ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable)

2019-08-30 00:16:12
from [Daniel Kahn Gillmor] [Permanent Link] 
On Fri 2019-08-30 04:39:02 +0200, Ángel wrote:

It may not have been clear the way to work with the no-modify flag, but
I feel you are changing its meaning now. By making it mean "do not
redistribute third-party certifications", the result is having old
clients that yet the no.modify flag yet are unable to make the needed
attestations.
I think this should be a new keyserver preferences flag. Eg. it could be
called attested-certifications-only or drop-unattested-certifications.


In practice, nearly every modern existing certificate has the
keyserver-no-modify flag set on it.  and also in practice, there are
*no* keyservers in play that do anything with that flag that i'm aware
of.

The other thing to note is that abuse-resistant keystores are
essentially forced to require something like this, even if the
certificates don't ask for it, or else they're open to arbitrary
certificate flooding attacks of the kind that SKS is basically
collapsing under.  See the discussion in the abuse-resistant-keystore
draft about various comparable proposals for more details.

So i'm not too worried about (at last) providing actionable followup for
this long-claimed-but-unactionable flag.

If anything, my bigger concern would be what happens for certificates
where the user deliberately *clears* that flag, and they can't find any
keystore willing to accept unattested third-party certifications anyway
:)

If there's a broader consensus on the list that we shouldn't explicitly
associate no-modify with a 1PA3PC mechanism, then i can drop that part
of the changes.  But i don't know that i would bother creating a new
keyserver preferences flag for it, since that would imply that all
existing certificates want to be floodable.  That doesn't seem like a
great outcome.

         --dkg

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Revocations of third-party certifications (TPK+"CRL") [was: draft-dkg-openpgp-abuse-resistant-keystore-04.txt], Benjamin Kaduk
Next by Date:  Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable), Werner Koch
Previous by Thread:  Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable), Ángel
Next by Thread:  Re: [openpgp] 1PA3PC: first-party attested third-party certifications (making Key Server Prefs no-modify actionable), Werner Koch
Indexes:  [Date] [Thread] [Top] [All Lists]