From nobody Sat Jun  3 20:43:33 2017
Return-Path: <ben@adversary.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BDC5129498 for <openpgp@ietfa.amsl.com>; Sat,  3 Jun 2017 20:43:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.781
X-Spam-Level: *
X-Spam-Status: No, score=1.781 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RDNS_DYNAMIC=0.982, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vt4y_3P5fAIg for <openpgp@ietfa.amsl.com>; Sat,  3 Jun 2017 20:43:30 -0700 (PDT)
Received: from devious.adversary.org (ec2-52-29-175-128.eu-central-1.compute.amazonaws.com [52.29.175.128]) by ietfa.amsl.com (Postfix) with ESMTP id 05E84126B7F for <openpgp@ietf.org>; Sat,  3 Jun 2017 20:43:29 -0700 (PDT)
Date: Sun, 4 Jun 2017 13:43:22 +1000
From: Ben McGinnes <ben@adversary.org>
To: openpgp@ietf.org
Message-ID: <20170604034322.vgzppevtpt2q5apv@adversary.org>
References: <20170309184745.GC2@hashbang.sh> <CABcZeBMhpXy-e9Mtp8LwfqfAVW_ks3JBw1H2N3H_0c4gpQBqpg@mail.gmail.com> <DAC23A62-14BF-4AAA-8E52-09029B279E8F@icloud.com> <87varhculg.fsf@wheatstone.g10code.de> <2BC88897-B957-4E4E-B109-DFF4EFA14B4D@icloud.com> <87mvco40xf.fsf@wheatstone.g10code.de> <87mvclwjih.fsf@wheatstone.g10code.de> <20170317011757.ymdzyv2clmxsea6p@genre.crustytoothpaste.net> <871stwti3n.fsf@wheatstone.g10code.de> <7554DEA8-3298-419F-879F-A29D7881A83B@icloud.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="73xn5vnq4xmlbqgw"
Content-Disposition: inline
In-Reply-To: <7554DEA8-3298-419F-879F-A29D7881A83B@icloud.com>
User-Agent: NeoMutt/20170602 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/vOoNhscdr9bmp6Td93JmCqMu630>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Jun 2017 03:43:31 -0000

--73xn5vnq4xmlbqgw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Mar 17, 2017 at 11:05:17AM -0700, Jon Callas wrote:
> My preference is to use SHA-512. My rationale is:
>=20
> * Fingerprints of keys don't have to be computed continuously. They
> * can be computed ones and the result cached for a reasonably long
> * period of time. For every argument about speed on small machines,
> * there's an equal and opposite counter-argument about speed on
> * large machines. I've pulled my hands back several times from
> * saying more. I won't unless provoked. I think the better argument
> * is that speed of computing a fingerprint doesn't matter.
>=20
> * If we use SHA-512, we extend the length of time before we have to
> * have this argument again.

Admittedly I was already leaning in favour of SHA-512, but this last
bit here pushed me over the line in spite of the issues affecting the
small machines faction.


Regards,
Ben

--73xn5vnq4xmlbqgw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQGzBAABCgAdFiEEt/D+dZOHQw3QxYvbf/LTcTXHVTwFAlkzgdoACgkQf/LTcTXH
VTy6awwA6McitU42RCL6atB9+/QH9uARi5fNkFCS+eSXHFqOWVkI7t/tEd/vMFx6
x0KJupA3goH9PBNwJK59MP4L2xUu8TEbTNISnoU88rG9HpFeKiGOrCbtM9D/q826
joPTbbtMnP5T4Tw/3XdJ3yrcY7LISFb844Un0fLT2z0C4Q+T6y3uH1DUc8RnqnL4
PAc4CBGJpPYIqNDPdkdJRB5Mrsjzug8/abnVB1qplCN4hCKBGnU11EPPgqdicYNa
VJND7D0Hb79OTvji1a7GnVE1gX2ixi/wqShU12GhGI8t5c86DDsMNbFhPQJQMAKO
OhHpnAVNr0cNu/6XRp4cvm64aEMl0uGwBm6PWw2He1Y9JFYLhgvxu61JK+ULGb0l
KLL17in5PlbXG2wogbq6UZzxQMJIw2u9ERoEgSiouP5lBEFVFyW9euCHlQ93uS2/
1IDwQa5OrCfNviiamtdCQT8enF/gvGR2FCHwmIc8Qk9e+aels/OrOJ9WRKU1jq2j
nXNTRPFZ
=MDNN
-----END PGP SIGNATURE-----

--73xn5vnq4xmlbqgw--


From nobody Fri Jun 30 05:05:05 2017
Return-Path: <internet-drafts@ietf.org>
X-Original-To: openpgp@ietf.org
Delivered-To: openpgp@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 61C7B126D73; Fri, 30 Jun 2017 05:05:03 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <i-d-announce@ietf.org>
Cc: openpgp@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.55.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <149882430335.4592.5542218238949434277@ietfa.amsl.com>
Date: Fri, 30 Jun 2017 05:05:03 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/DHKLEXXUbeZxN4PTWsSQd5bjgXI>
Subject: [openpgp] I-D Action: draft-ietf-openpgp-rfc4880bis-02.txt
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jun 2017 12:05:03 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Open Specification for Pretty Good Privacy of the IETF.

        Title           : OpenPGP Message Format
        Author          : Werner Koch
	Filename        : draft-ietf-openpgp-rfc4880bis-02.txt
	Pages           : 113
	Date            : 2017-06-30

Abstract:
   { Work in progress to update the OpenPGP specification from RFC4880 }

   This document is maintained in order to publish all necessary
   information needed to develop interoperable applications based on the
   OpenPGP format.  It is not a step-by-step cookbook for writing an
   application.  It describes only the format and methods needed to
   read, check, generate, and write conforming packets crossing any
   network.  It does not deal with storage and implementation questions.
   It does, however, discuss implementation issues necessary to avoid
   security flaws.

   OpenPGP software uses a combination of strong public-key and
   symmetric cryptography to provide security services for electronic
   communications and data storage.  These services include
   confidentiality, key management, authentication, and digital
   signatures.  This document specifies the message formats used in
   OpenPGP.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-openpgp-rfc4880bis/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02
https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-02

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-openpgp-rfc4880bis-02


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/