ietf-openpgp
[Top] [All Lists]

[openpgp] don't emit version armor header by default

2021-05-03 13:58:48
(I'm not an expert if this is the correct time for this - I hope so. :)

Currently, Section 6.2 sais:

Currently defined Armor Header Keys are as follows:
"Version", which states the OpenPGP implementation and version used to encode the message.

https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-03.html#section-6.2-10

I propose to add this sentence:

To minimize metadata, implementations SHOULD NOT emit this key and its corresponding value except for debugging purposes with explicit user consent.

We discussed this on gnupg-devel in 2016 and here in 2019. Then, dkg explained:

The version of GnuPG in use is not particularly helpful. It is not cryptographically verifiable, and it doesn't distinguish between significant version differences like 2.0.x and 2.1.x.

Additionally, it leaks metadata that can be used to distinguish users from one another, and can potentially be used to target specific attacks if there are known behaviors that differ between major versions.

It's probably better to take the more parsimonious approach to metadata production by default.

https://lists.gnupg.org/pipermail/gnupg-devel/2016-August/031424.html

See this example for a real-world attack: https://www.csoonline.com/article/2904395/mistakes-that-betrayed-anonymity-of-former-dea-agent-and-silk-road-investigator.html

This is rough consensus and running code in all implementations I can find:

GnuPG: 
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c9387e41db7520d176edd3d6613b85875bdeb32c
GPGTools: 
https://github.com/GPGTools/MacGPG2/commit/831c2ed77d2ce88134ad4d689414051dc99dc3b3
SKS: https://bitbucket.org/skskeyserver/sks-keyserver/commits/4af75b3526d9
LibTMCG: 
http://git.savannah.nongnu.org/cgit/libtmcg.git/commit/?id=2c8a6861ab839cb58b6483a04a7b584423a27811

If this gets adopted, we should probably remove it from this example: https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-03.html#name-example-of-an-ascii-armored

Thanks, and keep up the good work!

--
ilf

If you upload your address book to "the cloud", I don't want to be in it.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>