[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)

To: Len Sassaman <rabbi@xxxxxxxxxxx>
Subject: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
From: David Shaw <dshaw@xxxxxxxxxxxxxxx>
Date: Thu, 17 Jul 2003 20:57:24 -0400
Cc: ietf-openpgp@xxxxxxx
Delivery-date: Fri, 18 Jul 2003 02:59:54 +0200
Envelope-to: ietf-openpgp@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.30.QNWS.0307171515550.4445-100000@xxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
Mail-followup-to: Len Sassaman <rabbi@xxxxxxxxxxx>, ietf-openpgp@xxxxxxx
References: <20030715010938.GA1241@xxxxxxxxxxxxxxx> <Pine.LNX.4.30.QNWS.0307171515550.4445-100000@xxxxxxxxxxxxxxx>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx
User-agent: Mutt/1.5.4i

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Jul 17, 2003 at 03:20:26PM -0700, Len Sassaman wrote:
> 
> On Mon, 14 Jul 2003, David Shaw wrote:
> 
> > > I think there is value in requiring uids to be self-signed.  To allow
> > > encrypt-only top-level keys, one has to make a special case.  Given
> > > that they are only very limitedly useful, I'd rather not have the
> > > special case.
> >
> > Keep in mind that this renders valid 2440 keys invalid under 2440bis.
> > I can't imagine why we'd do such a thing just to gain the ability to
> > require self-signed user IDs.  To be honest, I've never seen an
> 
> I am surprised that there have not been widespread attacks on OpenPGP keys
> as a result of the permitted non-self-signed UIDs. I think this really
> must be fixed. (And for users to add self-signatures to their existing
> unsigned uids is trivial.)

No question.  I just object to tying the self-signature fix to
removing encrypt-only keys.  It's my own fault since I mentioned them
together, but I was wrong.  There is no need to tie the two together.

> > Note that GnuPG doesn't have any special support for encrypt-only
> > primary keys, but because of the nice general design of v4 keys, where
> > any key (primary or subkey) can be of any type, encrypt-only primaries
> > work just fine.  I don't have a copy of PGP handy (I'm traveling), but
> > I suspect that they'll "just plain work" in PGP as well.  My point
> > here is that it would take additional code and additional complexity
> > to *prevent* encrypt-only primaries from working... so why mess around
> > with this, especially since there is no security-related reason for
> > it?
> 
> Simplicity is a good reason, as is the robustness of the OpenPGP system.

I'm afraid I don't understand your response.  Simplicity is a good
reason to add complexity? (??)

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iD8DBQE/F0X04mZch0nhy8kRAg6AAJ9TFmsEeI3kYjF/rjnV0KvzM3aUWgCdFkEf
PyYawQG859AUnnG0HmilddY=
=E91L
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
  - From: Len Sassaman

References:
- Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
  - From: David Shaw
- Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
  - From: Len Sassaman

Prev by Date: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
Next by Date: Re: Adding in BZ2 compression?
Previous by thread: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
Next by thread: Re: Requiring self-signed uids? (was Re: PoP & Signer's User ID subpacket?)
Index(es):
- Date
- Thread