From nobody Wed Aug 9 18:48:08 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ED78129B25 for ; Wed, 9 Aug 2017 18:48:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dcddbergLero for ; Wed, 9 Aug 2017 18:48:02 -0700 (PDT) Received: from castro.crustytoothpaste.net (castro.crustytoothpaste.net [75.10.60.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5A7F13251A for ; Wed, 9 Aug 2017 18:48:02 -0700 (PDT) Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 6A39E280AD for ; Thu, 10 Aug 2017 01:47:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1502329678; bh=jKqEyf4PpS/4857W0l/ZdY/B9H79eaWHkoxew4ybiG4=; h=Date:From:To:Subject:References:In-Reply-To:From; b=jzPXdj4KZv0BvJcGcqaQKma0uEVxg2u6fNqUL6PxnbDgv+KqenLOWs3T5O+wrSumA 6dyjnAVIu9Zq5cuInp3/uEllLMKbzAP86A0Unky2bZer46U+uJqtk9s3vy6Y1a1cH+ YikiHBG1q8cqsZwIH4FVMGYjm21/YJ2ZH6I4+YW/fNv2V/EVVND/Ti/cgvmMFSRSBM L9vhfw1Xl3DZiVhifo0gdHjvPaSVxWXLTsoLnwfp+HPk5TuhKSjGKadO3eL2OKuCQH b31vnf72G3fIYhS0DUlVuUWcoIfKa+xP1kW5NjCTIwZyn3cO/qOSX3H5C/nOg+dPJe 2b9Qh9myXok2avZkON5dUhOCtt1pkf8I2gkVeY1bE3U+vZL/Y8IRSx8GyZ4i+/LADe fddvCwhV/CpJtLNIT23ygAkHrNschStRqC61Czos7aHg86669nwy37uXs7Bdzt/3Br 5ConX5knKS75YTirYYHrOQ4xaztdeHCd0Ch16ZWK8mFn1XdaQu9 Date: Thu, 10 Aug 2017 01:47:51 +0000 From: "brian m. carlson" To: openpgp@ietf.org Message-ID: <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="dr3ru5txr4yqitd5" Content-Disposition: inline In-Reply-To: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.11.0-2-amd64) User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Aug 2017 01:48:06 -0000 --dr3ru5txr4yqitd5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 12, 2017 at 10:38:52PM +0000, brian m. carlson wrote: > Our charter includes several goals that we should accomplish. I'm going > to summarize where we are with each of them so we can see where we need > to make progress. >=20 > If you're going to respond to one or more of these, please respond to > each one in a separate thread so that we can have a logical set of > discussions. >=20 > CFRG Curves > ----------- >=20 > We've included EdDSA with Curve25519. I'd suggest including Curve448 as > an additional option for EdDSA. That might necessitate including > SHAKE256 limited to this purpose only. >=20 > Curve25519 is defined for ECDH. We probably also want to consider > Curve448. The work needed for this purpose is probably limited to > including OIDs for the curve. While I'm thinking about it, did anyone have any opinions on adding Curve448 support? If we decide not to add it now, we could always do an update in a future RFC if we change our minds later. --=20 brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204 --dr3ru5txr4yqitd5 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.22 (GNU/Linux) iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlmLu0cACgkQv1NdgR9S 9ouPuxAAuxzCwNrJcPf9SD1RgbE3WMAFJUOhj4bwPTJjdHp6uNE0u6SkpHt10wp2 +A6i+GTR+H/SU6kYPwj6ZuSZhTm8+4NUmQf2W39vyUN/RQN1mAeNL5qrgMfz076A mX2eKJu3s9zYdf8REgM1C/mrzlCR+ILWMFdGmJ13eP7wk/rqMFJMw4Mv7rOzPxeQ ZjYS9wQCbxUuCzhm5pPNn30ErpU5Y0DAekKlLHicW1jjv3MtVyQoR5fhGEfWxpNL 6N7N7DcsjZinVKoZUdu8FiVnoImp/7beBWz14QZiK7lcWzXHSrgX2d/LdO9MuuaJ uavuC7tyWmA4O77kiwjDqKCZO70+REetPfSEpqNRknp0RHV4x2+6uiS50eGa5f/3 4jIBspOHEtmuyVNVXtLJquszOi5MTuBuqzh/v4eOAPLHdcYvxYJbQANEjrUGNB+W ZnmXrhFtQHs5/raaNqhYy8YUUt5O8e+Jh8p9qu4KQwJyODyENwtFos8og7UuiLyR Zn92GMgx92m10fT3WQhuGgnlJi3CS1a3BHBmsglq9Rpsb+vtUPqGnLENONXqUlou apm00OOi8p2PfMe4mRl7Osn+3cyoH4Kei281c/+6LILqnlTZS8v+M5exMAWy3Bak FBWM7NHDwT5vJxlJFxPZjoHtUJdCV+hbGlVki2VZ7FSZHVXPMtM= =1jV0 -----END PGP SIGNATURE----- --dr3ru5txr4yqitd5-- From nobody Wed Aug 9 19:27:34 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5AC213251F for ; Wed, 9 Aug 2017 19:27:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vkMvdZbRycxO for ; Wed, 9 Aug 2017 19:27:32 -0700 (PDT) Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59E45124207 for ; Wed, 9 Aug 2017 19:27:32 -0700 (PDT) Received: from pps.filterd (m0050102.ppops.net [127.0.0.1]) by m0050102.ppops.net-00190b01. (8.16.0.21/8.16.0.21) with SMTP id v7A2RBfc009869; Thu, 10 Aug 2017 03:27:11 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=jan2016.eng; bh=zkeZTiB+LRfHAKp9ranPIPJE175sZQ+zjik7p8PNY5U=; b=jqBbCF00wS8JgRnXH8/fTPmYazY8uDUBHdKo3a2ALiOeAJle+kfxTv7NP16ZzP8IXQW9 ENT7f9fONt/DTKcKz/dctMINAo/H0KWM3IVvufOaBjYCClgiXwwNheZVTl5CHKoVffvb XaMQQxEvEJn5Fmg5HhbeYlp9oARuKNaazqsbf2tUsywzIJKwrLcCFKlOWIUAxqurTNiK bTXQyzTYn7O+y9N9cmYWFyq8GLv7YMTjJfuUA2ty5YirB9SOX/Q/jCsDM0p0oGeS4MCe 6JJ9uL1Eork6HbMyLPEXTFij3tdWvv37hIUmMqHF8H3hCGv/iwq1cKgxkP1HAZWKYRDd ZQ== Received: from prod-mail-ppoint4 ([96.6.114.87]) by m0050102.ppops.net-00190b01. with ESMTP id 2c8548hmy2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 10 Aug 2017 03:27:11 +0100 Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v7A2PtS1026359; Wed, 9 Aug 2017 22:27:11 -0400 Received: from email.msg.corp.akamai.com ([172.27.123.30]) by prod-mail-ppoint4.akamai.com with ESMTP id 2c59bv4g3v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 09 Aug 2017 22:27:10 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 9 Aug 2017 22:27:09 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Wed, 9 Aug 2017 22:27:09 -0400 From: "Salz, Rich" To: "brian m. carlson" , "openpgp@ietf.org" Thread-Topic: [openpgp] Summary of WG status Thread-Index: AQHTEXq6lkAlYxA1ZkyIkFTHuHwvsaJ83ESg Date: Thu, 10 Aug 2017 02:27:08 +0000 Message-ID: <904472b732df46958a9a0b27b4f9c008@usma1ex-dag1mb1.msg.corp.akamai.com> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> In-Reply-To: <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [172.19.40.128] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-10_01:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1708100039 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-10_01:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1708100039 Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Aug 2017 02:27:34 -0000 > If we decide not to add it now, we could always do an > update in a future RFC if we change our minds later. We can't even make progress on the current draft! The WG seems to be in the= midst of being shut down; both one of the co-chairs and one of the Securit= y AD's has spoken in favor of this. From nobody Wed Aug 9 20:02:52 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 224AA132529 for ; Wed, 9 Aug 2017 20:02:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3A_7ZaSvLkXx for ; Wed, 9 Aug 2017 20:02:49 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8F2F131CB6 for ; Wed, 9 Aug 2017 20:02:49 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 81241120FBEAF for ; Wed, 9 Aug 2017 20:02:48 -0700 (PDT) To: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> From: "Robert J. Hansen" Message-ID: <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> Date: Wed, 9 Aug 2017 23:02:47 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 09 Aug 2017 20:02:48 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Aug 2017 03:02:51 -0000 > While I'm thinking about it, did anyone have any opinions on adding > Curve448 support? If we decide not to add it now, we could always do an > update in a future RFC if we change our minds later. I am completely against even discussing this right now. IMO, our #1 item right now is getting SHA-1 removed from the spec as thoroughly as humanly possible. The next is justifying the continued existence of the WG. Everything else -- *everything else* -- is an afterthought. From nobody Thu Aug 10 08:41:58 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAC8A132190 for ; Thu, 10 Aug 2017 08:41:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hush.ai Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lHe5kdtQlTGo for ; Thu, 10 Aug 2017 08:41:54 -0700 (PDT) Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82E731320C9 for ; Thu, 10 Aug 2017 08:41:54 -0700 (PDT) Received: from smtp3.hushmail.com (localhost [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id 9CFB5E0A09 for ; Thu, 10 Aug 2017 15:41:53 +0000 (UTC) X-hush-tls-connected: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=hush.ai; h=date:to:subject:from; s=hush; bh=uchjbqdKw0cXmjOKp1DZPWImia4hQcWw1Qh0w8lS4cw=; b=pIm7/CX34DPrZLZiU35KdmT0VKiEACK2augwFLP3E/AGHqgkEMyt8GwfNmtXGX8D5ai4Ea3LosiPfUNC/joXv7eebtndpcJvB4M0dxjrQOO4BKlWRglmpvaDD404Hh914zD1WLGxTSrkVd2/pv+OqzqeXLxx06U4xJs/Sr6DKYNpwHTXWvq+N6+l8jyqdAHBFpr87VXAJqz4ZhjS4jidhPpq6PuiQm0fodxa6ZWhPLa8e9V/jSPJSj1CGRlOF1iCqRTqv6pRM+P0ZkaOB0zHYg5BOfLaguCtYZScNjqul9YnVibiQGQCHMkHBz3IDYR3YpcV8pn5kRcpR1NZj/IJSA== Received: from smtp.hushmail.com (w2.hushmail.com [65.39.178.46]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp3.hushmail.com (Postfix) with ESMTPS; Thu, 10 Aug 2017 15:41:53 +0000 (UTC) Received: by smtp.hushmail.com (Postfix, from userid 99) id 2C335E03C6; Thu, 10 Aug 2017 15:41:53 +0000 (UTC) MIME-Version: 1.0 Date: Thu, 10 Aug 2017 11:41:52 -0400 To: "Robert J. Hansen" , "openpgp" From: vedaal@nym.hush.com In-Reply-To: <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> Content-Type: multipart/alternative; boundary="=_a31f5f1e61520086771ee867ed6e6ef5" Message-Id: <20170810154153.2C335E03C6@smtp.hushmail.com> Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Aug 2017 15:41:57 -0000 --=_a31f5f1e61520086771ee867ed6e6ef5 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="UTF-8" On 8/9/2017 at 11:03 PM, "Robert J. Hansen" wrote:I am completely against even discussing this right now. IMO, our #1 item right now is getting SHA-1 removed from the spec as thoroughly as humanly possible. The next is justifying the continued existence of the WG. Everything else -- *everything else* -- is an afterthought. ===== In light of your recent post, what about deprecating 3DES, or at least adding a cautionary note and the NIST reference ? vedaal --=_a31f5f1e61520086771ee867ed6e6ef5 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8"
On 8/9/2017 at 11:03 PM, "Robert J. Hansen" <rjh@sixdemonbag.org>= ; wrote:
I am completely against even discussing this right now. = IMO, our #1
item right now is getting SHA-1 removed from the spec as tho= roughly as
humanly possible. The next is justifying the continued exist= ence of the WG.

Everything else -- *everything else* -- is an aftert= hought.

=3D=3D=3D=3D=3D

In light  of your recent post, w= hat about deprecating 3DES, or at least adding a cautionary note and the NI= ST reference ?


vedaal
 --=_a31f5f1e61520086771ee867ed6e6ef5-- From nobody Thu Aug 10 10:10:15 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5F5413234E for ; Thu, 10 Aug 2017 10:10:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.4 X-Spam-Level: X-Spam-Status: No, score=-0.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SORBS_WEB=1.5] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SayHZuYCBVQS for ; Thu, 10 Aug 2017 10:10:13 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0675A132331 for ; Thu, 10 Aug 2017 10:10:12 -0700 (PDT) Received: from [10.201.16.136] (corp.bah.com [128.229.4.2]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id CADD11213D8A8 for ; Thu, 10 Aug 2017 10:10:10 -0700 (PDT) To: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170810154153.2C335E03C6@smtp.hushmail.com> From: "Robert J. Hansen" Message-ID: <8b37e854-5016-91ce-c0c6-d39b875b8fea@sixdemonbag.org> Date: Thu, 10 Aug 2017 13:10:07 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170810154153.2C335E03C6@smtp.hushmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Thu, 10 Aug 2017 10:10:11 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Aug 2017 17:10:14 -0000 > In light of your recent post, what about deprecating 3DES, or at > least adding a cautionary note and the NIST reference ? 3DES has already been pretty thoroughly downgraded in the most recent draft Werner circulated. I don't think we can do much more without incurring substantial breakage with existing RFC4880 applications. From nobody Thu Aug 10 18:01:14 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22F131324BF for ; Thu, 10 Aug 2017 18:01:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3p9_J4Y5vw0l for ; Thu, 10 Aug 2017 18:01:09 -0700 (PDT) Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2C9A1324BC for ; Thu, 10 Aug 2017 18:01:08 -0700 (PDT) Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 203EE280AD; Fri, 11 Aug 2017 01:01:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1502413267; bh=K7uSyTz46b1lCU9irq52rVjUspZ9ai0iITtBd70h3V8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ZCsqRsmk8qUr4B/j77a4hJbG+RpJI4N0lo1eZ3NIG2wnA24gBHXHbAUZCT97fz9UR HFfY0qY4i3/F4l3IbU5B9dAWUZMWlZ8hdN8GtQuvtgTmOSmmEMA3XGzWOIzjuDw5Eu qbshi+OWy+B4vk2Zk4c2IWSC6h6gWQBnzCuSAM6bN6rbt4uNXHAkqjT0k4Kf6N/gJH ce/momlTZjnYy/cpCOqKOip1BBfO1S0gOrA24zi/JACCkKOWfN9RpRkYhtHzduw/gS zuDdsfnyQVUgHx1RaRCo00g7YlGdB+Zi1CfgwVEA30LDrTgrgV5TN/S+unOR36dV1/ RD9jpHFJefQ15sPUlAYXebhTcrsbbxqiDws/6R+GppHFItQdd2AhhozOFaTzUhSVhz 2QRyUdIbgUXSsYw+cB0lfv3gLVq8gkGFXNQAfsm+RyHxGXVM1hFbnvFVtetiFRyrnV zNMVB4/j2yjHl5FZaXw2/OsiTJA1Xhhu8VbnYI1i5oJPUJJVJvt Date: Fri, 11 Aug 2017 01:01:01 +0000 From: "brian m. carlson" To: "Salz, Rich" Cc: "openpgp@ietf.org" Message-ID: <20170811010100.d4juzbwmrmk7ndsm@genre.crustytoothpaste.net> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <904472b732df46958a9a0b27b4f9c008@usma1ex-dag1mb1.msg.corp.akamai.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lqt5lq5de3dk3wir" Content-Disposition: inline In-Reply-To: <904472b732df46958a9a0b27b4f9c008@usma1ex-dag1mb1.msg.corp.akamai.com> X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.11.0-2-amd64) User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Aug 2017 01:01:11 -0000 --lqt5lq5de3dk3wir Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 10, 2017 at 02:27:08AM +0000, Salz, Rich wrote: > > If we decide not to add it now, we could always do an > > update in a future RFC if we change our minds later. >=20 > We can't even make progress on the current draft! The WG seems to be > in the midst of being shut down; both one of the co-chairs and one of > the Security AD's has spoken in favor of this. Actually, we have an AEAD scheme and really just need a fingerprint scheme to have a useful draft. Until the working group closes, I'm going to try to get us there. Your input is of course welcome. --=20 brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204 --lqt5lq5de3dk3wir Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.22 (GNU/Linux) iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlmNAcwACgkQv1NdgR9S 9ouNzw//UH5lQ1MzGbVRxjrc7jc8zFn3K5VjwtCGcd8zaKU1iwj7FI7zPVI5QYf8 6BODIAEPhaEuAv79f2bXHySoxz6c0iWuJuABwmJ0TYM0PTI03zJB4sbPfLx0AIE9 mPeN9GrjeFoeT+H9pAFsoPvJXPHSPj6LK8qQXgX1Fx0ZeceuuMZKnCq+HW0nedHL Htuy9oicamE9QnOKH/lb7IfFEBXiwmrNs6ALRd4MJEvO+GhIcBM5k/wwCohqRgi7 HWsAH1jGm89kNumUZ0bGtjcI4lQXnsqozxgh8h9IGml0M6PWFfbySqBY7035oRvG c+NbUK+m02KfehnJLpTh5+5OENCE25TJ+z3C4PmOerToz3oBxcpd/DWfxGC2hLew Cfg4bN4YxYgiT9L0TP/ZLv8DRMDv35wcAVsaacz1304XJYoSCGBsiEsFBhxvmkqb jgbJRtp8ExMrKLUrCANKJGfaY2QLlazRj38IYQ5lWK2LmxPMyUhFIt4FmlSV24D5 hVG3+U7M9ydMiWlMh8gRNXEtlEUNJVv9siki+zjx9Uc3+ruzRHsjWgInJo0m+Z// jjHdYoxAzwRHhA31Y9Hr0u1f59plYhYCoWSYVWiRVcfNefUWLE+whQfodp7+Q5nV OxOpfny+KhEtisa2fg7RdSq5fsSPmG8fONJyUAnrXOUTottRZK8= =Maee -----END PGP SIGNATURE----- --lqt5lq5de3dk3wir-- From nobody Fri Aug 11 13:10:15 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9C57132428 for ; Fri, 11 Aug 2017 13:10:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cjuFb9Xj6fZj for ; Fri, 11 Aug 2017 13:10:12 -0700 (PDT) Received: from thumb.scru.org (thumb.scru.org [104.200.20.71]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3AAE132461 for ; Fri, 11 Aug 2017 13:10:12 -0700 (PDT) Received: by thumb.scru.org (Postfix, from userid 1000) id A6DF46255E; Fri, 11 Aug 2017 20:10:11 +0000 (UTC) Date: Fri, 11 Aug 2017 20:10:11 +0000 From: Clint Adams To: openpgp@ietf.org Message-ID: <20170811201011.2fynredjcllcgz2f@scru.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: NeoMutt/20170113 (1.7.2) Archived-At: Subject: [openpgp] Curve25519/ECDH X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Aug 2017 20:10:15 -0000 After speaking with NIIBE-san this morning, I think there could be some more clarity with regard to how Curve25519 keys are meant to be public-key algorithm 18. To that end I've submitted https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/5 From nobody Fri Aug 11 13:29:35 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 107CB132414 for ; Fri, 11 Aug 2017 13:29:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FoO1TVkDbTUL for ; Fri, 11 Aug 2017 13:29:32 -0700 (PDT) Received: from castro.crustytoothpaste.net (castro.crustytoothpaste.net [75.10.60.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FC1313240D for ; Fri, 11 Aug 2017 13:29:32 -0700 (PDT) Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 30BEC280AD for ; Fri, 11 Aug 2017 20:29:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1502483371; bh=JkqkmgwcBIS1lSypZwUWshp6iF5/Y/VS3f0+z+3bGn0=; h=Date:From:To:Subject:References:In-Reply-To:From; b=YGCctWRRVqhpBJAFbnzfl9PWd6u5sIHaHvgVq20Na/OtaJZlKW7lGQO8OqOKE5/MZ GAsOyc31BMvCvmRtjhRQLe70H9Lo1Jx+GMCD+XFT4u31XTTLDgn1SGZxEwpbl+HGJ3 Mjq+D1zeFhdTlQFA1gdbtrwEWQ0t4A8gT8zLjqgfpN2C6An1kj/V/Fc3RPU1C74GHq NBpynBg9vYmlGro3b7UpnnUoQ2l74acbDCeLhvdPJwvDPvQaEkGwqilvxRpEfPokuO FrwP8yNE/F163s48NXY6K4caMi2HiNgpAGEUqB/YAVUi5G6snIUq76h8ygM505/rCo oRF8oUKqoWAdk0NxUjC94T8q/nSjTJskPO3n0AzDijgtHTnNBrfLHwr+shmX1KwMhk BTAcND2ihDr5l4SrQ3hfflyazMLZUZiOlQoEJeh4vmb2FJZ08HcvvOqmlbsRgMO5dj JeBDWQTjtLAjLeGuNE7xYzU+e2r6PmHspokOL0jIX6Jkwgod5Hx Date: Fri, 11 Aug 2017 20:29:24 +0000 From: "brian m. carlson" To: openpgp@ietf.org Message-ID: <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="4afynygovz5sixlj" Content-Disposition: inline In-Reply-To: <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.11.0-2-amd64) User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Aug 2017 20:29:34 -0000 --4afynygovz5sixlj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Aug 09, 2017 at 11:02:47PM -0400, Robert J. Hansen wrote: > I am completely against even discussing this right now. IMO, our #1 > item right now is getting SHA-1 removed from the spec as thoroughly as > humanly possible. The next is justifying the continued existence of the = WG. >=20 > Everything else -- *everything else* -- is an afterthought. Okay. Let me offer a fingerprint proposal, then: SHA-256. Basically, identical to Werner's proposal, except with the full SHA-256. That resolves all the issues over truncation. SHA-256 is mandatory to implement. Opinions or counterproposals? --=20 brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204 --4afynygovz5sixlj Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.22 (GNU/Linux) iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlmOE6QACgkQv1NdgR9S 9osgiA//TbccRR/xb9kzOUtbMHlaGdpNH3HQDgqVzBM6lhJ0i/Rzykv4m6iYXlFW 9qfclFD9khG9XM/Sta61qFtfywkZ9uilI087bwBI2a9vl8I9qlVXysEGEDdJ3r2q uWRB2LKhNAybPyc2/kPKHWmmo38EyUiF07zFVFxTNjAeURm7FAWHgdbFVjdyApCf IfNVJ/IlUe25eB4uaouIS43lOmLaUUCyPmh4eUN1i8bYrZXMZh5bjw76N4Th39rT DldxqoDq55tjz3z9obb0YK/FAiHOs46L3+vmzSYxMF2yl34qvUkvbrjjpH8O3R3t cKZ6NnodgKqwgv+eTX+o1l3ULdEHbGAOjaPVz8L5KfzjzlPeF829Mw4cN3Gv1IHH cDlX+FOTaclcjaomfVpBUzhW22ifp+kjw4ELo9cFkxK//K70myi8HdbDV78wIoJ9 t+SOa1JCYIgAB/ncHz91a7n/XAikWdz+5C2wMcYZ/C1YOX8X5h1LsbwblMOPIebq JKa+Crub4vZ9ucG7E9y18L5d4sZR6yGO/Zw4d2JCBo78DWxYeNlgTNM8ZmJ+C7M8 l5RrUQ/Wr+Ig7GOp0w+L7RgJpFE1VQI1+0DgOJOO92K07+QhFAILZi3PbkTVKhJ7 8YC4QgtFIXhFq1n/NcXOrtL3VDCqYSylQoD1QpIdXNzQ+ZDGx5M= =fMn7 -----END PGP SIGNATURE----- --4afynygovz5sixlj-- From nobody Sat Aug 12 08:03:42 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33985131CA2 for ; Sat, 12 Aug 2017 08:03:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FRHnEgvAMr45 for ; Sat, 12 Aug 2017 08:03:39 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABC78120724 for ; Sat, 12 Aug 2017 08:03:37 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 29D891212D9AF for ; Sat, 12 Aug 2017 08:03:37 -0700 (PDT) To: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> From: "Robert J. Hansen" Message-ID: Date: Sat, 12 Aug 2017 11:03:34 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="WTb5A5viwEJMXrL7BOh9NdTFdq29K4BPI" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Sat, 12 Aug 2017 08:03:37 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Aug 2017 15:03:41 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --WTb5A5viwEJMXrL7BOh9NdTFdq29K4BPI Content-Type: multipart/mixed; boundary="EtH7WI8onshjpbWwBm1nmGTRtBAQxKIfT"; protected-headers="v1" From: "Robert J. Hansen" To: openpgp@ietf.org Message-ID: Subject: Re: [openpgp] Summary of WG status References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> In-Reply-To: <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> --EtH7WI8onshjpbWwBm1nmGTRtBAQxKIfT Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: quoted-printable > Okay. Let me offer a fingerprint proposal, then: SHA-256. Basically, > identical to Werner's proposal, except with the full SHA-256. That > resolves all the issues over truncation. SHA-256 is mandatory to > implement. >=20 > Opinions or counterproposals? It's simple, easy to implement, and can be done right now. I'm in favor.= Months upon months have gone by with us largely twiddling our thumbs while we talk about the perfect fingerprint format. Full SHA256 isn't perfect but it'll do, and we're now at the point where a good it'll-do solution is the magic bullet we need. --EtH7WI8onshjpbWwBm1nmGTRtBAQxKIfT-- --WTb5A5viwEJMXrL7BOh9NdTFdq29K4BPI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEzBG+fLvtd7Eg83sBHcvcAbREJ8cFAlmPGMYACgkQHcvcAbRE J8dnlAv8DV1zyb1u1dn2wKYO5V22laul8A9Bs1Xu5SSin6NS4HdP5o7QRwg64Ygl N6cfDUCYSNXmcm+SFwDsuZk/+JFHIjfp2TbBzjG706QQaSwWRJ6ProwKDGX5fBT5 IIGfr3U3rEPZQKWzY2+gXnc052S1WMETBofcRB1U82dxRw1K5gs4g2S9gQqgJqI4 ZoapAi6AYg+J3k3K4Qs6IEOcfQiFW6UFel2ORFSTpqS6IZ3yzIietDMWhTgdVes8 u5qUUzFOp5XynbbE/BxOvcdUM8Z7mqFQE1invYTIavtMWc1fCqySmeotuoN/8870 C36NOy1BZ+VAgCIXrqdKdHuDl/kts8Oxu8Jx2/GHfm9E5d9LaWKBheMehOsxc9ae PMTv/18XNBXGGOHCysLNBXm9NPIhG0mRbr+SICrY71/jPicKLZEbmK8kMUBMgLe9 7U4gR87YX0N6TA7UxyxPqui1V3yVJDUui18QCPcTxu9J+EAv0Dh7yPpMH/Jxs5fc R+B0GYFMiHUEARYKAB0WIQRL8gQq4o9iuBc26MuoPK6U09w4cwUCWY8YxgAKCRCo PK6U09w4cwYBAQCmUQhGbgd9XBmRrlYTI9DzVtINbAMznxqkrWKuM2NCMgD/R5Aw c2e7W7teWUWEBRoDXFSWU6xhcDClr3Tv4FmblAg= =efak -----END PGP SIGNATURE----- --WTb5A5viwEJMXrL7BOh9NdTFdq29K4BPI-- From nobody Sat Aug 12 11:58:00 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF87A120721 for ; Sat, 12 Aug 2017 11:57:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.198 X-Spam-Level: X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jdwp2ZR0SeW8 for ; Sat, 12 Aug 2017 11:57:56 -0700 (PDT) Received: from master.debian.org (master.debian.org [IPv6:2001:41b8:202:deb:216:36ff:fe40:4001]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C16EB1201F2 for ; Sat, 12 Aug 2017 11:57:56 -0700 (PDT) Received: from guillem by master.debian.org with local (Exim 4.84_2) (envelope-from ) id 1dgbbe-00084a-JK for openpgp@ietf.org; Sat, 12 Aug 2017 18:57:54 +0000 Date: Sat, 12 Aug 2017 20:57:53 +0200 From: Guillem Jover To: openpgp@ietf.org Message-ID: <20170812185752.lagvmaf62h3tv2rb@gaara.hadrons.org> References: <20150918162458.GA14374@gaara.hadrons.org> <20151019165213.GA15609@gaara.hadrons.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20151019165213.GA15609@gaara.hadrons.org> User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] OpenPGP Armor Message specification X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Aug 2017 18:57:59 -0000 Hi! On Mon, 2015-10-19 at 18:52:13 +0200, Guillem Jover wrote: > On Fri, 2015-09-18 at 18:24:58 +0200, Guillem Jover wrote: > > As I mentioned to Werner and Daniel at DebConf 15, I think the > > specification of the OpenPGP Armor Messages has some unclear parts, > > which I think were part of the reason for several security issues > > in multiple projects due to mismatched parsing of Armor Header Lines. > > > > > > > > > > > > > > > > Here are some things that would be good to clarify in RFC4880: > > > > * In §6.2 there's no explicit definition of what ASCII characters are > > to be considered whitespace (contrast that with §7.1). In this case > > GnuPG considers whitespace to be «SPACE 0x20, HT 0x09 and CR 0x0D» > > and now most tools in Debian do too. I don't know if that matches > > with PGP for example. > > > > * In §7, mention that this is a specific instance of §6.2? > > > > * In §7, probably clarify that by «empty» in: > > «- Exactly one empty line not included into the message digest,» > > it means «blank» as in §6.2: > > «- A blank (zero-length, or containing only whitespace) line» > > Ok, how about something along the lines of the attached patch against > RFC4880bis? > > Although maybe it would be better to define "whitespace" just once > instead of inlining it in several places. I've fixed a couple of typos and, now opened a merge request . Thanks, Guillem From nobody Mon Aug 14 08:39:45 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAE38132376 for ; Mon, 14 Aug 2017 08:39:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.99 X-Spam-Level: X-Spam-Status: No, score=-1.99 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5AjuG45a6uP2 for ; Mon, 14 Aug 2017 08:39:39 -0700 (PDT) Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:470:e448:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 495B1132391 for ; Mon, 14 Aug 2017 08:39:38 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id F14FFE2049; Mon, 14 Aug 2017 11:39:35 -0400 (EDT) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 17540-10; Mon, 14 Aug 2017 11:39:15 -0400 (EDT) Received: from securerf.ihtfp.org (unknown [IPv6:fe80::530:248d:f760:bb62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 61FCFE2039; Mon, 14 Aug 2017 11:39:15 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1502725155; bh=1wKKn0TN6CQ2LwYQRqYZ9VZWxkuUjdVlzOANmKUNu5E=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=djnabwyvmxb9gafJZMR4jSztdzXG9qMMcHgfZUVWSLFRelr8sO5/APJ1xjxbRKfuT j9vZTUQF0tl1/CvQFKVDbuGtjSVHPRih1u6Jl7OsmOkXSK5AxRdq3veNQGa3OiA7Pt +4p7WBzwEz2skwjdHq4EkGVueKB5caIzwrlrhiOg= Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id v7EFd9Gw029022; Mon, 14 Aug 2017 11:39:09 -0400 From: Derek Atkins To: "Robert J. Hansen" Cc: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> Date: Mon, 14 Aug 2017 11:39:09 -0400 In-Reply-To: (Robert J. Hansen's message of "Sat, 12 Aug 2017 11:03:34 -0400") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: Maia Mailguard 1.0.2a Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Aug 2017 15:39:44 -0000 "Robert J. Hansen" writes: >> Okay. Let me offer a fingerprint proposal, then: SHA-256. Basically, >> identical to Werner's proposal, except with the full SHA-256. That >> resolves all the issues over truncation. SHA-256 is mandatory to >> implement. >> >> Opinions or counterproposals? > > It's simple, easy to implement, and can be done right now. I'm in favor. > > Months upon months have gone by with us largely twiddling our thumbs > while we talk about the perfect fingerprint format. Full SHA256 isn't > perfect but it'll do, and we're now at the point where a good it'll-do > solution is the magic bullet we need. No objection from me. -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant From nobody Mon Aug 14 09:06:50 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C4351323A6 for ; Mon, 14 Aug 2017 09:06:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.499 X-Spam-Level: * X-Spam-Status: No, score=1.499 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_SORBS_WEB=1.5] autolearn=no autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2WX5q69L2Oxq for ; Mon, 14 Aug 2017 09:06:47 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AF72132376 for ; Mon, 14 Aug 2017 09:06:47 -0700 (PDT) Received: from [10.201.23.32] (corp.bah.com [128.229.4.2]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id E09231212E6D9; Mon, 14 Aug 2017 09:06:46 -0700 (PDT) To: Derek Atkins , openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> From: "Robert J. Hansen" Message-ID: <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> Date: Mon, 14 Aug 2017 12:06:45 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Mon, 14 Aug 2017 09:06:47 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Aug 2017 16:06:48 -0000 > No objection from me. We've now got three voices in favor. I say we give objectors until the end of this week (August 19th, five days hence) to speak up. If we don't hear objections, the beginning of next week we say the WG has reached a consensus on fingerprint format. At that point we talk with the RFC sherpa (Werner?) to update the doc. From nobody Tue Aug 15 06:13:35 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5065B13257F for ; Tue, 15 Aug 2017 06:13:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NKFmMmfQ4lyV for ; Tue, 15 Aug 2017 06:13:32 -0700 (PDT) Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A3F91321C6 for ; Tue, 15 Aug 2017 06:13:31 -0700 (PDT) Received: from localhost (p5B11CF40.dip0.t-ipconnect.de [91.17.207.64]) by mail.mugenguild.com (Postfix) with ESMTPSA id B1C605FAE8; Tue, 15 Aug 2017 15:13:28 +0200 (CEST) Date: Tue, 15 Aug 2017 15:13:26 +0200 From: Vincent Breitmoser To: "Robert J. Hansen" Cc: Derek Atkins , openpgp@ietf.org Message-ID: <20170815131326.wa5guttvgsp2la5g@calamity> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 13:13:34 -0000 I'm conflicted about this. Yes, moving away from SHA1 is a good idea. We should do that asap. But I really dislike that this comes with an increased fingerprint size to 256 bits. Looking at the use case we are trying to cover here, and the actual requirements the fingerprint has to fulfill, even the 160 bits we had before were "super-duper-safe because who knows what might happen" terrain. And we are going to bolt another 96 bits on top of that. People are going to read sixty-four hexadecimal characters to one another to verify their keys. On the other hand, I can see how the choice of just using SHA2-256 is attractive for its simplicity, especially in a context where consensus is hard to find. - V From nobody Tue Aug 15 06:58:37 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2DCE132625 for ; Tue, 15 Aug 2017 06:58:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id So2wBWeUHtdH for ; Tue, 15 Aug 2017 06:58:34 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BEFA1321D8 for ; Tue, 15 Aug 2017 06:58:34 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id CDA141212E6AD for ; Tue, 15 Aug 2017 06:58:33 -0700 (PDT) To: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> From: "Robert J. Hansen" Message-ID: <06892643-2e48-6c99-2aed-0bb45e74e803@sixdemonbag.org> Date: Tue, 15 Aug 2017 09:58:32 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170815131326.wa5guttvgsp2la5g@calamity> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Tue, 15 Aug 2017 06:58:34 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 13:58:36 -0000 > I'm conflicted about this. I understand there are downsides to it; however, we're facing an imminent deadline. The question isn't whether it's perfect; the question is whether it's good enough. I don't want to sound as if I'm trying to pressure you into saying yes to this -- if you think this is a bad idea, I really hope you'll say so! But we *do* need to make a choice. So -- yes or no? From nobody Tue Aug 15 09:45:11 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7123B132043 for ; Tue, 15 Aug 2017 09:45:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=singpolyma.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xf8-oh8SUOVn for ; Tue, 15 Aug 2017 09:45:09 -0700 (PDT) Received: from singpolyma.net (singpolyma.net [IPv6:2607:5300:60:9e74:1000::]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0756812426E for ; Tue, 15 Aug 2017 09:45:09 -0700 (PDT) Received: from [127.0.0.1] (dhcp-108-168-20-134.cable.user.start.ca [108.168.20.134]) by singpolyma.net (Postfix) with ESMTPSA id CA7C248607F8; Tue, 15 Aug 2017 16:45:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=singpolyma.net; s=iweb; t=1502815507; bh=F0M1Su12Gw8Kq0Dee4t1ssSaHOwDOwxnzp6+cexohdU=; h=Date:Subject:From:In-Reply-To:References:To:Cc:From; b=J+9AAp6ZJWSkq6uTauHSmYM6dMuoLYVwPkj1LIx7yibpRiXRKv4vW5MqXDo7zj6Hi pkPrvpi2eOXPl8+elMJSFPf7d5WI4I2ZQco0KgETNuSTP0jJKoIf8MAM4CMuRs7B2u gg0+Vz10zOP0IqHnImxgiHG6n/+1i7VwzeIcPGYo= Content-Type: text/plain; charset="iso-8859-1" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Mailer: BlackBerry Email (10.3.3.2205) Message-ID: <20170815164507.6111315.47595.68549@singpolyma.net> Date: Tue, 15 Aug 2017 11:45:07 -0500 From: Stephen Paul Weber In-Reply-To: <20170815131326.wa5guttvgsp2la5g@calamity> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> To: Vincent Breitmoser , "Robert J. Hansen" Cc: openpgp@ietf.org, Derek Atkins Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 16:45:10 -0000 > Yes, moving away from SHA1 is a good idea. We should do that asap. But I = really dislike that this comes with an increased fingerprint size to 256 bi= ts. Wouldn't anything else require truncation, and thus not give us the extra s= afety we're looking for? --=A0 singpolyma, not a cryptographer From nobody Tue Aug 15 10:10:36 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0206913238E for ; Tue, 15 Aug 2017 10:10:35 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jZ4AVdurDL2y for ; Tue, 15 Aug 2017 10:10:33 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C28B713239F for ; Tue, 15 Aug 2017 10:10:33 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 22FB01213F2B2; Tue, 15 Aug 2017 10:10:33 -0700 (PDT) To: Stephen Paul Weber , openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> From: "Robert J. Hansen" Message-ID: <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> Date: Tue, 15 Aug 2017 13:10:31 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170815164507.6111315.47595.68549@singpolyma.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Tue, 15 Aug 2017 10:10:33 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 17:10:35 -0000 > Wouldn't anything else require truncation, and thus not give us the > extra safety we're looking for? Guys, I hate to be the cat-herder here (especially because nobody's appointed me to be -- but we clearly need one), but the time for these questions was *a year ago*. We have a proposal on the table. Let's keep the WG discussion focused on yes or no to the proposal. Let's not get sidetracked with other discussions. From nobody Tue Aug 15 11:35:14 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BE5113226B for ; Tue, 15 Aug 2017 11:35:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.701 X-Spam-Level: X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z8zHD5vPh1fg for ; Tue, 15 Aug 2017 11:35:11 -0700 (PDT) Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 313B21243F6 for ; Tue, 15 Aug 2017 11:35:11 -0700 (PDT) Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.21/8.16.0.21) with SMTP id v7FIWn7X019471; Tue, 15 Aug 2017 19:35:09 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=9Bt9KUxDpAix62GOI/N5HS5DmJHTO/VM4KNrUocHRZI=; b=Ybhy8RV0+tQWGK5SaAost31Kfd45+y6nybyVdDRLQGOppEB+drUEHuhS5/HZ+wrb2wDe hNxq87p7kxPPLrhJRD594GsjZUAFJmoIfgwErwDhmnDSzJlj+hitI9F1mE4De55M/Nw7 CD25gBoXDWinKQ7b64Ai1VLHpPQ6nfIGP1HWKHLj9eHH2t/NYCnBekbUKXGDyxsE8oWl yEOiNAndfuxu6HpEfToSNt2wfwse4t7Lb47L6QKyIv8+mAlppoym+n15TfwzvML7a5Q8 Ynkp53RPbYv/8o42NT/14/aoIZFlxu1tuU9u2djV/bPQaPuEaRaeqCtWVwx9CWu+DroJ RA== Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by m0050093.ppops.net-00190b01. with ESMTP id 2c9rxjwpbt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 15 Aug 2017 19:35:09 +0100 Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v7FIUrLV002174; Tue, 15 Aug 2017 14:35:08 -0400 Received: from email.msg.corp.akamai.com ([172.27.123.32]) by prod-mail-ppoint1.akamai.com with ESMTP id 2c9w0uumxj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 15 Aug 2017 14:35:08 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 15 Aug 2017 14:35:07 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Tue, 15 Aug 2017 14:35:07 -0400 From: "Salz, Rich" To: "Robert J. Hansen" , Stephen Paul Weber , "openpgp@ietf.org" Thread-Topic: [openpgp] Summary of WG status Thread-Index: AQHTEXq6lkAlYxA1ZkyIkFTHuHwvsaJ9KmKAgAK2wQCAATdLAIAC68MFgABKjoCAAWHoAIAAOyWAgAAHGYD//9STAA== Date: Tue, 15 Aug 2017 18:35:06 +0000 Message-ID: <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> In-Reply-To: <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/f.1b.0.161010 x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [172.19.44.47] Content-Type: text/plain; charset="utf-8" Content-ID: <95284C187CC6914CA114AB466BDBF7D2@akamai.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-15_13:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1708150309 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-15_13:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1708150309 Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 18:35:13 -0000 DQogICAgV2UgaGF2ZSBhIHByb3Bvc2FsIG9uIHRoZSB0YWJsZS4gIExldCdzIGtlZXAgdGhlIFdH IGRpc2N1c3Npb24gZm9jdXNlZA0KICAgIG9uIHllcyBvciBubyB0byB0aGUgcHJvcG9zYWwuICBM ZXQncyBub3QgZ2V0IHNpZGV0cmFja2VkIHdpdGggb3RoZXINCiAgICBkaXNjdXNzaW9ucy4NCiAg ICANCg0KVGhlIGxhc3Qgd2UgaGVhcmQgZnJvbSB0aGUgY28tY2hhaXJzIGFuZCBBRCB3YXMgdGhh dCB0aGlzIGdyb3VwIHdhcyBnb2luZyB0byBiZSBzaHV0IGRvd24uDQoNCkhhcyBhbnlvbmUgYmVl biBpbiB0b3VjaCB3aXRoIHRoZW0/DQoNCkhhcyBhbnlvbmUgdm9sdW50ZWVyZWQgdG8gYmVjb21l IGEgZG9jIGVkaXRvcj8NCg0K From nobody Tue Aug 15 11:47:18 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9710C1320BD for ; Tue, 15 Aug 2017 11:47:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YNrrPOzF118j for ; Tue, 15 Aug 2017 11:47:15 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FF081243F6 for ; Tue, 15 Aug 2017 11:47:15 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 1A2481218FC73 for ; Tue, 15 Aug 2017 11:47:14 -0700 (PDT) To: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> From: "Robert J. Hansen" Message-ID: Date: Tue, 15 Aug 2017 14:47:13 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Tue, 15 Aug 2017 11:47:15 -0700 (PDT) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 18:47:17 -0000 > The last we heard from the co-chairs and AD was that this group was > going to be shut down. Unless we can get a revision out, yes. Did I miss a "no, it's too late, we're shutting down" follow-up? From nobody Tue Aug 15 11:54:51 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BC50132356 for ; Tue, 15 Aug 2017 11:54:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.701 X-Spam-Level: X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0AaqgWw9Ij6a for ; Tue, 15 Aug 2017 11:54:46 -0700 (PDT) Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [67.231.149.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC996132256 for ; Tue, 15 Aug 2017 11:54:46 -0700 (PDT) Received: from pps.filterd (m0122332.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v7FIpa3b030563; Tue, 15 Aug 2017 19:54:45 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=cHGOhbLUIDqanCnIscwrM6En2JzNlEiStvpzfGidi5o=; b=ZY15V/okjn7o12NZZ0rSmZCJBnlSan+0GbjEiuQGsC7Z3yQ86yqA7aiEqE9gcFkaUcO1 KUkwcqMZdUGcMl/lXt+CFJ0/uaLJsHYl2zZEleg9j0eduzRJEFBlxVeI5gRR2FtobMZK aXeYO/X3heCS8Y2IHMBS7gKFPREJMk2CIX6klLAhYs6lFNacN//tispZgKyVc/f9asNR ku6NNOQ4dNJKWWnLJg9BhvGj6u+0zJPx7KnMDuYELwQEOexFxkMlFLPtz1WupVwT/BSc NM/KBIz6UTjbUte0BYB8NEHRHoWzVhlBGQGoxqYSJ8O7rJUKGzssbkLXLxrPNAUadURC gw== Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by mx0a-00190b01.pphosted.com with ESMTP id 2cc6dtr1ac-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 15 Aug 2017 19:54:45 +0100 Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v7FIosTm016013; Tue, 15 Aug 2017 14:54:44 -0400 Received: from email.msg.corp.akamai.com ([172.27.123.34]) by prod-mail-ppoint1.akamai.com with ESMTP id 2cc6cv81hd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 15 Aug 2017 14:54:44 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 15 Aug 2017 14:54:43 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Tue, 15 Aug 2017 14:54:43 -0400 From: "Salz, Rich" To: "Robert J. Hansen" , "openpgp@ietf.org" Thread-Topic: [openpgp] Summary of WG status Thread-Index: AQHTEXq6lkAlYxA1ZkyIkFTHuHwvsaJ9KmKAgAK2wQCAATdLAIAC68MFgABKjoCAAWHoAIAAOyWAgAAHGYD//9STAIAARnGA//+/CQA= Date: Tue, 15 Aug 2017 18:54:43 +0000 Message-ID: <983733B2-9E62-42C5-829D-F0A368AFE963@akamai.com> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/f.1b.0.161010 x-ms-exchange-messagesentrepresentingtype: 1 x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [172.19.44.47] Content-Type: text/plain; charset="utf-8" Content-ID: <58AD6AD3C52F3045B0D1D2EFC2F075F7@akamai.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-15_14:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708150313 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-08-15_14:, , signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1708150314 Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 18:54:49 -0000 DQogICAgVW5sZXNzIHdlIGNhbiBnZXQgYSByZXZpc2lvbiBvdXQsIHllcy4gIERpZCBJIG1pc3Mg YSAibm8sIGl0J3MgdG9vIGxhdGUsDQogICAgd2UncmUgc2h1dHRpbmcgZG93biIgZm9sbG93LXVw Pw0KICAgIA0KDQpJIGhhdmVu4oCZdCBzZWVuIHRoZSBXZXJuZXIgcG9zdCBoZXJlOyBoYXZlIEkg bWlzc2VkIGl0PyAgV2hhdOKAmXMgdGhlIGV4cGVjdGF0aW9uIHRoYXQgYW55IFBSIHdpbGwgYWN0 dWFsbHkgZ2V0IG1lcmdlZD8NCg0K From nobody Fri Aug 18 09:53:27 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC45B132A13 for ; Fri, 18 Aug 2017 09:53:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jKN1NvnI4Hsv for ; Fri, 18 Aug 2017 09:53:21 -0700 (PDT) Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65AA013219F for ; Fri, 18 Aug 2017 09:53:15 -0700 (PDT) Received: from localhost (p5B11C1A9.dip0.t-ipconnect.de [91.17.193.169]) by mail.mugenguild.com (Postfix) with ESMTPSA id 9628B5FA7D; Fri, 18 Aug 2017 18:53:13 +0200 (CEST) Date: Fri, 18 Aug 2017 18:53:11 +0200 From: Vincent Breitmoser To: "Robert J. Hansen" Cc: Stephen Paul Weber , openpgp@ietf.org Message-ID: <20170818165311.d2x344yp5x5ys553@calamity> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> User-Agent: NeoMutt/20170609 (1.8.3) Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 16:53:25 -0000 Robert J. Hansen(rjh@sixdemonbag.org)@Tue, Aug 15, 2017 at 01:10:31PM -0400: > > Wouldn't anything else require truncation, and thus not give us the > > extra safety we're looking for? No. The bit size has nothing to do with why we want to replace SHA1. > We have a proposal on the table. Let's keep the WG discussion focused > on yes or no to the proposal. Let's not get sidetracked with other > discussions. I would agree if this was some "other discussion". But we shouldn't dismiss a discussion about precisely the proposal on the table. It's not a very old proposal, and we shouldn't be comfortable going through with a decision if we can't answer basic questions about why we went with a particular approach. >From discussions so far I seem to be alone in my doubts that increasing the bitsize of the fingerprint even further is a bad idea. Still, I'm gonna submit a nay to the record here. - V From nobody Fri Aug 18 11:32:35 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E90341321C1 for ; Fri, 18 Aug 2017 11:32:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h4_e64DyM6Oj for ; Fri, 18 Aug 2017 11:32:32 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 45070132198 for ; Fri, 18 Aug 2017 11:32:32 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 4D6B7F99B; Fri, 18 Aug 2017 14:32:30 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id EF77B2269F; Fri, 18 Aug 2017 14:32:01 -0400 (EDT) From: Daniel Kahn Gillmor To: "Salz\, Rich" , "Robert J. Hansen" , Stephen Paul Weber , "openpgp\@ietf.org" In-Reply-To: <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> Date: Fri, 18 Aug 2017 14:31:59 -0400 Message-ID: <87pobsg21s.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 18:32:34 -0000 --=-=-= Content-Type: text/plain hi there-- On Tue 2017-08-15 18:35:06 +0000, Salz, Rich wrote: > The last we heard from the co-chairs and AD was that this group was > going to be shut down. Erstwhile co-chair here. The OpenPGP WG is being closed due to lack of progress in the intended charter, sadly. It's hard to argue with the facts there; I think we haven't had enough actual implementers to test each others' code and make progress toward something interoperable that everyone can live with (i think we might have more opinions than we have implementers, which makes for more talk than progress, and we haven't even had all that much talk). However, my understanding is that the mailing list will not be shut down, so discussion is still possible (as it was between the last incarnation of the WG and this one), and if work resumes in a plausible way, we can ask to spin the charter back up. I strongly encourage everyone to continue with discussion and implementation. OpenPGP is in use today on the global network, and it needs the crypto refresh that the WG was chartered to do, even if we're late in getting there. I understand that Werner is interested in continuing work on the draft. I do not know whether he will be able to submit further drafts as draft-ietf-openpgp-4880bis, but the title of the draft one way or the other shouldn't affect our ability to read, implement, comment on, and improve it. If we can get a rough consensus and running, interoperable code on a concrete proposal, I'm happy to try to turn the gears of the IETF machinery again to get the formal status back. Onwards, --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAlmXMp8ACgkQFJitxsGS MjerCRAAjWoiDC+DMe7nun4Tjw+LR2LansES+TveRYZFboHBspwus00py9KAe+Tz nobXLrQglVUnwmR5wSgawOlVHa8WUHWlNFtPsE0TqbWeiuu2ew9DokWno1LkUb7V zrU4lQ90XJd49RuCVp31oFYw9u55HBgLEe3C3thVSvpggvrIITmzpVN/K4JALrlE ZeWQUyqhp8Z1jkEEM8fnts6mmdc11FLfBFl66MzYCCoNOlx+Ttzi0gSCYc17Rbfq PYk30Fdhk+oFM+gKFpwShGnzjFAZ1ZOKySR3gGIDnf08xAF5DIZwhKdRKqOhJ8uS 4kTPl0TF50LAwdj8dCIw/q0xc2CMi3TtCS+GK3TLEVHeKZKlmWeoRFk/YCdS1qtX OpMfYuJ5zYamomc71EY3secbcPoKp4HhzmuTx54vWXRUkmV8DbIcWT2KUKHwzh8F Q/d3up9qKc1nhNDb8YWPPg6BJ/QbCxRLZMmIFCa4KDTbpW21LpEfeAPCeGw0XBt8 s5p+kga8j/PwMJwNBv5k+8i8QD52JjP7pbHv8nG27c6fJTtAqjMG3S/8cWz9WJmG DqzBrVBswq1mDkESnNulJLig7LjgLZqREm6FW5YY/5IUAkEGsvWRYDwaMFA9p2/F t9p/+34uOWQd1JZWTqFVRQRyWp+Vn3QsWYG9/7o/rG/PcIcPF+s= =WUHL -----END PGP SIGNATURE----- --=-=-=-- From nobody Fri Aug 18 11:42:34 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 412711321A6 for ; Fri, 18 Aug 2017 11:42:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sumptuouscapital-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ik1gK0aE0cvr for ; Fri, 18 Aug 2017 11:42:30 -0700 (PDT) Received: from mail-lf0-x22d.google.com (mail-lf0-x22d.google.com [IPv6:2a00:1450:4010:c07::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2FF11321A1 for ; Fri, 18 Aug 2017 11:42:29 -0700 (PDT) Received: by mail-lf0-x22d.google.com with SMTP id o85so46057777lff.3 for ; Fri, 18 Aug 2017 11:42:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sumptuouscapital-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=L9s5O9UCoSGgTvnRUeWf03wxiiFccvhGiQ7n+2jXG2M=; b=19rRCK5g/2vmSaWwpiImWXpiQem5IKP9ATQ3lJZ6BPqhLcOa+0fameAXHtnG7O68iV o2UBIFBnQj9sbv5I91LyPQzLGdhn7sss5ZUrQ4/dOfX4e7f5Yszk7uBkzCiOEQdyiv0f JTrmPedrxz6cvOAWraN8/OUaRCN31botexnYPQWPt6vm7Ok8F+nKJGvfqh7vNx2MLTqU tM967mQtleTqQG4s0bECaclrKTcDGuBjVwrrp660wIo0SAIS/TX7X6osazT0Pzu8qymN 9znDK8qJB35ztDzNi/tZ3xSXiolP0XZtlmPkVvKopmo8s0cNHMcPpBakvoIltt0DrEzB izyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=L9s5O9UCoSGgTvnRUeWf03wxiiFccvhGiQ7n+2jXG2M=; b=HrwM0mRCpB1ZeQ1693DmBlqgRTxCd1MjFCNzAMfmxOLQPcj+vbOMb2aoNxYhp8oJhi Z+N/QbhUU5YN5I57M21Q2uBGxtvWxh/Mh/UCV9B1ZuOA1LISct/yTQaGDdvW11/VXHuT WjfrgGIqhggjZelx+oJ/WKPMFGQjIsUgjHdgkguQppEOusCw//aaAqlEgEMtawR0C4rZ 982Q2jjk5RqmvtBqiLO9XJ9NgbyGt14tT3X6Dj1b9d/HYgxu+NVK006S8r7JHXoWm3S8 cuS/lBHbyetTODgM7lpYmsut9xTDAoGcbkV/z1oJvQPYm84uQAlg3nig19HRgOUzqQnm AicQ== X-Gm-Message-State: AHYfb5gUrDBZyAEXhw2eOi6JLV2hh4m9Pwh6H2pFqJquWNHD+S6yCVcw vnJAKo5tkC2j8cBkg9KSIg== X-Received: by 10.25.26.206 with SMTP id a197mr4067096lfa.236.1503081747648; Fri, 18 Aug 2017 11:42:27 -0700 (PDT) Received: from [10.144.0.5] (host-37-191-226-104.lynet.no. [37.191.226.104]) by smtp.googlemail.com with ESMTPSA id 6sm1269891lju.0.2017.08.18.11.42.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 18 Aug 2017 11:42:26 -0700 (PDT) To: Daniel Kahn Gillmor , "Salz, Rich" , "Robert J. Hansen" , Stephen Paul Weber , "openpgp@ietf.org" References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> <87pobsg21s.fsf@fifthhorseman.net> From: Kristian Fiskerstrand Message-ID: <2ac17ecc-1ad7-1f17-4810-f754ceec846b@sumptuouscapital.com> Date: Fri, 18 Aug 2017 20:42:09 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <87pobsg21s.fsf@fifthhorseman.net> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="sMncWguJngTPs38RLclluxGkXSsT2TJ59" Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 18:42:32 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --sMncWguJngTPs38RLclluxGkXSsT2TJ59 Content-Type: multipart/mixed; boundary="0U4vjIL8l3w3G6m7l9A5DbISn11JSs36N"; protected-headers="v1" From: Kristian Fiskerstrand To: Daniel Kahn Gillmor , "Salz, Rich" , "Robert J. Hansen" , Stephen Paul Weber , "openpgp@ietf.org" Message-ID: <2ac17ecc-1ad7-1f17-4810-f754ceec846b@sumptuouscapital.com> Subject: Re: [openpgp] Summary of WG status References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> <87pobsg21s.fsf@fifthhorseman.net> In-Reply-To: <87pobsg21s.fsf@fifthhorseman.net> --0U4vjIL8l3w3G6m7l9A5DbISn11JSs36N Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 08/18/2017 08:31 PM, Daniel Kahn Gillmor wrote: > I understand that Werner is interested in continuing work on the draft.= > I do not know whether he will be able to submit further drafts as > draft-ietf-openpgp-4880bis, but the title of the draft one way or the > other shouldn't affect our ability to read, implement, comment on, and > improve it. I would at least welcome a draft on the specifics of EdDSA for Ed25519 and ECHD for Curve25519 public keys, similar to RFC6637. --=20 ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Aquila non capit muscas The eagle does not hunt flies --0U4vjIL8l3w3G6m7l9A5DbISn11JSs36N-- --sMncWguJngTPs38RLclluxGkXSsT2TJ59 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEtOrRIMf4mkrqRycHJQt6/tY3nYUFAlmXNQEACgkQJQt6/tY3 nYV/aggAw6JoJgjQa1EpEPRM37ifD+VUFi/WO3D034pTzO3mTNyPPmA3rE2+k7R2 gnWNVjsLwa+cKk1Eyx33ystiXmLK8vEFWjwABfcoXnPJeqXZlhpefrduTsqecSfN iEXN6pad/7GV7E5BvQx4qDeR2Jflqgz1ZAuxdqwWurXxQ7c4O1VREMdP8lWqc0YR z22WTQRFUIryrxhFynNk7KxWycwoQIhZrB++000l47qOpyjkcCQhvAoZk5ERvONJ ogAXkgJTinDyooRS7XEQ12x0PBdA551D0IZ98NofXLpG79DcDoHt2OsBxM0f7PW2 cyJikGQtcH5Vy7OS9IDESQUXiOuKZA== =SkZ5 -----END PGP SIGNATURE----- --sMncWguJngTPs38RLclluxGkXSsT2TJ59-- From nobody Fri Aug 18 12:13:40 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8C781321B8 for ; Fri, 18 Aug 2017 12:13:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iQGFaw-RJGV7 for ; Fri, 18 Aug 2017 12:13:37 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 79C5D1320BE for ; Fri, 18 Aug 2017 12:13:37 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id A98DFF99B; Fri, 18 Aug 2017 15:13:35 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id ECBF021940; Fri, 18 Aug 2017 15:13:32 -0400 (EDT) From: Daniel Kahn Gillmor To: Kristian Fiskerstrand , "Salz\, Rich" , "Robert J. Hansen" , Stephen Paul Weber , "openpgp\@ietf.org" In-Reply-To: <2ac17ecc-1ad7-1f17-4810-f754ceec846b@sumptuouscapital.com> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <6F7900F8-5FA5-4A7D-9D55-BBD509113F66@akamai.com> <87pobsg21s.fsf@fifthhorseman.net> <2ac17ecc-1ad7-1f17-4810-f754ceec846b@sumptuouscapital.com> Date: Fri, 18 Aug 2017 15:13:32 -0400 Message-ID: <87fucog04j.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: text/plain Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 19:13:39 -0000 On Fri 2017-08-18 20:42:09 +0200, Kristian Fiskerstrand wrote: > On 08/18/2017 08:31 PM, Daniel Kahn Gillmor wrote: >> I understand that Werner is interested in continuing work on the draft. >> I do not know whether he will be able to submit further drafts as >> draft-ietf-openpgp-4880bis, but the title of the draft one way or the >> other shouldn't affect our ability to read, implement, comment on, and >> improve it. > > I would at least welcome a draft on the specifics of EdDSA for Ed25519 > and ECHD for Curve25519 public keys, similar to RFC6637. i'd hope these will be included in whatever form the 4880bis document takes, and not as a separate document. --dkg From nobody Fri Aug 18 12:42:30 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29A5E1320BB for ; Fri, 18 Aug 2017 12:42:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qNAsdTZRmkl4 for ; Fri, 18 Aug 2017 12:42:27 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 87ACC12426E for ; Fri, 18 Aug 2017 12:42:27 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 312C0F99A; Fri, 18 Aug 2017 15:42:26 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 2DCDB215E8; Fri, 18 Aug 2017 15:42:16 -0400 (EDT) From: Daniel Kahn Gillmor To: Vincent Breitmoser , "Robert J. Hansen" Cc: Stephen Paul Weber , openpgp@ietf.org In-Reply-To: <20170818165311.d2x344yp5x5ys553@calamity> References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> <3bff215c-4de7-3994-8f78-5a06caa3fbfe@sixdemonbag.org> <20170815131326.wa5guttvgsp2la5g@calamity> <20170815164507.6111315.47595.68549@singpolyma.net> <8e062827-631e-24b0-3d19-40496c13f29c@sixdemonbag.org> <20170818165311.d2x344yp5x5ys553@calamity> Date: Fri, 18 Aug 2017 15:42:12 -0400 Message-ID: <87efs8fysr.fsf@fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2017 19:42:29 -0000 --=-=-= Content-Type: text/plain On Fri 2017-08-18 18:53:11 +0200, Vincent Breitmoser wrote: > From discussions so far I seem to be alone in my doubts that > increasing the bitsize of the fingerprint even further is a bad > idea. Still, I'm gonna submit a nay to the record here. I've been looking at, and thinking about, fingerprints and other identifiers a fair amount for the last several years. I want to make a couple observations: * most people don't see (or need to see) the fingerprint explicitly. for those people, this is a machine-readable value, and not something to expose. * for the minority who do actually want to "check fingerprints", fingerprint-matching need not be done by text string comparison today. there are lots of other clever ways people can do this with modern machinery, and we don't need to specify those mechanisms here. * some cryptosystems already expose full sha256 values to users in marginal cases -- modern OpenSSH fingerprints are base64-encoded sha256sums, so there's precedent. * the difference in size (in terms of transit) between a 200-bit truncation and a full 256-bit SHA256 sum is 7 octets. * sha256 has had tons of cryptographic analysis. Truncated sha256 has not had as much. I don't think there's a risk here, but why deviate from what's been directly studied? * simplicity is good. So in balance, i think i lean toward the full sha256. I recognize that the additional 7 octets is a downside in some extremely tight circumstances. But i think the balance comes out in favor of simplicity and uniformity for implementations. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOCdgUepHf6PklTkyFJitxsGSMjcFAlmXQxQACgkQFJitxsGS MjffpBAAl7zXd2UGEvPjN5BdkSRfP1WhZRY1hH7GYyWmVLYChfrnnMXBmz7PH5mu kbeWd90bYWcPmx6iYc8efXejThzmAPH0tD+kzJs3HxXB4Kf/HK4itnvGLd3efYZB mP53E+7iMGbCHxxZgf83A3K6b5i4UtSgXHDFiGT/R8zVT01YYSV4E/vAFs0OpciE cUB1yVsxpEQ+wQOjIolz/OIj1e+NwqD7Z8An2qmB6o68KksWGAvoc1iPprC4HOHX ZHnej4vsXZSV/oW9TyYvrzNnL7liaObKOdjwrGljRaYiV+T1+9nq87ZBCGlYEd+h subvBaRXoqwz+QNOlhKur2jGQRLtY6X0x2ruG0ghDxWMPbRYUEm8DKjykAboqQ97 lQTHbR3juSyx6JKGdoxAXGuh9hGHJ+Ht5LrnIyP52FsJYL4RXIqJ7MzXMxbnbUUm V+LoVJA5eUTf0E7m64xORNhYThGJKUQXWJYrO5aPcclUoO+Um5GhPFkl9/6KHXPj WMdQnBOUdmDxkrwQZXHDpPQr0bGaNXtkdpNg7zOH8nzj/DTQ/xSQnxzIqzVkhBiY EXw/rTqXOO6qXHJg8lyCnzE9R5yvck5KHl3wEVTG7I/xk9DuJ1+9I6xhdxHUR5Qp jOXMfSN9NRC8mqn+RDv+rUxVHLNQ/1QrpVszsVNRcKCDAhTQe0o= =7c4r -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Aug 23 02:53:35 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C434132BDF for ; Wed, 23 Aug 2017 02:53:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.899 X-Spam-Level: X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZwELo4jg6wLN for ; Wed, 23 Aug 2017 02:53:32 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C484F132BE1 for ; Wed, 23 Aug 2017 02:53:31 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1dkSLp-0002rO-8z for ; Wed, 23 Aug 2017 11:53:29 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1dkSHR-0004hm-7D; Wed, 23 Aug 2017 11:48:57 +0200 From: Werner Koch To: "brian m. carlson" Cc: openpgp@ietf.org References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> Organisation: The GnuPG Project X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: "brian m. carlson" , openpgp@ietf.org Date: Wed, 23 Aug 2017 11:48:56 +0200 In-Reply-To: <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net> (brian m. carlson's message of "Fri, 11 Aug 2017 20:29:24 +0000") Message-ID: <87mv6qty0n.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=Syria_Fortezza_64_Vauxhall_Cross_fundamentalist_INSCOM_counter=intel"; micalg=pgp-sha256; protocol="application/pgp-signature" Archived-At: Subject: Re: [openpgp] Summary of WG status X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Aug 2017 09:53:34 -0000 --=Syria_Fortezza_64_Vauxhall_Cross_fundamentalist_INSCOM_counter=intel Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Fri, 11 Aug 2017 22:29, sandals@crustytoothpaste.net said: > Okay. Let me offer a fingerprint proposal, then: SHA-256. Basically, > identical to Werner's proposal, except with the full SHA-256. That I am a bit surprised that 5 months after the proposal and 6 weeks after =2D02 we now get back to the fingerprint thing. Given the lack of comments I assumed we agreed on that. Anyway, to move forward I agree to modify this and remove the truncation. I just pushed the commit below. Salam-Shalom, Werner =3D=3D=3D=3D=3D=3D commit b95774fb924743198c228d3b02a2e2263dca751d Author: Werner Koch Date: Wed Aug 23 11:46:29 2017 +0200 Use all 32 octets of a V5 fingerprint. Modified middle.mkd diff --git a/middle.mkd b/middle.mkd index ec864c4..65c91a0 100644 =2D-- a/middle.mkd +++ b/middle.mkd @@ -1280,11 +1280,11 @@ #### {5.2.3.14} Regular Expression =20 #### {5.2.3.15} Revocation Key =20 =2D(1 octet of class, 1 octet of public-key algorithm ID, 20 or 25 octets +(1 octet of class, 1 octet of public-key algorithm ID, 20 or 32 octets of fingerprint) =20 V4 keys use the full 20 octet fingerprint; V5 keys use the =2Dleftmost 25 octets of the fingerprint +full 32 octet fingerprint =20 Authorizes the specified key to issue revocation signatures for this key. Class octet must have bit 0x80 set. If the bit 0x40 is set, then @@ -1636,8 +1636,7 @@ #### Issuer Fingerprint 64 bits of the fingerprint. =20 Note that the length N of the fingerprint for a version 4 key is 20 =2Doctets. For a version 5 key the leftmost 25 octets of the fingerprint =2Dare used (N=3D25). +octets; for a version 5 key N is 32. =20 =20 ### {5.2.4} Computing Signatures =2D-=20 Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. --=Syria_Fortezza_64_Vauxhall_Cross_fundamentalist_INSCOM_counter=intel Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWZ1PiAAKCRD/gK6dHew1 jQQ7AP9iygFPAs9pyD3M2JHDE24YXb3AQgptDtJnfMZDwrYzwwD/dCqSR2AZzEPb 1pST7Oo2D13wWFt9do65eJvLJ2GlYAE= =xSuw -----END PGP SIGNATURE----- --=Syria_Fortezza_64_Vauxhall_Cross_fundamentalist_INSCOM_counter=intel-- From nobody Sun Aug 27 15:29:52 2017 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79EA51321C9 for ; Sun, 27 Aug 2017 15:29:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwCwRcCs1wYZ for ; Sun, 27 Aug 2017 15:29:48 -0700 (PDT) Received: from thumb.scru.org (thumb.scru.org [IPv6:2600:3c00::f03c:91ff:fe96:c8b9]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4D78132192 for ; Sun, 27 Aug 2017 15:29:48 -0700 (PDT) Received: by thumb.scru.org (Postfix, from userid 1000) id 9BB006255F; Sun, 27 Aug 2017 22:29:46 +0000 (UTC) Date: Sun, 27 Aug 2017 22:29:46 +0000 From: Clint Adams To: openpgp@ietf.org Message-ID: <20170827222946.xnrkx4sdtitefwoc@scru.org> References: <20170811201011.2fynredjcllcgz2f@scru.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170811201011.2fynredjcllcgz2f@scru.org> User-Agent: NeoMutt/20170113 (1.7.2) Archived-At: Subject: Re: [openpgp] Curve25519/ECDH X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Aug 2017 22:29:50 -0000 On Fri, Aug 11, 2017 at 08:10:11PM +0000, Clint Adams wrote: > After speaking with NIIBE-san this morning, I think there could be some > more clarity with regard to how Curve25519 keys are meant to be > public-key algorithm 18. > > To that end I've submitted https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/5 Per request, into the list archive: While Ed25519 gets its own packet tag, Curve25519 keys are treated the same as ECDH (by design and by the GnuPG implementation). --- middle.mkd | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/middle.mkd b/middle.mkd index ec864c4..2615cf4 100644 --- a/middle.mkd +++ b/middle.mkd @@ -3735,8 +3735,8 @@ found in [](#KOBLITZ). This document references five named prime field curves, defined in [](#FIPS186) as "Curve P-256", "Curve P-384", and "Curve P-521"; and defined in [](#RFC5639) as "brainpoolP256r1", and "brainpoolP512r1". -Further curve "Ed25519", defined in [](#I-D.irtf-cfrg-eddsa) is -referenced for use with the EdDSA algorithm. +Further curve "Curve25519", defined in [](#RFC7748) is referenced +for use with Ed25519 (EdDSA signing) and X25519 (encryption). The named curves are referenced as a sequence of bytes in this document, called throughout, curve OID. [](#ecc-curve-oid) describes @@ -3756,7 +3756,8 @@ size. The adjusted underlying field size is the underlying field size that is rounded up to the nearest 8-bit boundary. Therefore, the exact size of the MPI payload is 515 bits for "Curve -P-256", 771 for "Curve P-384", and 1059 for "Curve P-521". +P-256", 771 for "Curve P-384", 1059 for "Curve P-521", and ???{FIXME} +for Curve25519. Even though the zero point, also called the point at infinity, may occur as a result of arithmetic operations on points of an elliptic @@ -3867,7 +3868,8 @@ definition of the OtherInfo bitstring [](#SP800-56A): fingerprint are used. The size of the KDF parameters sequence, defined above, is either 54 -for the NIST curve P-256 or 51 for the curves P-384 and P-521. +for the NIST curve P-256, 51 for the curves P-384 and P-521, or +???{FIXME} for Curve25519. The key wrapping method is described in [](#RFC3394). KDF produces a symmetric key that is used as a key-encryption key (KEK) as specified -- 2.14.1