Hi all--
I've just released version -04 of the OpenPGP Abuse-Resistant Keystores
draft.
substantive changes bewteen -03 and -04:
* change "certificate update" to "certificate refresh" for clarity
* relax first-party-attested third-party certification constraints
at the suggestion of Valodim
* introduce "primary key sovereignty" concept explicitly
* describe how to distribute and consume attestation revocations
* introduce augmentation to TPK for third-party certification revocation
distribution
Please take a look!
--dkg
--- Begin Message ---
A new version of I-D, draft-dkg-openpgp-abuse-resistant-keystore-04.txt
has been successfully submitted by Daniel Kahn Gillmor and posted to the
IETF repository.
Name: draft-dkg-openpgp-abuse-resistant-keystore
Revision: 04
Title: Abuse-Resistant OpenPGP Keystores
Document date: 2019-08-22
Group: Individual Submission
Pages: 58
URL:
https://www.ietf.org/internet-drafts/draft-dkg-openpgp-abuse-resistant-keystore-04.txt
Status:
https://datatracker.ietf.org/doc/draft-dkg-openpgp-abuse-resistant-keystore/
Htmlized:
https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-04
Htmlized:
https://datatracker.ietf.org/doc/html/draft-dkg-openpgp-abuse-resistant-keystore
Diff:
https://www.ietf.org/rfcdiff?url2=draft-dkg-openpgp-abuse-resistant-keystore-04
Abstract:
OpenPGP transferable public keys are composite certificates, made up
of primary keys, direct key signatures, user IDs, identity
certifications ("signature packets"), subkeys, and so on. They are
often assembled by merging multiple certificates that all share the
same primary key, and are distributed in public keystores.
Unfortunately, since many keystores permit any third-party to add a
certification with any content to any OpenPGP certificate, the
assembled/merged form of a certificate can become unwieldy or
undistributable. Furthermore, keystores that are searched by user ID
or fingerprint can be made unusable for specific searches by public
submission of bogus certificates. And finally, keystores open to
public submission can also face simple resource exhaustion from
flooding with bogus submissions, or legal or other risks from uploads
of toxic data.
This draft documents techniques that an archive of OpenPGP
certificates can use to mitigate the impact of these various attacks,
and the implications of these concerns and mitigations for the rest
of the OpenPGP ecosystem.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
--- End Message ---
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp