From owner-ietf-open-pgp@imc.org Fri Sep 10 06:26:39 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA27007 for ; Fri, 10 Sep 1999 06:26:39 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id CAA19644 for ietf-open-pgp-bks; Fri, 10 Sep 1999 02:41:55 -0700 (PDT) Received: from s2.smtp.oleane.net (s2.smtp.oleane.net [195.25.12.6]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id CAA19640 for ; Fri, 10 Sep 1999 02:41:53 -0700 (PDT) Received: from nec.oleane.com (dyn-1-1-230.Cor.dialup.oleane.fr [62.161.8.230]) by s2.smtp.oleane.net with SMTP id LAA79986 for ; Fri, 10 Sep 1999 11:44:49 +0200 (CEST) Message-ID: <01f901befb71$47c93f00$0201a8c0@nec.oleane.com> From: "Peter lewis" To: Subject: From Firewall to IPSec VPNs Date: Fri, 10 Sep 1999 11:45:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Content-Transfer-Encoding: 7bit Security services and protection mechanisms IPv6 promises regarding IPSec Certification infrastructure Standardization update Case Studies: ISPs, carriers, private networks AH and ESP protocols description Possible future extensions and modifications of the IKE protocol Complementarity between IPSec and firewalls Global Site-to-Site IPSec VPN's with End-to-End SLA's Managing widespread IPSEC virtual private networks Solving IPSec VPNs scalability Results of some interoperability tests IPSec architectures and non-standardized aspects of IPSec Adding IPSec VPN functions in an existing router network Impact of fragmentation on the performance of IPSec coding IPSEC 99 Conference From Firewall to IPSec VPNs October 26, 27, 28, 29, 1999 Paris - France More infos: www.upperside.fr/baipsec.htm Sorry to post this message on the list. Thanks From owner-ietf-open-pgp@imc.org Sat Sep 11 22:11:46 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA15520 for ; Sat, 11 Sep 1999 22:11:46 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id SAA25700 for ietf-open-pgp-bks; Sat, 11 Sep 1999 18:45:15 -0700 (PDT) Received: from merrymeet.com (Discordia@merrymeet.com [63.73.97.162]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id SAA25692 for ; Sat, 11 Sep 1999 18:45:09 -0700 (PDT) Received: from [204.179.130.203] (63.73.97.169) by merrymeet.com with ESMTP (Eudora Internet Mail Server 2.2); Sat, 11 Sep 1999 17:48:09 -0800 Mime-Version: 1.0 X-Sender: jon@merrymeet.com Message-Id: In-Reply-To: References: Date: Sat, 11 Sep 1999 17:25:54 -0700 To: "John S. Bucy" , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: OpenPGP key fingerprints and stuff Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 4:12 PM -0400 8/30/99, John S. Bucy wrote: >It would make my code substantially simpler if I could have a "signer's >key fingerprint" instead. And as the spec stands, I have to define my own >subpacket type for it. Since the ID can be directly derived from the >fingerprint and they both have distinct, fixed lengths, it seems to me >like you could unambiguously use either one or the other in the same >subpacket without any other indication of which it was; if the length is 8 >bytes, its the ID, if its 20 bytes, its the fingerprint. Any thoughts? You're perceptive, and in my opinion right. I agree with you 100%. However, the reason the key ID is used is to be compatible with previous implementations. PGP 2 used eight-byte key ids as a handle to look up the proper key not only for signatures, but for encrypted data. When we started OpenPGP, a number of us, myself included, wanted to take the opportunity to clean up a number of things, like existence of key IDs. I think that every place a key id is used, it should be a fingerprint instead. But. We have to be compatible with existing versions of PGP out there. So we use key IDs, even though they have all the flaws you mentioned. That's the only reason: we do it that way because that's the way we've always done it. Jon From owner-ietf-open-pgp@imc.org Sun Sep 12 14:28:19 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA01620 for ; Sun, 12 Sep 1999 14:28:18 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id KAA14030 for ietf-open-pgp-bks; Sun, 12 Sep 1999 10:49:08 -0700 (PDT) Received: from deeped.gloop.org (root@DEEPED.CLUB.CC.CMU.EDU [128.2.232.59] (may be forged)) by mail.proper.com (8.9.3/8.9.3) with ESMTP id KAA14026 for ; Sun, 12 Sep 1999 10:49:06 -0700 (PDT) Received: from localhost (bucy@localhost [127.0.0.1]) by deeped.gloop.org (8.9.1/8.9.1) with ESMTP id NAA24628; Sun, 12 Sep 1999 13:54:29 -0400 Date: Sun, 12 Sep 1999 13:54:29 -0400 (EDT) From: "John S. Bucy" To: Jon Callas cc: ietf-open-pgp@imc.org Subject: Re: OpenPGP key fingerprints and stuff In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Sat, 11 Sep 1999, Jon Callas wrote: > However, the reason the key ID is used is to be compatible with previous > implementations. PGP 2 used eight-byte key ids as a handle to look up the > proper key not only for signatures, but for encrypted data. > > When we started OpenPGP, a number of us, myself included, wanted to take > the opportunity to clean up a number of things, like existence of key IDs. > I think that every place a key id is used, it should be a fingerprint > instead. > > But. We have to be compatible with existing versions of PGP out there. So > we use key IDs, even though they have all the flaws you mentioned. That's > the only reason: we do it that way because that's the way we've always done > it. Someone else suggested that the problem of computing a key pair that has a particular key ID is computationally infeasible. I can't really speak to this either way but it seems to me like 1: the probability of people independentally randomly generating the same key pair (or keypairs with identical fingerprints/keyIDs) is quite small and that 2: it would be completely impractical for almost anyone (three-letter agencies excluded) to try to exploit a system by systematically causing keyID collisions. As far as my particular system goes, it seems like I have two options: 1. Don't worry about key ID collisions. Under most circumstances, I think that this would probably be ok. 2. Use a "signer's key fingerprint" signature subpacket and leave the keyID packet there and ignore it. Has the working group considered an extension to OpenPGP to standardize such a thing (i.e. keyID Must Implement, fingerprint Should implement)? It seems like this would be preferable to me defining my own subpacket type for my specific system... later john (ps I'm not on the OpenPGP WG mailing list so please cc replies to me) ------------------------------------------- John Bucy "My mind is going....I can feeeeeeel it..." bucy@gloop.org ------------------------------------------- From owner-ietf-open-pgp@imc.org Sun Sep 12 23:25:01 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA07060 for ; Sun, 12 Sep 1999 23:25:00 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id TAA22877 for ietf-open-pgp-bks; Sun, 12 Sep 1999 19:37:31 -0700 (PDT) Received: from merrymeet.com (Discordia@[63.73.97.162]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id TAA22870 for ; Sun, 12 Sep 1999 19:37:28 -0700 (PDT) Received: from [204.179.130.203] (63.73.97.169) by merrymeet.com with ESMTP (Eudora Internet Mail Server 2.2); Sun, 12 Sep 1999 18:40:34 -0800 Mime-Version: 1.0 X-Sender: jon@merrymeet.com Message-Id: In-Reply-To: References: Date: Sun, 12 Sep 1999 19:33:52 -0700 To: "John S. Bucy" From: Jon Callas Subject: Re: OpenPGP key fingerprints and stuff Cc: ietf-open-pgp@imc.org Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 1:54 PM -0400 9/12/99, John S. Bucy wrote: >Someone else suggested that the problem of computing a key pair that has a >particular key ID is computationally infeasible. I can't really speak to >this either way but it seems to me like 1: the probability of people >independentally randomly generating the same key pair (or keypairs with >identical fingerprints/keyIDs) is quite small and that 2: it would be >completely impractical for almost anyone (three-letter agencies excluded) >to try to exploit a system by systematically causing keyID collisions. Yes, it's computationally infeasible to generate a key with a given keyID. Or more to the point, if you can do it, you have found a flaw in SHA-1. Publish it, you'll get kudos. However, because the keyID is 64 bits long, when there are a total of 4 billion keys (0x1 0000 0000) in the universe, there is a 50% chance that there is some collision of two keyIDs. These two people will be annoyed, because all the present implementations assume keyIDs are unique. > > >As far as my particular system goes, it seems like I have two options: > >1. Don't worry about key ID collisions. Under most circumstances, I >think that this would probably be ok. > >2. Use a "signer's key fingerprint" signature subpacket and leave the >keyID packet there and ignore it. Has the working group considered an >extension to OpenPGP to standardize such a thing (i.e. keyID Must >Implement, fingerprint Should implement)? It seems like this would be >preferable to me defining my own subpacket type for my specific system... > In the long term, (2) is a good idea. But it's not just signatures that need it. All places where a keyID is used really should move to fingerprints. But it's not presently in the scope of this WG to fix all of these. If you make your own fingerprint subpacket, please use a notation subpacket for it. Jon From owner-ietf-open-pgp@imc.org Mon Sep 13 10:52:55 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA29911 for ; Mon, 13 Sep 1999 10:52:53 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id GAA03757 for ietf-open-pgp-bks; Mon, 13 Sep 1999 06:33:56 -0700 (PDT) Received: from grannus.iks-jena.de (root@grannus.iks-jena.de [194.221.90.36]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA03746 for ; Mon, 13 Sep 1999 06:33:47 -0700 (PDT) Received: (from news@localhost) by grannus.iks-jena.de (8.9.3/8.9.2) id PAA26319 for ietf-open-pgp@imc.org; Mon, 13 Sep 1999 15:36:49 +0200 To: ietf-open-pgp@imc.org Path: lutz From: lutz@iks-jena.de (Lutz Donnerhacke) Newsgroups: iks.lists.ietf-open-pgp Subject: Re: OpenPGP key fingerprints and stuff Date: 13 Sep 1999 13:36:49 GMT Organization: IKS GmbH Jena Lines: 7 Message-ID: References: NNTP-Posting-Host: taranis.iks-jena.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: slrn/0.9.5.4 (UNIX) Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Content-Transfer-Encoding: 8bit * John S. Bucy wrote: >Someone else suggested that the problem of computing a key pair that has a >particular key ID is computationally infeasible. This was never true. Source does exist since months. Natural collisions in 64bit are known to exist. From owner-ietf-open-pgp@imc.org Mon Sep 13 12:08:59 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA02593 for ; Mon, 13 Sep 1999 12:08:58 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id IAA05791 for ietf-open-pgp-bks; Mon, 13 Sep 1999 08:31:06 -0700 (PDT) Received: from domains.invweb.net (IDENT:root@domains.invweb.net [198.182.196.32]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id IAA05786 for ; Mon, 13 Sep 1999 08:31:04 -0700 (PDT) Received: from whgiii (IDENT:root@openpgp.net [199.184.252.29]) by domains.invweb.net (8.9.3/8.9.3) with SMTP id LAA13145; Mon, 13 Sep 1999 11:33:31 -0400 Message-Id: <199909131533.LAA13145@domains.invweb.net> From: "William H. Geiger III" Date: Mon, 13 Sep 1999 10:27:21 -0500 To: Jon Callas In-Reply-To: Cc: "John S. Bucy" , ietf-open-pgp@imc.org Subject: Re: OpenPGP key fingerprints and stuff X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.61 b62 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In , on 09/12/99 at 07:33 PM, Jon Callas said: >At 1:54 PM -0400 9/12/99, John S. Bucy wrote: >>Someone else suggested that the problem of computing a key pair that has a >>particular key ID is computationally infeasible. I can't really speak to >>this either way but it seems to me like 1: the probability of people >>independentally randomly generating the same key pair (or keypairs with >>identical fingerprints/keyIDs) is quite small and that 2: it would be >>completely impractical for almost anyone (three-letter agencies excluded) >>to try to exploit a system by systematically causing keyID collisions. >Yes, it's computationally infeasible to generate a key with a given >keyID. Or more to the point, if you can do it, you have found a flaw in >SHA-1. Publish it, you'll get kudos. >However, because the keyID is 64 bits long, when there are a total of 4 >billion keys (0x1 0000 0000) in the universe, there is a 50% chance that >there is some collision of two keyIDs. These two people will be annoyed, >because all the present implementations assume keyIDs are unique. Actually, IIRC when I asked about keyID's long ago it was the consensus that they were not unique and should be treated as such. I have been coding under this assumption ever since. >> >> >>As far as my particular system goes, it seems like I have two options: >> >>1. Don't worry about key ID collisions. Under most circumstances, I >>think that this would probably be ok. >> >>2. Use a "signer's key fingerprint" signature subpacket and leave the >>keyID packet there and ignore it. Has the working group considered an >>extension to OpenPGP to standardize such a thing (i.e. keyID Must >>Implement, fingerprint Should implement)? It seems like this would be >>preferable to me defining my own subpacket type for my specific system... >> >In the long term, (2) is a good idea. But it's not just signatures that >need it. All places where a keyID is used really should move to >fingerprints. But it's not presently in the scope of this WG to fix all >of these. >If you make your own fingerprint subpacket, please use a notation >subpacket for it. IMHO I just don't see a need for it anytime in the near future. While there is the chance for collisions (I think it is greater than your estimate above) it is quite remote on the client end. It seems to me that this is mostly a server issue though the client software shouldn't choke on it. -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) --------------------------------------------------------------- From owner-ietf-open-pgp@imc.org Wed Sep 15 04:09:52 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA02975 for ; Wed, 15 Sep 1999 04:09:51 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id AAA08647 for ietf-open-pgp-bks; Wed, 15 Sep 1999 00:18:47 -0700 (PDT) Received: from koeln.shuttle.de (koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id AAA08632 for ; Wed, 15 Sep 1999 00:18:39 -0700 (PDT) Received: (from uucp@localhost) by koeln.shuttle.de (8.9.3/8.9.3) with UUCP id JAA14511 for ietf-open-pgp@imc.org; Wed, 15 Sep 1999 09:21:58 +0200 (MET DST) Received: from (frodo.isil.d.shuttle.de) [172.20.1.4] (mail) by beren.isil.d.shuttle.de with esmtp (Exim 1.92 #1 (Debian)) id 11R8zZ-0001mI-00; Wed, 15 Sep 1999 08:56:33 +0200 Received: from wk by frodo.isil.d.shuttle.de with local (Exim 2.05 #1 (Debian)) id 11R906-0001LV-00; Wed, 15 Sep 1999 08:57:06 +0200 Date: Wed, 15 Sep 1999 08:57:06 +0200 From: Werner Koch To: ietf-open-pgp@imc.org Subject: dash-escaped text (7.1) Message-ID: <19990915085706.C5135@frodo.isil.d.shuttle.de> Mail-Followup-To: ietf-open-pgp@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.3i X-URL: http://www.openit.de/wks Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, there is a ambiguity in the definition of cleartext signature: |7.1. Dash-Escaped Text | [....] | As with binary signatures on text documents, a cleartext signature is | calculated on the text using canonical line endings. The | line ending (i.e. the ) before the '-----BEGIN PGP ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | SIGNATURE-----' line that terminates the signed text is not | considered part of the signed text. It is not clear whether this line ending is has to be added by the creation process and later to be removed or whether it simply does not go into the calculation of the hash. The problem with this is, what to do when we have to encode a message a) of size 0 b) without a trailing line ending I agree that both cases are rare but case b) happens from time to time. Solutions for this are: a) A header line telling something about the orignal text when this text has one of the above problems. Advantage: Compatibility to existing implementions Disadvantage: A extra header line in a few cases and special code to handle these cases. b) Add the text to the RFC: "A newline is supposed to be added and subsequently removed". Advantage: Very easy and clear definition. Disadvantage: Not compatible to existing implemantations c) Add a RFC version number as header line and use b) Advantage: Easy Disadvantage: Still need the extra code for OpenPGP 1.0 and makes all signatures larger. For compatibilty reasons I would prefer solution a) What do you think? Werner -- Werner Koch at guug.de www.gnupg.org keyid 621CC013 From owner-ietf-open-pgp@imc.org Tue Sep 21 16:15:37 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA08866 for ; Tue, 21 Sep 1999 16:15:36 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id MAA06545 for ietf-open-pgp-bks; Tue, 21 Sep 1999 12:03:46 -0700 (PDT) Received: from hotmail.com (law2-f259.hotmail.com [216.32.180.217]) by mail.proper.com (8.9.3/8.9.3) with SMTP id MAA06541 for ; Tue, 21 Sep 1999 12:03:45 -0700 (PDT) Received: (qmail 58608 invoked by uid 0); 21 Sep 1999 19:07:10 -0000 Message-ID: <19990921190710.58607.qmail@hotmail.com> Received: from 157.22.240.51 by www.hotmail.com with HTTP; Tue, 21 Sep 1999 12:07:09 PDT X-Originating-IP: [157.22.240.51] From: "Mr. Morden" To: ietf-open-pgp@imc.org Subject: Encrypted Data Packet Contents Date: Tue, 21 Sep 1999 19:07:09 GMT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: From the RFC so dear... ...................... 5.7. Symmetrically Encrypted Data Packet (Tag 9) The Symmetrically Encrypted Data packet contains data encrypted with a symmetric-key algorithm. When it has been decrypted, it will typically contain other packets (often literal data packets or compressed data packets). ............................ What gives with *typically*? It should *always* contain other packets (Signed, Compressed, Literal, whathaveyou...) Or, can arbitrary data be placed in this packet? Does any implementation allow this? -ted ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-ietf-open-pgp@imc.org Wed Sep 22 02:36:17 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA26276 for ; Wed, 22 Sep 1999 02:36:16 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id WAA13091 for ietf-open-pgp-bks; Tue, 21 Sep 1999 22:49:04 -0700 (PDT) Received: from pharos.hsp.de (pharos.hsp.de [194.77.127.3]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id WAA13087 for ; Tue, 21 Sep 1999 22:49:02 -0700 (PDT) Received: (from uucp@localhost) by pharos.hsp.de (8.9.3/8.9.3) with UUCP id HAA32050 for ietf-open-pgp@imc.org; Wed, 22 Sep 1999 07:46:24 +0200 Received: from (frodo.isil.d.shuttle.de) [172.20.1.4] (mail) by beren.isil.d.shuttle.de with esmtp (Exim 1.92 #1 (Debian)) id 11Tf9y-0007XJ-00; Wed, 22 Sep 1999 07:41:42 +0200 Received: from wk by frodo.isil.d.shuttle.de with local (Exim 2.05 #1 (Debian)) id 11TfC1-0003Pb-00; Wed, 22 Sep 1999 07:43:49 +0200 Date: Wed, 22 Sep 1999 07:43:49 +0200 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Encrypted Data Packet Contents Message-ID: <19990922074349.B13093@frodo.isil.d.shuttle.de> References: <19990921190710.58607.qmail@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.6i In-Reply-To: <19990921190710.58607.qmail@hotmail.com> X-URL: http://www.openit.de/wks Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: "Mr. Morden" writes: > 5.7. Symmetrically Encrypted Data Packet (Tag 9) > > The Symmetrically Encrypted Data packet contains data encrypted with > a symmetric-key algorithm. When it has been decrypted, it will > typically contain other packets (often literal data packets or > compressed data packets). > ............................ > > What gives with *typically*? It should *always* contain other packets > (Signed, Compressed, Literal, whathaveyou...) From the RFC (10.2): | [...] | In addition, decrypting a Symmetrically Encrypted Data packet and | decompressing a Compressed Data packet must yield a valid OpenPGP | Message. And typically you will either have a signed message, a compressed packet or a literal packet; however you may cosse to put another encrypted packet in it. -- Werner Koch at guug.de www.gnupg.org keyid 621CC013 From owner-ietf-open-pgp@imc.org Wed Sep 22 16:55:54 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA13517 for ; Wed, 22 Sep 1999 16:55:53 -0400 (EDT) Received: by mail.proper.com (8.9.3/8.9.3) id NAA23852 for ietf-open-pgp-bks; Wed, 22 Sep 1999 13:06:38 -0700 (PDT) Received: from hardees.rutgers.edu (hardees.rutgers.edu [128.6.18.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id NAA23848 for ; Wed, 22 Sep 1999 13:06:36 -0700 (PDT) Received: from localhost (mione@localhost) by hardees.rutgers.edu (8.8.8/8.8.8) with SMTP id QAA07796; Wed, 22 Sep 1999 16:10:33 -0400 (EDT) Date: Wed, 22 Sep 1999 16:10:33 -0400 (EDT) From: Tony Mione To: ietf-open-pgp@imc.org cc: Tony Mione Subject: New mailing list for PGP Keyserver Synchronization protocl Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In Oslo, John Noerenberg requested that I create a new mailing list to discuss PGP Keyserver synchronization protocols. If the list gets sufficient discussion, we should request a BOF for the DC or Adelaide IETF meeting. The list is ietf-sync-pgp@tdmx.rutgers.edu. You can subscribe by sending email to majordomo@tdmx.rutgers.edu and placing the commands subscribe ietf-sync-pgp end in the body of the message. Tony Mione Phone: +1 732-445-0605 FAX: +1 732-445-2968 Manager, TD Network Services W3: http://noc.rutgers.edu/~mione/ RUCS Telecommunications Division PGPFP:D4EEA987E870277C 24AAE6E9E6ABD088 Author of 'CDE and Motif : A Practical Primer', Prentice-Hall ** Rom 10:9-11 ** From owner-ietf-open-pgp@imc.org Thu Sep 30 04:36:56 1999 Received: from mail.imc.org (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA03617 for ; Thu, 30 Sep 1999 04:36:55 -0400 (EDT) Received: by mail.imc.org (8.9.3/8.9.3) id BAA00537 for ietf-open-pgp-bks; Thu, 30 Sep 1999 01:01:35 -0700 (PDT) Received: from mx.spiritone.com (ridge.spiritone.com [205.139.108.2]) by mail.imc.org (8.9.3/8.9.3) with SMTP id BAA00533 for ; Thu, 30 Sep 1999 01:01:33 -0700 (PDT) Received: (qmail 31251 invoked from network); 30 Sep 1999 08:02:25 -0000 Received: (ofmipd 206.98.121.218); 30 Sep 1999 08:02:03 -0000 Date: 30 Sep 1999 01:06:24 -0700 Message-Id: <3.0.5.32.19990930010624.0089d250@spiritone.com> From: "Carl Ellison" To: ietf-open-pgp@imc.org Cc: cme@acm.org X-Sender: cellison@spiritone.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Subject: Any implementation for the Pilot? In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is anyone doing a PGP implementation for the PalmPilot? -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1fc7 iQA/AwUBN/MZ/5SWoQShp/waEQKH1ACgqlqta0QcvvTVDP7jLQ3e33f/F3oAnR3I FJD2OK3cy6xc1RrJ0cG9jvSC =kFWn -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cme@acm.org http://www.pobox.com/~cme | | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | +--Officer, officer, arrest that man. He's whistling a dirty song.-+ From owner-ietf-open-pgp@imc.org Thu Sep 30 20:38:05 1999 Received: from mail.imc.org (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA23828 for ; Thu, 30 Sep 1999 20:38:04 -0400 (EDT) Received: by mail.imc.org (8.9.3/8.9.3) id QAA26687 for ietf-open-pgp-bks; Thu, 30 Sep 1999 16:58:59 -0700 (PDT) Received: from server1.mich.com (IDENT:root@server1.mich.com [198.108.16.2]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id QAA26683 for ; Thu, 30 Sep 1999 16:58:58 -0700 (PDT) Received: from mars.ceddec.com (pm006-029.dialip.mich.com [207.74.178.141]) by server1.mich.com (8.9.3/8.9.3) with ESMTP id TAA07623; Thu, 30 Sep 1999 19:44:27 -0400 Received: (from nobody@localhost) by mars.ceddec.com (8.9.3/8.9.3) id UAA01487; Thu, 30 Sep 1999 20:01:01 -0400 Date: Thu, 30 Sep 1999 20:01:00 -0400 (EDT) From: Tom Zerucha X-Sender: nobody@mars.ceddec.com To: Carl Ellison cc: ietf-open-pgp@imc.org Subject: Re: Any implementation for the Pilot? In-Reply-To: <3.0.5.32.19990930010624.0089d250@spiritone.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: http://cryptography.org/crypto/-export-control-random-/pgp/palmopgp/ Go to www.cryptography.org and follow the pgp link and the palmopgp link after you get past the export screen. On 30 Sep 1999, Carl Ellison wrote: > Is anyone doing a PGP implementation for the PalmPilot? > *** SIG ERROR > > > +------------------------------------------------------------------+ > |Carl M. Ellison cme@acm.org http://www.pobox.com/~cme | > | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | > +--Officer, officer, arrest that man. He's whistling a dirty song.-+ From owner-ietf-open-pgp@imc.org Thu Sep 30 21:07:00 1999 Received: from mail.imc.org (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA24117 for ; Thu, 30 Sep 1999 21:06:59 -0400 (EDT) Received: by mail.imc.org (8.9.3/8.9.3) id RAA27274 for ietf-open-pgp-bks; Thu, 30 Sep 1999 17:37:17 -0700 (PDT) Received: from p2.eze-mail.net (www.eze-mail.net [131.203.161.1]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id RAA27270 for ; Thu, 30 Sep 1999 17:37:14 -0700 (PDT) Received: from dwdl (unverified [206.18.111.208]) by p2.eze-mail.net (Rockliffe SMTPRA 3.4.2) with ESMTP id for ; Fri, 1 Oct 1999 12:29:42 +0100 Date: Fri, 1 Oct 1999 12:29:42 +0100 Message-ID: From: "Matthew Sherborne" To: "Open PGP Mailing List" Subject: e-mail programs MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.imc.org id RAA27271 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone know of any e-mail programs that incorporate PGP ? Matthew Sherborne Senior Programmer Dataworks Design International Portable e-mail for everyone -> www.eze-mail.net -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 for non-commercial use iQA/AwUBN/NWIH1DSoCcg3+OEQICOgCgzLZ60Xdmv0C9n5VXIDX6sF57FI8AnROx MVGlxVQMjewn273NuLrcWLuW =326y -----END PGP SIGNATURE----- Received: by mail.imc.org (8.9.3/8.9.3) id RAA27274 for ietf-open-pgp-bks; Thu, 30 Sep 1999 17:37:17 -0700 (PDT) Received: from p2.eze-mail.net (www.eze-mail.net [131.203.161.1]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id RAA27270 for ; Thu, 30 Sep 1999 17:37:14 -0700 (PDT) Received: from dwdl (unverified [206.18.111.208]) by p2.eze-mail.net (Rockliffe SMTPRA 3.4.2) with ESMTP id for ; Fri, 1 Oct 1999 12:29:42 +0100 Date: Fri, 1 Oct 1999 12:29:42 +0100 Message-ID: From: "Matthew Sherborne" To: "Open PGP Mailing List" Subject: e-mail programs MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.imc.org id RAA27271 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone know of any e-mail programs that incorporate PGP ? Matthew Sherborne Senior Programmer Dataworks Design International Portable e-mail for everyone -> www.eze-mail.net -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 for non-commercial use iQA/AwUBN/NWIH1DSoCcg3+OEQICOgCgzLZ60Xdmv0C9n5VXIDX6sF57FI8AnROx MVGlxVQMjewn273NuLrcWLuW =326y -----END PGP SIGNATURE----- Received: by mail.imc.org (8.9.3/8.9.3) id QAA26687 for ietf-open-pgp-bks; Thu, 30 Sep 1999 16:58:59 -0700 (PDT) Received: from server1.mich.com (IDENT:root@server1.mich.com [198.108.16.2]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id QAA26683 for ; Thu, 30 Sep 1999 16:58:58 -0700 (PDT) Received: from mars.ceddec.com (pm006-029.dialip.mich.com [207.74.178.141]) by server1.mich.com (8.9.3/8.9.3) with ESMTP id TAA07623; Thu, 30 Sep 1999 19:44:27 -0400 Received: (from nobody@localhost) by mars.ceddec.com (8.9.3/8.9.3) id UAA01487; Thu, 30 Sep 1999 20:01:01 -0400 Date: Thu, 30 Sep 1999 20:01:00 -0400 (EDT) From: Tom Zerucha X-Sender: nobody@mars.ceddec.com To: Carl Ellison cc: ietf-open-pgp@imc.org Subject: Re: Any implementation for the Pilot? In-Reply-To: <3.0.5.32.19990930010624.0089d250@spiritone.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: http://cryptography.org/crypto/-export-control-random-/pgp/palmopgp/ Go to www.cryptography.org and follow the pgp link and the palmopgp link after you get past the export screen. On 30 Sep 1999, Carl Ellison wrote: > Is anyone doing a PGP implementation for the PalmPilot? > *** SIG ERROR > > > +------------------------------------------------------------------+ > |Carl M. Ellison cme@acm.org http://www.pobox.com/~cme | > | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | > +--Officer, officer, arrest that man. He's whistling a dirty song.-+ Received: by mail.imc.org (8.9.3/8.9.3) id BAA00537 for ietf-open-pgp-bks; Thu, 30 Sep 1999 01:01:35 -0700 (PDT) Received: from mx.spiritone.com (ridge.spiritone.com [205.139.108.2]) by mail.imc.org (8.9.3/8.9.3) with SMTP id BAA00533 for ; Thu, 30 Sep 1999 01:01:33 -0700 (PDT) Received: (qmail 31251 invoked from network); 30 Sep 1999 08:02:25 -0000 Received: (ofmipd 206.98.121.218); 30 Sep 1999 08:02:03 -0000 Date: 30 Sep 1999 01:06:24 -0700 Message-Id: <3.0.5.32.19990930010624.0089d250@spiritone.com> From: "Carl Ellison" To: ietf-open-pgp@imc.org Cc: cme@acm.org X-Sender: cellison@spiritone.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Subject: Any implementation for the Pilot? In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Is anyone doing a PGP implementation for the PalmPilot? -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1fc7 iQA/AwUBN/MZ/5SWoQShp/waEQKH1ACgqlqta0QcvvTVDP7jLQ3e33f/F3oAnR3I FJD2OK3cy6xc1RrJ0cG9jvSC =kFWn -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cme@acm.org http://www.pobox.com/~cme | | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | +--Officer, officer, arrest that man. He's whistling a dirty song.-+ Received: by mail.proper.com (8.9.3/8.9.3) id NAA23852 for ietf-open-pgp-bks; Wed, 22 Sep 1999 13:06:38 -0700 (PDT) Received: from hardees.rutgers.edu (hardees.rutgers.edu [128.6.18.2]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id NAA23848 for ; Wed, 22 Sep 1999 13:06:36 -0700 (PDT) Received: from localhost (mione@localhost) by hardees.rutgers.edu (8.8.8/8.8.8) with SMTP id QAA07796; Wed, 22 Sep 1999 16:10:33 -0400 (EDT) Date: Wed, 22 Sep 1999 16:10:33 -0400 (EDT) From: Tony Mione To: ietf-open-pgp@imc.org cc: Tony Mione Subject: New mailing list for PGP Keyserver Synchronization protocl Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In Oslo, John Noerenberg requested that I create a new mailing list to discuss PGP Keyserver synchronization protocols. If the list gets sufficient discussion, we should request a BOF for the DC or Adelaide IETF meeting. The list is ietf-sync-pgp@tdmx.rutgers.edu. You can subscribe by sending email to majordomo@tdmx.rutgers.edu and placing the commands subscribe ietf-sync-pgp end in the body of the message. Tony Mione Phone: +1 732-445-0605 FAX: +1 732-445-2968 Manager, TD Network Services W3: http://noc.rutgers.edu/~mione/ RUCS Telecommunications Division PGPFP:D4EEA987E870277C 24AAE6E9E6ABD088 Author of 'CDE and Motif : A Practical Primer', Prentice-Hall ** Rom 10:9-11 ** Received: by mail.proper.com (8.9.3/8.9.3) id WAA13091 for ietf-open-pgp-bks; Tue, 21 Sep 1999 22:49:04 -0700 (PDT) Received: from pharos.hsp.de (pharos.hsp.de [194.77.127.3]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id WAA13087 for ; Tue, 21 Sep 1999 22:49:02 -0700 (PDT) Received: (from uucp@localhost) by pharos.hsp.de (8.9.3/8.9.3) with UUCP id HAA32050 for ietf-open-pgp@imc.org; Wed, 22 Sep 1999 07:46:24 +0200 Received: from (frodo.isil.d.shuttle.de) [172.20.1.4] (mail) by beren.isil.d.shuttle.de with esmtp (Exim 1.92 #1 (Debian)) id 11Tf9y-0007XJ-00; Wed, 22 Sep 1999 07:41:42 +0200 Received: from wk by frodo.isil.d.shuttle.de with local (Exim 2.05 #1 (Debian)) id 11TfC1-0003Pb-00; Wed, 22 Sep 1999 07:43:49 +0200 Date: Wed, 22 Sep 1999 07:43:49 +0200 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Encrypted Data Packet Contents Message-ID: <19990922074349.B13093@frodo.isil.d.shuttle.de> References: <19990921190710.58607.qmail@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.6i In-Reply-To: <19990921190710.58607.qmail@hotmail.com> X-URL: http://www.openit.de/wks Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: "Mr. Morden" writes: > 5.7. Symmetrically Encrypted Data Packet (Tag 9) > > The Symmetrically Encrypted Data packet contains data encrypted with > a symmetric-key algorithm. When it has been decrypted, it will > typically contain other packets (often literal data packets or > compressed data packets). > ............................ > > What gives with *typically*? It should *always* contain other packets > (Signed, Compressed, Literal, whathaveyou...) >From the RFC (10.2): | [...] | In addition, decrypting a Symmetrically Encrypted Data packet and | decompressing a Compressed Data packet must yield a valid OpenPGP | Message. And typically you will either have a signed message, a compressed packet or a literal packet; however you may cosse to put another encrypted packet in it. -- Werner Koch at guug.de www.gnupg.org keyid 621CC013 Received: by mail.proper.com (8.9.3/8.9.3) id MAA06545 for ietf-open-pgp-bks; Tue, 21 Sep 1999 12:03:46 -0700 (PDT) Received: from hotmail.com (law2-f259.hotmail.com [216.32.180.217]) by mail.proper.com (8.9.3/8.9.3) with SMTP id MAA06541 for ; Tue, 21 Sep 1999 12:03:45 -0700 (PDT) Received: (qmail 58608 invoked by uid 0); 21 Sep 1999 19:07:10 -0000 Message-ID: <19990921190710.58607.qmail@hotmail.com> Received: from 157.22.240.51 by www.hotmail.com with HTTP; Tue, 21 Sep 1999 12:07:09 PDT X-Originating-IP: [157.22.240.51] From: "Mr. Morden" To: ietf-open-pgp@imc.org Subject: Encrypted Data Packet Contents Date: Tue, 21 Sep 1999 19:07:09 GMT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: >From the RFC so dear... ...................... 5.7. Symmetrically Encrypted Data Packet (Tag 9) The Symmetrically Encrypted Data packet contains data encrypted with a symmetric-key algorithm. When it has been decrypted, it will typically contain other packets (often literal data packets or compressed data packets). ............................ What gives with *typically*? It should *always* contain other packets (Signed, Compressed, Literal, whathaveyou...) Or, can arbitrary data be placed in this packet? Does any implementation allow this? -ted ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com Received: by mail.proper.com (8.9.3/8.9.3) id AAA08647 for ietf-open-pgp-bks; Wed, 15 Sep 1999 00:18:47 -0700 (PDT) Received: from koeln.shuttle.de (koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id AAA08632 for ; Wed, 15 Sep 1999 00:18:39 -0700 (PDT) Received: (from uucp@localhost) by koeln.shuttle.de (8.9.3/8.9.3) with UUCP id JAA14511 for ietf-open-pgp@imc.org; Wed, 15 Sep 1999 09:21:58 +0200 (MET DST) Received: from (frodo.isil.d.shuttle.de) [172.20.1.4] (mail) by beren.isil.d.shuttle.de with esmtp (Exim 1.92 #1 (Debian)) id 11R8zZ-0001mI-00; Wed, 15 Sep 1999 08:56:33 +0200 Received: from wk by frodo.isil.d.shuttle.de with local (Exim 2.05 #1 (Debian)) id 11R906-0001LV-00; Wed, 15 Sep 1999 08:57:06 +0200 Date: Wed, 15 Sep 1999 08:57:06 +0200 From: Werner Koch To: ietf-open-pgp@imc.org Subject: dash-escaped text (7.1) Message-ID: <19990915085706.C5135@frodo.isil.d.shuttle.de> Mail-Followup-To: ietf-open-pgp@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.3i X-URL: http://www.openit.de/wks Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, there is a ambiguity in the definition of cleartext signature: |7.1. Dash-Escaped Text | [....] | As with binary signatures on text documents, a cleartext signature is | calculated on the text using canonical line endings. The | line ending (i.e. the ) before the '-----BEGIN PGP ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | SIGNATURE-----' line that terminates the signed text is not | considered part of the signed text. It is not clear whether this line ending is has to be added by the creation process and later to be removed or whether it simply does not go into the calculation of the hash. The problem with this is, what to do when we have to encode a message a) of size 0 b) without a trailing line ending I agree that both cases are rare but case b) happens from time to time. Solutions for this are: a) A header line telling something about the orignal text when this text has one of the above problems. Advantage: Compatibility to existing implementions Disadvantage: A extra header line in a few cases and special code to handle these cases. b) Add the text to the RFC: "A newline is supposed to be added and subsequently removed". Advantage: Very easy and clear definition. Disadvantage: Not compatible to existing implemantations c) Add a RFC version number as header line and use b) Advantage: Easy Disadvantage: Still need the extra code for OpenPGP 1.0 and makes all signatures larger. For compatibilty reasons I would prefer solution a) What do you think? Werner -- Werner Koch at guug.de www.gnupg.org keyid 621CC013 Received: by mail.proper.com (8.9.3/8.9.3) id IAA05791 for ietf-open-pgp-bks; Mon, 13 Sep 1999 08:31:06 -0700 (PDT) Received: from domains.invweb.net (IDENT:root@domains.invweb.net [198.182.196.32]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id IAA05786 for ; Mon, 13 Sep 1999 08:31:04 -0700 (PDT) Received: from whgiii (IDENT:root@openpgp.net [199.184.252.29]) by domains.invweb.net (8.9.3/8.9.3) with SMTP id LAA13145; Mon, 13 Sep 1999 11:33:31 -0400 Message-Id: <199909131533.LAA13145@domains.invweb.net> From: "William H. Geiger III" Date: Mon, 13 Sep 1999 10:27:21 -0500 To: Jon Callas In-Reply-To: Cc: "John S. Bucy" , ietf-open-pgp@imc.org Subject: Re: OpenPGP key fingerprints and stuff X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.61 b62 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In , on 09/12/99 at 07:33 PM, Jon Callas said: >At 1:54 PM -0400 9/12/99, John S. Bucy wrote: >>Someone else suggested that the problem of computing a key pair that has a >>particular key ID is computationally infeasible. I can't really speak to >>this either way but it seems to me like 1: the probability of people >>independentally randomly generating the same key pair (or keypairs with >>identical fingerprints/keyIDs) is quite small and that 2: it would be >>completely impractical for almost anyone (three-letter agencies excluded) >>to try to exploit a system by systematically causing keyID collisions. >Yes, it's computationally infeasible to generate a key with a given >keyID. Or more to the point, if you can do it, you have found a flaw in >SHA-1. Publish it, you'll get kudos. >However, because the keyID is 64 bits long, when there are a total of 4 >billion keys (0x1 0000 0000) in the universe, there is a 50% chance that >there is some collision of two keyIDs. These two people will be annoyed, >because all the present implementations assume keyIDs are unique. Actually, IIRC when I asked about keyID's long ago it was the consensus that they were not unique and should be treated as such. I have been coding under this assumption ever since. >> >> >>As far as my particular system goes, it seems like I have two options: >> >>1. Don't worry about key ID collisions. Under most circumstances, I >>think that this would probably be ok. >> >>2. Use a "signer's key fingerprint" signature subpacket and leave the >>keyID packet there and ignore it. Has the working group considered an >>extension to OpenPGP to standardize such a thing (i.e. keyID Must >>Implement, fingerprint Should implement)? It seems like this would be >>preferable to me defining my own subpacket type for my specific system... >> >In the long term, (2) is a good idea. But it's not just signatures that >need it. All places where a keyID is used really should move to >fingerprints. But it's not presently in the scope of this WG to fix all >of these. >If you make your own fingerprint subpacket, please use a notation >subpacket for it. IMHO I just don't see a need for it anytime in the near future. While there is the chance for collisions (I think it is greater than your estimate above) it is quite remote on the client end. It seems to me that this is mostly a server issue though the client software shouldn't choke on it. -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) --------------------------------------------------------------- Received: by mail.proper.com (8.9.3/8.9.3) id GAA03757 for ietf-open-pgp-bks; Mon, 13 Sep 1999 06:33:56 -0700 (PDT) Received: from grannus.iks-jena.de (root@grannus.iks-jena.de [194.221.90.36]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id GAA03746 for ; Mon, 13 Sep 1999 06:33:47 -0700 (PDT) Received: (from news@localhost) by grannus.iks-jena.de (8.9.3/8.9.2) id PAA26319 for ietf-open-pgp@imc.org; Mon, 13 Sep 1999 15:36:49 +0200 To: ietf-open-pgp@imc.org Path: lutz From: lutz@iks-jena.de (Lutz Donnerhacke) Newsgroups: iks.lists.ietf-open-pgp Subject: Re: OpenPGP key fingerprints and stuff Date: 13 Sep 1999 13:36:49 GMT Organization: IKS GmbH Jena Lines: 7 Message-ID: References: NNTP-Posting-Host: taranis.iks-jena.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: slrn/0.9.5.4 (UNIX) Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: * John S. Bucy wrote: >Someone else suggested that the problem of computing a key pair that has a >particular key ID is computationally infeasible. This was never true. Source does exist since months. Natural collisions in 64bit are known to exist. Received: by mail.proper.com (8.9.3/8.9.3) id TAA22877 for ietf-open-pgp-bks; Sun, 12 Sep 1999 19:37:31 -0700 (PDT) Received: from merrymeet.com (Discordia@[63.73.97.162]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id TAA22870 for ; Sun, 12 Sep 1999 19:37:28 -0700 (PDT) Received: from [204.179.130.203] (63.73.97.169) by merrymeet.com with ESMTP (Eudora Internet Mail Server 2.2); Sun, 12 Sep 1999 18:40:34 -0800 Mime-Version: 1.0 X-Sender: jon@merrymeet.com Message-Id: In-Reply-To: References: Date: Sun, 12 Sep 1999 19:33:52 -0700 To: "John S. Bucy" From: Jon Callas Subject: Re: OpenPGP key fingerprints and stuff Cc: ietf-open-pgp@imc.org Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 1:54 PM -0400 9/12/99, John S. Bucy wrote: >Someone else suggested that the problem of computing a key pair that has a >particular key ID is computationally infeasible. I can't really speak to >this either way but it seems to me like 1: the probability of people >independentally randomly generating the same key pair (or keypairs with >identical fingerprints/keyIDs) is quite small and that 2: it would be >completely impractical for almost anyone (three-letter agencies excluded) >to try to exploit a system by systematically causing keyID collisions. Yes, it's computationally infeasible to generate a key with a given keyID. Or more to the point, if you can do it, you have found a flaw in SHA-1. Publish it, you'll get kudos. However, because the keyID is 64 bits long, when there are a total of 4 billion keys (0x1 0000 0000) in the universe, there is a 50% chance that there is some collision of two keyIDs. These two people will be annoyed, because all the present implementations assume keyIDs are unique. > > >As far as my particular system goes, it seems like I have two options: > >1. Don't worry about key ID collisions. Under most circumstances, I >think that this would probably be ok. > >2. Use a "signer's key fingerprint" signature subpacket and leave the >keyID packet there and ignore it. Has the working group considered an >extension to OpenPGP to standardize such a thing (i.e. keyID Must >Implement, fingerprint Should implement)? It seems like this would be >preferable to me defining my own subpacket type for my specific system... > In the long term, (2) is a good idea. But it's not just signatures that need it. All places where a keyID is used really should move to fingerprints. But it's not presently in the scope of this WG to fix all of these. If you make your own fingerprint subpacket, please use a notation subpacket for it. Jon Received: by mail.proper.com (8.9.3/8.9.3) id KAA14030 for ietf-open-pgp-bks; Sun, 12 Sep 1999 10:49:08 -0700 (PDT) Received: from deeped.gloop.org (root@DEEPED.CLUB.CC.CMU.EDU [128.2.232.59] (may be forged)) by mail.proper.com (8.9.3/8.9.3) with ESMTP id KAA14026 for ; Sun, 12 Sep 1999 10:49:06 -0700 (PDT) Received: from localhost (bucy@localhost [127.0.0.1]) by deeped.gloop.org (8.9.1/8.9.1) with ESMTP id NAA24628; Sun, 12 Sep 1999 13:54:29 -0400 Date: Sun, 12 Sep 1999 13:54:29 -0400 (EDT) From: "John S. Bucy" To: Jon Callas cc: ietf-open-pgp@imc.org Subject: Re: OpenPGP key fingerprints and stuff In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Sat, 11 Sep 1999, Jon Callas wrote: > However, the reason the key ID is used is to be compatible with previous > implementations. PGP 2 used eight-byte key ids as a handle to look up the > proper key not only for signatures, but for encrypted data. > > When we started OpenPGP, a number of us, myself included, wanted to take > the opportunity to clean up a number of things, like existence of key IDs. > I think that every place a key id is used, it should be a fingerprint > instead. > > But. We have to be compatible with existing versions of PGP out there. So > we use key IDs, even though they have all the flaws you mentioned. That's > the only reason: we do it that way because that's the way we've always done > it. Someone else suggested that the problem of computing a key pair that has a particular key ID is computationally infeasible. I can't really speak to this either way but it seems to me like 1: the probability of people independentally randomly generating the same key pair (or keypairs with identical fingerprints/keyIDs) is quite small and that 2: it would be completely impractical for almost anyone (three-letter agencies excluded) to try to exploit a system by systematically causing keyID collisions. As far as my particular system goes, it seems like I have two options: 1. Don't worry about key ID collisions. Under most circumstances, I think that this would probably be ok. 2. Use a "signer's key fingerprint" signature subpacket and leave the keyID packet there and ignore it. Has the working group considered an extension to OpenPGP to standardize such a thing (i.e. keyID Must Implement, fingerprint Should implement)? It seems like this would be preferable to me defining my own subpacket type for my specific system... later john (ps I'm not on the OpenPGP WG mailing list so please cc replies to me) ------------------------------------------- John Bucy "My mind is going....I can feeeeeeel it..." bucy@gloop.org ------------------------------------------- Received: by mail.proper.com (8.9.3/8.9.3) id SAA25700 for ietf-open-pgp-bks; Sat, 11 Sep 1999 18:45:15 -0700 (PDT) Received: from merrymeet.com (Discordia@merrymeet.com [63.73.97.162]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id SAA25692 for ; Sat, 11 Sep 1999 18:45:09 -0700 (PDT) Received: from [204.179.130.203] (63.73.97.169) by merrymeet.com with ESMTP (Eudora Internet Mail Server 2.2); Sat, 11 Sep 1999 17:48:09 -0800 Mime-Version: 1.0 X-Sender: jon@merrymeet.com Message-Id: In-Reply-To: References: Date: Sat, 11 Sep 1999 17:25:54 -0700 To: "John S. Bucy" , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: OpenPGP key fingerprints and stuff Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 4:12 PM -0400 8/30/99, John S. Bucy wrote: >It would make my code substantially simpler if I could have a "signer's >key fingerprint" instead. And as the spec stands, I have to define my own >subpacket type for it. Since the ID can be directly derived from the >fingerprint and they both have distinct, fixed lengths, it seems to me >like you could unambiguously use either one or the other in the same >subpacket without any other indication of which it was; if the length is 8 >bytes, its the ID, if its 20 bytes, its the fingerprint. Any thoughts? You're perceptive, and in my opinion right. I agree with you 100%. However, the reason the key ID is used is to be compatible with previous implementations. PGP 2 used eight-byte key ids as a handle to look up the proper key not only for signatures, but for encrypted data. When we started OpenPGP, a number of us, myself included, wanted to take the opportunity to clean up a number of things, like existence of key IDs. I think that every place a key id is used, it should be a fingerprint instead. But. We have to be compatible with existing versions of PGP out there. So we use key IDs, even though they have all the flaws you mentioned. That's the only reason: we do it that way because that's the way we've always done it. Jon Received: by mail.proper.com (8.9.3/8.9.3) id CAA19644 for ietf-open-pgp-bks; Fri, 10 Sep 1999 02:41:55 -0700 (PDT) Received: from s2.smtp.oleane.net (s2.smtp.oleane.net [195.25.12.6]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id CAA19640 for ; Fri, 10 Sep 1999 02:41:53 -0700 (PDT) Received: from nec.oleane.com (dyn-1-1-230.Cor.dialup.oleane.fr [62.161.8.230]) by s2.smtp.oleane.net with SMTP id LAA79986 for ; Fri, 10 Sep 1999 11:44:49 +0200 (CEST) Message-ID: <01f901befb71$47c93f00$0201a8c0@nec.oleane.com> From: "Peter lewis" To: Subject: From Firewall to IPSec VPNs Date: Fri, 10 Sep 1999 11:45:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Security services and protection mechanisms IPv6 promises regarding IPSec Certification infrastructure Standardization update Case Studies: ISPs, carriers, private networks AH and ESP protocols description Possible future extensions and modifications of the IKE protocol Complementarity between IPSec and firewalls Global Site-to-Site IPSec VPN's with End-to-End SLA's Managing widespread IPSEC virtual private networks Solving IPSec VPNs scalability Results of some interoperability tests IPSec architectures and non-standardized aspects of IPSec Adding IPSec VPN functions in an existing router network Impact of fragmentation on the performance of IPSec coding IPSEC 99 Conference >From Firewall to IPSec VPNs October 26, 27, 28, 29, 1999 Paris - France More infos: www.upperside.fr/baipsec.htm Sorry to post this message on the list. Thanks