware token (of course with having a backup
encryption subkey on an offline computer too!).

That way when one hardware token is lost one would revoke only the
encryption subkey that was on that token.

This scheme is currently possible only with signing subkeys, ADSK would
extend the idea to encryption subkeys too.

(I assume changing GnuPG behavior to align with OpenKeychain is not
possible due to backwards-compatibility issues?).

We also have 2 other flags (group key and split key) which are also not
well defined, so the ADSK does not hurt too much.  I have no problems to
drop that flag, though.

Split key (0x10) looks like a good way to implement separation of duties
(where multiple people are needed to use the key). I don't think this is
possible in OpenPGP now.

Thanks for the flag details!

Kind regards,
Wiktor

-- 
https://metacode.biz/@wiktor

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp