Miscellaneous questions

Christoph Anton Mitterer christoph.anton.mitterer at physik.uni-muenchen.de
Wed Apr 16 17:20:25 CEST 2008

Dear David.

On Wed, 2008-04-16 at 09:29 -0400, David Shaw wrote:
> I think - and please understand I do not mean this as an attack on you
Of course not :)

> - that before someone proposes sweeping changes to an RFC, they must  
> really understand the history and reasoning behind the original  
> design.  Without that understanding, the proposed changes tend to  
> become "I don't like this - please change it", without actual  
> understanding.
> I contributed a lot of work to 4880, over the span of years.  I found  
> that the more I learned, the smaller the change I proposed was.
Yes you're absolutely right, but I think sometimes one have to make
changes even at the cost of backward compatibility.
Some of the changes I'd like to propose to the WG won't probably break
the binary format of the standard at all, and some of my semantic
changes won't even really hurt if an older implementation won't apply
those changes.

But I also have some drastic changes that would really break the current
way, and that is...

> Skipping the actual security issue for a moment and just looking at  
> code realities, OpenPGP and its ancestors have been around for so  
> long, and there is such a huge base of installed code, that this is  
> pretty much the only way to work with it.  It's not a blank sheet of  
> paper where anything goes.  This is why V5 keys are so appealing -  
> it's not exactly a blank sheet of paper, but it's as close as we've  
> had for a very long time.
... where V5 keys come into the game.
So a lot of my ideas are actually targeted to V5 keys and the "redesign"
of OpenPGP that will or at least could come with them.

I think that a big redesign would especially important because I feel
like OpenPGP would loose more and more ground to X.509, which I consider
broken by design due to its hierarchical model.

> I don't want to discourage you from suggesting changes, but I do  
> advise that you really understand what you are suggesting.  For  
> example, the ideas around user IDs being required to be full names  
> show misunderstanding of the OpenPGP trust model.
Hm could you please explain me why? I always thought that completeness
is also important correctness?

>   The ideas around  
> different parts of the user ID living in different packets (attribute  
> packets vs user ID packets) would break a large percentage of existing  
> systems.
Yes it would,... it would actually break all existing keys.
I was not about coming here and say,.. change all current keys to that
model, but I meant, if we ever have to start from scratch or at least
nearly from scratch (and I thought that would come with V5 keys), we
should reconsider all the historical grown stuff.
Perhaps it would even make sense to provide a XML based OpenPGP
format,... and a binary mapping just for stuff (embedded systems,
streaming) where size matters.

If we'd actually made such a big cut, e.g. between V4 and V5 keys, that
would not necessary mean that both cannot life side on side.
A V4 key could still sign (with little modifications) newer V5 keys, and
a V5 key could still sign V4's or even V3's.
And over time,... V4's might be phased out, just as currently V3 keys
are being phased out.

>   This is fine, of course, if that breakage is balanced out by  
> a corresponding gain in the rest of the system, but I don't see that  
> corresponding gain.
Hmm my main intention is probably to get a cleaner, more aesthetic
design, but of course this is probably not enough to convince everybody
to make such a big cut.
But I think there are also several points where we could increase
security and tidy things up (e.g. the separation of ID's from
attributes, describing a user, such attributes could be his name town,
ZIP-code or even his ebay account).
And I would like to see a redesigned standard much more stricter and
definite. The RFC itself says, that it uses a "wishy-washy" style, I
think that could lead to security problems.

>   Work with a scalpel, not a cutlass.
Yes,.. but keep in mind,.. most of my sugesstions are targeted on a real
redesign, if it comes to a cut (like due to V5 keys).

Dipl.-Inf. (FH) Christoph Anton Mitterer

christoph.anton.mitterer at physik.uni-muenchen.de
mail at christoph.anton.mitterer.name

chat at christoph.anton.mitterer.name

Ludwig-Maximilians-Universität München
Lehrstuhl für experimentelle Physik – Elementarteilchenphysik
Sektion Physik
Am Coulombwall 1
85748 Garching bei München

More information about the Gnupg-users mailing list