From nobody Thu Oct  5 08:29:13 2017
Return-Path: <noloader@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 386FA1321A2 for <openpgp@ietfa.amsl.com>; Thu,  5 Oct 2017 08:29:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level: 
X-Spam-Status: No, score=0 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sq9cMMQLSD5j for <openpgp@ietfa.amsl.com>; Thu,  5 Oct 2017 08:29:11 -0700 (PDT)
Received: from mail-oi0-x230.google.com (mail-oi0-x230.google.com [IPv6:2607:f8b0:4003:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05283132198 for <openpgp@ietf.org>; Thu,  5 Oct 2017 08:29:11 -0700 (PDT)
Received: by mail-oi0-x230.google.com with SMTP id q4so7615689oic.7 for <openpgp@ietf.org>; Thu, 05 Oct 2017 08:29:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:reply-to:from:date:message-id:subject:to; bh=I4nhM9KTYTLoFZz4BUi417N4wl3WbV4LNgkZ/M1M1es=; b=Ze2QOMglfYduUd8GfJyBVFOmzsLdipQazhWQjsYJfhybe/qwJHqCvzByvoDtru9TRy 8QC0NjrtI2Ml224nU6p0WIDVqwg6uGT4u+izXgnB1hh/RNkDUAccSdHcOh3jtF5f62al mBdXpl3546qqj6srGu4N/qWyedYIous4rByEYoel4D2pR+yb7xSH38gT8SBgv7wDp/V+ Pb6Kq49jvkvlCIQlSI5/MfpctinC4RhY0CE+bo3aoRLlA847DYMXbFJupAIE1HY70rG1 b8M3iiGA3a+Q5+T1TVr3mVAl2Ue0y+JV2ijgHsfE9etMPeIrbF7BctAZeFZASj2HkuqG KPbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:from:date:message-id :subject:to; bh=I4nhM9KTYTLoFZz4BUi417N4wl3WbV4LNgkZ/M1M1es=; b=JCyxpRN7sX8xoXrsBR4/l3CQ+4cxXqxepwW1dZRXeU3HiqNCRCb/uUNWMgPClmsUbe S9WCk0LYmFD9k9Gj49756c5piMwPRyv/PwCQCCVdXKcpLl1+3TrNH6WZS/yVV5cQmFq5 mjWmKEj5Tps/i7p0dG5tv5gFWhLGC5fSf26TcozKKY15SvTLA/B3kJEAuAlkQjtjZBwr D31Snbudh6Q2SbBljKJjZQ3CpLoEbexKjsB0m6aXrjcPedyxQbacigfR4FzujtaSEtsz Mi1GWktcoLV1wkZFa9dgNU8oQFS08+QV1PQq7ZPAxswXkvymC92WAQtW0i26pSvUtSUg JZ+w==
X-Gm-Message-State: AMCzsaVO3PQkONZcXp5kMprJe+GW8V2y8Z3VNuti+AwFBGsH+jG/A9CP duki8NvldPJDqcOtnZgIUK4ON1InRpIBv+2/c9+hNCe8
X-Google-Smtp-Source: AOwi7QCW0GAW33T7UaUzIAdK3lRfPH9dqNPD8rxt9Wo8oxWHONDcda3nDbuD7AOAYjNIeyxFrzCYJHJ8Od/xIOwu0rE=
X-Received: by 10.157.59.102 with SMTP id z93mr13589891otb.222.1507217349761;  Thu, 05 Oct 2017 08:29:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.19.199 with HTTP; Thu, 5 Oct 2017 08:29:07 -0700 (PDT)
Reply-To: noloader@gmail.com
From: Jeffrey Walton <noloader@gmail.com>
Date: Thu, 5 Oct 2017 11:29:07 -0400
Message-ID: <CAH8yC8mNMunTGb1bDLufFV9Cbpke_BCRT+xDN2wGTBF4=Gx9pQ@mail.gmail.com>
To: openpgp@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ycDfAtQw9BTheeytwImWcNysooU>
Subject: [openpgp] Recommended default for SHA3-based signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Oct 2017 15:29:12 -0000

Hi Everyone,

Regarding https://www.ietf.org/archive/id/draft-jivsov-openpgp-sha3-01.txt
and the SHA3 support, which SHA3 algorithm does OpenPGP recommend as
the default for interoperability?

I am trying to determine which size causes the least amount of
discomfort with respect to SHA3-based interop. I suspect it is
SHA3-256, but the project might promote a different size with long
term goals in mind.

Thanks in advance.

Jeff


From nobody Fri Oct  6 02:11:45 2017
Return-Path: <wiktor@metacode.biz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E23313482B for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 02:11:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.301
X-Spam-Level: 
X-Spam-Status: No, score=-1.301 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=metacode.biz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tSTyKgKluKrk for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 02:11:41 -0700 (PDT)
Received: from mail-lf0-x22f.google.com (mail-lf0-x22f.google.com [IPv6:2a00:1450:4010:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78A4113482A for <openpgp@ietf.org>; Fri,  6 Oct 2017 02:11:41 -0700 (PDT)
Received: by mail-lf0-x22f.google.com with SMTP id l23so12785436lfk.10 for <openpgp@ietf.org>; Fri, 06 Oct 2017 02:11:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metacode.biz; s=2011;  h=to:from:subject:openpgp:organization:message-id:date:user-agent :mime-version:content-transfer-encoding:content-language; bh=5CRaA2vA3Il6idhAl0yq0nu2dtXienfQ1l+EQt5c3ac=; b=U1rgQsKSKQMlv6PAp4B4y5QcMNwFwv97Y9LMQyNuA+KGavUwALSVUpUitbN/PELy9o pj0jdJf4lMKF+vYNwK/gfNYtqv+G4log1DFSK0xvbP7MIBKSQSWgAs1OA57GUu1ldjOM lVymspQrpQY4IB73YjPYMoYrAaoYTc+5qass8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:openpgp:organization:message-id :date:user-agent:mime-version:content-transfer-encoding :content-language; bh=5CRaA2vA3Il6idhAl0yq0nu2dtXienfQ1l+EQt5c3ac=; b=dq9rktBiNXPKBHHA2ntkCl+TMJPXRhfHp5uA97j8VUKGdCYmPJJq0l9HRCJ+s6ifgJ w1SwY4gPbAb/cLGwlIGnGac91P2HxnvAbgTZDtyJVYoPl+RnKyoDc0wAtpponn7acZc0 R9niUva2X/P3X9iT024gdl7Z5Mf3fvrcoA65aX7LAFLlol2cPt9oG7RM4IqrT83UEvro Rtr65Bi9qp072z/ZxOnorn+dbjY7fenHFl4VYuiKOhVenAQ/InC5whL+jSC3oE87wOfR u294r3XLBCAFJEzbIkLbPZ8SXcZ5Cva+TVbk+PHmxrsdFvLSJkL7FBmA3hGP+lCl5Y5/ /T9A==
X-Gm-Message-State: AMCzsaVVlriKRy8Rl4ABqqoydBSUkmCvDYWtKLIjCP+pJIfxY9LyRBJV 6GEH5myVf51T/WTbsS1edx3Dh94W9d8=
X-Google-Smtp-Source: AOwi7QA519/IgPNXFem5UUlyilPeiA2WFn95dmAZQc26p27SeVVFcG34/VxOJFn+YUy1EneEokoC3A==
X-Received: by 10.25.29.213 with SMTP id d204mr466216lfd.47.1507281099551; Fri, 06 Oct 2017 02:11:39 -0700 (PDT)
Received: from [192.168.1.69] (89-64-36-212.dynamic.chello.pl. [89.64.36.212]) by smtp.googlemail.com with ESMTPSA id e31sm222442lji.76.2017.10.06.02.11.38 for <openpgp@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Oct 2017 02:11:38 -0700 (PDT)
To: openpgp@ietf.org
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Openpgp: id=653909A2F0E37C106F5FAF546C8857E0D8E8F074
Organization: Metacode
Message-ID: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz>
Date: Fri, 6 Oct 2017 11:11:34 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/yUGr2hrEqKFhkzwfwq-b5SYF3cw>
Subject: [openpgp] Linked Identities / URI Attributes status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2017 09:11:43 -0000

Hello everyone,

I'd like to ask about Linked Identities for OpenPGP [0]. I'm planning to
write tooling to manage Linked Identities UAT packets but as far as I
can see Linked Identities rely on URI Attributes [1] and URI Attributes
(because it's still draft) do not have IANA-assigned User Attribute Type
[2]. The only implementation that I know of (OpenKeychain) use
experimental value for these packets.

Is there anything that blocks URI Attributes [1] from being approved and
having an official (2-99) User Attribute type?

Thank you for you time!

Kind regards,

Wiktor

[0]: https://tools.ietf.org/html/draft-vb-openpgp-linked-ids-01

[1]: https://tools.ietf.org/html/draft-vb-openpgp-uri-attribute-01

[2]:
https://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-3

-- 
*/metacode/*


From nobody Fri Oct  6 03:48:42 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D29B0134905 for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 03:48:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.001
X-Spam-Level: 
X-Spam-Status: No, score=-5.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iJdP8AY54v2g for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 03:48:38 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DE66134904 for <openpgp@ietf.org>; Fri,  6 Oct 2017 03:48:38 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e0QBI-0001ub-PK for <openpgp@ietf.org>; Fri, 06 Oct 2017 12:48:36 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e0Q4J-0002XF-If; Fri, 06 Oct 2017 12:41:23 +0200
From: Werner Koch <wk@gnupg.org>
To: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Cc: openpgp@ietf.org
References: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Wiktor Kwapisiewicz <wiktor@metacode.biz>, openpgp@ietf.org
Date: Fri, 06 Oct 2017 12:41:17 +0200
In-Reply-To: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz> (Wiktor Kwapisiewicz's message of "Fri, 6 Oct 2017 11:11:34 +0200")
Message-ID: <874lrctv76.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=bluebird_Albanian_freedom_Semtex_War_on_Terrorism_Glock_BCCI_anthrax"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/36zgFe7WKnheRySJSJin3pcB3y0>
Subject: Re: [openpgp] Linked Identities / URI Attributes status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2017 10:48:40 -0000

--=bluebird_Albanian_freedom_Semtex_War_on_Terrorism_Glock_BCCI_anthrax
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri,  6 Oct 2017 11:11, wiktor@metacode.biz said:

> Is there anything that blocks URI Attributes [1] from being approved and
> having an official (2-99) User Attribute type?

I was not aware of that (expired) I-D.  Anyway, I think that the User
Attributes should not be extended over their use for an image.  URIs can
simply be represented by plain User IDs and software can easily detected
such URIs if desired.

The need to implement UAT only adds more complexity for a questionable
purpose.  Note that these image UAT were introduced due to marketing
needs of PGP or NAT and (iirc) only specified after they had been
introduced in their software.


Salam-Shalom,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=bluebird_Albanian_freedom_Semtex_War_on_Terrorism_Glock_BCCI_anthrax
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWdddzQAKCRD/gK6dHew1
jYE/AQCsscC6HUcXePFdPj0aW25oMYL3Xgz6W77TxA2UuG0ckAEA1tRVtWd3BgGG
6iqjZ9xfhUomfVZCdDeteD0JV+BuWAU=
=E/79
-----END PGP SIGNATURE-----
--=bluebird_Albanian_freedom_Semtex_War_on_Terrorism_Glock_BCCI_anthrax--


From nobody Fri Oct  6 09:26:44 2017
Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBDF2134A19 for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 09:26:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.5
X-Spam-Level: 
X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KNW7-CGmZtJa for <openpgp@ietfa.amsl.com>; Fri,  6 Oct 2017 09:26:40 -0700 (PDT)
Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B7F313309C for <openpgp@ietf.org>; Fri,  6 Oct 2017 09:26:39 -0700 (PDT)
Received: from localhost (gate.ibr.cs.tu-bs.de [134.169.34.1]) by mail.mugenguild.com (Postfix) with ESMTPSA id 22DF25FA24; Fri,  6 Oct 2017 18:26:37 +0200 (CEST)
Date: Fri, 6 Oct 2017 18:26:35 +0200
From: Vincent Breitmoser <look@my.amazin.horse>
To: Wiktor Kwapisiewicz <wiktor@metacode.biz>, openpgp@ietf.org
Message-ID: <20171006162635.nnlwewcnbexckqza@calamity>
References: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz> <874lrctv76.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <874lrctv76.fsf@wheatstone.g10code.de>
Autocrypt: addr=look@my.amazin.horse; keydata=mQINBFAB3UABEADCyB/vbIBA3m1Bwc yjTieEMLySwYgt54EQ2hglOocdtIhqC+b05t6sLSkwx2ukxrU2cegnCBkdyF/FZ/+Et638CUEBbf 4bjplwpt2IPLazQgjkwjMuhz0OcYDpMhwimTvh3mIl+0wzpOts6mEmMw0QZdl3RXvIW+NSynOn7q mz/fAv4Htt6lv2Ka0s6R2voyi+5U7CcIqizPad5qZVn2uxmovcFreTzFt6nk37ZbbTfvA3e5F0bR RQeH3viT5XxpJF4Y76v/Ua+5N3Kd18K0sX85rD1G7cmxR2CZ5gW1X24sDqdYZdDbf10N39UIwjJH PTeuVMQqry792Ap0Etyj135YFCE0loDnZYKvy2Y1i0RuEdTUIonIHrLhe2J0bXQGbQImHIyMgB9/ lva8D+yvy2gyf2vjRhmJEEco7w9FdzP7p3PhKrUiTjRsjHw8iV8LOCFx9njZOq9mism9ZZ16tZpx 9mXOf11HcH1RtVuyyQRS/4ytQPzwshXdSDDW6Btkmo9AbZQKC54/hSyzpp3Br2T2xDH7ecnonDB/ jv8rWuKXSTbX3xWAIrNBNDcTYaNe4jkms4HF7jJE19eRlqsXMMx6Fxvrh4TtKICwJYJ3AUmXrK3X Ti/mjqYfJ1fpBn54rWs8nhSR1fuZPD+aMlcP8BDUPlNKPKtj0DGSh3/VlnnwARAQABtClWaW5jZW 50IEJyZWl0bW9zZXIgPGxvb2tAbXkuYW1hemluLmhvcnNlPokCOAQTAQIAIgUCVTNZmgIbAwYLCQ gHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQe9GDIN6t+hHcVg//aeiijNqsQ3pjbFQn3VvND7hNfJ vrVcLZ+U4kOzXPF818aVdOnDyNXyE17vBDDcvaZ730sCsZIRZJ3KhUJ+nPvdttKjUIGLARmx+pA3 Jl3IIv2uLtOb3I0TMuyfIGJVGF+q10/CeDMKVjKlmyOVrR0opkel+KEoN7VLq3Hf3zPKENO1HBgp LHeP31tlb9cgs+u4o2wLrVe9myHbuFBW7EjWbSvdz2zliwbsFeFVLMNcWrKAU0GkkiH69SgnwmXU RkhGma4L27GLtkHHufsxfbcPqPtmtCttsGZU4EmrghGUqVyDOxnn8ZqybzLrRfpin+OCIX+aHJz5 r2L8qtrP0LorNMX3Gopd26vfhNvq/wq8xk++bW1R5FmkaUhx9h+DhO2ybcg7p/E8JHc8zrWv+bb3 0o9lkrOaU8GxXrgtb1cjtbb+MxFvjm0Elw7MSZDG7sF/APFU6cwuIA9Nai/OGAUCSt/W2ecS8Zox cWWbGSEiDvjtEctkpmHjfVuGoL34966Olm41VdH+NjgoSYUJKx4Mty8DRcZxdyoXll84LvDkEEYK ZqOIACsJf8CDFvUkmhXc+moCj15Yxtj3/RslRVEiOUyrpDwB72zWcZG8YnzoyGxhcRIc/gFejO/y SI8bzCpYngeuTb5NjFG+ChGiInHbQcFeHBlaHtKi2o/B5axIO5Ag0EVDvOgQEQALJby/ztliToGE u1lslvWQUQ6teKZVUQ7hy9bM4N83G0AGLatUBHtY6PkJBe4XkIw3sK7LoFCV2W4GSt4zWp9l+kG3 /J8Ow7EFjN0F7DrCg0M0lMg9dQz9jYSoBR8skaH3BRzCq9AKIVKV94poL/G65289L7zKDHoZnnyF qbBtedYZir0SZx+kiouZ1qnmxRPaYmH2fkuiuvYEAyzLDLYM8F5gQhdZM4YVtuvSICYPet0z4CDi JX/vZmDi3AzzoEVaKeAM/0H9f9Ni547J2+8dZSllgTrA+fq0aMJVScAObIxTAQtEq0DoNBzPpVrm W10b4bmgePrAvNkifqSr5StymSBgwvoeW6GrJiyN4XhoLOadZzwgjqioR1nXw5tXtrr5sYdkZ06b 1WWHkxtu1hFTdLC7RYNxY07ytLNM+C2lplCwCwlWB7RwI9BL1Dhre4kv8uaaX2Gksaq9mDf9MSDW qQ0TJ/RAiwMGmFrzBEYI1J2Oyeshi/dqW4/OiZAukOIlxOnt6u8zU2KL6Qjxqqna0oTbS4Zv3fRd YkuUCL6CDEJdkuRAiW+Gw+lKcMjXqApEqixhaDkoB/kwtu+2gIFTzAxMfwFN1YtNc0kJZWnFkGIW MrrwTcOwAFzlFz7wn/EyMFtg+ERcqMX0+olXDwM8MODI2+BzulPuEDEteCw09hABEBAAGJAh8EGA ECAAkFAlQ7zoECGwwACgkQe9GDIN6t+hFjuQ//UQyg49f8TytUYQaBb8R0UfI+KhQFs1Nsz2z8a3 0CD1MeiHHYWdAcomVvTkg4g5LbnYHVDrj/XagY3FN/AIE97usFbsTG+rsWAOLi7N2dN2ehWZ634k MvrgyC9uTiOdkw31+B8K5MpyySgD8e6SAzRfiu06/bcQOUyJifw8Hudpj9by4uyGhSH+kHu4afrp OduUighbsGFtcuRwwQ/w/oSk68XvPUgiOQWMZh/pVoXdFyFvrt/hgArCi8dfy5UPK58nl7jPnu/I uQXrJ50nNAFIIxPVeo2/B83KAnEZPU+qWZsdba0V+FIIQQVizLtQFMuJJk4/UTAOfJ2tBpQ9PADX 6/scqDE7unXNWdxcHTjK7KmWjXC8CyhGOx8V/rb7Ial4mZo4cTED6SNlO7dV1XYwnSctL2HCYNM3 RUe4eJ7JWuu7/Nbf6yip2eq7BQKZ9hAH/se/OSZNYsEkZ4pxUc8W5U3uAZImUwC6L74SM0jBZIuD mQhOYX6sZZ6urIn/MYlj4/hqSBFS4vTK7nXRLmtr7+5T5U5srVseUiYc+l9pu9/XD8zGIu+M2xEd 41NwP44GDQTQm0bFljRv5fSblwmi56YHPFQUIh2RZNX3kOJgeyQ3enw5uY+7ocKRVP38hpnffliL lJcO6TtHWnElS3pACbTQM0RHJox3zqU3q6K3c=
User-Agent: NeoMutt/20170609 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/cvpZB1TcKYQdGnRoVwIYCmbaIFE>
Subject: Re: [openpgp] Linked Identities / URI Attributes status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2017 16:26:43 -0000

Hi there,

this draft of linked identities (and the corresponding implementation in
openkeychain) is by me :) cheers Wiktor for bringing it up again!

> URIs can simply be represented by plain User IDs and software can
> easily detected such URIs if desired.

I'll try to describe some more why I went with a user attribute over
simple user ids.

Most importantly, URI attribute are intended for identities that are
encoded as URIs, not simply user-facing urls that might have some
unspecified association to the user. This means that a typical URI in
there won't be "clickable", which will be confusing at best (and a
security issue at worst) for the user.

For instance, this is one of the uri attributes on my key:
openpgpid+cookie:@https://twitter.com/Valodim/status/592675006880022529

A secondary thought is that, while the content explicitly isn't
restricted, overloading user ids with more stuff adds to the amount of
guesswork implementations have to do to interpret and display them in a
helpful way. For URI Attributes, if an implementation has no handler for
the schema, then not showing them at all is the reasonable thing to do.

On a related note, personally I would be happier if user ids were
name-addr not only by convention, and we made better use of the user
attribute namespace for stuff like telephone numbers or whatever other
types of identities some people want to stuff in their keys.

> The need to implement UAT only adds more complexity for a questionable
> purpose.

User attributes with unknown attribute id already have to be handled as
opaque packets, so it adds zero complexity to implementations that don't
want to handle them. If an implementation chokes on user attributes in
general, that's a bug in the implementation, not the spec.

> Note that these image UAT were introduced due to marketing needs of
> PGP or NAT and (iirc) only specified after they had been introduced in
> their software.

While this is an interesting historical note, I don't believe it's a
good basis for a decision here. If avoiding use of uats for this reason
is in fact general consensus, they should be deprecated in rfc4880-bis.
If it's not, I don't see anything wrong with assigning new attribute
ids.

 - V


From nobody Sat Oct  7 01:43:44 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 903C0134541 for <openpgp@ietfa.amsl.com>; Sat,  7 Oct 2017 01:43:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FGNsWOOfdFye for <openpgp@ietfa.amsl.com>; Sat,  7 Oct 2017 01:43:40 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFB4413453D for <openpgp@ietf.org>; Sat,  7 Oct 2017 01:43:40 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e0khu-0007Wc-9c for <openpgp@ietf.org>; Sat, 07 Oct 2017 10:43:38 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e0kci-0000ch-0J; Sat, 07 Oct 2017 10:38:16 +0200
From: Werner Koch <wk@gnupg.org>
To: Vincent Breitmoser <look@my.amazin.horse>
Cc: Wiktor Kwapisiewicz <wiktor@metacode.biz>,  openpgp@ietf.org
References: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz> <874lrctv76.fsf@wheatstone.g10code.de> <20171006162635.nnlwewcnbexckqza@calamity>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Vincent Breitmoser <look@my.amazin.horse>, Wiktor Kwapisiewicz <wiktor@metacode.biz>, openpgp@ietf.org
Date: Sat, 07 Oct 2017 10:37:54 +0200
In-Reply-To: <20171006162635.nnlwewcnbexckqza@calamity> (Vincent Breitmoser's message of "Fri, 6 Oct 2017 18:26:35 +0200")
Message-ID: <87lgkns68t.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=enemy_of_the_state_Project_Monarch_North_Korea_Soviet_morse_spies=Mo"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/zgGQW8qPtJ94tkEVDpDJNsAdkxE>
Subject: Re: [openpgp] Linked Identities / URI Attributes status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Oct 2017 08:43:42 -0000

--=enemy_of_the_state_Project_Monarch_North_Korea_Soviet_morse_spies=Mo
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri,  6 Oct 2017 18:26, look@my.amazin.horse said:

> A secondary thought is that, while the content explicitly isn't
> restricted, overloading user ids with more stuff adds to the amount of
> guesswork implementations have to do to interpret and display them in a

You don't need to do any guesswork.  We have notation data which can be
used to add meta data to a user id.

Hiding things which might act as identities in UAT does not feel right.
We better keep UAT for what they are used today - for the more or less
useless photo-ids


Shalom-Salam,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=enemy_of_the_state_Project_Monarch_North_Korea_Soviet_morse_spies=Mo
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWdiSYgAKCRD/gK6dHew1
jVCeAP9ml5qFdMpz04uaVzmsG8UOABzRL8VQCSY/z9Kh8iTWWgEAiCIQYMQGQLeO
KiQZo7od5LqxizxowLIWGMgDxAnMmQY=
=8JWC
-----END PGP SIGNATURE-----
--=enemy_of_the_state_Project_Monarch_North_Korea_Soviet_morse_spies=Mo--


From nobody Thu Oct 12 06:18:50 2017
Return-Path: <wiktor@metacode.biz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D9D81344E2 for <openpgp@ietfa.amsl.com>; Thu, 12 Oct 2017 06:18:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=metacode.biz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EQvB3NLrn_YM for <openpgp@ietfa.amsl.com>; Thu, 12 Oct 2017 06:18:46 -0700 (PDT)
Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com [IPv6:2a00:1450:4010:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 691091344E1 for <openpgp@ietf.org>; Thu, 12 Oct 2017 06:18:46 -0700 (PDT)
Received: by mail-lf0-x232.google.com with SMTP id c82so5906424lfc.6 for <openpgp@ietf.org>; Thu, 12 Oct 2017 06:18:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metacode.biz; s=2011;  h=subject:references:to:from:openpgp:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=3FQ/ySFQ5BDhGLRMz0DGVZfanA6Nex7T90086jBbk6M=; b=B9RnVgZ+VVlqNcG87lL/cJBP3GOFRIp+DivcV8oDLm0R5Q/89HnvDSuSJl++4DGUbJ lX3nrfOxlfJNqEHaImCzWYUediEpVLfKVwNHtV3o0WXzA10dcHe9E8kgQCBcFIS1ydTS Fq1hGsazFj8it7eVSxpH2uDw3HO+Ag0TM30/A=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:openpgp:organization :message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding:content-language; bh=3FQ/ySFQ5BDhGLRMz0DGVZfanA6Nex7T90086jBbk6M=; b=f2xkw680CLIkPhGw36GW22sScHUKiy6y47gyyzyDS65aP+MXxJp5P8fG+7qEmbysX5 SNqBeWReo143ZqwvHFPbtIVUKlV17ihE0YW/u5CKqBlt515NQ3YZYWKaPqcgWcWOk+sF BBWhuetyc7TpAbQ7CNDQXULCnpozPWmIamEAY9+kVvxL5S7TdjHwEMcxmmX5ZguIv7IP YNwKy/ypCG3DEi+zMlADTxcLAqfDgjzITWDSe+WJa0G7/mpD+h4GBa8GWqL+Y6WQki5A XHYFAITPooRXZsgMyFOnj4qdQ62VhXjB4khlDWNSO99bgkjsD74/M9Zp9o78VMnYuJ6F JCSg==
X-Gm-Message-State: AMCzsaWe45tvhZgq2JOM2HmlLsHiuHwKBh+s/m/n7QdHnHf9/gWeNTk1 epKE+zCszYDq5ZO+O/oiRqLmCTM/Xuo=
X-Google-Smtp-Source: ABhQp+QxnVcfv+jQfR2YtIBeJZveEIrBH+p52GFesAtyjD4XbooNiNittsmD4FGBkpwDRdrQs3mdlQ==
X-Received: by 10.46.34.129 with SMTP id i123mr123680lji.106.1507814324438; Thu, 12 Oct 2017 06:18:44 -0700 (PDT)
Received: from [192.168.1.69] (89-64-37-77.dynamic.chello.pl. [89.64.37.77]) by smtp.googlemail.com with ESMTPSA id q67sm3632153lja.19.2017.10.12.06.18.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Oct 2017 06:18:43 -0700 (PDT)
References: <43412d30-51a2-1941-43d9-f0207f77afcd@metacode.biz> <874lrctv76.fsf@wheatstone.g10code.de>
To: Werner Koch <wk@gnupg.org>, openpgp@ietf.org
From: Wiktor Kwapisiewicz <wiktor@metacode.biz>
Openpgp: id=653909A2F0E37C106F5FAF546C8857E0D8E8F074
Organization: Metacode
Message-ID: <8dc32ddd-307a-d0a9-2bda-0497cec4cba0@metacode.biz>
Date: Thu, 12 Oct 2017 15:18:38 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <874lrctv76.fsf@wheatstone.g10code.de>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FgN16dwb5E8HahHbqK1I_sQsOEg>
Subject: Re: [openpgp] Linked Identities / URI Attributes status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2017 13:18:49 -0000

> I was not aware of that (expired) I-D.=C2=A0 Anyway, I think that the U=
ser
> Attributes should not be extended over their use for an image.=C2=A0 UR=
Is can
> simply be represented by plain User IDs and software can easily detecte=
d
> such URIs if desired.

This is an excellent idea. Coupled with signature notation data, that
can be made critical one can assure that unknown Linked Identity UIDs
would be considered invalid by software that does not understand a
particular notation data proof.

Not to mention UIDs and Notation Data can be added using command line
tools that already exist.

But I do have to agree with Vincent that if UATs are deprecated they
should be marked as such.

Actually, previously I got a very different impression when I diffed RFC
4880 and 4880 bis-02 and saw new section "5.13.2.=C2=A0 User ID Attribute=

Subpacket" [0] that was introduced for Device Certificates [1]. Is this
something old to be removed or an entirely different case?

Kind regards,

Wiktor

[0]:
https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-02#section-5.13=
=2E2

[1]: https://www.ietf.org/mail-archive/web/openpgp/current/msg08460.html




From nobody Wed Oct 25 02:16:52 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1CF66139950 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 02:16:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDCokCEdKIry for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 02:16:47 -0700 (PDT)
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-hk2apc01on0056.outbound.protection.outlook.com [104.47.124.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 447B9139680 for <openpgp@ietf.org>; Wed, 25 Oct 2017 02:16:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=swzUQeT7zZsTjpZWFHMfpIu3h2ayhkz706p0/eTF20c=; b=adiZ2NshDl4s0jgkld7xGdZYk1wIs62hxunvm+Xn9cBsUnWryZ04088rXJ1H/c9/+sQW9oaiY8FGS6tzWytr4V7+zLX1t4CbrerjGUL7ZusnvlOlV0VqdEmSQi9rX+QW0WRjnky4dnZAxL/JprSUQ4nSHqZQbg2jtnNHeQGYJPg=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Wed, 25 Oct 2017 09:16:43 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17%14]) with mapi id 15.20.0156.007; Wed, 25 Oct 2017 09:16:43 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5w45VH0tw2ky7nHf16p0Usw==
Date: Wed, 25 Oct 2017 09:16:42 +0000
Message-ID: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:NfGx/OhUHr/9HtOpz53Dg8zXaC1AQ0aFOs7676ZlvHxrtI/hc4bvbdK+RAUZm3Gw8fPCDiyTHzC1Ve5zdAn/VaqDGf2xn6hlI1C94OGjQ7WOiHsRphdbHVqSmivg0gAVGN36feH6Ya/oHdyCrzXyYOggZuyShjBTgNMEGGgtNurDkf6cIzGUAjKMvdJHpH/bR5EC0h/VALBG1lb5qvzTwpd9gBLm0NIWuMRvOK6kKCZSlWeVPrZlfh0sv0r3U5u8fXxqVsGWuaOuge6IFSjoaCSSfHPxzAi7AOy4m0ZOojcN7MrkTKfZbJ4vEdMVpC6tZj3hmQMndzKdFB2fu1GEVg==; 5:wc5HrLTPIxkeFU5Nd6bJr9CuBGk/dn1FZDhIJdspAXZjE9RlgIm1B8pHVeERHbxzraxUJK2Fq9lKj9fHXTHg12B80dModiek5Rsm5TdTyp89ZL9QKa/ZzOJ+24Icr/fgd2Ioi3/3wNuO5CuhcwUAWg==; 24:+qekfimm6kEdmjiZ+33CU3X47H9qX+LRuAq6N/CEGzDlE0RZrs3DFDyzJ1VMa11N8NPWpTKbvkxS/iFFnwDX2g0f0bl5O+2pDIZTFRm1vAw=; 7:n935Anxt+mcHFvrtDNVvEtQNeh7VCUpbuzD2mXaxXg6vfQH/xGmPC/zaTfj7w4B30fKSC3yuBKUnotgJbhMxWLNpuPo4CYYe2L8O1UGMrlIdZn24wBUxjv823B6JoLdEm4ZsrT7D9TjYVMh8R7aoaOjpPIeVC3ku73CNsFs94el0uqlLqQ6WIPOYgCvZ28nE3IPJl6I9SLLazya70VH6BkhXB8IuglJVn+uDZuL8tlc=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 95689c50-3a21-47d1-4fab-08d51b891bb3
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:(4782527817362);
x-microsoft-antispam-prvs: <PS1PR01MB1050D4C0104FE9F371237DE2D7440@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3231020)(93006095)(93001095)(10201501046)(3002001)(6041248)(2016111802025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123558100)(20161123562025)(20161123564025)(20161123560025)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 0471B73328
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400002)(376002)(346002)(76104003)(189002)(199003)(2900100001)(478600001)(97736004)(6116002)(102836003)(3846002)(6506006)(5250100002)(2501003)(83716003)(54896002)(86362001)(53936002)(99286003)(6512007)(236005)(6436002)(6306002)(6486002)(2351001)(966005)(316002)(345774005)(2906002)(54356999)(1730700003)(6916009)(81166006)(8676002)(5660300001)(33656002)(81156014)(106356001)(606006)(50986999)(8936002)(3660700001)(3280700002)(25786009)(68736007)(14454004)(5640700003)(101416001)(7736002)(82746002)(66066001)(105586002)(189998001)(36756003)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:3; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_D0505748E3764CF989069AD77838FB23ribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 95689c50-3a21-47d1-4fab-08d51b891bb3
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Oct 2017 09:16:43.0123 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/pP7sTh2h_inJV9TVp7-0R7b3VMU>
Subject: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 09:16:50 -0000

--_000_D0505748E3764CF989069AD77838FB23ribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SGkgT3BlblBHUCBXRywNCg0KVGhlcmUgaGFzIGJlZW4gc29tZSBkaXNjdXNzaW9uIGluIHRoZSBn
cm91cCBzb21lIHRpbWUgYWdvIGFib3V0IE9DQiwgYnV0IGJhY2sgdGhlbiB0aGUgQUVBRCByZXF1
aXJlbWVudHMgd2VyZSBub3Qgc2V0IGluIHN0b25lLg0KDQpTaW5jZSBiaXMtMDIgbm93IGZvcm1h
bGx5IGRlZmluZXMgdGhlIEFFQUQgcGFja2V0IGFuZCBhbiBBRUFEIGFsZ29yaXRobSByZWdpc3Ry
eSwgSeKAmWQgbGlrZSB0byBicmluZyB1cCB0aGUgdG9waWMgYWdhaW4gb2YgYWRkaW5nIE9DQiB0
byB0aGUgZHJhZnQgZ2l2ZW4gaXRzIGNsZWFyIGJlbmVmaXRzLiBUaGVyZSBoYXZlIGJlZW4gcHJl
dmlvdXMgbWVudGlvbnMgb2YgcGF0ZW50IGNvbmNlcm5zLCBidXQgT0NCIGlzIGZyZWVseSBsaWNl
bnNlZCBmb3Igb3BlbiBzb3VyY2UgdG9vbHMgYW5kIGhhcyBiZWVuIGluY2x1ZGVkIGluIGxpYnJh
cmllcyBsaWtlIE9wZW5TU0wgYW5kIEJvdGFuLg0KDQpJIGhhdmUgc3VibWl0dGVkIGEgbWVyZ2Ug
cmVxdWVzdCB0byB0aGUgZG9jdW1lbnQgcmVwb3NpdG9yeSwgYW5kIHRoZSBkaWZmcyBjYW4gYmUg
c2VlbiBiZWxvdy4NCg0KTWVyZ2UgcmVxdWVzdA0KKiBodHRwczovL2dpdGxhYi5jb20vb3BlbnBn
cC13Zy9yZmM0ODgwYmlzL21lcmdlX3JlcXVlc3RzLzgNCg0KRGlmZnMNCiogaHR0cHM6Ly9naXRs
YWIuY29tL29wZW5wZ3Atd2cvcmZjNDg4MGJpcy9tZXJnZV9yZXF1ZXN0cy84L2RpZmZzDQoNClBs
ZWFzZSBmZWVsIGZyZWUgdG8gbGV0IG1lIGtub3cgd2hhdCB5b3UgdGhpbmsuIFRoYW5rcyENCg0K
S2luZCByZWdhcmRzLA0KUm9uDQoNClAuUy4gdGhpcyBtZXJnZSByZXF1ZXN0IGluY2x1ZGVzIGh0
dHBzOi8vZ2l0bGFiLmNvbS9vcGVucGdwLXdnL3JmYzQ4ODBiaXMvbWVyZ2VfcmVxdWVzdHMvNyBh
cyB0aGUgZG9jdW1lbnQgd2FzbuKAmXQg4oCcYnVpbGRhYmxl4oCdIGR1ZSB0byBhIG1pc3Npbmcg
cmVmZXJlbmNlIHRvIFJGQyA3NzQ4Lg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fDQoNClJvbmFsZCBUc2UNClJpYm9zZSBJbmMuDQoNCis9PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0rDQpUaGlzIG1lc3NhZ2UgbWF5
IGNvbnRhaW4gY29uZmlkZW50aWFsIGFuZC9vciBwcml2aWxlZ2VkDQppbmZvcm1hdGlvbi4gIElm
IHlvdSBhcmUgbm90IHRoZSBhZGRyZXNzZWUgb3IgYXV0aG9yaXplZCB0bw0KcmVjZWl2ZSB0aGlz
IGZvciB0aGUgYWRkcmVzc2VlLCB5b3UgbXVzdCBub3QgdXNlLCBjb3B5LA0KZGlzY2xvc2Ugb3Ig
dGFrZSBhbnkgYWN0aW9uIGJhc2VkIG9uIHRoaXMgbWVzc2FnZSBvciBhbnkNCmluZm9ybWF0aW9u
IGhlcmVpbi4gIElmIHlvdSBoYXZlIHJlY2VpdmVkIHRoaXMgbWVzc2FnZSBpbg0KZXJyb3IsIHBs
ZWFzZSBhZHZpc2UgdGhlIHNlbmRlciBpbW1lZGlhdGVseSBieSByZXBseSBlLW1haWwNCmFuZCBk
ZWxldGUgdGhpcyBtZXNzYWdlLiAgVGhhbmsgeW91IGZvciB5b3VyIGNvb3BlcmF0aW9uLg0KKz09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PSsN
Cg0K

--_000_D0505748E3764CF989069AD77838FB23ribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <E98325A92234964697FD756B18DE5190@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkhpIE9wZW5QR1AgV0csDQo8ZGl2IGNsYXNzPSIi
PjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5UaGVyZSBoYXMgYmVlbiBzb21l
IGRpc2N1c3Npb24gaW4gdGhlIGdyb3VwIHNvbWUgdGltZSBhZ28gYWJvdXQgT0NCLCBidXQgYmFj
ayB0aGVuIHRoZSBBRUFEIHJlcXVpcmVtZW50cyB3ZXJlIG5vdCBzZXQgaW4gc3RvbmUuPC9kaXY+
DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5TaW5j
ZSBiaXMtMDIgbm93IGZvcm1hbGx5IGRlZmluZXMgdGhlIEFFQUQgcGFja2V0IGFuZCBhbiBBRUFE
IGFsZ29yaXRobSByZWdpc3RyeSwgSeKAmWQgbGlrZSB0byBicmluZyB1cCB0aGUgdG9waWMgYWdh
aW4gb2YgYWRkaW5nIE9DQiB0byB0aGUgZHJhZnQgZ2l2ZW4gaXRzIGNsZWFyIGJlbmVmaXRzLiBU
aGVyZSBoYXZlIGJlZW4gcHJldmlvdXMgbWVudGlvbnMgb2YgcGF0ZW50IGNvbmNlcm5zLCBidXQg
T0NCIGlzIGZyZWVseQ0KIGxpY2Vuc2VkIGZvciBvcGVuIHNvdXJjZSB0b29scyBhbmQgaGFzIGJl
ZW4gaW5jbHVkZWQgaW4gbGlicmFyaWVzIGxpa2UgT3BlblNTTCBhbmQgQm90YW4uPC9kaXY+DQo8
ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5JIGhhdmUg
c3VibWl0dGVkIGEgbWVyZ2UgcmVxdWVzdCB0byB0aGUgZG9jdW1lbnQgcmVwb3NpdG9yeSwgYW5k
IHRoZSBkaWZmcyBjYW4gYmUgc2VlbiBiZWxvdy48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNs
YXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPk1lcmdlIHJlcXVlc3Q8L2Rpdj4NCjxkaXYg
Y2xhc3M9IiI+KiA8YSBocmVmPSJodHRwczovL2dpdGxhYi5jb20vb3BlbnBncC13Zy9yZmM0ODgw
YmlzL21lcmdlX3JlcXVlc3RzLzgiIGNsYXNzPSIiPg0KaHR0cHM6Ly9naXRsYWIuY29tL29wZW5w
Z3Atd2cvcmZjNDg4MGJpcy9tZXJnZV9yZXF1ZXN0cy84PC9hPjwvZGl2Pg0KPGRpdiBjbGFzcz0i
Ij48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+RGlmZnM8L2Rpdj4NCjxkaXYg
Y2xhc3M9IiI+KiA8YSBocmVmPSJodHRwczovL2dpdGxhYi5jb20vb3BlbnBncC13Zy9yZmM0ODgw
YmlzL21lcmdlX3JlcXVlc3RzLzgvZGlmZnMiIGNsYXNzPSIiPg0KaHR0cHM6Ly9naXRsYWIuY29t
L29wZW5wZ3Atd2cvcmZjNDg4MGJpcy9tZXJnZV9yZXF1ZXN0cy84L2RpZmZzPC9hPjwvZGl2Pg0K
PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+UGxlYXNl
IGZlZWwgZnJlZSB0byBsZXQgbWUga25vdyB3aGF0IHlvdSB0aGluay4gVGhhbmtzITwvZGl2Pg0K
PGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+S2luZCBy
ZWdhcmRzLDwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5Sb248L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJy
IGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlAuUy4gdGhpcyBtZXJnZSByZXF1ZXN0
IGluY2x1ZGVzJm5ic3A7PGEgaHJlZj0iaHR0cHM6Ly9naXRsYWIuY29tL29wZW5wZ3Atd2cvcmZj
NDg4MGJpcy9tZXJnZV9yZXF1ZXN0cy83IiBjbGFzcz0iIj5odHRwczovL2dpdGxhYi5jb20vb3Bl
bnBncC13Zy9yZmM0ODgwYmlzL21lcmdlX3JlcXVlc3RzLzc8L2E+IGFzIHRoZSBkb2N1bWVudCB3
YXNu4oCZdCDigJxidWlsZGFibGXigJ0gZHVlIHRvIGEgbWlzc2luZyByZWZlcmVuY2UgdG8gUkZD
IDc3NDguPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+
DQo8ZGl2IHN0eWxlPSJjb2xvcjogcmdiKDAsIDAsIDApOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4
dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29y
ZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgd29yZC13cmFw
OiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IC13ZWJraXQtbGluZS1icmVh
azogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCl9fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX188YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpSb25hbGQgVHNlPGJy
IGNsYXNzPSIiPg0KUmlib3NlIEluYy48YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQomIzQz
Oz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PSYjNDM7PGJyIGNsYXNzPSIiPg0KVGhpcyBtZXNzYWdlIG1heSBjb250YWluIGNvbmZpZGVudGlh
bCBhbmQvb3IgcHJpdmlsZWdlZDxiciBjbGFzcz0iIj4NCmluZm9ybWF0aW9uLiAmbmJzcDtJZiB5
b3UgYXJlIG5vdCB0aGUgYWRkcmVzc2VlIG9yIGF1dGhvcml6ZWQgdG88YnIgY2xhc3M9IiI+DQpy
ZWNlaXZlIHRoaXMgZm9yIHRoZSBhZGRyZXNzZWUsIHlvdSBtdXN0IG5vdCB1c2UsIGNvcHksPGJy
IGNsYXNzPSIiPg0KZGlzY2xvc2Ugb3IgdGFrZSBhbnkgYWN0aW9uIGJhc2VkIG9uIHRoaXMgbWVz
c2FnZSBvciBhbnk8YnIgY2xhc3M9IiI+DQppbmZvcm1hdGlvbiBoZXJlaW4uICZuYnNwO0lmIHlv
dSBoYXZlIHJlY2VpdmVkIHRoaXMgbWVzc2FnZSBpbjxiciBjbGFzcz0iIj4NCmVycm9yLCBwbGVh
c2UgYWR2aXNlIHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYnkgcmVwbHkgZS1tYWlsPGJyIGNsYXNz
PSIiPg0KYW5kIGRlbGV0ZSB0aGlzIG1lc3NhZ2UuICZuYnNwO1RoYW5rIHlvdSBmb3IgeW91ciBj
b29wZXJhdGlvbi48YnIgY2xhc3M9IiI+DQomIzQzOz09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PSYjNDM7PC9kaXY+DQo8L2Rpdj4NCjxiciBj
bGFzcz0iIj4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K

--_000_D0505748E3764CF989069AD77838FB23ribosecom_--


From nobody Wed Oct 25 08:04:08 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0B35139950 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 08:04:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o0qxj3uKp4Um for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 08:04:04 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E0661388A0 for <openpgp@ietf.org>; Wed, 25 Oct 2017 08:04:04 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e7NDu-0004Bz-Mi for <openpgp@ietf.org>; Wed, 25 Oct 2017 17:04:02 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e7N7m-0006k6-02; Wed, 25 Oct 2017 16:57:42 +0200
From: Werner Koch <wk@gnupg.org>
To: Ronald Tse <tse@ribose.com>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Ronald Tse <tse@ribose.com>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Wed, 25 Oct 2017 16:57:41 +0200
In-Reply-To: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> (Ronald Tse's message of "Wed, 25 Oct 2017 09:16:42 +0000")
Message-ID: <87r2tr8eca.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Leitrim_Medco_Downing_Street_Geraldton_industrial_espionage_Ortega=S"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/1e2upVdUxWQOe4eC5oreLvhE9ZQ>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 15:04:07 -0000

--=Leitrim_Medco_Downing_Street_Geraldton_industrial_espionage_Ortega=S
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On Wed, 25 Oct 2017 11:16, tse@ribose.com said:

> Diffs
> * https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/8/diffs

Can you please send the diff to this mailing list so that we do not need
to rely on external sources in the archives of this ML.  it is also
easier for me to work with patches send by mail.


>
> Please feel free to let me know what you think. Thanks!
>
> Kind regards,
> Ron
>
> P.S. this merge request includes https://gitlab.com/openpgp-wg/rfc4880bis=
/merge_requests/7 as the document wasn=E2=80=99t =E2=80=9Cbuildable=E2=80=
=9D due to a missing reference to RFC 7748.
>
> _____________________________________
>
> Ronald Tse
> Ribose Inc.
>
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+
> This message may contain confidential and/or privileged
> information.  If you are not the addressee or authorized to
> receive this for the addressee, you must not use, copy,
> disclose or take any action based on this message or any
> information herein.  If you have received this message in
> error, please advise the sender immediately by reply e-mail
> and delete this message.  Thank you for your cooperation.
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=Leitrim_Medco_Downing_Street_Geraldton_industrial_espionage_Ortega=S
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWfCmZQAKCRD/gK6dHew1
jVxpAPwNOp1ULMwKMz5XOQBo17zjNh8siEBfz3yXgFxqmEy4GgEA7wPgXYe4imlC
GfAgOJU2ykdkDx4LA4PA/+T1nVK3zg8=
=GqLL
-----END PGP SIGNATURE-----
--=Leitrim_Medco_Downing_Street_Geraldton_industrial_espionage_Ortega=S--


From nobody Wed Oct 25 09:27:41 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0AAB138AED for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 09:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vB9324rsLNEn for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 09:27:38 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21F3F13F41F for <openpgp@ietf.org>; Wed, 25 Oct 2017 09:27:38 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yMbCB43yTz3JW; Wed, 25 Oct 2017 18:27:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1508948854; bh=Y3yuhedaWbL7EFtzID8ac6Q/nae41LfxLRnCIXq91FM=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=jxeEQRkBZKEpwQTe6W045A/t1tnXvzNMNOUKQiJlIYn+Vdt6NbuM+haqJNienqq9P gA0mpYlMP4ebBgGbBqC5l7NXdgmjXm5e1y674QtxobOysgTXQmU5EJf2d9d6AKx+jw HvGVVq7lK59fjM0QARstWwTyZsGoOwkH3RJ1xPx0=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 9YVgowsZmAkp; Wed, 25 Oct 2017 18:27:32 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 25 Oct 2017 18:27:31 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id B987E62D29; Wed, 25 Oct 2017 12:27:30 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca B987E62D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id A3F5240D35AF; Wed, 25 Oct 2017 12:27:30 -0400 (EDT)
Date: Wed, 25 Oct 2017 12:27:30 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Ronald Tse <tse@ribose.com>
cc: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
Message-ID: <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8BIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/bBL38EN7t3nZ0QjmtAiJxBdKSmA>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 16:27:41 -0000

On Wed, 25 Oct 2017, Ronald Tse wrote:

> Since bis-02 now formally defines the AEAD packet and an AEAD algorithm registry, I’d like to bring up the topic again of
> adding OCB to the draft given its clear benefits. There have been previous mentions of patent concerns, but OCB is freely
> licensed for open source tools and has been included in libraries like OpenSSL and Botan.

What is the advantage of adding more and more algorithms and variants?

If OCB is clearly a winner over another algorithm candidate to be added,
is the inferior other candidate removed?

Adding algorithms is easy. Removing them is hard. That should raise the
bar for adding new ones.

Paul


From nobody Wed Oct 25 09:47:38 2017
Return-Path: <rick@openfortress.nl>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E9F213F422 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 09:47:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.722
X-Spam-Level: 
X-Spam-Status: No, score=-0.722 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dPYhW1xoVYI for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 09:47:34 -0700 (PDT)
Received: from lb1-smtp-cloud7.xs4all.net (lb1-smtp-cloud7.xs4all.net [194.109.24.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FB8C139546 for <openpgp@ietf.org>; Wed, 25 Oct 2017 09:47:34 -0700 (PDT)
Received: from fame.vanrein.org ([IPv6:2001:980:93a5:1::7]) by smtp-cloud7.xs4all.net with ESMTP id 7Oq3ec5GpVNbY7Oq4eapY4; Wed, 25 Oct 2017 18:47:32 +0200
Received: by fame.vanrein.org (Postfix, from userid 1006) id D4D5B25708; Wed, 25 Oct 2017 16:47:31 +0000 (UTC)
X-Original-To: openpgp@ietf.org
Received: from airhead.local (phantom.vanrein.org [83.161.146.46]) by fame.vanrein.org (Postfix) with ESMTPA id 5CD8F256FF; Wed, 25 Oct 2017 16:47:18 +0000 (UTC)
Message-ID: <59F0C015.2050303@openfortress.nl>
Date: Wed, 25 Oct 2017 18:47:17 +0200
From: Rick van Rein <rick@openfortress.nl>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Paul Wouters <paul@nohats.ca>
CC: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Bogosity: Unsure, tests=bogofilter, spamicity=0.520000, version=1.2.4
X-CMAE-Envelope: MS4wfJ8JgRCYPx91BRKbKrry031mo8oMcJ5rrQovCGuRVs15GUUmOJRNC0JBTS8BW7SDqzmIoqjORirM77vFQ5sFSfJeI2m8OAOrWyuaRodEFT1/r9nMaHpJ pWBrCfRTPYrFwFVkL12b4wMAnYTD4J+Ak0M+Kv/S29+Xf9YTVNV6HVzfFC4nd0VOFuluL/YuEFo0xA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/cERxhXmR_ua8CsGkSq76FCXtxyk>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 16:47:36 -0000

Hi,

> Adding algorithms is easy. Removing them is hard. That should raise the
> bar for adding new ones.

I second that.  There should be a good reason for adding new algorithms.
(Which is always subjective because it is really helpful to have things
to fall back on when a part fails, security-wise.)

Along the same lines I'm also surprised that no effort has been made to
deprecate 2.x PGP packet formats and public key formats, for instance.
We all know that such old keys don't have a reason to exist anymore,
but we're all still coding the old and new in order to be compliant to
the standards.  Such a waste of time...

-Rick


From nobody Wed Oct 25 18:23:10 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 51FD813F4F0 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:23:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level: 
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UOmiuU7Q6rNa for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:23:05 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0084.outbound.protection.outlook.com [104.47.126.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2351A13B110 for <openpgp@ietf.org>; Wed, 25 Oct 2017 18:23:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=LxBwW96eWk9WxtWUhCkFmx3pejbrt3vHoUbJCVaBjv8=; b=Egy1kv7mQaKtN+giw5N2EkPNRcbTWKTjqcKS/U1ytNCkRP27z3ml+1pwFTocZXvtndh6HPdaOVdA0BqiKW8uih99LBIwDJO9MjbV0xD54+BzjPASVr1Uyvn4a2HOW6ONZotMUBMxqtyUL2VUtmu/Y6Er/uz54MhzZ8XpBZ1OAvc=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Thu, 26 Oct 2017 01:23:00 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17%14]) with mapi id 15.20.0156.007; Thu, 26 Oct 2017 01:23:00 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: Proposed patch to fix missing reference to RFC 7748
Thread-Index: AQHTTfj2A0IMRjmit0ioQkTT2uTbeA==
Date: Thu, 26 Oct 2017 01:23:00 +0000
Message-ID: <B64A40C9-CC5B-4F05-ABBF-5E4D257C621B@ribose.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:CMdMQkqMkEiKJXGZiHss3X6GURRc6IhUxDVc71WIDhVxLgbL1h/Xe5ZkxxByPSJSTN3EPqpWcVPDdLFuJdPtIym97ofOCAG2tpEiGhsTVc547PrUO/SsQ2yYCc3TdEOjWJbMUv2tvdl4jKqsV/wwKuc8b6WC08mdALj7mC758z7THloUcF36RiM+TiwktCkELVJCdodi8IDZzXEZVCTKmcncWgCTL9RhMygGZZDLGAz/MADmAPfRom3eVG6hoiOWG1khO0fIiAD24asiV3qRfnq4Cd8EpuOUUHILmzLdPrV/wBRLeKNdo5q3K2YOgjLnJ/uJao/CfGg3erLDdYRhrw==; 5:jckxE+bUdw/GehYqR1WXJnA3J+l0BPP7GW37K18kYAae1hk+vZwzOmKZrKPkpwDYMFY8e0DgXyUzpSWc4lj049k4OaAYjf7x6iOOp0CBumm07vonYHfXR7bAbNvPziHjCDQ+79phC3UyjM63Rz0nCA==; 24:b+9UWSgvQ5JEOI++tyPyPEkUaGcOM6lapTKDFPOWwPv61sIiEECDZYayLlmh7vfyJJEKskUijSt2pS2Iwne/XuuI5dFSvIATyHo8gnLLvKg=; 7:2mMCuhlRXm+iUdGiueYB180GGFGOA/gTqlVOQXoCPCspiTfWzBT/YXqvmkBzpRi7QG6g3kKL1KEjzAcsrM3uFAWd8UTBijv3c1fvrCko3ZkDvfg0XWOUiWyT+dZO/2n/qjb4UatcrVCTZoxE/3l3rmjSb/N3QFiO06//tAnSw5FIaKavTD+2UqnWOU8mAy/mLiu/9ck/hopR5Wz8WwKAcvm3MiF+70Uu8S2iz0cswFU=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: b976b6bc-96d5-42eb-4781-08d51c1018f1
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:(278428928389397)(192374486261705)(4782527817362); 
x-microsoft-antispam-prvs: <PS1PR01MB10500C85AED4D3E279A15DD7D7450@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3231020)(6041248)(20161123562025)(20161123558100)(2016111802025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123564025)(6043046)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 04724A515E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400002)(376002)(346002)(189002)(199003)(2900100001)(97736004)(478600001)(6506006)(3846002)(6116002)(102836003)(2501003)(5890100001)(5250100002)(83716003)(86362001)(53936002)(54896002)(345774005)(6512007)(236005)(6436002)(99286003)(6306002)(2351001)(316002)(966005)(2906002)(50986999)(54356999)(1730700003)(81166006)(6916009)(33656002)(5660300001)(81156014)(8676002)(106356001)(6486002)(606006)(8936002)(3280700002)(14454004)(3660700001)(68736007)(7736002)(101416001)(5640700003)(82746002)(66066001)(105586002)(25786009)(189998001)(36756003)(403724002); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_B64A40C9CC5B4F05ABBF5E4D257C621Bribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b976b6bc-96d5-42eb-4781-08d51c1018f1
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2017 01:23:00.5063 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/QgIqqKoxzOHJeIwOz19HsdGtFvU>
Subject: [openpgp] Proposed patch to fix missing reference to RFC 7748
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 01:23:08 -0000

--_000_B64A40C9CC5B4F05ABBF5E4D257C621Bribosecom_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Werner,

The current master of the rfc4880bis repository does not build due to missi=
ng reference files for RFC 7748.

The proposed patch can be seen at this link and also attached below:
- https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/7

commit b07f525d32fa22b282232a18699b062df1231460
Author: Ronald Tse <ronald.tse@ribose.com<mailto:ronald.tse@ribose.com>>
Date:   Wed Oct 25 16:42:26 2017 +0800

    Fix missing XML reference to RFC 7748

diff --git a/reference.RFC.7748.xml b/reference.RFC.7748.xml
new file mode 100644
index 0000000..52c9c5a
--- /dev/null
+++ b/reference.RFC.7748.xml
@@ -0,0 +1,14 @@
+<?xml version=3D'1.0' encoding=3D'UTF-8'?>
+
+<reference  anchor=3D'RFC7748' target=3D'https://www.rfc-editor.org/info/r=
fc7748'>
+<front>
+<title>Elliptic Curves for Security</title>
+<author initials=3D'A.' surname=3D'Langley' fullname=3D'A. Langley'><organ=
ization /></author>
+<author initials=3D'M.' surname=3D'Hamburg' fullname=3D'M. Hamburg'><organ=
ization /></author>
+<author initials=3D'S.' surname=3D'Turner' fullname=3D'S. Turner'><organiz=
ation /></author>
+<date year=3D'2016' month=3D'January' />
+<abstract><t>This memo specifies two elliptic curves over prime fields tha=
t offer a high level of practical security in cryptographic applications, i=
ncluding Transport Layer Security (TLS).  These curves are intended to oper=
ate at the ~128-bit and ~224-bit security level, respectively, and are gene=
rated deterministically based on a list of required properties.</t></abstra=
ct>
+</front>
+<seriesInfo name=3D'RFC' value=3D'7748'/>
+<seriesInfo name=3D'DOI' value=3D'10.17487/RFC7748'/>
+</reference>
diff --git a/template.xml b/template.xml
index 51cf425..2527e28 100644
--- a/template.xml
+++ b/template.xml
@@ -22,6 +22,7 @@
   <!ENTITY rfc.5639       PUBLIC '' 'reference.RFC.5639.xml'>
   <!ENTITY rfc.5870       PUBLIC '' 'reference.RFC.5870.xml'>
   <!ENTITY rfc.6090       PUBLIC '' 'reference.RFC.6090.xml'>
+  <!ENTITY rfc.7748       PUBLIC '' 'reference.RFC.7748.xml'>
   <!ENTITY iso.10646      PUBLIC '' 'reference.ISO.10646-1.1993.xml'>
   <!ENTITY eddsa          PUBLIC '' 'reference.I-D.irtf-cfrg-eddsa.xml'>
 ]>
@@ -215,6 +216,7 @@
       &rfc.4086;
       &rfc.5639;
       &rfc.5870;
+      &rfc.7748;

       &eddsa;


_____________________________________

Ronald Tse
Ribose Inc.

+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+
This message may contain confidential and/or privileged
information.  If you are not the addressee or authorized to
receive this for the addressee, you must not use, copy,
disclose or take any action based on this message or any
information herein.  If you have received this message in
error, please advise the sender immediately by reply e-mail
and delete this message.  Thank you for your cooperation.
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+


--_000_B64A40C9CC5B4F05ABBF5E4D257C621Bribosecom_
Content-Type: text/html; charset="us-ascii"
Content-ID: <D2A1AE97408BE542B22CF8391A31A347@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; line-break:=
 after-white-space;" class=3D"">
Hi Werner,
<div class=3D""><br class=3D"">
</div>
<div class=3D"">The current master of the rfc4880bis repository does not bu=
ild due to missing reference files for RFC 7748.
<div class=3D""><br class=3D"">
</div>
<div class=3D"">The proposed patch can be seen at this link and also attach=
ed below:</div>
<div class=3D"">- <a href=3D"https://gitlab.com/openpgp-wg/rfc4880bis/merge=
_requests/7" class=3D"">
https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/7</a></div>
<div class=3D""><br class=3D"">
</div>
<div class=3D"">commit b07f525d32fa22b282232a18699b062df1231460<br class=3D=
"">
Author: Ronald Tse &lt;<a href=3D"mailto:ronald.tse@ribose.com" class=3D"">=
ronald.tse@ribose.com</a>&gt;<br class=3D"">
Date:&nbsp;&nbsp;&nbsp;Wed Oct 25 16:42:26 2017 &#43;0800<br class=3D"">
<br class=3D"">
&nbsp; &nbsp;&nbsp;Fix missing XML reference to RFC 7748<br class=3D"">
<br class=3D"">
diff --git a/reference.RFC.7748.xml b/reference.RFC.7748.xml<br class=3D"">
new file mode 100644<br class=3D"">
index 0000000..52c9c5a<br class=3D"">
--- /dev/null<br class=3D"">
&#43;&#43;&#43; b/reference.RFC.7748.xml<br class=3D"">
@@ -0,0 &#43;1,14 @@<br class=3D"">
&#43;&lt;?xml version=3D'1.0' encoding=3D'UTF-8'?&gt;<br class=3D"">
&#43;<br class=3D"">
&#43;&lt;reference&nbsp;&nbsp;anchor=3D'RFC7748' target=3D'<a href=3D"https=
://www.rfc-editor.org/info/rfc7748" class=3D"">https://www.rfc-editor.org/i=
nfo/rfc7748</a>'&gt;<br class=3D"">
&#43;&lt;front&gt;<br class=3D"">
&#43;&lt;title&gt;Elliptic Curves for Security&lt;/title&gt;<br class=3D"">
&#43;&lt;author initials=3D'A.' surname=3D'Langley' fullname=3D'A. Langley'=
&gt;&lt;organization /&gt;&lt;/author&gt;<br class=3D"">
&#43;&lt;author initials=3D'M.' surname=3D'Hamburg' fullname=3D'M. Hamburg'=
&gt;&lt;organization /&gt;&lt;/author&gt;<br class=3D"">
&#43;&lt;author initials=3D'S.' surname=3D'Turner' fullname=3D'S. Turner'&g=
t;&lt;organization /&gt;&lt;/author&gt;<br class=3D"">
&#43;&lt;date year=3D'2016' month=3D'January' /&gt;<br class=3D"">
&#43;&lt;abstract&gt;&lt;t&gt;This memo specifies two elliptic curves over =
prime fields that&nbsp;offer a high level of practical security in cryptogr=
aphic applications,&nbsp;including Transport Layer Security (TLS).&nbsp;&nb=
sp;These curves are intended to operate&nbsp;at the ~128-bit and ~224-bit
 security level, respectively, and are generated&nbsp;deterministically bas=
ed on a list of required properties.&lt;/t&gt;&lt;/abstract&gt;<br class=3D=
"">
&#43;&lt;/front&gt;<br class=3D"">
&#43;&lt;seriesInfo name=3D'RFC' value=3D'7748'/&gt;<br class=3D"">
&#43;&lt;seriesInfo name=3D'DOI' value=3D'10.17487/RFC7748'/&gt;<br class=
=3D"">
&#43;&lt;/reference&gt;<br class=3D"">
diff --git a/template.xml b/template.xml<br class=3D"">
index 51cf425..2527e28 100644<br class=3D"">
--- a/template.xml<br class=3D"">
&#43;&#43;&#43; b/template.xml<br class=3D"">
@@ -22,6 &#43;22,7 @@<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.5639&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.5639.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.5870&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.5870.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.6090&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.6090.xml'&gt;<br class=3D"">
&#43;&nbsp;&nbsp;&lt;!ENTITY rfc.7748&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC=
 '' 'reference.RFC.7748.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY iso.10646&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' 'refe=
rence.ISO.10646-1.1993.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY eddsa&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;PUBLI=
C '' 'reference.I-D.irtf-cfrg-eddsa.xml'&gt;<br class=3D"">
&nbsp;]&gt;<br class=3D"">
@@ -215,6 &#43;216,7 @@<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.4086;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.5639;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.5870;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&amp;rfc.7748;<br class=3D"">
&nbsp;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;eddsa;<br class=3D"">
&nbsp;<br class=3D"">
<br class=3D"">
<div class=3D"">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;" class=3D"">
_____________________________________<br class=3D"">
<br class=3D"">
Ronald Tse<br class=3D"">
Ribose Inc.<br class=3D"">
<br class=3D"">
&#43;=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D&#43;<br class=3D"">
This message may contain confidential and/or privileged<br class=3D"">
information. &nbsp;If you are not the addressee or authorized to<br class=
=3D"">
receive this for the addressee, you must not use, copy,<br class=3D"">
disclose or take any action based on this message or any<br class=3D"">
information herein. &nbsp;If you have received this message in<br class=3D"=
">
error, please advise the sender immediately by reply e-mail<br class=3D"">
and delete this message. &nbsp;Thank you for your cooperation.<br class=3D"=
">
&#43;=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D&#43;</div>
</div>
<br class=3D"">
</div>
</div>
</body>
</html>

--_000_B64A40C9CC5B4F05ABBF5E4D257C621Bribosecom_--


From nobody Wed Oct 25 18:25:37 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F923139D0B for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:25:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level: 
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6BDL32MC02hp for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:25:32 -0700 (PDT)
Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01on0062.outbound.protection.outlook.com [104.47.125.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47484139689 for <openpgp@ietf.org>; Wed, 25 Oct 2017 18:25:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=iPWfB7SQE/gSOfL9/vpClT5yuD7pLXc/2dxpMWmGlRE=; b=a7cbf1etbf3ODHmWfyWnh87uECJTfUyghkvCULqRMHh4J5KGshRE612vgvHswrwCN3n8wDHke8n8V2GpQi5QMg1u6guIOJDDDKNZkl5pSiuCGKVN4F2bcetZHhYzb6tA+2d9DGwX3xM4ERhrAlShwffWdTaro0L1roVltoV9FAQ=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Thu, 26 Oct 2017 01:25:28 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17%14]) with mapi id 15.20.0156.007; Thu, 26 Oct 2017 01:25:28 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: Proposed patch to add OCB to AEAD section
Thread-Index: AQHTTflO/pfJTU25R0aWPpY2ootd9A==
Date: Thu, 26 Oct 2017 01:25:27 +0000
Message-ID: <87F231F7-04A6-485A-822F-B6BFFD13C6DE@ribose.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:1gLRIe3VzhgLSotcXI9fwkI0yVFCbY5ZRjluxNBGiLbbubJa4xmPVrE+1tBkfEGrf/rRKZB2FA1Z/uTq9VrmGxq+JG2/tUNBTjWtkNtucnWe+qX0dWl2FI9UKwY631U4136LIcJ/aJ/vCM8/7tDv+y0Mc+buGSXv2uzhjbcdHgYSFrm9zulwiW2uKtuxBNDd3INSCRJfT8boDwjl8mMYMZWcjiNrnzup7bkd2CEzIDu2crWVG//60Wl+QODfbA0DcogS2vrY6Py8GFKpcq03GO50yzGm6MPke85L3WaN7+l1owFIUj65U4CVwWOZw9EUFeXADft4yGncon+0ufHC+w==; 5:PpJZNC6ferTp+UuFkMuEFILbamXSxtnCLwmK8qJRqwWtAKsO5CsRpO73A/9k2LHWrER8v4J0d/5z2E/+lMa6ZLpuNLC7SEJSDAjsBP4i+ACkQViO2SQUOkwZpsYsodeENe0UwuQ726wLrzEQWlaF9Q==; 24:P3f57h+FaO0arE0d7OmvDg4ZOEypkzvYejS3+56oUnf3vpCL5uRMciX8BdlHFrNHui3bWNsrqT5RabdxG0d34j+93ey3HX3VOLnH8EPNHWQ=; 7:m6BpI141ENIWGKkTni8K5LVKZhTdx0qsTLyTZOtc4KhWgSW7GUDvm43QeXmbRfGDRUpfQVRWQIo6AikBpOqNb989+M5JFFOukAxLyTgNd222sDRqJ/n/mBBqc0J+22gcBH/f8Uc/jLy3PV+uvxTSiq2SoYS8bIvGFwCI9MhJBtZRn6pU1qjw12H4RIBpjiADoL4ovzb7kw20g9bTUygtNdZzhdj/3IGlRYMHzHJN9uo=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 4f16847e-f1ac-404d-c174-08d51c1070d5
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:(192374486261705)(4782527817362);
x-microsoft-antispam-prvs: <PS1PR01MB105025648C6AD0A1C65B5851D7450@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3231020)(6041248)(20161123562025)(20161123558100)(2016111802025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123564025)(6043046)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 04724A515E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400002)(376002)(346002)(189002)(199003)(2900100001)(97736004)(478600001)(6506006)(3846002)(6116002)(102836003)(2501003)(5890100001)(5250100002)(83716003)(86362001)(53936002)(54896002)(345774005)(6512007)(236005)(6436002)(99286003)(6306002)(2351001)(316002)(575784001)(966005)(2906002)(50986999)(54356999)(1730700003)(81166006)(6916009)(33656002)(5660300001)(81156014)(8676002)(106356001)(6486002)(606006)(8936002)(3280700002)(14454004)(3660700001)(68736007)(7736002)(101416001)(5640700003)(82746002)(66066001)(105586002)(25786009)(189998001)(36756003)(403724002); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_87F231F704A6485A822FB6BFFD13C6DEribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4f16847e-f1ac-404d-c174-08d51c1070d5
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2017 01:25:27.9029 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/wsZ0byzA1qTTsqKEMDoLqo595uw>
Subject: [openpgp] Proposed patch to add OCB to AEAD section
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 01:25:35 -0000

--_000_87F231F704A6485A822FB6BFFD13C6DEribosecom_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi openpgp WGers,

This is the proposed patch to add OCB to 4880bis.

The proposed patch can be seen at this link and also attached below:
- https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/8<https://gitlab.=
com/openpgp-wg/rfc4880bis/merge_requests/7>

commit 74052ffc18c60d5388475a34ffb78d82b3cecd65
Author: Ronald Tse <ronald.tse@ribose.com<mailto:ronald.tse@ribose.com>>
Date:   Wed Oct 25 17:01:25 2017 +0800

    Propose addition of OCB mode to AEAD.

diff --git a/middle.mkd b/middle.mkd
index 686c1cf..835906b 100644
--- a/middle.mkd
+++ b/middle.mkd
@@ -2645,8 +2645,7 @@ A new random initialization vector MUST be used for e=
ach message.

 ### EAX Mode

-The only currently defined AEAD algorithm is EAX Mode
-[](#EAX).  This algorithm can only use block ciphers with 16-octet
+The EAX algorithm can only use block ciphers with 16-octet
 blocks.  The starting initialization vector and authentication tag are
 both 16 octets long.

@@ -2660,6 +2659,51 @@ exclusive-oring the low eight octets of it with the =
chunk index.
 The security of EAX requires that the nonce is never reused, hence the
 requirement that the starting initialization vector be unique.

+
+### OCB Mode
+
+The OCB Authenticated-Encryption Algorithm used in this document is
+defined in [](#RFC7253).
+
+OCB was initially defined in [](#OCB1) (now called "OCB1") for
+authenticated encryption, then as an authenticated encryption with
+associated data algorithm with tweakable blockciphers in [](#OCB2)
+("OCB2"), and finally with performance enhancements as [](#OCB3)
+("OCB3").
+
+The [](#RFC7253) algorithm differs from "OCB3" such that tag length
+is encoded into the internally formatted nonce.
+
+OCB usage requires specification of the following parameters:
+
+  * a blockcipher that operate on 128-bit (16-octet) blocks
+  * an authentication tag length of 128 bits
+
+While OCB [](#RFC7253) allows the authentication tag length to be of
+any number up to 128 bits long, this document requires a fixed
+authentication tag length of 128 bits (16 octets) for simplicity.
+
+The nonce for a chunk of chunk index "i" in OCB processing is defined
+as:
+
+    OCB-Nonce_{i} =3D IV[1..120] xor i
+
+Where,
+
+  * IV is the initialization vector of the message;
+  * IV[i..j] is the substring of IV consisting of bits i through j,
+    inclusive, in big-endian format.
+
+The value of OCB-Nonce_{i} is always 120 bits (15 octets) long as the
+longest allowed nonce length of OCB mode according to [](#RFC7253).
+
+Security of OCB mode depends on the non-repeated nature of nonces used
+for the same key on distinct plaintext [](#RFC7253). Therefore the
+initialization vector per message MUST be distinct, and OCB mode
+SHOULD only be used in environments when there is certainty to
+fulfilling this requirement.
+
+
 # {6}  Radix-64 Conversions

 As stated in the introduction, OpenPGP's underlying native
@@ -3214,10 +3258,11 @@ SHOULD NOT use MD5 or RIPE-MD/160.
        ID  Algorithm
  --------  ---------
         1  EAX [](#EAX)
+        2  OCB [](#RFC7253)
  100--110  Private/Experimental algorithm

 Implementations MUST implement EAX.  Implementations MAY implement
-other algorithms.
+OCB and other algorithms.

 # {10} IANA Considerations

diff --git a/reference.RFC.7253.xml b/reference.RFC.7253.xml
new file mode 100644
index 0000000..5e8cdf3
--- /dev/null
+++ b/reference.RFC.7253.xml
@@ -0,0 +1,13 @@
+<?xml version=3D'1.0' encoding=3D'UTF-8'?>
+
+<reference  anchor=3D'RFC7253' target=3D'https://www.rfc-editor.org/info/r=
fc7253'>
+<front>
+<title>The OCB Authenticated-Encryption Algorithm</title>
+<author initials=3D'T.' surname=3D'Krovetz' fullname=3D'T. Krovetz'><organ=
ization /></author>
+<author initials=3D'P.' surname=3D'Rogaway' fullname=3D'P. Rogaway'><organ=
ization /></author>
+<date year=3D'2014' month=3D'May' />
+<abstract><t>This document specifies OCB, a shared-key blockcipher-based e=
ncryption scheme that provides confidentiality and authenticity for plainte=
xts and authenticity for associated data.  This document is a product of th=
e Crypto Forum Research Group (CFRG).</t></abstract>
+</front>
+<seriesInfo name=3D'RFC' value=3D'7253'/>
+<seriesInfo name=3D'DOI' value=3D'10.17487/RFC7253'/>
+</reference>
diff --git a/template.xml b/template.xml
index 2527e28..28f0cac 100644
--- a/template.xml
+++ b/template.xml
@@ -22,6 +22,7 @@
   <!ENTITY rfc.5639       PUBLIC '' 'reference.RFC.5639.xml'>
   <!ENTITY rfc.5870       PUBLIC '' 'reference.RFC.5870.xml'>
   <!ENTITY rfc.6090       PUBLIC '' 'reference.RFC.6090.xml'>
+  <!ENTITY rfc.7253       PUBLIC '' 'reference.RFC.7253.xml'>
   <!ENTITY rfc.7748       PUBLIC '' 'reference.RFC.7748.xml'>
   <!ENTITY iso.10646      PUBLIC '' 'reference.ISO.10646-1.1993.xml'>
   <!ENTITY eddsa          PUBLIC '' 'reference.I-D.irtf-cfrg-eddsa.xml'>
@@ -102,7 +103,35 @@
         <author surname=3D"Wagner" initials=3D"D." />
         <date year=3D"2003" month=3D"April" />
         </front>
-    </reference>
+      </reference>
+
+      <reference anchor=3D'OCB1'>
+        <front>
+        <title>OCB: A Block-Cipher Mode of Operation for Efficient Authent=
icated Encryption</title>
+        <author surname=3D"Rogaway" initials=3D"P." />
+        <author surname=3D"Bellare" initials=3D"M." />
+        <author surname=3D"Black" initials=3D"J." />
+        <author surname=3D"Krovetz" initials=3D"T." />
+        <date year=3D"2001" month=3D"April" />
+        </front>
+      </reference>
+
+      <reference anchor=3D'OCB2'>
+        <front>
+        <title>Efficient Instantiations of Tweakable Blockciphers and Refi=
nements to Modes OCB and PMAC.</title>
+        <author surname=3D"Rogaway" initials=3D"P." />
+        <date year=3D"2004" month=3D"April" />
+        </front>
+      </reference>
+
+      <reference anchor=3D'OCB3'>
+        <front>
+        <title>The Software Performance of Authenticated-Encryption Modes<=
/title>
+        <author surname=3D"Krovetz" initials=3D"T." />
+        <author surname=3D"Rogaway" initials=3D"P." />
+        <date year=3D"2011" month=3D"April" />
+        </front>
+      </reference>

       <reference anchor=3D'ELGAMAL'>
         <front>
@@ -216,6 +245,7 @@
       &rfc.4086;
       &rfc.5639;
       &rfc.5870;
+      &rfc.7253;
       &rfc.7748;

       &eddsa;

_____________________________________

Ronald Tse
Ribose Inc.

+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+
This message may contain confidential and/or privileged
information.  If you are not the addressee or authorized to
receive this for the addressee, you must not use, copy,
disclose or take any action based on this message or any
information herein.  If you have received this message in
error, please advise the sender immediately by reply e-mail
and delete this message.  Thank you for your cooperation.
+=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+


--_000_87F231F704A6485A822FB6BFFD13C6DEribosecom_
Content-Type: text/html; charset="us-ascii"
Content-ID: <F3590687CC6919428A63CFE21265F9F2@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; line-break:=
 after-white-space;" class=3D"">
<div style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; line-break: =
after-white-space;" class=3D"">
Hi openpgp WGers,
<div class=3D""><br class=3D"">
</div>
<div class=3D"">This is the proposed patch to add OCB to 4880bis.
<div class=3D""><br class=3D"">
</div>
<div class=3D"">The proposed patch can be seen at this link and also attach=
ed below:</div>
<div class=3D"">- <a href=3D"https://gitlab.com/openpgp-wg/rfc4880bis/merge=
_requests/7" class=3D"">
https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/8</a></div>
<div class=3D""><br class=3D"">
</div>
<div class=3D"">
<div class=3D"">commit 74052ffc18c60d5388475a34ffb78d82b3cecd65<br class=3D=
"">
Author: Ronald Tse &lt;<a href=3D"mailto:ronald.tse@ribose.com" class=3D"">=
ronald.tse@ribose.com</a>&gt;<br class=3D"">
Date:&nbsp;&nbsp;&nbsp;Wed Oct 25 17:01:25 2017 &#43;0800<br class=3D"">
<br class=3D"">
&nbsp; &nbsp;&nbsp;Propose addition of OCB mode to AEAD.<br class=3D"">
<br class=3D"">
diff --git a/middle.mkd b/middle.mkd<br class=3D"">
index 686c1cf..835906b 100644<br class=3D"">
--- a/middle.mkd<br class=3D"">
&#43;&#43;&#43; b/middle.mkd<br class=3D"">
@@ -2645,8 &#43;2645,7 @@ A new random initialization vector MUST be used f=
or each&nbsp;message.<br class=3D"">
&nbsp;<br class=3D"">
&nbsp;### EAX Mode<br class=3D"">
&nbsp;<br class=3D"">
-The only currently defined AEAD algorithm is EAX Mode<br class=3D"">
-[](#EAX).&nbsp;&nbsp;This algorithm can only use block ciphers with 16-oct=
et<br class=3D"">
&#43;The EAX algorithm can only use block ciphers with 16-octet<br class=3D=
"">
&nbsp;blocks.&nbsp;&nbsp;The starting initialization vector and authenticat=
ion tag are<br class=3D"">
&nbsp;both 16 octets long.<br class=3D"">
&nbsp;<br class=3D"">
@@ -2660,6 &#43;2659,51 @@ exclusive-oring the low eight octets of it with =
the chunk&nbsp;index.<br class=3D"">
&nbsp;The security of EAX requires that the nonce is never reused, hence th=
e<br class=3D"">
&nbsp;requirement that the starting initialization vector be unique.<br cla=
ss=3D"">
&nbsp;<br class=3D"">
&#43;<br class=3D"">
&#43;### OCB Mode<br class=3D"">
&#43;<br class=3D"">
&#43;The OCB Authenticated-Encryption Algorithm used in this document is<br=
 class=3D"">
&#43;defined in [](#RFC7253).<br class=3D"">
&#43;<br class=3D"">
&#43;OCB was initially defined in [](#OCB1) (now called &quot;OCB1&quot;) f=
or<br class=3D"">
&#43;authenticated encryption, then as an authenticated encryption with<br =
class=3D"">
&#43;associated data algorithm with tweakable blockciphers in [](#OCB2)<br =
class=3D"">
&#43;(&quot;OCB2&quot;), and finally with performance enhancements as [](#O=
CB3)<br class=3D"">
&#43;(&quot;OCB3&quot;).<br class=3D"">
&#43;<br class=3D"">
&#43;The [](#RFC7253) algorithm differs from &quot;OCB3&quot; such that tag=
 length<br class=3D"">
&#43;is encoded into the internally formatted nonce.<br class=3D"">
&#43;<br class=3D"">
&#43;OCB usage requires specification of the following parameters:<br class=
=3D"">
&#43;<br class=3D"">
&#43;&nbsp;&nbsp;* a blockcipher that operate on 128-bit (16-octet) blocks<=
br class=3D"">
&#43;&nbsp;&nbsp;* an authentication tag length of 128 bits<br class=3D"">
&#43;<br class=3D"">
&#43;While OCB [](#RFC7253) allows the authentication tag length to be of<b=
r class=3D"">
&#43;any number up to 128 bits long, this document requires a fixed<br clas=
s=3D"">
&#43;authentication tag length of 128 bits (16 octets) for simplicity.<br c=
lass=3D"">
&#43;<br class=3D"">
&#43;The nonce for a chunk of chunk index &quot;i&quot; in OCB processing i=
s defined<br class=3D"">
&#43;as:<br class=3D"">
&#43;<br class=3D"">
&#43;&nbsp; &nbsp;&nbsp;OCB-Nonce_{i} =3D IV[1..120] xor i<br class=3D"">
&#43;<br class=3D"">
&#43;Where,<br class=3D"">
&#43;<br class=3D"">
&#43;&nbsp;&nbsp;* IV is the initialization vector of the message;<br class=
=3D"">
&#43;&nbsp;&nbsp;* IV[i..j] is the substring of IV consisting of bits i thr=
ough j,<br class=3D"">
&#43;&nbsp; &nbsp;&nbsp;inclusive, in big-endian format.<br class=3D"">
&#43;<br class=3D"">
&#43;The value of OCB-Nonce_{i} is always 120 bits (15 octets) long as the<=
br class=3D"">
&#43;longest allowed nonce length of OCB mode according to [](#RFC7253).<br=
 class=3D"">
&#43;<br class=3D"">
&#43;Security of OCB mode depends on the non-repeated nature of nonces used=
<br class=3D"">
&#43;for the same key on distinct plaintext [](#RFC7253). Therefore the<br =
class=3D"">
&#43;initialization vector per message MUST be distinct, and OCB mode<br cl=
ass=3D"">
&#43;SHOULD only be used in environments when there is certainty to<br clas=
s=3D"">
&#43;fulfilling this requirement.<br class=3D"">
&#43;<br class=3D"">
&#43;<br class=3D"">
&nbsp;# {6}&nbsp;&nbsp;Radix-64 Conversions<br class=3D"">
&nbsp;<br class=3D"">
&nbsp;As stated in the introduction, OpenPGP's underlying native<br class=
=3D"">
@@ -3214,10 &#43;3258,11 @@ SHOULD NOT use MD5 or RIPE-MD/160.<br class=3D"=
">
&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;ID&nbsp;&nbsp;Algorithm<br class=3D"">
&nbsp;&nbsp;--------&nbsp;&nbsp;---------<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;1&nbsp;&nbsp;EAX [](#EAX)<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;2&nbsp;&nbsp;OCB [](#RFC7253)<br clas=
s=3D"">
&nbsp;&nbsp;100--110&nbsp;&nbsp;Private/Experimental algorithm<br class=3D"=
">
&nbsp;<br class=3D"">
&nbsp;Implementations MUST implement EAX.&nbsp;&nbsp;Implementations MAY im=
plement<br class=3D"">
-other algorithms.<br class=3D"">
&#43;OCB and other algorithms.<br class=3D"">
&nbsp;<br class=3D"">
&nbsp;# {10} IANA Considerations<br class=3D"">
&nbsp;<br class=3D"">
diff --git a/reference.RFC.7253.xml b/reference.RFC.7253.xml<br class=3D"">
new file mode 100644<br class=3D"">
index 0000000..5e8cdf3<br class=3D"">
--- /dev/null<br class=3D"">
&#43;&#43;&#43; b/reference.RFC.7253.xml<br class=3D"">
@@ -0,0 &#43;1,13 @@<br class=3D"">
&#43;&lt;?xml version=3D'1.0' encoding=3D'UTF-8'?&gt;<br class=3D"">
&#43;<br class=3D"">
&#43;&lt;reference&nbsp;&nbsp;anchor=3D'RFC7253' target=3D'<a href=3D"https=
://www.rfc-editor.org/info/rfc7253" class=3D"">https://www.rfc-editor.org/i=
nfo/rfc7253</a>'&gt;<br class=3D"">
&#43;&lt;front&gt;<br class=3D"">
&#43;&lt;title&gt;The OCB Authenticated-Encryption Algorithm&lt;/title&gt;<=
br class=3D"">
&#43;&lt;author initials=3D'T.' surname=3D'Krovetz' fullname=3D'T. Krovetz'=
&gt;&lt;organization /&gt;&lt;/author&gt;<br class=3D"">
&#43;&lt;author initials=3D'P.' surname=3D'Rogaway' fullname=3D'P. Rogaway'=
&gt;&lt;organization /&gt;&lt;/author&gt;<br class=3D"">
&#43;&lt;date year=3D'2014' month=3D'May' /&gt;<br class=3D"">
&#43;&lt;abstract&gt;&lt;t&gt;This document specifies OCB, a shared-key blo=
ckcipher-based encryption&nbsp;scheme that provides confidentiality and aut=
henticity for plaintexts and authenticity&nbsp;for associated data.&nbsp;&n=
bsp;This document is a product of the Crypto Forum Research Group&nbsp;(CFR=
G).&lt;/t&gt;&lt;/abstract&gt;<br class=3D"">
&#43;&lt;/front&gt;<br class=3D"">
&#43;&lt;seriesInfo name=3D'RFC' value=3D'7253'/&gt;<br class=3D"">
&#43;&lt;seriesInfo name=3D'DOI' value=3D'10.17487/RFC7253'/&gt;<br class=
=3D"">
&#43;&lt;/reference&gt;<br class=3D"">
diff --git a/template.xml b/template.xml<br class=3D"">
index 2527e28..28f0cac 100644<br class=3D"">
--- a/template.xml<br class=3D"">
&#43;&#43;&#43; b/template.xml<br class=3D"">
@@ -22,6 &#43;22,7 @@<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.5639&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.5639.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.5870&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.5870.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.6090&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.6090.xml'&gt;<br class=3D"">
&#43;&nbsp;&nbsp;&lt;!ENTITY rfc.7253&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC=
 '' 'reference.RFC.7253.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY rfc.7748&nbsp;&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' =
'reference.RFC.7748.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY iso.10646&nbsp; &nbsp; &nbsp;&nbsp;PUBLIC '' 'refe=
rence.ISO.10646-1.1993.xml'&gt;<br class=3D"">
&nbsp; &nbsp;&lt;!ENTITY eddsa&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;PUBLI=
C '' 'reference.I-D.irtf-cfrg-eddsa.xml'&gt;<br class=3D"">
@@ -102,7 &#43;103,35 @@<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;author surname=3D&quot;Wagner&quot; i=
nitials=3D&quot;D.&quot; /&gt;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;date year=3D&quot;2003&quot; month=3D=
&quot;April&quot; /&gt;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;/front&gt;<br class=3D"">
-&nbsp; &nbsp;&nbsp;&lt;/reference&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;/reference&gt;<br class=3D"">
&#43;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;reference anchor=3D'OCB1'&gt;<br class=
=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;title&gt;OCB: A Block-Cipher Mode=
 of Operation for Efficient Authenticated&nbsp;Encryption&lt;/title&gt;<br =
class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Rogaway&qu=
ot; initials=3D&quot;P.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Bellare&qu=
ot; initials=3D&quot;M.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Black&quot=
; initials=3D&quot;J.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Krovetz&qu=
ot; initials=3D&quot;T.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;date year=3D&quot;2001&quot; mont=
h=3D&quot;April&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;/front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;/reference&gt;<br class=3D"">
&#43;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;reference anchor=3D'OCB2'&gt;<br class=
=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;title&gt;Efficient Instantiations=
 of Tweakable Blockciphers and Refinements to&nbsp;Modes OCB and PMAC.&lt;/=
title&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Rogaway&qu=
ot; initials=3D&quot;P.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;date year=3D&quot;2004&quot; mont=
h=3D&quot;April&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;/front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;/reference&gt;<br class=3D"">
&#43;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;reference anchor=3D'OCB3'&gt;<br class=
=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;title&gt;The Software Performance=
 of Authenticated-Encryption Modes&lt;/title&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Krovetz&qu=
ot; initials=3D&quot;T.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;author surname=3D&quot;Rogaway&qu=
ot; initials=3D&quot;P.&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;date year=3D&quot;2011&quot; mont=
h=3D&quot;April&quot; /&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&lt;/front&gt;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&lt;/reference&gt;<br class=3D"">
&nbsp;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&lt;reference anchor=3D'ELGAMAL'&gt;<br class=3D=
"">
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;front&gt;<br class=3D"">
@@ -216,6 &#43;245,7 @@<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.4086;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.5639;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.5870;<br class=3D"">
&#43;&nbsp; &nbsp; &nbsp;&nbsp;&amp;rfc.7253;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;rfc.7748;<br class=3D"">
&nbsp;<br class=3D"">
&nbsp; &nbsp; &nbsp; &nbsp;&amp;eddsa;<br class=3D"">
<br class=3D"">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; t=
ext-align: start; text-indent: 0px; text-transform: none; white-space: norm=
al; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-w=
rap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-=
space;" class=3D"">
_____________________________________<br class=3D"">
<br class=3D"">
Ronald Tse<br class=3D"">
Ribose Inc.<br class=3D"">
<br class=3D"">
&#43;=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D&#43;<br class=3D"">
This message may contain confidential and/or privileged<br class=3D"">
information. &nbsp;If you are not the addressee or authorized to<br class=
=3D"">
receive this for the addressee, you must not use, copy,<br class=3D"">
disclose or take any action based on this message or any<br class=3D"">
information herein. &nbsp;If you have received this message in<br class=3D"=
">
error, please advise the sender immediately by reply e-mail<br class=3D"">
and delete this message. &nbsp;Thank you for your cooperation.<br class=3D"=
">
&#43;=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D&#43;</div>
</div>
<br class=3D"">
</div>
</div>
</div>
</body>
</html>

--_000_87F231F704A6485A822FB6BFFD13C6DEribosecom_--


From nobody Wed Oct 25 18:34:34 2017
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D89313A5AF for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:34:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level: 
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SaIZPc-gcUIZ for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:34:30 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1CAE139689 for <openpgp@ietf.org>; Wed, 25 Oct 2017 18:34:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1508981669; x=1540517669; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=bqJt3WD9M/ZhzlZUAIk63dLJJG3+yHh4Vslzn3R+zFM=; b=V0a1p2IDbSjM6H14s9HMfxZQXonVZV+wfQW1Lm0ifVPJUVBrBeFydmgR r+ihmKV39RJGhgADpuSfTCe36cJceL/8GfuHjZ/Bmu3+Zsh9F0sw39UaL GKNxwB0PpzP33wEB+NFXQ5SDzNXuL3vNYOGz/4tUZUb19ahPp206JNTSz WDMx9rcJZlQBtmhvIRpRvIIERFLJgQ2nthhAMQTIsUeQvLQ53llLUaS8X VJhpDMCR8HZfN7lt/9/TkMxAj13B0lK1VMRMIBslBY1i8/MctbunLfKQX uDUZCdis/4DRfbqQREgAk0NOygfJzrr5MWKn9mqvws69Ofac7q1fQZw44 w==;
X-IronPort-AV: E=Sophos;i="5.43,433,1503316800"; d="scan'208";a="191924488"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.4 - Outgoing - Outgoing
Received: from uxcn13-tdc-c.uoa.auckland.ac.nz ([10.6.3.4]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 26 Oct 2017 14:34:26 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-c.UoA.auckland.ac.nz (10.6.3.4) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Thu, 26 Oct 2017 14:34:26 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1263.000; Thu, 26 Oct 2017 14:34:26 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5w45VH0tw2ky7nHf16p0Us6L1We9k
Date: Thu, 26 Oct 2017 01:34:26 +0000
Message-ID: <1508981649515.71466@cs.auckland.ac.nz>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
In-Reply-To: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/NYCrsds2w7rBCIiuItx1q9qzGpc>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 01:34:32 -0000

Ronald Tse <tse@ribose.com> writes:=0A=
=0A=
>There have been previous mentions of patent concerns, but OCB is freely=0A=
>licensed for open source tools and has been included in libraries like=0A=
>OpenSSL and Botan.=0A=
=0A=
It's a lot more problematic than that.  While I support the OCB patent=0A=
holder's stand on a moral basis, the licensing unfortunately makes it=0A=
impossible to use for general software, which is a real shame because it's =
a=0A=
very nice crypto mechanism.  Examples of some general-purpose uses of crypt=
o=0A=
and how the license affects them:=0A=
=0A=
Banking: No, because members of the military might be customers.=0A=
=0A=
Email: No, because it might go to/come from a .mil address.=0A=
=0A=
Ordering a pizza online: No, because it might be sent to a military base.=
=0A=
=0A=
(Some of these are from actual legal analyses of the implications of using =
it,=0A=
not just me coming up with corner cases).=0A=
=0A=
IDEA had the same problem, it was more or less OK to use in open-source typ=
e=0A=
software, but was still sufficiently problematic that it was removed from=
=0A=
OpenPGP.  It's the same with OCB, the license terms require that you track=
=0A=
every single use and user of the software in order to verify that the use i=
s=0A=
non-infringing.  That makes it unusable for real-world purposes, i.e. where=
=0A=
commercial entities are involved.=0A=
=0A=
Peter.=0A=
=0A=


From nobody Wed Oct 25 18:47:07 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B04AD13B144 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:47:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level: 
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iGkiy6Zfdu85 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 18:46:57 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0078.outbound.protection.outlook.com [104.47.126.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF475139689 for <openpgp@ietf.org>; Wed, 25 Oct 2017 18:46:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Cn+rR6fyLSodE4Xj40G6MMOoTX89jRFANwkw4hDFs1Q=; b=l63RrMDx+xe3IZppj7R7ACexYlK1VlhP34rvmAflNEzQQRgp2L9EtJpYZG9psbbMZxZ7ltswT1s8Chzush8IRsSNhu6Ksto9V4mHt4d4CCiAO2875I0W03ZgSq/D0zLCky/knbxTcGaSPscuqc8phaWTNJOl79b2SqHnyiwMVGU=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1052.apcprd01.prod.exchangelabs.com (10.165.211.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Thu, 26 Oct 2017 01:46:52 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17%14]) with mapi id 15.20.0156.007; Thu, 26 Oct 2017 01:46:52 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL0wWoAgAAFh4CAAJbBgA==
Date: Thu, 26 Oct 2017 01:46:52 +0000
Message-ID: <4DDC897E-C632-4C2C-A741-F02EA51DD385@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl>
In-Reply-To: <59F0C015.2050303@openfortress.nl>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1052; 6:MWgP6R9PuU3/UKp+S8KpWEp1BySOU092R5JN5oVit7hoHXPmbvwFKEKDOdJuWaxCjHY+w96s+ZGlgbPxb7MFoNq6hae6WeYFsXu881l5Ql0KcFY7fYdmGB+6xL9cM4O9rf88KCTNe9UvUd3CDJEU4VfXeMnGbGfcz94XrUzEJh6BKSBrOmUAEKHlL4bfpbRq0EobX1Xi3E9RiLehq11BwcD+9CxzkMUBlm/oULaInGbvBrhN395lOJmrTD6P6l5pFY40mS/sJlyCO8UTVTsensK+fvm4Vj2r+RhjToCsRI+PDQXqv8taasKdR8EHAt0SYPbNfj9l1XAkxidtA2J4QQ==; 5:W4CToHN4S6RXs6cmlFc6XGy3LCehonsXWiYeIsoeStS9gDOpbpKMREs0PXi0m+qzbF+QYYZu6gsPiR1OLTFuaW8rsKrxpbQhULifNLQRHdv0v0Gp2CmAFLvvDji44V75w619Rqf13y4eyaVz9PNRrQ==; 24:W5QRHPuZv4XIlZfO9pEN1dD1HD6bantQEMK5WpC0pCwSb1pVY8DkUdI7dgfyHty40afDly8AvjIf6nuOSvMIR9AsmjgovESfzGvxEc5Gc48=; 7:JkR32xOjIuaqEf1b/9txXHAFguAgoHhikasPibEjSuIdGwnCHo7pyLvF7Qz3YCQTBVP2paEH3wZEaEe7+bsPuQrciBqYDMamc1MlI4C5XhXaTyK2l7OVM9Ir3Uq9YyihR2X4EMuFSar/l57Tfu8iVWDRIKoSf7WByiMvqun0AS2Qb/cv1ichrEYC67kj94ef8eGOjfBsrRO0JUi5T4e6O/IlRhwG0AjYJ+L/IFIhLoc=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: d9941ddb-9185-4c64-2e97-08d51c136e6c
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:PS1PR01MB1052; 
x-ms-traffictypediagnostic: PS1PR01MB1052:
x-exchange-antispam-report-test: UriScan:(1591387915157)(66011452539121);
x-microsoft-antispam-prvs: <PS1PR01MB105275FEADBB82D87588CC21D7450@PS1PR01MB1052.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(3231020)(3002001)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(6041248)(20161123564025)(20161123558100)(2016111802025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1052; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1052; 
x-forefront-prvs: 04724A515E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400002)(346002)(376002)(24454002)(51914003)(189002)(199003)(81166006)(966005)(2950100002)(8936002)(6486002)(6916009)(66066001)(14454004)(54896002)(189998001)(7736002)(106356001)(33656002)(2351001)(105586002)(53936002)(6246003)(6306002)(81156014)(8676002)(478600001)(1730700003)(6512007)(76176999)(101416001)(2900100001)(25786009)(236005)(345774005)(50986999)(54356999)(97736004)(606006)(316002)(36756003)(3660700001)(6116002)(53546010)(82746002)(6436002)(5640700003)(68736007)(3280700002)(3846002)(102836003)(5250100002)(99286003)(2501003)(2906002)(5660300001)(86362001)(6506006)(83716003)(229853002)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1052; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_4DDC897EC6324C2CA741F02EA51DD385ribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d9941ddb-9185-4c64-2e97-08d51c136e6c
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2017 01:46:52.3614 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1052
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/OoLfkTALAWLxLlhqOk7JfRJ_i7c>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 01:47:06 -0000

--_000_4DDC897EC6324C2CA741F02EA51DD385ribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SGkgV2VybmVyLCBSaWNrIGFuZCBQYXVsLA0KDQpXZXJuZXIsIHRoYW5rcyBmb3IgdGhlIHRpcC4g
SeKAmXZlIGp1c3Qgc2VudCB0aGUgcHJvcG9zZWQgcGF0Y2hlcyB0byB0aGUgbWFpbGluZyBsaXN0
IGFzIHlvdSBwcm9iYWJseSBhbHJlYWR5IHNlZSBpdC4NCg0KUmljaywgUGF1bCwNCg0KVGhlIGJl
bmVmaXRzIG9mIE9DQiBtb2RlIGFyZSBiZXN0IGV4cGxhaW5lZCBvbiB0aGlzIHBhZ2U6DQpodHRw
Oi8vd2ViLmNzLnVjZGF2aXMuZWR1L35yb2dhd2F5L29jYi9vY2ItZmFxLmh0bQ0KDQpJbiBjb21w
YXJpc29uIHdpdGggRUFYIHdoaWNoIGlzIGFscmVhZHkgaW5jbHVkZWQgaW4gNDg4MGJpcywgT0NC
IGlzIGZ1bGx5IHBhcmFsbGVsaXphYmxlIGZvciBlbmNyeXB0aW9uL2RlY3J5cHRpb24gYW5kIGF1
dGhlbnRpY2F0aW9uIChFQVggYXV0aGVudGljYXRpb24gaXMgc2VyaWFsKS4gSXQgaXMgYSBzaW5n
bGUtcGFzcyBhbGdvcml0aG0gKEVBWCBpcyAyLXBhc3MpLCBhbmQgaXMgY3VycmVudGx5IHRoZSBv
bmx5IHdpZGVseSBhY2NlcHRlZCBBRUFEIG1vZGUgdGhhdCBpcyBlbmRpYW4taW5kZXBlbmRlbnQg
KEVBWCBpcyBlbmRpYW4tZGVwZW5kZW50KSwgd2hpY2ggbWFrZXMgaW1wbGVtZW50YXRpb24gZWFz
aWVyLg0KDQpQZXJmb3JtYW5jZSBvZiBPQ0IgaXMgc3VwZXJpb3IgdG8gRUFYIGFuZCBpcyBwcm9i
YWJseSB0aGUgZmFzdGVzdCBhbW9uZyBhY2NlcHRlZCBBRUFEIGNvbXBldGl0b3JzLCB3aGljaCBp
cyBjb21wYXJlZCBpbiB0aGlzIHBhcGVyOg0KaHR0cHM6Ly93d3cuZmkubXVuaS5jei9+eHN2ZW5k
YS9kb2NzL0FFX2NvbXBhcmlzb25faXBpY3MwNC5wZGYNCg0KVGhpcyBwYXBlciBzdGF0ZXMgdGhh
dCB3aXRoIDE2IGJ5dGUgbWVzc2FnZXMsIEVBWCByZXF1aXJlcyAyMjcuMDkgY3ljbGVzIHBlciBi
eXRlICg2IGJsb2NrY2lwaGVyIGludm9jYXRpb25zKSwgd2hpbGUgT0NCIG9ubHkgMTE4LjkxICgz
IGJsb2NrY2lwaGVyIGludm9jYXRpb25zKSBjeWNsZXMgYXJlIG5lZWRlZC4NCg0KSW4gYWRkaXRp
b24sIEtyb3ZldHogYW5kIFJvZ2F3YXkgaGF2ZSBhbHNvIG1hZGUgdGhlIGVmZm9ydCB0byBzdGFu
ZGFyZGl6ZSBPQ0IgaW4gUkZDIDcyNTQsIHByb3ZpZGluZyBhIHN0YWJsZSBJRVRGIHJlZmVyZW5j
ZSwgYW5kIGFsc28gaW5jbHVkZWQgT0NCLUFFUyBpbiB0aGUgSUFOQSByZWdpc3RyeSBmb3IgQUVB
RCBwYXJhbWV0ZXIgc2V0cyAoUkZDIDUxMTYpLCB3aGljaCBFQVggaXMgbm90IHByZXNlbnQ6DQpo
dHRwczovL3d3dy5pYW5hLm9yZy9hc3NpZ25tZW50cy9hZWFkLXBhcmFtZXRlcnMvYWVhZC1wYXJh
bWV0ZXJzLnhodG1sDQoNCkFub3RoZXIgdGhvdWdodCBpcyB0byBhY3R1YWxseSByZWZlciB0byB0
aGUgSUFOQSByZWdpc3RyeSBmb3IgT3BlblBHUCBzdXBwb3J0ZWQgQUVBRCBhbGdvcml0aG1zLCBi
dXQgdGhhdCBtaWdodCBiZSBhIHRvcGljIGZvciBhbm90aGVyIGRheS4NCg0KS2luZCByZWdhcmRz
LA0KUm9uDQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCg0KUm9uYWxk
IFRzZQ0KUmlib3NlIEluYy4NCg0KKz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PSsNClRoaXMgbWVzc2FnZSBtYXkgY29udGFpbiBjb25maWRl
bnRpYWwgYW5kL29yIHByaXZpbGVnZWQNCmluZm9ybWF0aW9uLiAgSWYgeW91IGFyZSBub3QgdGhl
IGFkZHJlc3NlZSBvciBhdXRob3JpemVkIHRvDQpyZWNlaXZlIHRoaXMgZm9yIHRoZSBhZGRyZXNz
ZWUsIHlvdSBtdXN0IG5vdCB1c2UsIGNvcHksDQpkaXNjbG9zZSBvciB0YWtlIGFueSBhY3Rpb24g
YmFzZWQgb24gdGhpcyBtZXNzYWdlIG9yIGFueQ0KaW5mb3JtYXRpb24gaGVyZWluLiAgSWYgeW91
IGhhdmUgcmVjZWl2ZWQgdGhpcyBtZXNzYWdlIGluDQplcnJvciwgcGxlYXNlIGFkdmlzZSB0aGUg
c2VuZGVyIGltbWVkaWF0ZWx5IGJ5IHJlcGx5IGUtbWFpbA0KYW5kIGRlbGV0ZSB0aGlzIG1lc3Nh
Z2UuICBUaGFuayB5b3UgZm9yIHlvdXIgY29vcGVyYXRpb24uDQorPT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Kw0KDQpPbiBPY3QgMjYsIDIw
MTcsIGF0IDEyOjQ3IEFNLCBSaWNrIHZhbiBSZWluIDxyaWNrQG9wZW5mb3J0cmVzcy5ubDxtYWls
dG86cmlja0BvcGVuZm9ydHJlc3Mubmw+PiB3cm90ZToNCg0KSGksDQoNCkFkZGluZyBhbGdvcml0
aG1zIGlzIGVhc3kuIFJlbW92aW5nIHRoZW0gaXMgaGFyZC4gVGhhdCBzaG91bGQgcmFpc2UgdGhl
DQpiYXIgZm9yIGFkZGluZyBuZXcgb25lcy4NCg0KSSBzZWNvbmQgdGhhdC4gIFRoZXJlIHNob3Vs
ZCBiZSBhIGdvb2QgcmVhc29uIGZvciBhZGRpbmcgbmV3IGFsZ29yaXRobXMuDQooV2hpY2ggaXMg
YWx3YXlzIHN1YmplY3RpdmUgYmVjYXVzZSBpdCBpcyByZWFsbHkgaGVscGZ1bCB0byBoYXZlIHRo
aW5ncw0KdG8gZmFsbCBiYWNrIG9uIHdoZW4gYSBwYXJ0IGZhaWxzLCBzZWN1cml0eS13aXNlLikN
Cg0KQWxvbmcgdGhlIHNhbWUgbGluZXMgSSdtIGFsc28gc3VycHJpc2VkIHRoYXQgbm8gZWZmb3J0
IGhhcyBiZWVuIG1hZGUgdG8NCmRlcHJlY2F0ZSAyLnggUEdQIHBhY2tldCBmb3JtYXRzIGFuZCBw
dWJsaWMga2V5IGZvcm1hdHMsIGZvciBpbnN0YW5jZS4NCldlIGFsbCBrbm93IHRoYXQgc3VjaCBv
bGQga2V5cyBkb24ndCBoYXZlIGEgcmVhc29uIHRvIGV4aXN0IGFueW1vcmUsDQpidXQgd2UncmUg
YWxsIHN0aWxsIGNvZGluZyB0aGUgb2xkIGFuZCBuZXcgaW4gb3JkZXIgdG8gYmUgY29tcGxpYW50
IHRvDQp0aGUgc3RhbmRhcmRzLiAgU3VjaCBhIHdhc3RlIG9mIHRpbWUuLi4NCg0KLVJpY2sNCg0K

--_000_4DDC897EC6324C2CA741F02EA51DD385ribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <E2694C3A9067964490296C6F5D0AB822@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkhpIFdlcm5lciwgUmljayBhbmQgUGF1bCwNCjxk
aXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPldlcm5lciwg
dGhhbmtzIGZvciB0aGUgdGlwLiBJ4oCZdmUganVzdCBzZW50IHRoZSBwcm9wb3NlZCBwYXRjaGVz
IHRvIHRoZSBtYWlsaW5nIGxpc3QgYXMgeW91IHByb2JhYmx5IGFscmVhZHkgc2VlIGl0LjwvZGl2
Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+Umlj
aywgUGF1bCw8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2
IGNsYXNzPSIiPlRoZSBiZW5lZml0cyBvZiBPQ0IgbW9kZSBhcmUgYmVzdCBleHBsYWluZWQgb24g
dGhpcyBwYWdlOjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YSBocmVmPSJodHRwOi8vd2ViLmNzLnVj
ZGF2aXMuZWR1L35yb2dhd2F5L29jYi9vY2ItZmFxLmh0bSIgY2xhc3M9IiI+aHR0cDovL3dlYi5j
cy51Y2RhdmlzLmVkdS9+cm9nYXdheS9vY2Ivb2NiLWZhcS5odG08L2E+PC9kaXY+DQo8ZGl2IGNs
YXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5JbiBjb21wYXJpc29u
IHdpdGggRUFYIHdoaWNoIGlzIGFscmVhZHkgaW5jbHVkZWQgaW4gNDg4MGJpcywgT0NCIGlzIGZ1
bGx5IHBhcmFsbGVsaXphYmxlIGZvciBlbmNyeXB0aW9uL2RlY3J5cHRpb24gYW5kIGF1dGhlbnRp
Y2F0aW9uIChFQVggYXV0aGVudGljYXRpb24gaXMgc2VyaWFsKS4gSXQgaXMgYSBzaW5nbGUtcGFz
cyBhbGdvcml0aG0gKEVBWCBpcyAyLXBhc3MpLCBhbmQgaXMgY3VycmVudGx5IHRoZSBvbmx5IHdp
ZGVseQ0KIGFjY2VwdGVkIEFFQUQgbW9kZSB0aGF0IGlzIGVuZGlhbi1pbmRlcGVuZGVudCAoRUFY
IGlzIGVuZGlhbi1kZXBlbmRlbnQpLCB3aGljaCBtYWtlcyBpbXBsZW1lbnRhdGlvbiBlYXNpZXIu
PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0i
Ij5QZXJmb3JtYW5jZSBvZiBPQ0IgaXMgc3VwZXJpb3IgdG8gRUFYIGFuZCBpcyBwcm9iYWJseSB0
aGUgZmFzdGVzdCBhbW9uZyBhY2NlcHRlZCBBRUFEIGNvbXBldGl0b3JzLCB3aGljaCBpcyBjb21w
YXJlZCBpbiB0aGlzIHBhcGVyOjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YSBocmVmPSJodHRwczov
L3d3dy5maS5tdW5pLmN6L354c3ZlbmRhL2RvY3MvQUVfY29tcGFyaXNvbl9pcGljczA0LnBkZiIg
Y2xhc3M9IiI+aHR0cHM6Ly93d3cuZmkubXVuaS5jei9+eHN2ZW5kYS9kb2NzL0FFX2NvbXBhcmlz
b25faXBpY3MwNC5wZGY8L2E+PC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwv
ZGl2Pg0KPGRpdiBjbGFzcz0iIj5UaGlzIHBhcGVyIHN0YXRlcyB0aGF0IHdpdGggMTYgYnl0ZSBt
ZXNzYWdlcywgRUFYIHJlcXVpcmVzIDIyNy4wOSBjeWNsZXMgcGVyIGJ5dGUgKDYgYmxvY2tjaXBo
ZXIgaW52b2NhdGlvbnMpLCB3aGlsZSBPQ0Igb25seSAxMTguOTEgKDMgYmxvY2tjaXBoZXIgaW52
b2NhdGlvbnMpIGN5Y2xlcyBhcmUgbmVlZGVkLjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xh
c3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+SW4gYWRkaXRpb24sIEtyb3ZldHogYW5kIFJv
Z2F3YXkgaGF2ZSBhbHNvIG1hZGUgdGhlIGVmZm9ydCB0byBzdGFuZGFyZGl6ZSBPQ0IgaW4gUkZD
IDcyNTQsIHByb3ZpZGluZyBhIHN0YWJsZSBJRVRGIHJlZmVyZW5jZSwgYW5kIGFsc28gaW5jbHVk
ZWQgT0NCLUFFUyBpbiB0aGUgSUFOQSByZWdpc3RyeSBmb3IgQUVBRCBwYXJhbWV0ZXIgc2V0cyAo
UkZDIDUxMTYpLCB3aGljaCBFQVggaXMgbm90IHByZXNlbnQ6PC9kaXY+DQo8ZGl2IGNsYXNzPSIi
PjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlhbmEub3JnL2Fzc2lnbm1lbnRzL2FlYWQtcGFyYW1ldGVy
cy9hZWFkLXBhcmFtZXRlcnMueGh0bWwiIGNsYXNzPSIiPmh0dHBzOi8vd3d3LmlhbmEub3JnL2Fz
c2lnbm1lbnRzL2FlYWQtcGFyYW1ldGVycy9hZWFkLXBhcmFtZXRlcnMueGh0bWw8L2E+PC9kaXY+
DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5Bbm90
aGVyIHRob3VnaHQgaXMgdG8gYWN0dWFsbHkgcmVmZXIgdG8gdGhlIElBTkEgcmVnaXN0cnkgZm9y
IE9wZW5QR1Agc3VwcG9ydGVkIEFFQUQgYWxnb3JpdGhtcywgYnV0IHRoYXQgbWlnaHQgYmUgYSB0
b3BpYyBmb3IgYW5vdGhlciBkYXkuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4N
CjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5LaW5kIHJlZ2FyZHMsPC9kaXY+DQo8ZGl2IGNsYXNzPSIi
PlJvbjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPg0K
PGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsg
b3JwaGFuczogYXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQt
dHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87IHdvcmQt
c3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IHdvcmQtd3JhcDog
YnJlYWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0LWxpbmUtYnJlYWs6
IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KUm9uYWxkIFRzZTxiciBj
bGFzcz0iIj4NClJpYm9zZSBJbmMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KJiM0Mzs9
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0m
IzQzOzxiciBjbGFzcz0iIj4NClRoaXMgbWVzc2FnZSBtYXkgY29udGFpbiBjb25maWRlbnRpYWwg
YW5kL29yIHByaXZpbGVnZWQ8YnIgY2xhc3M9IiI+DQppbmZvcm1hdGlvbi4gJm5ic3A7SWYgeW91
IGFyZSBub3QgdGhlIGFkZHJlc3NlZSBvciBhdXRob3JpemVkIHRvPGJyIGNsYXNzPSIiPg0KcmVj
ZWl2ZSB0aGlzIGZvciB0aGUgYWRkcmVzc2VlLCB5b3UgbXVzdCBub3QgdXNlLCBjb3B5LDxiciBj
bGFzcz0iIj4NCmRpc2Nsb3NlIG9yIHRha2UgYW55IGFjdGlvbiBiYXNlZCBvbiB0aGlzIG1lc3Nh
Z2Ugb3IgYW55PGJyIGNsYXNzPSIiPg0KaW5mb3JtYXRpb24gaGVyZWluLiAmbmJzcDtJZiB5b3Ug
aGF2ZSByZWNlaXZlZCB0aGlzIG1lc3NhZ2UgaW48YnIgY2xhc3M9IiI+DQplcnJvciwgcGxlYXNl
IGFkdmlzZSB0aGUgc2VuZGVyIGltbWVkaWF0ZWx5IGJ5IHJlcGx5IGUtbWFpbDxiciBjbGFzcz0i
Ij4NCmFuZCBkZWxldGUgdGhpcyBtZXNzYWdlLiAmbmJzcDtUaGFuayB5b3UgZm9yIHlvdXIgY29v
cGVyYXRpb24uPGJyIGNsYXNzPSIiPg0KJiM0Mzs9PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0mIzQzOzwvZGl2Pg0KPC9kaXY+DQo8ZGl2Pjxi
ciBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIGNsYXNzPSIiPg0KPGRpdiBjbGFz
cz0iIj5PbiBPY3QgMjYsIDIwMTcsIGF0IDEyOjQ3IEFNLCBSaWNrIHZhbiBSZWluICZsdDs8YSBo
cmVmPSJtYWlsdG86cmlja0BvcGVuZm9ydHJlc3MubmwiIGNsYXNzPSIiPnJpY2tAb3BlbmZvcnRy
ZXNzLm5sPC9hPiZndDsgd3JvdGU6PC9kaXY+DQo8YnIgY2xhc3M9IkFwcGxlLWludGVyY2hhbmdl
LW5ld2xpbmUiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+SGksPGJyIGNsYXNzPSIi
Pg0KPGJyIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgY2xhc3M9IiI+QWRkaW5n
IGFsZ29yaXRobXMgaXMgZWFzeS4gUmVtb3ZpbmcgdGhlbSBpcyBoYXJkLiBUaGF0IHNob3VsZCBy
YWlzZSB0aGU8YnIgY2xhc3M9IiI+DQpiYXIgZm9yIGFkZGluZyBuZXcgb25lcy48YnIgY2xhc3M9
IiI+DQo8L2Jsb2NrcXVvdGU+DQo8YnIgY2xhc3M9IiI+DQpJIHNlY29uZCB0aGF0LiAmbmJzcDtU
aGVyZSBzaG91bGQgYmUgYSBnb29kIHJlYXNvbiBmb3IgYWRkaW5nIG5ldyBhbGdvcml0aG1zLjxi
ciBjbGFzcz0iIj4NCihXaGljaCBpcyBhbHdheXMgc3ViamVjdGl2ZSBiZWNhdXNlIGl0IGlzIHJl
YWxseSBoZWxwZnVsIHRvIGhhdmUgdGhpbmdzPGJyIGNsYXNzPSIiPg0KdG8gZmFsbCBiYWNrIG9u
IHdoZW4gYSBwYXJ0IGZhaWxzLCBzZWN1cml0eS13aXNlLik8YnIgY2xhc3M9IiI+DQo8YnIgY2xh
c3M9IiI+DQpBbG9uZyB0aGUgc2FtZSBsaW5lcyBJJ20gYWxzbyBzdXJwcmlzZWQgdGhhdCBubyBl
ZmZvcnQgaGFzIGJlZW4gbWFkZSB0bzxiciBjbGFzcz0iIj4NCmRlcHJlY2F0ZSAyLnggUEdQIHBh
Y2tldCBmb3JtYXRzIGFuZCBwdWJsaWMga2V5IGZvcm1hdHMsIGZvciBpbnN0YW5jZS48YnIgY2xh
c3M9IiI+DQpXZSBhbGwga25vdyB0aGF0IHN1Y2ggb2xkIGtleXMgZG9uJ3QgaGF2ZSBhIHJlYXNv
biB0byBleGlzdCBhbnltb3JlLDxiciBjbGFzcz0iIj4NCmJ1dCB3ZSdyZSBhbGwgc3RpbGwgY29k
aW5nIHRoZSBvbGQgYW5kIG5ldyBpbiBvcmRlciB0byBiZSBjb21wbGlhbnQgdG88YnIgY2xhc3M9
IiI+DQp0aGUgc3RhbmRhcmRzLiAmbmJzcDtTdWNoIGEgd2FzdGUgb2YgdGltZS4uLjxiciBjbGFz
cz0iIj4NCjxiciBjbGFzcz0iIj4NCi1SaWNrPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4N
CjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2JvZHk+DQo8
L2h0bWw+DQo=

--_000_4DDC897EC6324C2CA741F02EA51DD385ribosecom_--


From nobody Wed Oct 25 19:03:12 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5231213ADD2 for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 19:03:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level: 
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45yI4ZyW_Why for <openpgp@ietfa.amsl.com>; Wed, 25 Oct 2017 19:03:06 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0072.outbound.protection.outlook.com [104.47.126.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4710F13ACE5 for <openpgp@ietf.org>; Wed, 25 Oct 2017 19:03:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=d98OKToQCEBV+zbogl9jMh2sUa9DgqSkuD27dVKblvI=; b=AS1GGEtO6fn33CsjyFmIsLKIZXNCiZPrKQkG0NXtKQbRFMoQ4MDzrsl1AWoZNcBxkLV5kVMLnvlA5IirhUVS/EXmLJJrqzvjMMXG3OfS20LIXE2HiCELSYzOEHsgMFBrCmNuEcVEYnxSk03/mRzJmI4F4nbVQgNFApu6nFnvWs0=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Thu, 26 Oct 2017 02:03:02 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::f0e3:51e5:3abd:6c17%14]) with mapi id 15.20.0156.007; Thu, 26 Oct 2017 02:03:02 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL1WjoAgAAH/IA=
Date: Thu, 26 Oct 2017 02:03:02 +0000
Message-ID: <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz>
In-Reply-To: <1508981649515.71466@cs.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:gwiJn3kcbzSypA8QgTAVOPL0G/r0Z2DUa8WaDrEDuX7QB0NZZ0YLqRqZdtZgVcRBCJyNQB8scF+nSKzlhmDEd/+tg8tsqWks9z8RdA+8bCP10alcGq2w8hvfJpZ0w+xeDZ5nIRQbD063W9qQoNZWP0oip/ILv+t4xZUlUZOjy30CsvqfBUITv8d5xI+/0YG+0VJDQYyK028g7xfUZzxFoUTpxY7b9l4QE24yN6iAvB/F0TohvCACRqISMYI/ggpPCCe03umgkAGsP02bZ2ndyvUqzxCrdn5vHCZ0dcGBhNVu3VIAdAKQnsWwQW1chUhVVIFipDL7YANy4ygvHkgK9g==; 5:BCuc7wF/H8rKd8igHy43FEeX8oHq9P5ehPoTlKa9U7wt7ELEsP6e+CiiHKgb/8lATPS3zeL0uxA4lbg74ZsT52KhdCm8D3/kW6Bt3uNwxR65FKjT05EXDyIXuYh2JzqG0vVlQ8QwH8MrVm7X3NrWaQ==; 24:urSm0O6ZVlf9ApxuRon6CMx3nmzvndKpyAOpWDm1T5/hpMVoL3W0Ly9BsfOiDq0OAeQUsSeVAqEMdw4DmAkVexEBkD1ET31maKOBd+GY43o=; 7:zBnqot/5jmfhDZerCNEG6uiiVia9o8pHjcj5jwXAaS/As0OPZzfCoQPEMHxGvWiCbz5i0F1gH2L5MH37YV8VXks6i+TXjRSFIY4sbWgu55xrzSL6/njZm7QPIi7VbZFpxSalSYEbtBRl7PgX332/6/6yZp44tq3UyiidgYj49sH9CbqmrrwnzZY9xNSwlbrbM0eLt+TrXwIGlDJsxjdWdKg0VeJ2eGmqsbM+qGzq4wU=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 66f87539-0643-48ca-b0e2-08d51c15b078
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:(209352067349851);
x-microsoft-antispam-prvs: <PS1PR01MB105072898CEC3B67509C6EBED7450@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(6041248)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(20161123564025)(20161123560025)(2016111802025)(20161123562025)(6043046)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 04724A515E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39830400002)(346002)(376002)(24454002)(189002)(199003)(229853002)(2900100001)(478600001)(97736004)(6506006)(3846002)(6116002)(102836003)(2501003)(5250100002)(83716003)(86362001)(53936002)(54896002)(345774005)(6512007)(236005)(99286003)(6436002)(6306002)(2351001)(316002)(966005)(2906002)(50986999)(54356999)(1730700003)(81166006)(2950100002)(6916009)(33656002)(5660300001)(81156014)(8676002)(106356001)(6486002)(6246003)(76176999)(8936002)(3280700002)(14454004)(3660700001)(68736007)(7736002)(101416001)(5640700003)(82746002)(66066001)(53546010)(105586002)(25786009)(189998001)(36756003)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_07C9EFDFC8C24433A9F9DC3D7AFD5499ribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 66f87539-0643-48ca-b0e2-08d51c15b078
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Oct 2017 02:03:02.1821 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/l6I6d6UJX4gIIQtoSILuvTavQBQ>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Oct 2017 02:03:09 -0000

--_000_07C9EFDFC8C24433A9F9DC3D7AFD5499ribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SGkgUGV0ZXIsDQoNClBlcmhhcHMgSSBjb3VsZCBjbGFyaWZ5IHRoYXQgdGhlIE9DQiBwYXRlbnQg
aXMgbGltaXRlZCBpbiByZWdpb25hbCBzY29wZSBhbmQgZG9lcyBub3QgYXBwbHkgb3V0c2lkZSBv
ZiB0aGUgVVMuIEZvciBleGFtcGxlLCB0aGUgTlogbWlsaXRhcnkgY291bGQgb3JkZXIgYSBwaXp6
YSB1c2luZyBPQ0IuDQoNClRoZSBPQ0IgbGljZW5zZXMgcHJvdmlkZWQgb24gUm9nYXdheeKAmXMg
cGFnZSBpcyB2ZXJ5IGNsZWFyIHRoYXQgb3BlbiBzb3VyY2UgdXNhZ2UsIHN1Y2ggYXMgaW4gT3Bl
blNTTCBhbmQgYW55IHByb2R1Y3RzIGJhc2VkIG9uIE9wZW5TU0wsIGlzIHN0cmljdGx5IGFsbG93
ZWQg4oCUIHdoaWNoIG1lYW5zIHRoYXQgbWlsaXRhcnkgYW5kIGhhcmR3YXJlIHVzYWdlIG9mIE9D
QiB0aHJvdWdoIE9wZW5TU0wgaXMgYWxyZWFkeSBhbGxvd2VkLg0KDQpJIHRoaW5rIHdlIGFyZSBz
bGlnaHRseSBjb25mdXNpbmcgYW4gb3B0aW9uYWwgYWxnb3JpdGhtLCB3aGljaCBPQ0IgaXMgcHJv
cG9zZWQgdG8gYmUsIHdpdGggYSBtYW5kYXRvcnkgb25lLiBBIHVzZXIgc2hvdWxkIGJlIGFibGUg
dG8gc3BlY2lmeSBpbiB0aGVpciBwcmVmZXJlbmNlcyB0aGF0IHRoZXkgZG9u4oCZdCBhY2NlcHQg
T0NCLiBBIC5taWwgZW1haWwgYWRkcmVzcyB3aWxsIHByb2JhYmx5IHNwZWNpZnkgdGhleSBkbyBu
b3Qgd2FudCBPQ0IgaW4gdGhpcyBjYXNlLg0KDQpHaXZlbiBPcGVuUEdQIGlzIHN1cHBvc2VkIHRv
IGJlIOKAnG9wZW7igJ0sIHBlb3BsZSBzaG91bGQgYmUgYWJsZSB0byBzdGF0ZSB0aGVpciBwcmVm
ZXJlbmNlcyBhcyB3ZWxsIGFzIGRvIHdoYXQgdGhleSB3YW50IHdpdGggaXQuDQoNCkZvciBleGFt
cGxlLCBDaGluZXNlIGNyeXB0b2dyYXBoeSBsYXcgc3RyaWN0bHkgZm9yYmlkcyBBRVMgdXNhZ2Ug
aW4gaGFyZHdhcmUuIERvZXMgdGhhdCBtZWFuIEludGVsIG5lZWRzIHRvIGRyb3AgQUVTLU5JIGZv
ciBjaGlwcyBzb2xkIGluIENoaW5hPyBUaGUgYW5zd2VyIGlzIG5vLiBQZW9wbGUgc2ltcGx5IGRv
buKAmXQgdXNlIGl0IGJlY2F1c2Ugb2YgdGhlc2UgcmVndWxhdGlvbnMuDQoNClRoaXMgaXMgdGhl
IHNhbWUgd2l0aCBPQ0Ig4oCUIGlmIHlvdSBkb27igJl0IGxpa2UgaXQsIGRvbuKAmXQgd2FudCBp
dCwganVzdCBkb24ndCB1c2UgaXQuIEl0IG9ubHkgZW5hYmxlcyBwZW9wbGUgd2hvIHdhbnQgaXQg
dG8gdXNlIGl0Lg0KDQpSb24NCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
Xw0KDQpSb25hbGQgVHNlDQpSaWJvc2UgSW5jLg0KDQorPT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Kw0KVGhpcyBtZXNzYWdlIG1heSBjb250
YWluIGNvbmZpZGVudGlhbCBhbmQvb3IgcHJpdmlsZWdlZA0KaW5mb3JtYXRpb24uICBJZiB5b3Ug
YXJlIG5vdCB0aGUgYWRkcmVzc2VlIG9yIGF1dGhvcml6ZWQgdG8NCnJlY2VpdmUgdGhpcyBmb3Ig
dGhlIGFkZHJlc3NlZSwgeW91IG11c3Qgbm90IHVzZSwgY29weSwNCmRpc2Nsb3NlIG9yIHRha2Ug
YW55IGFjdGlvbiBiYXNlZCBvbiB0aGlzIG1lc3NhZ2Ugb3IgYW55DQppbmZvcm1hdGlvbiBoZXJl
aW4uICBJZiB5b3UgaGF2ZSByZWNlaXZlZCB0aGlzIG1lc3NhZ2UgaW4NCmVycm9yLCBwbGVhc2Ug
YWR2aXNlIHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYnkgcmVwbHkgZS1tYWlsDQphbmQgZGVsZXRl
IHRoaXMgbWVzc2FnZS4gIFRoYW5rIHlvdSBmb3IgeW91ciBjb29wZXJhdGlvbi4NCis9PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0rDQoNCk9u
IE9jdCAyNiwgMjAxNywgYXQgOTozNCBBTSwgUGV0ZXIgR3V0bWFubiA8cGd1dDAwMUBjcy5hdWNr
bGFuZC5hYy5uejxtYWlsdG86cGd1dDAwMUBjcy5hdWNrbGFuZC5hYy5uej4+IHdyb3RlOg0KDQpS
b25hbGQgVHNlIDx0c2VAcmlib3NlLmNvbTxtYWlsdG86dHNlQHJpYm9zZS5jb20+PiB3cml0ZXM6
DQoNClRoZXJlIGhhdmUgYmVlbiBwcmV2aW91cyBtZW50aW9ucyBvZiBwYXRlbnQgY29uY2VybnMs
IGJ1dCBPQ0IgaXMgZnJlZWx5DQpsaWNlbnNlZCBmb3Igb3BlbiBzb3VyY2UgdG9vbHMgYW5kIGhh
cyBiZWVuIGluY2x1ZGVkIGluIGxpYnJhcmllcyBsaWtlDQpPcGVuU1NMIGFuZCBCb3Rhbi4NCg0K
SXQncyBhIGxvdCBtb3JlIHByb2JsZW1hdGljIHRoYW4gdGhhdC4gIFdoaWxlIEkgc3VwcG9ydCB0
aGUgT0NCIHBhdGVudA0KaG9sZGVyJ3Mgc3RhbmQgb24gYSBtb3JhbCBiYXNpcywgdGhlIGxpY2Vu
c2luZyB1bmZvcnR1bmF0ZWx5IG1ha2VzIGl0DQppbXBvc3NpYmxlIHRvIHVzZSBmb3IgZ2VuZXJh
bCBzb2Z0d2FyZSwgd2hpY2ggaXMgYSByZWFsIHNoYW1lIGJlY2F1c2UgaXQncyBhDQp2ZXJ5IG5p
Y2UgY3J5cHRvIG1lY2hhbmlzbS4gIEV4YW1wbGVzIG9mIHNvbWUgZ2VuZXJhbC1wdXJwb3NlIHVz
ZXMgb2YgY3J5cHRvDQphbmQgaG93IHRoZSBsaWNlbnNlIGFmZmVjdHMgdGhlbToNCg0KQmFua2lu
ZzogTm8sIGJlY2F1c2UgbWVtYmVycyBvZiB0aGUgbWlsaXRhcnkgbWlnaHQgYmUgY3VzdG9tZXJz
Lg0KDQpFbWFpbDogTm8sIGJlY2F1c2UgaXQgbWlnaHQgZ28gdG8vY29tZSBmcm9tIGEgLm1pbCBh
ZGRyZXNzLg0KDQpPcmRlcmluZyBhIHBpenphIG9ubGluZTogTm8sIGJlY2F1c2UgaXQgbWlnaHQg
YmUgc2VudCB0byBhIG1pbGl0YXJ5IGJhc2UuDQoNCihTb21lIG9mIHRoZXNlIGFyZSBmcm9tIGFj
dHVhbCBsZWdhbCBhbmFseXNlcyBvZiB0aGUgaW1wbGljYXRpb25zIG9mIHVzaW5nIGl0LA0Kbm90
IGp1c3QgbWUgY29taW5nIHVwIHdpdGggY29ybmVyIGNhc2VzKS4NCg0KSURFQSBoYWQgdGhlIHNh
bWUgcHJvYmxlbSwgaXQgd2FzIG1vcmUgb3IgbGVzcyBPSyB0byB1c2UgaW4gb3Blbi1zb3VyY2Ug
dHlwZQ0Kc29mdHdhcmUsIGJ1dCB3YXMgc3RpbGwgc3VmZmljaWVudGx5IHByb2JsZW1hdGljIHRo
YXQgaXQgd2FzIHJlbW92ZWQgZnJvbQ0KT3BlblBHUC4gIEl0J3MgdGhlIHNhbWUgd2l0aCBPQ0Is
IHRoZSBsaWNlbnNlIHRlcm1zIHJlcXVpcmUgdGhhdCB5b3UgdHJhY2sNCmV2ZXJ5IHNpbmdsZSB1
c2UgYW5kIHVzZXIgb2YgdGhlIHNvZnR3YXJlIGluIG9yZGVyIHRvIHZlcmlmeSB0aGF0IHRoZSB1
c2UgaXMNCm5vbi1pbmZyaW5naW5nLiAgVGhhdCBtYWtlcyBpdCB1bnVzYWJsZSBmb3IgcmVhbC13
b3JsZCBwdXJwb3NlcywgaS5lLiB3aGVyZQ0KY29tbWVyY2lhbCBlbnRpdGllcyBhcmUgaW52b2x2
ZWQuDQoNClBldGVyLg0KDQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fDQpvcGVucGdwIG1haWxpbmcgbGlzdA0Kb3BlbnBncEBpZXRmLm9yZzxtYWlsdG86
b3BlbnBncEBpZXRmLm9yZz4NCmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8v
b3BlbnBncA0KDQo=

--_000_07C9EFDFC8C24433A9F9DC3D7AFD5499ribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <7B1013D5977A854BA967D6F4D39DCF41@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkhpIFBldGVyLA0KPGRpdiBjbGFzcz0iIj48YnIg
Y2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+UGVyaGFwcyBJIGNvdWxkIGNsYXJpZnkg
dGhhdCB0aGUgT0NCIHBhdGVudCBpcyBsaW1pdGVkIGluIHJlZ2lvbmFsIHNjb3BlIGFuZCBkb2Vz
IG5vdCBhcHBseSBvdXRzaWRlIG9mIHRoZSBVUy4gRm9yIGV4YW1wbGUsIHRoZSBOWiBtaWxpdGFy
eSBjb3VsZCBvcmRlciBhIHBpenphIHVzaW5nIE9DQi48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJy
IGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlRoZSBPQ0IgbGljZW5zZXMgcHJvdmlk
ZWQgb24gUm9nYXdheeKAmXMgcGFnZSBpcyB2ZXJ5IGNsZWFyIHRoYXQgb3BlbiBzb3VyY2UgdXNh
Z2UsIHN1Y2ggYXMgaW4gT3BlblNTTCBhbmQgYW55IHByb2R1Y3RzIGJhc2VkIG9uIE9wZW5TU0ws
IGlzIHN0cmljdGx5IGFsbG93ZWQg4oCUIHdoaWNoIG1lYW5zIHRoYXQgbWlsaXRhcnkgYW5kIGhh
cmR3YXJlIHVzYWdlIG9mIE9DQiB0aHJvdWdoIE9wZW5TU0wgaXMgYWxyZWFkeSBhbGxvd2VkLjwv
ZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+
SSB0aGluayB3ZSBhcmUgc2xpZ2h0bHkgY29uZnVzaW5nIGFuIG9wdGlvbmFsIGFsZ29yaXRobSwg
d2hpY2ggT0NCIGlzIHByb3Bvc2VkIHRvIGJlLCB3aXRoIGEgbWFuZGF0b3J5IG9uZS4gQSB1c2Vy
IHNob3VsZCBiZSBhYmxlIHRvIHNwZWNpZnkgaW4gdGhlaXIgcHJlZmVyZW5jZXMgdGhhdCB0aGV5
IGRvbuKAmXQgYWNjZXB0IE9DQi4gQSAubWlsIGVtYWlsIGFkZHJlc3Mgd2lsbCBwcm9iYWJseSBz
cGVjaWZ5IHRoZXkgZG8gbm90DQogd2FudCBPQ0IgaW4gdGhpcyBjYXNlLjwvZGl2Pg0KPGRpdiBj
bGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+R2l2ZW4gT3BlblBH
UCBpcyBzdXBwb3NlZCB0byBiZSDigJxvcGVu4oCdLCBwZW9wbGUgc2hvdWxkIGJlIGFibGUgdG8g
c3RhdGUgdGhlaXIgcHJlZmVyZW5jZXMgYXMgd2VsbCBhcyBkbyB3aGF0IHRoZXkgd2FudCB3aXRo
IGl0LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xh
c3M9IiI+Rm9yIGV4YW1wbGUsIENoaW5lc2UgY3J5cHRvZ3JhcGh5IGxhdyBzdHJpY3RseSBmb3Ji
aWRzIEFFUyB1c2FnZSBpbiBoYXJkd2FyZS4gRG9lcyB0aGF0IG1lYW4gSW50ZWwgbmVlZHMgdG8g
ZHJvcCBBRVMtTkkgZm9yIGNoaXBzIHNvbGQgaW4gQ2hpbmE/IFRoZSBhbnN3ZXIgaXMgbm8uIFBl
b3BsZSBzaW1wbHkgZG9u4oCZdCB1c2UgaXQgYmVjYXVzZSBvZiB0aGVzZSByZWd1bGF0aW9ucy48
L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIi
PlRoaXMgaXMgdGhlIHNhbWUgd2l0aCBPQ0Ig4oCUIGlmIHlvdSBkb27igJl0IGxpa2UgaXQsIGRv
buKAmXQgd2FudCBpdCwganVzdCBkb24ndCB1c2UgaXQuIEl0IG9ubHkgZW5hYmxlcyBwZW9wbGUg
d2hvIHdhbnQgaXQgdG8gdXNlIGl0LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+
DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+Um9uPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFz
cz0iIj4NCjxkaXYgY2xhc3M9IiI+DQo8ZGl2IHN0eWxlPSJjb2xvcjogcmdiKDAsIDAsIDApOyBs
ZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsg
dGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3Jt
YWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Ut
d2lkdGg6IDBweDsgd29yZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3Bh
Y2U7IC13ZWJraXQtbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCl9f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX188YnIgY2xhc3M9IiI+DQo8YnIgY2xh
c3M9IiI+DQpSb25hbGQgVHNlPGJyIGNsYXNzPSIiPg0KUmlib3NlIEluYy48YnIgY2xhc3M9IiI+
DQo8YnIgY2xhc3M9IiI+DQomIzQzOz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PSYjNDM7PGJyIGNsYXNzPSIiPg0KVGhpcyBtZXNzYWdlIG1h
eSBjb250YWluIGNvbmZpZGVudGlhbCBhbmQvb3IgcHJpdmlsZWdlZDxiciBjbGFzcz0iIj4NCmlu
Zm9ybWF0aW9uLiAmbmJzcDtJZiB5b3UgYXJlIG5vdCB0aGUgYWRkcmVzc2VlIG9yIGF1dGhvcml6
ZWQgdG88YnIgY2xhc3M9IiI+DQpyZWNlaXZlIHRoaXMgZm9yIHRoZSBhZGRyZXNzZWUsIHlvdSBt
dXN0IG5vdCB1c2UsIGNvcHksPGJyIGNsYXNzPSIiPg0KZGlzY2xvc2Ugb3IgdGFrZSBhbnkgYWN0
aW9uIGJhc2VkIG9uIHRoaXMgbWVzc2FnZSBvciBhbnk8YnIgY2xhc3M9IiI+DQppbmZvcm1hdGlv
biBoZXJlaW4uICZuYnNwO0lmIHlvdSBoYXZlIHJlY2VpdmVkIHRoaXMgbWVzc2FnZSBpbjxiciBj
bGFzcz0iIj4NCmVycm9yLCBwbGVhc2UgYWR2aXNlIHRoZSBzZW5kZXIgaW1tZWRpYXRlbHkgYnkg
cmVwbHkgZS1tYWlsPGJyIGNsYXNzPSIiPg0KYW5kIGRlbGV0ZSB0aGlzIG1lc3NhZ2UuICZuYnNw
O1RoYW5rIHlvdSBmb3IgeW91ciBjb29wZXJhdGlvbi48YnIgY2xhc3M9IiI+DQomIzQzOz09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PSYjNDM7
PC9kaXY+DQo8L2Rpdj4NCjxkaXY+PGJyIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0
ZSIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPk9uIE9jdCAyNiwgMjAxNywgYXQgOTozNCBBTSwg
UGV0ZXIgR3V0bWFubiAmbHQ7PGEgaHJlZj0ibWFpbHRvOnBndXQwMDFAY3MuYXVja2xhbmQuYWMu
bnoiIGNsYXNzPSIiPnBndXQwMDFAY3MuYXVja2xhbmQuYWMubno8L2E+Jmd0OyB3cm90ZTo8L2Rp
dj4NCjxiciBjbGFzcz0iQXBwbGUtaW50ZXJjaGFuZ2UtbmV3bGluZSI+DQo8ZGl2IGNsYXNzPSIi
Pg0KPGRpdiBjbGFzcz0iIj5Sb25hbGQgVHNlICZsdDs8YSBocmVmPSJtYWlsdG86dHNlQHJpYm9z
ZS5jb20iIGNsYXNzPSIiPnRzZUByaWJvc2UuY29tPC9hPiZndDsgd3JpdGVzOjxiciBjbGFzcz0i
Ij4NCjxiciBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIGNsYXNzPSIiPlRoZXJl
IGhhdmUgYmVlbiBwcmV2aW91cyBtZW50aW9ucyBvZiBwYXRlbnQgY29uY2VybnMsIGJ1dCBPQ0Ig
aXMgZnJlZWx5PGJyIGNsYXNzPSIiPg0KbGljZW5zZWQgZm9yIG9wZW4gc291cmNlIHRvb2xzIGFu
ZCBoYXMgYmVlbiBpbmNsdWRlZCBpbiBsaWJyYXJpZXMgbGlrZTxiciBjbGFzcz0iIj4NCk9wZW5T
U0wgYW5kIEJvdGFuLjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxiciBjbGFzcz0iIj4N
Ckl0J3MgYSBsb3QgbW9yZSBwcm9ibGVtYXRpYyB0aGFuIHRoYXQuICZuYnNwO1doaWxlIEkgc3Vw
cG9ydCB0aGUgT0NCIHBhdGVudDxiciBjbGFzcz0iIj4NCmhvbGRlcidzIHN0YW5kIG9uIGEgbW9y
YWwgYmFzaXMsIHRoZSBsaWNlbnNpbmcgdW5mb3J0dW5hdGVseSBtYWtlcyBpdDxiciBjbGFzcz0i
Ij4NCmltcG9zc2libGUgdG8gdXNlIGZvciBnZW5lcmFsIHNvZnR3YXJlLCB3aGljaCBpcyBhIHJl
YWwgc2hhbWUgYmVjYXVzZSBpdCdzIGE8YnIgY2xhc3M9IiI+DQp2ZXJ5IG5pY2UgY3J5cHRvIG1l
Y2hhbmlzbS4gJm5ic3A7RXhhbXBsZXMgb2Ygc29tZSBnZW5lcmFsLXB1cnBvc2UgdXNlcyBvZiBj
cnlwdG88YnIgY2xhc3M9IiI+DQphbmQgaG93IHRoZSBsaWNlbnNlIGFmZmVjdHMgdGhlbTo8YnIg
Y2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpCYW5raW5nOiBObywgYmVjYXVzZSBtZW1iZXJzIG9m
IHRoZSBtaWxpdGFyeSBtaWdodCBiZSBjdXN0b21lcnMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNz
PSIiPg0KRW1haWw6IE5vLCBiZWNhdXNlIGl0IG1pZ2h0IGdvIHRvL2NvbWUgZnJvbSBhIC5taWwg
YWRkcmVzcy48YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpPcmRlcmluZyBhIHBpenphIG9u
bGluZTogTm8sIGJlY2F1c2UgaXQgbWlnaHQgYmUgc2VudCB0byBhIG1pbGl0YXJ5IGJhc2UuPGJy
IGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KKFNvbWUgb2YgdGhlc2UgYXJlIGZyb20gYWN0dWFs
IGxlZ2FsIGFuYWx5c2VzIG9mIHRoZSBpbXBsaWNhdGlvbnMgb2YgdXNpbmcgaXQsPGJyIGNsYXNz
PSIiPg0Kbm90IGp1c3QgbWUgY29taW5nIHVwIHdpdGggY29ybmVyIGNhc2VzKS48YnIgY2xhc3M9
IiI+DQo8YnIgY2xhc3M9IiI+DQpJREVBIGhhZCB0aGUgc2FtZSBwcm9ibGVtLCBpdCB3YXMgbW9y
ZSBvciBsZXNzIE9LIHRvIHVzZSBpbiBvcGVuLXNvdXJjZSB0eXBlPGJyIGNsYXNzPSIiPg0Kc29m
dHdhcmUsIGJ1dCB3YXMgc3RpbGwgc3VmZmljaWVudGx5IHByb2JsZW1hdGljIHRoYXQgaXQgd2Fz
IHJlbW92ZWQgZnJvbTxiciBjbGFzcz0iIj4NCk9wZW5QR1AuICZuYnNwO0l0J3MgdGhlIHNhbWUg
d2l0aCBPQ0IsIHRoZSBsaWNlbnNlIHRlcm1zIHJlcXVpcmUgdGhhdCB5b3UgdHJhY2s8YnIgY2xh
c3M9IiI+DQpldmVyeSBzaW5nbGUgdXNlIGFuZCB1c2VyIG9mIHRoZSBzb2Z0d2FyZSBpbiBvcmRl
ciB0byB2ZXJpZnkgdGhhdCB0aGUgdXNlIGlzPGJyIGNsYXNzPSIiPg0Kbm9uLWluZnJpbmdpbmcu
ICZuYnNwO1RoYXQgbWFrZXMgaXQgdW51c2FibGUgZm9yIHJlYWwtd29ybGQgcHVycG9zZXMsIGku
ZS4gd2hlcmU8YnIgY2xhc3M9IiI+DQpjb21tZXJjaWFsIGVudGl0aWVzIGFyZSBpbnZvbHZlZC48
YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpQZXRlci48YnIgY2xhc3M9IiI+DQo8YnIgY2xh
c3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fXzxiciBjbGFzcz0iIj4NCm9wZW5wZ3AgbWFpbGluZyBsaXN0PGJyIGNsYXNz
PSIiPg0KPGEgaHJlZj0ibWFpbHRvOm9wZW5wZ3BAaWV0Zi5vcmciIGNsYXNzPSIiPm9wZW5wZ3BA
aWV0Zi5vcmc8L2E+PGJyIGNsYXNzPSIiPg0KaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9s
aXN0aW5mby9vcGVucGdwPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYmxvY2txdW90
ZT4NCjwvZGl2Pg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo=

--_000_07C9EFDFC8C24433A9F9DC3D7AFD5499ribosecom_--


From nobody Thu Oct 26 17:18:51 2017
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F08D13A302 for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:18:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level: 
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gvhFvCvGp-op for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:18:48 -0700 (PDT)
Received: from injection.crustytoothpaste.net (injection.crustytoothpaste.net [192.241.140.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61300139F44 for <openpgp@ietf.org>; Thu, 26 Oct 2017 17:18:48 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by injection.crustytoothpaste.net (Postfix) with ESMTPSA id 70D5C6044A for <openpgp@ietf.org>; Fri, 27 Oct 2017 00:18:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crustytoothpaste.net; s=default; t=1509063496; bh=CzQAenB3S9WYtPdIwPgr0wN4iCMjelhAw4YmwGvYsvE=; h=Date:From:To:Subject:References:Content-Type:Content-Disposition: In-Reply-To:From:Reply-To:Subject:Date:To:CC:Resent-Date: Resent-From:Resent-To:Resent-Cc:In-Reply-To:References: Content-Type:Content-Disposition; b=qQXfqYsrmmwYsuUXcmHZNHILDOh82o552gkVjn79AZXBMNQGLonnKmrkSuJBPpDBI S3k5qz2DyzrV/xaKgF2zyBtLTaSMo7YiglxUevSJsFquW3NTgFLaCOVNhK6qVJs31l IaJ8IeBdDUpTNGLYYGf4R1jfPYCwb0Qdw2ZP6H/U1Bvjh58JO4U2+U/z7tyEy1ATgI ECtWg6NJ6dGZnyTKJENBACrMB5n8akNyfQMV+6ITZVFzwzf6xe2dZ9ZyJkKqbtOxTm U46AMqy2cX2aH/xAMpx6ceTHIO9mfjMM+AL2vCUS8FECeq+BnKuaRSNeJbXgU4Yy99 ekselzVjURPVdwlJYwV2qaPDZf7Jro3h04zK/q6pjKo8BU6yl/QTYEYoZV46+slTA4 zwEXepNcS6do+Fjgek9xTZ4PIVBwu6JXQT0RiLoqYIgyRwX4iRrBKQdTGpLkD02jIw lzY5Ode/kkPWQ48ontPjJgPHe5t4nJvLVQBYw8ZhZBa0X1GLp/4
Date: Fri, 27 Oct 2017 00:18:10 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20171027001810.sr5invirfy2zqjia@genre.crustytoothpaste.net>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="5smgcopjai4xd47g"
Content-Disposition: inline
In-Reply-To: <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.13.0-1-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
X-Scanned-By: MIMEDefang 2.79 on 127.0.1.1
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/5A9ZUAlD5bwfUYPmgoqs7J4ISz8>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 00:18:50 -0000

--5smgcopjai4xd47g
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 26, 2017 at 02:03:02AM +0000, Ronald Tse wrote:
> Perhaps I could clarify that the OCB patent is limited in regional
> scope and does not apply outside of the US. For example, the NZ
> military could order a pizza using OCB.

Unfortunately, a patent anywhere is an impediment everywhere in the age
of the Internet.

> The OCB licenses provided on Rogaway=E2=80=99s page is very clear that op=
en
> source usage, such as in OpenSSL and any products based on OpenSSL, is
> strictly allowed =E2=80=94 which means that military and hardware usage o=
f OCB
> through OpenSSL is already allowed.

It's my reading of Rogaway's license that linking an open-source library
against closed source software violates the patent license, even though
it might not violate the library license.  If a distro ships an
OCB-enabled crypto library, it can't be used for any closed-source
software shipped on that system (Chrome, Slack) or any non-open-source
custom-built apps (say, an internal Rails app).

Since crypto libraries like OpenSSL are very frequently linked against
other software on the system, this is a terrible idea.

The fact that it's this hard to understand the patent issues makes it
really obvious why OCB is a bad idea.

> I think we are slightly confusing an optional algorithm, which OCB is
> proposed to be, with a mandatory one. A user should be able to specify
> in their preferences that they don=E2=80=99t accept OCB. A .mil email add=
ress
> will probably specify they do not want OCB in this case.

I'm generally opposed to including algorithms, even optional ones, which
are patent-encumbered.  The fact that an IPR declaration exists for an
RFC is enough to scare off many companies from implementing it.

I personally hate having to meet with company lawyers, even extremely
knowledgable ones, about the type of crypto we use and the legal impacts
of it.  Adding OCB to the spec is going to cause a lot of those
conversations that don't need to happen.

> Given OpenPGP is supposed to be =E2=80=9Copen=E2=80=9D, people should be =
able to state
> their preferences as well as do what they want with it.
>=20
> For example, Chinese cryptography law strictly forbids AES usage in
> hardware. Does that mean Intel needs to drop AES-NI for chips sold in
> China? The answer is no. People simply don=E2=80=99t use it because of th=
ese
> regulations.
>=20
> This is the same with OCB =E2=80=94 if you don=E2=80=99t like it, don=E2=
=80=99t want it, just
> don't use it. It only enables people who want it to use it.

Practically, a patent-encumbered algorithm is not likely to be
implemented.  The patent problems with OCB make it unlikely that it will
be suitable for inclusion into the Red Hat or Debian archives.  That
means that most open-source implementations will not include it, and
those that do will not interoperate with those that don't.

Why should we add an algorithm which is likely to get little practical
usage?  OCB doesn't provide useful crypto agility, but it does provide
yet another option, which we've tried to avoid in the specification.
Additional algorithms are hard to deprecate and are a source of
potential security bugs in implementations.

I'm not saying OCB isn't a great block cipher mode, just that it's going
to be practically unused because of the patent situation.

> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+
> This message may contain confidential and/or privileged
> information.  If you are not the addressee or authorized to
> receive this for the addressee, you must not use, copy,
> disclose or take any action based on this message or any
> information herein.  If you have received this message in
> error, please advise the sender immediately by reply e-mail
> and delete this message.  Thank you for your cooperation.
> +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D+

If your mails are confidential, you probably want to stop sending them
to a public mailing list.  If not, you'll want to omit this message.
--=20
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204

--5smgcopjai4xd47g
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.2.1 (GNU/Linux)

iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlnye0EACgkQv1NdgR9S
9ovYfA//dJwpFxYp/6tPK6CIm1/gOo52m/rLyITWVkaaumOd3B4M9jR931x/5pGM
7EJ2MKMY33pd6wj5BEkCa2S4oqu5ISC0OpxLTv1PKSzLq3dBGhlCUWFerWzz6hM1
Zrueb9dzv8aHQZT4TgF/UYR+nT10VfFJh6giGrkhcfC5s/921Fr/EWdvDkcrfLRM
SWYmkUL9tE49Gcqi8cQVGIHiNr6J1TOQclAP6uUJbUU2hA7WThV9m4LYNuf+4zON
ruI9lyzgJKwA2Mrh/qTZa/bW8DGnRHh3sQMwzvRfmw3Yb+N6qnhqeec0/vQS2B/E
IdeAIDf9V50/k/vJCVv/6PSzJ7cSg5CUiTcPnMU1VvJr+/mzW4X7GeJEMcGBPCWE
kt4yzGlfcyBH6ruMJR/ckH1612LbEE98rThLx8/31R3r/xPzfqkCMKiaeDS+Wul5
k9alL3zYWuSuAPa8Nd1t+wG3ERQenCOP5Qqpj9FaQ15KXS2C6HkkbvNB4IsU9rLz
tbjicnEWxoQu4hDHhyVhwF/k8nXfBcDJcQB6I+ZQOGFeRUm5d7Qt0LoupQ6oiMs4
7KDF86iRi7NIn/dWu64dMOoEzmCoQoIvTTgZE7wuJrmHkoGAjumS5pr+luL2vONb
DCr2w6PcW09lI74LEs/0DVw7iSBMr4bQExlMHdUb8I2adFyED1k=
=Yoxc
-----END PGP SIGNATURE-----

--5smgcopjai4xd47g--


From nobody Thu Oct 26 17:27:27 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 080D613F491 for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level: 
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B0qCDLmiL70E for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:27:23 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73EF013F417 for <openpgp@ietf.org>; Thu, 26 Oct 2017 17:27:23 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yNPpF61qwz3Q1; Fri, 27 Oct 2017 02:27:17 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509064037; bh=t2QHPcmn1Be3utDgk2mQQdhqxmPsPQ3SpvrZH6MghkA=; h=From:Subject:Date:References:Cc:In-Reply-To:To; b=pO2hcKnBXtJYFPWZCmQHwEzX2OuLdvNMMD439RPOaiFVm7BkykPCQ/tn1ywisNrFI XnvoqrPT8EpcXBwntnSlf/Mo7BfdGNre5k4ScOnAu84SpN/3Vz+iFgP2dKKT64kTRq 1iqxx25qfKbNv9DifnKVfiAvpJ/1AEmbgru7qhHg=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 10BmBU0wD5Yc; Fri, 27 Oct 2017 02:27:15 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Fri, 27 Oct 2017 02:27:15 +0200 (CEST)
Received: from [25.112.168.255] (unknown [24.114.71.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 7674762D29; Thu, 26 Oct 2017 20:27:14 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 7674762D29
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Paul Wouters <paul@nohats.ca>
Mime-Version: 1.0 (1.0)
Date: Thu, 26 Oct 2017 20:26:19 -0400
Message-Id: <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
To: Ronald Tse <tse@ribose.com>
X-Mailer: iPhone Mail (15A432)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/566O2DmOgfSec74BFZVA2uL-fo0>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 00:27:26 -0000

> On Oct 25, 2017, at 22:03, Ronald Tse <tse@ribose.com> wrote:
>=20
>=20
> I think we are slightly confusing an optional algorithm, which OCB is prop=
osed to be, with a mandatory one.

For IETF standards, optional or mandatory to implement, it should be unencum=
bered and free to use.

> A user should be able to specify in their preferences that they don=E2=80=99=
t accept OCB. A .mil email address will probably specify they do not want OC=
B in this case.

This is not unencumbered or free to use and should disqualify this algorithm=
 for IETF.

> For example, Chinese cryptography law strictly forbids AES usage in hardwa=
re. Does that mean Intel needs to drop AES-NI for chips sold in China? The a=
nswer is no. People simply don=E2=80=99t use it because of these regulations=
.

This example is wrong. IETF does not control other entities. It only control=
s itself and set rules for itself. And one of those rules is =E2=80=9Cfree, g=
ratis and unencumbered=E2=80=9D.

> This is the same with OCB

It is not, as you explain above.

Paul=


From nobody Fri Oct 27 01:39:08 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B49E113A25A for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:39:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G5_u3g-K-wzS for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:39:06 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEE5E138103 for <openpgp@ietf.org>; Fri, 27 Oct 2017 01:39:05 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e80AS-0003G5-8y for <openpgp@ietf.org>; Fri, 27 Oct 2017 10:39:04 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e804K-0003fG-Mw; Fri, 27 Oct 2017 10:32:44 +0200
From: Werner Koch <wk@gnupg.org>
To: Paul Wouters <paul@nohats.ca>
Cc: Ronald Tse <tse@ribose.com>,  "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Paul Wouters <paul@nohats.ca>, Ronald Tse <tse@ribose.com>,  "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Fri, 27 Oct 2017 10:32:44 +0200
In-Reply-To: <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> (Paul Wouters's message of "Thu, 26 Oct 2017 20:26:19 -0400")
Message-ID: <87she556tv.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=lock_picking_eavesdropping_Kosovo_TELINT_morse_Project_Monarch=Bletc"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/CN5zW9e7qyrmYD6an1kcKp3Fi9Y>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 08:39:08 -0000

--=lock_picking_eavesdropping_Kosovo_TELINT_morse_Project_Monarch=Bletc
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 27 Oct 2017 02:26, paul@nohats.ca said:

> For IETF standards, optional or mandatory to implement, it should be unen=
cumbered and free to use.

rfc2440 and rfc4880 both included IDEA as a SHOULD algorithm despite
that IDEA was patent encumbered.  Also RSA was patent encumbered when
2440 was published and nevertheless a SHOULD algorithm.

Ronald proposed OCB as a MAY algorithm so that by the time the patent
expires it can be used.  We will anyway require a couple of years before
a new algorithm can be used.  It is up to the implementation to announce
support for certain algorithms.


Salam-Shalom,

   Werner


=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=lock_picking_eavesdropping_Kosovo_TELINT_morse_Project_Monarch=Bletc
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWfLvLAAKCRD/gK6dHew1
jZ7NAQDrQJxtMrxUbtlcCrPYNDZkj+TOK4NESFLs2X3SDlufXQEA5PmvNx7ad8ys
0ADKg8l/krymsTrAprL0X5BVO5b/qg8=
=LxGh
-----END PGP SIGNATURE-----
--=lock_picking_eavesdropping_Kosovo_TELINT_morse_Project_Monarch=Bletc--


From nobody Fri Oct 27 01:46:20 2017
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC0C7138103 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:46:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rxQ7uqG3UM3V for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 01:46:16 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B443138726 for <openpgp@ietf.org>; Fri, 27 Oct 2017 01:46:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1509093976; x=1540629976; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=LIX0CtGmDEPSRXkOL4wr2SlqaLHUWJFkG6ujlmXbIdA=; b=dfvt9zSuslF5PlSgz4hPiJ8IIf19aPvFTUiyCUX9PBHDgeNhAPpiLUJV QsypO0WA0T04Epw5Lg/7a5Tc1SGL1Ic25kOo6a+1nf/ksvwp4Gbtgp76E Y/iKtd4jFz3AXSvTMTZ2AA3mVBLJSotU+gHMdX74Cwcaw3Gxin6wE5ya5 u9lEqyW8L/LHCXhnoDqFmvlOVn7AdvbDT7S9kP44mzxAonHnia5ndrfVv zTUM4DjezaxAxMRLSxMeeAWIbamcpvaeJgNwBJKPPra9kxV8cRhrMG0d5 KINxMJEDjfrhF1j/P/LroCV/QcaDJR9KTSMQBQfGRIT8rvO+vMGx4t2Ub A==;
X-IronPort-AV: E=Sophos;i="5.44,304,1505736000"; d="scan'208";a="192229545"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.8 - Outgoing - Outgoing
Received: from exchangemx.uoa.auckland.ac.nz (HELO uxcn13-ogg-e.UoA.auckland.ac.nz) ([10.6.2.8]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 27 Oct 2017 21:46:14 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-e.UoA.auckland.ac.nz (10.6.2.28) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 27 Oct 2017 21:46:14 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1263.000; Fri, 27 Oct 2017 21:46:14 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Werner Koch <wk@gnupg.org>, Paul Wouters <paul@nohats.ca>
CC: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5w45VH0tw2ky7nHf16p0Us6L1We9k//8uWgCAAXdPgIABY7ExgAABjzs=
Date: Fri, 27 Oct 2017 08:46:13 +0000
Message-ID: <1509093954061.51049@cs.auckland.ac.nz>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca>, <87she556tv.fsf@wheatstone.g10code.de>
In-Reply-To: <87she556tv.fsf@wheatstone.g10code.de>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/sj70dSrNmKGtPR1IMlv-zNn6NZY>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 08:46:19 -0000

Werner Koch <wk@gnupg.org> writes:=0A=
=0A=
>rfc2440 and rfc4880 both included IDEA as a SHOULD algorithm despite that=
=0A=
>IDEA was patent encumbered.  Also RSA was patent encumbered when 2440 was=
=0A=
>published and nevertheless a SHOULD algorithm.=0A=
=0A=
They were there because there wasn't much choice.  PGP 2.0 used IDEA and RS=
A,=0A=
so it had to be kept around for future versions, although it was only a=0A=
SHOULD, not a MUST.  With OCB in contrast you're introducing a new patent-=
=0A=
encumbered algorithm for no obvious reason.=0A=
=0A=
If you really want the protection that OCB offers then encrypt-then-MAC is =
a=0A=
totally unencumbered way of doing the same thing.  It's been in S/MIME for=
=0A=
years.=0A=
=0A=
Peter.=


From nobody Fri Oct 27 03:13:00 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 335CC13F411 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:12:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pLqA6RSt3Iq5 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:12:56 -0700 (PDT)
Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01on0056.outbound.protection.outlook.com [104.47.125.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CEF713B138 for <openpgp@ietf.org>; Fri, 27 Oct 2017 03:12:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=6LQqIc5j0l9Ko7PIZav1j8/KwRrWn/DkXZulieaWkpk=; b=fUQfsHUWTyJ0D1NnVqQdrD5HUL6aQUC4KhNRWITzBLdZJSj4VT1yEML8a81GW/SbvGV/R41l+IE2CLqSepjgnrTjZaCx3wKTXgI9SE0L8I8QShAW6oOfL2QyU5DYx7jS9pAfx5OukrYsvJxbzm2eNZT5N/gCY4uyULPD+vkoq+M=
Received: from KL1PR01MB1047.apcprd01.prod.exchangelabs.com (10.169.108.13) by KL1PR01MB1045.apcprd01.prod.exchangelabs.com (10.169.108.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Fri, 27 Oct 2017 10:12:51 +0000
Received: from KL1PR01MB1047.apcprd01.prod.exchangelabs.com ([fe80::8063:56cb:84b9:41c5]) by KL1PR01MB1047.apcprd01.prod.exchangelabs.com ([fe80::8063:56cb:84b9:41c5%14]) with mapi id 15.20.0156.007; Fri, 27 Oct 2017 10:12:51 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL1WjoAgAAH/ICAAXdQgIAAibPGgAAB+YCAABgzAA==
Date: Fri, 27 Oct 2017 10:12:51 +0000
Message-ID: <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz>
In-Reply-To: <1509093954061.51049@cs.auckland.ac.nz>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; KL1PR01MB1045; 6:RNfLRCw0hIrgia8muEjIDHnoZ6iFTYmVeWXVJ2BWNHfi0iFNT5jMNPnUDSDMMsk4zBqgKMBgYXJ0htwvXh4tcYi16LxNIPDBI391RiFXTH3OJryBMvtieD+ZFwWUkUyW0W86z2VfEVgJUm7YadkmVjctaykb0YRDDZno2kJt7mbwGQ1jsVhszu03/NvBI7hRlJ0fWmUv0Aw8MapJviaQaBQekT/ZqyLh3LBd4CBlV3TjvBfvr8GtKmNHLuSNxuUyI+I1n3ysIpXnLBGwaTYT6QDsbyYrrZQL4YrlYa8ft1UksNkqIN1nk2kU2S2jGjG9G4OF3LbhAQCxWB7iSS3Mug==; 5:Mlr3tw0Rb40+Ads768PzRSjDt0p1bWMQVUmfUW0e3aTBsvI7+W6KMKNzNCKJMqxecujCbmyYiTZQnihGzx8jl4cIRRy8ELA9Wzgtp3/nmGQnuVEIvky9IfkGe7VZG2ssjJXzcL7j+h/bWlQVzCQcwg==; 24:j/LTA8aoMCuizUxpZJCD4QZgz3aV4WsKEuYd9RnPgk19Y53U17412rjVs9i3j+s/GWIpfaijCjL1f3yTtlLuQKp26jajn75oiOge/s+x1OE=; 7:o3/28RPnweOuYZOCsOj305zwyCzzRvxK2Zi8TwABjVAcYgwQs4ZkR8JYv+3z2kwAIePpcWxGH4NIrcLrZSBlC3YtevtkYUTM6yr3AzylI1btv+F/XHX9GvTEDIOfJUkAKjl9e2THSrmHRl4af4/NWbgc9Bl5lQQGr462Dn42fwnQkoNjHeliCxv2cEEqi2zhb3YX30l6r8KdmKEVR/i6XWd+ioSOtLFM2wLTE8sBfiI=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 678a575f-037f-487b-7675-08d51d234853
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(4627075)(201702281549075)(2017052603199); SRVR:KL1PR01MB1045; 
x-ms-traffictypediagnostic: KL1PR01MB1045:
x-exchange-antispam-report-test: UriScan:(120809045254105);
x-microsoft-antispam-prvs: <KL1PR01MB104517F3243B75EC7C619BE6D75A0@KL1PR01MB1045.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(10201501046)(3231020)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123564025)(20161123562025)(2016111802025)(20161123558100)(20161123560025)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:KL1PR01MB1045; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:KL1PR01MB1045; 
x-forefront-prvs: 0473A03F3F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(39830400002)(346002)(199003)(51914003)(189002)(24454002)(5640700003)(82746002)(6506006)(25786009)(3280700002)(97736004)(6246003)(86362001)(2501003)(2906002)(3846002)(5250100002)(93886005)(53936002)(102836003)(66066001)(478600001)(99286003)(5660300001)(6512007)(53546010)(83716003)(7736002)(6116002)(236005)(68736007)(3660700001)(6306002)(54896002)(316002)(966005)(33656002)(106356001)(189998001)(105586002)(606006)(6916009)(101416001)(14454004)(2900100001)(6486002)(2351001)(8676002)(50986999)(1730700003)(6436002)(76176999)(81166006)(229853002)(2950100002)(81156014)(8936002)(54356999)(36756003)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:KL1PR01MB1045; H:KL1PR01MB1047.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_36023233856C4A6DBAF928037B4DA0F7ribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 678a575f-037f-487b-7675-08d51d234853
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2017 10:12:51.5877 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1PR01MB1045
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ytqJr5miWZoxirkL_ZAqv9iS19Q>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 10:12:59 -0000

--_000_36023233856C4A6DBAF928037B4DA0F7ribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

VGhhbmsgeW91IFdlcm5lciBmb3IgdGhlIHN1cHBvcnRpbmcgY29tbWVudC4gU2VlaW5nIHRoZSBj
b21tZW50cyBJIHRoaW5rIHdlIGFsbCBhZ3JlZSB0aGF0IE9DQiBpcyBhIGdyZWF0IEFFQUQgbW9k
ZSwgYW5kIHRoZSBvbmx5IGNvbmNlcm4gaXMgYWJvdXQgaXRzIElQLg0KDQoxLiBBIG51bWJlciBv
ZiBzdGF0ZW1lbnRzIGhhdmUgYmVlbiBtYWRlIHJlZ2FyZGluZyBJRVRGIHN0YW5kYXJkcyBhbmQg
cGF0ZW50cywgYnV0IHRob3NlIHN0YXRlbWVudHMgZG8gbm90IG5lY2Vzc2FyeSByZWZsZWN0IHRv
ZGF54oCZcyByZWFsaXR5Lg0KDQpJRVRG4oCZcyBJUFIgcGFnZSBkZXRhaWxzIGl0cyBzdGFuY2Ug
dG93YXJkcyBJUCBhbmQgc3BlY2lmaWNhbGx5LCBwYXRlbnRzLiBUaGVyZSBkb2VzIG5vdCBzZWVt
IHRvIGJlIG5vIHJlcXVpcmVtZW50IHRoYXQgdGhlIHN0YW5kYXJkIGlzIOKAnHVuZW5jdW1iZXJl
ZOKAnSwg4oCcZnJlZeKAnSBvciDigJxncmF0aXPigJ0uIFRoZSByZXF1aXJlbWVudCBpcyB0aGF0
IGxpY2Vuc2VzIG11c3QgYmUgZ3JhbnRlZCBpbiBhIG5vbi1kaXNjcmltaW5hdG9yeSB3YXkuDQoN
CkluIHRoZSBJRVRG4oCZcyBJUFIgZGlzY2xvc3VyZSBsaXN0aW5nIChodHRwczovL2RhdGF0cmFj
a2VyLmlldGYub3JnL2lwci8pLCB5b3UgY2FuIGZpbmQgcXVpdGUgYSBmZXcgZXhhbXBsZXMgb2Yg
bmV3bHkgcHVibGlzaGVkIFJGQyBkb2N1bWVudHMgdGhhdCBhcmUgY2xlYXJseSBjb3ZlcmVkIGJ5
IGlzc3VlZCBwYXRlbnRzLCB3aXRoIG5vIOKAnGluZGVtbmlmaWNhdGlvbuKAnSBmb3IgaW1wbGVt
ZW50ZXJzLg0KDQpJbiBmYWN0LCBSRkMgODE3OSBjbGFyaWZpZXMgdGhlIGZvbGxvd2luZyBmb3Ig
YSBTdGFuZGFyZHMgVHJhY2sgZG9jdW1lbnQ6DQotLS0tDQo5LiAgTGljZW5zaW5nIFJlcXVpcmVt
ZW50cyB0byBBZHZhbmNlIFN0YW5kYXJkcyBUcmFjayBJRVRGIERvY3VtZW50cw0KDQogICBTZWN0
aW9uIDIuMiBvZiBSRkMgNjQxMCBbUkZDNjQxMF0gc3RhdGVzOg0KDQogICAgICBJZiB0aGUgdGVj
aG5vbG9neSByZXF1aXJlZCB0byBpbXBsZW1lbnQgdGhlIHNwZWNpZmljYXRpb24gcmVxdWlyZXMN
CiAgICAgIHBhdGVudGVkIG9yIG90aGVyd2lzZSBjb250cm9sbGVkIHRlY2hub2xvZ3ksIHRoZW4g
dGhlIHNldCBvZg0KICAgICAgaW1wbGVtZW50YXRpb25zIG11c3QgZGVtb25zdHJhdGUgYXQgbGVh
c3QgdHdvIGluZGVwZW5kZW50LA0KICAgICAgc2VwYXJhdGUgYW5kIHN1Y2Nlc3NmdWwgdXNlcyBv
ZiB0aGUgbGljZW5zaW5nIHByb2Nlc3MuDQoNCiAgIEEga2V5IHdvcmQgaW4gdGhpcyB0ZXh0IGlz
ICJyZXF1aXJlcyIuICBUaGUgbWVyZSBleGlzdGVuY2Ugb2YNCiAgIGRpc2Nsb3NlZCBJUFIgZG9l
cyBub3QgbmVjZXNzYXJpbHkgbWVhbiB0aGF0IGxpY2Vuc2VzIGFyZSBhY3R1YWxseQ0KICAgcmVx
dWlyZWQgaW4gb3JkZXIgdG8gaW1wbGVtZW50IHRoZSB0ZWNobm9sb2d5Lg0KLS0tLQ0KDQpGb3Ig
UkZDIDgxNzkgY29tcGxpYW5jZSwgdGhlcmUgYXJlIGFscmVhZHkgMyBsaWNlbnNlcyBpc3N1ZWQg
b24gUm9nYXdheeKAmXMgd2ViIHNpdGUsIGFuZCBtYW55IG90aGVycyB0aGF0IGFyZSBub3Qgc2hv
d24gdGhlcmUuIFRoaXMgbWVhbnMgdGhhdCBpbmNvcnBvcmF0aW5nIE9DQiBpbiB0aGUgNDg4MCBk
b2N1bWVudCB3b3VsZCBOT1QgYWZmZWN0IGl0cyBzdGF0dXMgYXMgYSBTdGFuZGFyZC4NCg0KDQoy
LiBUaGVyZSBoYXMgYmVlbiBzb21lIG1pc3VuZGVyc3RhbmRpbmcgcmVnYXJkaW5nIHRoZSBPQ0Ig
bGljZW5zZSBjb3ZlcmFnZS4NCg0KYS4gT0NCIGlzIGFscmVhZHkgc2hpcHBlZCBpbiBSZWQgSGF0
IGFuZCBEZWJpYW4gdG9kYXkgaW4gdGhlIE9wZW5TU0wgYW5kIEJvdGFuIGNyeXB0b2dyYXBoaWMg
bGlicmFyaWVzLg0KDQpiLiBMaW5raW5nIGFuZCBkaXN0cmlidXRpb24gb2YgYW55IGNsb3NlZC1z
b3VyY2Ugc29mdHdhcmUgd2l0aCBhbiBvcGVuLXNvdXJjZSBzb2Z0d2FyZSAoT0NCIExpY2Vuc2Ug
MjogYXMgZGVmaW5lZCBieSB0aGUgRlNGLCBpbmNsdWRpbmcgQlNELCBHUEwgbGljZW5zZXMpLCBp
cyBhbHJlYWR5IGFuIGFjY2VwdGVkLCBsaWNlbnNlZCB1c2Ugb2YgT0NCLg0KDQpJbiBhbGwgb2Yg
QnJpYW7igJlzIGV4YW1wbGVzLCBsaW5raW5nIG9yIGRpc3RyaWJ1dGlvbiBvZiDigJxhbnkgY2xv
c2VkLXNvdXJjZSBzb2Z0d2FyZSBzaGlwcGVkIG9uIHRoYXQgc3lzdGVtIG9yIGFueSBub24tb3Bl
bi1zb3VyY2UgY3VzdG9tLWJ1aWx0IGFwcHPigJ0gdGhhdCB1dGlsaXplIGFuIE9DQi1lbmFibGVk
IG9wZW4tc291cmNlIGNyeXB0byBsaWJyYXJ5LCBpcyBleHBsaWNpdGx5IGFsbG93ZWQgYnkgTGlj
ZW5zZSAyLg0KDQoNCjMuIFRoZSBtaXN1bmRlcnN0YW5kaW5nIHRoYXQgT3BlblBHUCBpbXBsZW1l
bnRlcnMgd2lsbCBub3QgaW1wbGVtZW50IE9DQiBkdWUgdG8gSVBSIGRpc2Nsb3N1cmVzLg0KDQpX
ZXJuZXIgb2YgR251UEcsIGhhcyBhbHJlYWR5IGluZGljYXRlZCBzdXBwb3J0IHRvIE9DQiBvbiBt
dWx0aXBsZSBvY2Nhc2lvbnMuIE91ciBvd24gb3Blbi1zb3VyY2UgT3BlblBHUCBpbXBsZW1lbnRh
dGlvbiwgUk5QLCB3aWxsIGltcGxlbWVudCBPQ0IuIEFueW9uZSB0aGF0IHVzZXMgcG9wdWxhciBj
cnlwdG9ncmFwaGljIGxpYnJhcmllcyBsaWtlIE9wZW5TU0wgYW5kIEJvdGFuIGNhbiBhbHJlYWR5
IGltcGxlbWVudCB0aGlzIGFuZCBpcyBjb3ZlcmVkIGJ5IHRoZSBsaWNlbnNlcy4NCg0KQWdhaW4s
IE9DQiBpcyBwcm9wb3NlZCB0byBiZSBhIE1BWSBhbGdvcml0aG0sIG5vdCBhIE1VU1Qgb3IgZXZl
biBhIFNIT1VMRCDigJQgaWYgc29tZW9uZSBkb2Vzbid0IGxpa2UgaXQsIHRoZXJlIGlzIG5vIG5l
ZWQgdG8gcHJldmVudCBvdGhlcnMgZnJvbSB1c2luZyBpdC4NCg0KDQpUaGFua3MgZm9yIHRoZSBj
b21tZW50cy4NCg0KUm9uDQoNCg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
Xw0KDQpSb25hbGQgVHNlDQpSaWJvc2UgSW5jLg0KDQoNCg0KT24gT2N0IDI3LCAyMDE3LCBhdCA0
OjQ2IFBNLCBQZXRlciBHdXRtYW5uIDxwZ3V0MDAxQGNzLmF1Y2tsYW5kLmFjLm56PG1haWx0bzpw
Z3V0MDAxQGNzLmF1Y2tsYW5kLmFjLm56Pj4gd3JvdGU6DQoNCldlcm5lciBLb2NoIDx3a0BnbnVw
Zy5vcmc8bWFpbHRvOndrQGdudXBnLm9yZz4+IHdyaXRlczoNCg0KcmZjMjQ0MCBhbmQgcmZjNDg4
MCBib3RoIGluY2x1ZGVkIElERUEgYXMgYSBTSE9VTEQgYWxnb3JpdGhtIGRlc3BpdGUgdGhhdA0K
SURFQSB3YXMgcGF0ZW50IGVuY3VtYmVyZWQuICBBbHNvIFJTQSB3YXMgcGF0ZW50IGVuY3VtYmVy
ZWQgd2hlbiAyNDQwIHdhcw0KcHVibGlzaGVkIGFuZCBuZXZlcnRoZWxlc3MgYSBTSE9VTEQgYWxn
b3JpdGhtLg0KDQpUaGV5IHdlcmUgdGhlcmUgYmVjYXVzZSB0aGVyZSB3YXNuJ3QgbXVjaCBjaG9p
Y2UuICBQR1AgMi4wIHVzZWQgSURFQSBhbmQgUlNBLA0Kc28gaXQgaGFkIHRvIGJlIGtlcHQgYXJv
dW5kIGZvciBmdXR1cmUgdmVyc2lvbnMsIGFsdGhvdWdoIGl0IHdhcyBvbmx5IGENClNIT1VMRCwg
bm90IGEgTVVTVC4gIFdpdGggT0NCIGluIGNvbnRyYXN0IHlvdSdyZSBpbnRyb2R1Y2luZyBhIG5l
dyBwYXRlbnQtDQplbmN1bWJlcmVkIGFsZ29yaXRobSBmb3Igbm8gb2J2aW91cyByZWFzb24uDQoN
CklmIHlvdSByZWFsbHkgd2FudCB0aGUgcHJvdGVjdGlvbiB0aGF0IE9DQiBvZmZlcnMgdGhlbiBl
bmNyeXB0LXRoZW4tTUFDIGlzIGENCnRvdGFsbHkgdW5lbmN1bWJlcmVkIHdheSBvZiBkb2luZyB0
aGUgc2FtZSB0aGluZy4gIEl0J3MgYmVlbiBpbiBTL01JTUUgZm9yDQp5ZWFycy4NCg0KUGV0ZXIu
DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0Kb3BlbnBn
cCBtYWlsaW5nIGxpc3QNCm9wZW5wZ3BAaWV0Zi5vcmc8bWFpbHRvOm9wZW5wZ3BAaWV0Zi5vcmc+
DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWlsbWFuL2xpc3RpbmZvL29wZW5wZ3ANCg0K

--_000_36023233856C4A6DBAF928037B4DA0F7ribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <D9ACB5E05613FC4B8F53CBEA6300B8E2@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NClRoYW5rIHlvdSBXZXJuZXIgZm9yIHRoZSBzdXBw
b3J0aW5nIGNvbW1lbnQuIFNlZWluZyB0aGUgY29tbWVudHMgSSB0aGluayB3ZSBhbGwgYWdyZWUg
dGhhdCBPQ0IgaXMgYSBncmVhdCBBRUFEIG1vZGUsIGFuZCB0aGUgb25seSBjb25jZXJuIGlzIGFi
b3V0IGl0cyBJUC4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNs
YXNzPSIiPjEuIEEgbnVtYmVyIG9mIHN0YXRlbWVudHMgaGF2ZSBiZWVuIG1hZGUgcmVnYXJkaW5n
IElFVEYgc3RhbmRhcmRzIGFuZCBwYXRlbnRzLCBidXQgdGhvc2Ugc3RhdGVtZW50cyBkbyBub3Qg
bmVjZXNzYXJ5IHJlZmxlY3QgdG9kYXnigJlzIHJlYWxpdHkuPC9kaXY+DQo8ZGl2IGNsYXNzPSIi
PjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5JRVRG4oCZcyBJUFIgcGFnZSBk
ZXRhaWxzIGl0cyBzdGFuY2UgdG93YXJkcyBJUCBhbmQgc3BlY2lmaWNhbGx5LCBwYXRlbnRzLiBU
aGVyZSBkb2VzIG5vdCBzZWVtIHRvIGJlIG5vIHJlcXVpcmVtZW50IHRoYXQgdGhlIHN0YW5kYXJk
IGlzIOKAnHVuZW5jdW1iZXJlZOKAnSwg4oCcZnJlZeKAnSBvciDigJxncmF0aXPigJ0uIFRoZSBy
ZXF1aXJlbWVudCBpcyB0aGF0IGxpY2Vuc2VzIG11c3QgYmUgZ3JhbnRlZCBpbiBhIG5vbi1kaXNj
cmltaW5hdG9yeQ0KIHdheS48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9k
aXY+DQo8ZGl2IGNsYXNzPSIiPkluIHRoZSBJRVRG4oCZcyBJUFIgZGlzY2xvc3VyZSBsaXN0aW5n
ICg8YSBocmVmPSJodHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2lwci8iIGNsYXNzPSIiPmh0
dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvaXByLzwvYT4pLCB5b3UgY2FuIGZpbmQgcXVpdGUg
YSBmZXcgZXhhbXBsZXMgb2YgbmV3bHkgcHVibGlzaGVkIFJGQyBkb2N1bWVudHMgdGhhdCBhcmUg
Y2xlYXJseSBjb3ZlcmVkIGJ5IGlzc3VlZCBwYXRlbnRzLCB3aXRoDQogbm8g4oCcaW5kZW1uaWZp
Y2F0aW9u4oCdIGZvciBpbXBsZW1lbnRlcnMuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFz
cz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5JbiBmYWN0LCBSRkMgODE3OSBjbGFyaWZpZXMg
dGhlIGZvbGxvd2luZyBmb3IgYSBTdGFuZGFyZHMgVHJhY2sgZG9jdW1lbnQ6PC9kaXY+DQo8ZGl2
IGNsYXNzPSIiPi0tLS08L2Rpdj4NCjxkaXYgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPjkuICZu
YnNwO0xpY2Vuc2luZyBSZXF1aXJlbWVudHMgdG8gQWR2YW5jZSBTdGFuZGFyZHMgVHJhY2sgSUVU
RiBEb2N1bWVudHM8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8
ZGl2IGNsYXNzPSIiPiZuYnNwOyAmbmJzcDtTZWN0aW9uIDIuMiBvZiBSRkMgNjQxMCBbUkZDNjQx
MF0gc3RhdGVzOjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxk
aXYgY2xhc3M9IiI+Jm5ic3A7ICZuYnNwOyAmbmJzcDsgSWYgdGhlIHRlY2hub2xvZ3kgcmVxdWly
ZWQgdG8gaW1wbGVtZW50IHRoZSBzcGVjaWZpY2F0aW9uIHJlcXVpcmVzPC9kaXY+DQo8ZGl2IGNs
YXNzPSIiPiZuYnNwOyAmbmJzcDsgJm5ic3A7IHBhdGVudGVkIG9yIG90aGVyd2lzZSBjb250cm9s
bGVkIHRlY2hub2xvZ3ksIHRoZW4gdGhlIHNldCBvZjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4mbmJz
cDsgJm5ic3A7ICZuYnNwOyBpbXBsZW1lbnRhdGlvbnMgbXVzdCBkZW1vbnN0cmF0ZSBhdCBsZWFz
dCB0d28gaW5kZXBlbmRlbnQsPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPiZuYnNwOyAmbmJzcDsgJm5i
c3A7IHNlcGFyYXRlIGFuZCBzdWNjZXNzZnVsIHVzZXMgb2YgdGhlIGxpY2Vuc2luZyBwcm9jZXNz
LjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9
IiI+Jm5ic3A7ICZuYnNwO0Ega2V5IHdvcmQgaW4gdGhpcyB0ZXh0IGlzICZxdW90O3JlcXVpcmVz
JnF1b3Q7LiAmbmJzcDtUaGUgbWVyZSBleGlzdGVuY2Ugb2Y8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+
Jm5ic3A7ICZuYnNwO2Rpc2Nsb3NlZCBJUFIgZG9lcyBub3QgbmVjZXNzYXJpbHkgbWVhbiB0aGF0
IGxpY2Vuc2VzIGFyZSBhY3R1YWxseTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4mbmJzcDsgJm5ic3A7
cmVxdWlyZWQgaW4gb3JkZXIgdG8gaW1wbGVtZW50IHRoZSB0ZWNobm9sb2d5LjwvZGl2Pg0KLS0t
LTwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9
IiI+DQo8ZGl2IGNsYXNzPSIiPkZvciBSRkMgODE3OSBjb21wbGlhbmNlLCB0aGVyZSBhcmUgYWxy
ZWFkeSAzIGxpY2Vuc2VzIGlzc3VlZCBvbiBSb2dhd2F54oCZcyB3ZWIgc2l0ZSwgYW5kIG1hbnkg
b3RoZXJzIHRoYXQgYXJlIG5vdCBzaG93biB0aGVyZS4gVGhpcyBtZWFucyB0aGF0IGluY29ycG9y
YXRpbmcgT0NCIGluIHRoZSA0ODgwIGRvY3VtZW50IHdvdWxkIE5PVCBhZmZlY3QgaXRzIHN0YXR1
cyBhcyBhIFN0YW5kYXJkLjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rp
dj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xh
c3M9IiI+Mi4gVGhlcmUgaGFzIGJlZW4gc29tZSBtaXN1bmRlcnN0YW5kaW5nIHJlZ2FyZGluZyB0
aGUgT0NCIGxpY2Vuc2UgY292ZXJhZ2UuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0i
Ij4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5hLiBPQ0IgaXMgYWxyZWFkeSBzaGlwcGVkIGluIFJl
ZCBIYXQgYW5kIERlYmlhbiB0b2RheSBpbiB0aGUgT3BlblNTTCBhbmQgQm90YW4gY3J5cHRvZ3Jh
cGhpYyBsaWJyYXJpZXMuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2
Pg0KPGRpdiBjbGFzcz0iIj5iLiBMaW5raW5nIGFuZCBkaXN0cmlidXRpb24gb2YgYW55IGNsb3Nl
ZC1zb3VyY2Ugc29mdHdhcmUgd2l0aCBhbiBvcGVuLXNvdXJjZSBzb2Z0d2FyZSAoT0NCIExpY2Vu
c2UgMjogYXMgZGVmaW5lZCBieSB0aGUgRlNGLCBpbmNsdWRpbmcgQlNELCBHUEwgbGljZW5zZXMp
LCBpcyBhbHJlYWR5IGFuIGFjY2VwdGVkLCBsaWNlbnNlZCB1c2Ugb2YgT0NCLjwvZGl2Pg0KPGRp
diBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+SW4gYWxsIG9m
IEJyaWFu4oCZcyBleGFtcGxlcywgbGlua2luZyBvciBkaXN0cmlidXRpb24gb2Yg4oCcYW55IGNs
b3NlZC1zb3VyY2Ugc29mdHdhcmUgc2hpcHBlZCBvbiB0aGF0IHN5c3RlbSBvciBhbnkgbm9uLW9w
ZW4tc291cmNlIGN1c3RvbS1idWlsdCBhcHBz4oCdIHRoYXQgdXRpbGl6ZSBhbiBPQ0ItZW5hYmxl
ZCBvcGVuLXNvdXJjZSBjcnlwdG8gbGlicmFyeSwgaXMgZXhwbGljaXRseSBhbGxvd2VkIGJ5IExp
Y2Vuc2UgMi48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2
IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj4zLiBUaGUgbWlz
dW5kZXJzdGFuZGluZyB0aGF0IE9wZW5QR1AgaW1wbGVtZW50ZXJzIHdpbGwgbm90IGltcGxlbWVu
dCBPQ0IgZHVlIHRvIElQUiBkaXNjbG9zdXJlcy48L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNs
YXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPldlcm5lciBvZiBHbnVQRywgaGFzIGFscmVh
ZHkgaW5kaWNhdGVkIHN1cHBvcnQgdG8gT0NCIG9uIG11bHRpcGxlIG9jY2FzaW9ucy4gT3VyIG93
biBvcGVuLXNvdXJjZSBPcGVuUEdQIGltcGxlbWVudGF0aW9uLCBSTlAsIHdpbGwgaW1wbGVtZW50
IE9DQi4gQW55b25lIHRoYXQgdXNlcyBwb3B1bGFyIGNyeXB0b2dyYXBoaWMgbGlicmFyaWVzIGxp
a2UgT3BlblNTTCBhbmQgQm90YW4gY2FuIGFscmVhZHkgaW1wbGVtZW50IHRoaXMNCiBhbmQgaXMg
Y292ZXJlZCBieSB0aGUgbGljZW5zZXMuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0i
Ij4NCjwvZGl2Pg0KPGRpdiBjbGFzcz0iIj5BZ2FpbiwgT0NCIGlzIHByb3Bvc2VkIHRvIGJlIGEg
TUFZIGFsZ29yaXRobSwgbm90IGEgTVVTVCBvciBldmVuIGEgU0hPVUxEIOKAlCBpZiBzb21lb25l
IGRvZXNuJ3QgbGlrZSBpdCwgdGhlcmUgaXMgbm8gbmVlZCB0byBwcmV2ZW50IG90aGVycyBmcm9t
IHVzaW5nIGl0LjxiciBjbGFzcz0iQXBwbGUtaW50ZXJjaGFuZ2UtbmV3bGluZSI+DQo8YnIgY2xh
c3M9IiI+DQo8YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+VGhhbmtzIGZvciB0
aGUgY29tbWVudHMuPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0K
PGRpdiBjbGFzcz0iIj5Sb248L2Rpdj4NCjxkaXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPGJy
IGNsYXNzPSIiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgc3R5bGU9ImNvbG9yOiByZ2IoMCwgMCwg
MCk7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IG9ycGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0
YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6
IG5vcm1hbDsgd2lkb3dzOiBhdXRvOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyB3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2Rl
OiBzcGFjZTsgLXdlYmtpdC1saW5lLWJyZWFrOiBhZnRlci13aGl0ZS1zcGFjZTsiIGNsYXNzPSIi
Pg0KX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXzxiciBjbGFzcz0iIj4NCjxi
ciBjbGFzcz0iIj4NClJvbmFsZCBUc2U8YnIgY2xhc3M9IiI+DQpSaWJvc2UgSW5jLjxiciBjbGFz
cz0iIj4NCjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPC9kaXY+DQo8ZGl2
PjxiciBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIGNsYXNzPSIiPg0KPGRpdiBj
bGFzcz0iIj5PbiBPY3QgMjcsIDIwMTcsIGF0IDQ6NDYgUE0sIFBldGVyIEd1dG1hbm4gJmx0Ozxh
IGhyZWY9Im1haWx0bzpwZ3V0MDAxQGNzLmF1Y2tsYW5kLmFjLm56IiBjbGFzcz0iIj5wZ3V0MDAx
QGNzLmF1Y2tsYW5kLmFjLm56PC9hPiZndDsgd3JvdGU6PC9kaXY+DQo8YnIgY2xhc3M9IkFwcGxl
LWludGVyY2hhbmdlLW5ld2xpbmUiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+V2Vy
bmVyIEtvY2ggJmx0OzxhIGhyZWY9Im1haWx0bzp3a0BnbnVwZy5vcmciIGNsYXNzPSIiPndrQGdu
dXBnLm9yZzwvYT4mZ3Q7IHdyaXRlczo8YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQo8Ymxv
Y2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj5yZmMyNDQwIGFuZCByZmM0ODgwIGJvdGggaW5j
bHVkZWQgSURFQSBhcyBhIFNIT1VMRCBhbGdvcml0aG0gZGVzcGl0ZSB0aGF0PGJyIGNsYXNzPSIi
Pg0KSURFQSB3YXMgcGF0ZW50IGVuY3VtYmVyZWQuICZuYnNwO0Fsc28gUlNBIHdhcyBwYXRlbnQg
ZW5jdW1iZXJlZCB3aGVuIDI0NDAgd2FzPGJyIGNsYXNzPSIiPg0KcHVibGlzaGVkIGFuZCBuZXZl
cnRoZWxlc3MgYSBTSE9VTEQgYWxnb3JpdGhtLjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4N
CjxiciBjbGFzcz0iIj4NClRoZXkgd2VyZSB0aGVyZSBiZWNhdXNlIHRoZXJlIHdhc24ndCBtdWNo
IGNob2ljZS4gJm5ic3A7UEdQIDIuMCB1c2VkIElERUEgYW5kIFJTQSw8YnIgY2xhc3M9IiI+DQpz
byBpdCBoYWQgdG8gYmUga2VwdCBhcm91bmQgZm9yIGZ1dHVyZSB2ZXJzaW9ucywgYWx0aG91Z2gg
aXQgd2FzIG9ubHkgYTxiciBjbGFzcz0iIj4NClNIT1VMRCwgbm90IGEgTVVTVC4gJm5ic3A7V2l0
aCBPQ0IgaW4gY29udHJhc3QgeW91J3JlIGludHJvZHVjaW5nIGEgbmV3IHBhdGVudC08YnIgY2xh
c3M9IiI+DQplbmN1bWJlcmVkIGFsZ29yaXRobSBmb3Igbm8gb2J2aW91cyByZWFzb24uPGJyIGNs
YXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KSWYgeW91IHJlYWxseSB3YW50IHRoZSBwcm90ZWN0aW9u
IHRoYXQgT0NCIG9mZmVycyB0aGVuIGVuY3J5cHQtdGhlbi1NQUMgaXMgYTxiciBjbGFzcz0iIj4N
CnRvdGFsbHkgdW5lbmN1bWJlcmVkIHdheSBvZiBkb2luZyB0aGUgc2FtZSB0aGluZy4gJm5ic3A7
SXQncyBiZWVuIGluIFMvTUlNRSBmb3I8YnIgY2xhc3M9IiI+DQp5ZWFycy48YnIgY2xhc3M9IiI+
DQo8YnIgY2xhc3M9IiI+DQpQZXRlci48YnIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fXzxiciBjbGFzcz0iIj4NCm9wZW5wZ3AgbWFpbGlu
ZyBsaXN0PGJyIGNsYXNzPSIiPg0KPGEgaHJlZj0ibWFpbHRvOm9wZW5wZ3BAaWV0Zi5vcmciIGNs
YXNzPSIiPm9wZW5wZ3BAaWV0Zi5vcmc8L2E+PGJyIGNsYXNzPSIiPg0KaHR0cHM6Ly93d3cuaWV0
Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9vcGVucGdwPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rp
dj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2JvZHk+
DQo8L2h0bWw+DQo=

--_000_36023233856C4A6DBAF928037B4DA0F7ribosecom_--


From nobody Fri Oct 27 03:38:33 2017
Return-Path: <hanno@hboeck.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0FF413F411 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:38:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level: 
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bOIrJOecR3EV for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:38:29 -0700 (PDT)
Received: from zucker2.schokokeks.org (zucker2.schokokeks.org [178.63.68.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8ABA713B138 for <openpgp@ietf.org>; Fri, 27 Oct 2017 03:38:29 -0700 (PDT)
Received: from pc1 ([2001:2012:127:3e00:b3bf:56a1:a140:6086]) (AUTH: LOGIN hanno-default@schokokeks.org, TLS: TLSv1/SSLv3, 256bits, ECDHE-RSA-AES256-GCM-SHA384) by zucker.schokokeks.org with ESMTPSA; Fri, 27 Oct 2017 12:38:27 +0200 id 00000000000000B8.0000000059F30CA3.00004936
Date: Fri, 27 Oct 2017 12:38:26 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@hboeck.de>
To: openpgp@ietf.org
Message-ID: <20171027123826.693047e6@pc1>
In-Reply-To: <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/GTqUlDolpqMowBl4c96QpW13t7M>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 10:38:32 -0000

On Fri, 27 Oct 2017 10:12:51 +0000
Ronald Tse <tse@ribose.com> wrote:

> Again, OCB is proposed to be a MAY algorithm, not a MUST or even a
> SHOULD =E2=80=94 if someone doesn't like it, there is no need to prevent
> others from using it.

I'd like to support what Paul Wouters was saying earlier in this thread.

Don't add multiple algorithms unless there isn't a very good reason for
it. Add one that is good for everything. Having a "may" algorithm only
adds unneeded complexity that is more likely to cause any security
issues than any potential disadvantage any modern AEAD has.

The GPG protocol is far more complex than it has to be.


One more note: Given that I don't see a particular rush in getting a
new RFC out you may simply wait for the CAESAR competition and choose
one of the resulting AEADs.

--=20
Hanno B=C3=B6ck
https://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42


From nobody Fri Oct 27 03:54:07 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B50CB13F4F0 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:54:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4eJ7xZpqg6pk for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 03:54:05 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 542D613F46A for <openpgp@ietf.org>; Fri, 27 Oct 2017 03:54:05 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e82H5-0004L4-9M for <openpgp@ietf.org>; Fri, 27 Oct 2017 12:54:03 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e82DA-0004Rg-8e; Fri, 27 Oct 2017 12:50:00 +0200
From: Werner Koch <wk@gnupg.org>
To: Ronald Tse <tse@ribose.com>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Ronald Tse <tse@ribose.com>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Fri, 27 Oct 2017 12:49:59 +0200
In-Reply-To: <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> (Ronald Tse's message of "Fri, 27 Oct 2017 10:12:51 +0000")
Message-ID: <8760b06f1k.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Attorney_General_asset_Indigo_Peking_Ft._Bragg_USCOI_Baranyi_InfoSec"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/lOLo_0g036o1Bift92qkw7SBe4s>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 10:54:07 -0000

--=Attorney_General_asset_Indigo_Peking_Ft._Bragg_USCOI_Baranyi_InfoSec
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi!

[I am only wearing my GnuPG maintainer's hat right now.]

On Fri, 27 Oct 2017 12:12, tse@ribose.com said:

> Again, OCB is proposed to be a MAY algorithm, not a MUST or even a SHOULD=
 =E2=80=94 if someone doesn't like it, there is no need to prevent others f=
rom using it.

Well, I would like to implement OCB in GnuPG at least to be prepared for
the time after the patent(s) expiration.  It will not be the default any
time soon.

I already remarked that I expect that it will take a couple of years
before gpg with _any_ AEAD mode will be widely enough deployed so that
an AEAD mode can actually be used.  We have seen that it took many years
before we could enforce the MDC mode despite that there is a key flag
announcing it.  It is unfortunate that we need to implement EAX for the
very same reason that PGP5 had to use DSA/Elgamal instead of RSA.  But
delaying an AEAD mode even further would be worse.

The patent situation is actually different between RSA+IDEA and OCB.
For the former the holders of the patent went aggressively against
everyone using them.  For the latter the patent holder(s) gave explicit
royalty free grants for almost all use cases.  And the patents will
expire in a few years - modulo the usual uncertainty with the patent
system.

Peter suggested to use encrypt-then-MAC to avoid all problems.  This
would require an entire different structure of the symmetric encryption
code and thus adds complexity for a theoretical benefit over the MDC
approach.  We would still need to double process the data.

Having an option to allowing switch the AEAD mode will be easier than to
implement both, encrypt-then-MAC and one AEAD mode.



Salam-Shalom,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=Attorney_General_asset_Indigo_Peking_Ft._Bragg_USCOI_Baranyi_InfoSec
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWfMPVwAKCRD/gK6dHew1
jf0DAP0aDEqn0xHZipj0076OIh/pMH5FmNX75UbaUpEOjCnyjwEAlPUb8nyGdgaF
EERPz/qHWXQykqxSPq0KihJvvP5hFAo=
=HRYu
-----END PGP SIGNATURE-----
--=Attorney_General_asset_Indigo_Peking_Ft._Bragg_USCOI_Baranyi_InfoSec--


From nobody Fri Oct 27 04:14:08 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D589713F4D3 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 04:14:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZpjjMfTM9tTh for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 04:14:04 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2E9B13B109 for <openpgp@ietf.org>; Fri, 27 Oct 2017 04:14:04 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e82aR-0004QS-Gj for <openpgp@ietf.org>; Fri, 27 Oct 2017 13:14:03 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e82UO-0004YD-LU; Fri, 27 Oct 2017 13:07:48 +0200
From: Werner Koch <wk@gnupg.org>
To: Hanno =?utf-8?Q?B=C3=B6ck?= <hanno@hboeck.de>
Cc: openpgp@ietf.org
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171027123826.693047e6@pc1>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: Hanno =?utf-8?Q?B=C3=B6ck?= <hanno@hboeck.de>, openpgp@ietf.org
Date: Fri, 27 Oct 2017 13:07:48 +0200
In-Reply-To: <20171027123826.693047e6@pc1> ("Hanno =?utf-8?Q?B=C3=B6ck=22'?= =?utf-8?Q?s?= message of "Fri, 27 Oct 2017 12:38:26 +0200")
Message-ID: <87she44znf.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=red_noise_JPL_doctrine_Gazprom_CID_ammunition_AMW_UNSCOM_Qaddafi_swe"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ynjm_v0rdt-yZqF4QJCEqmpZN10>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 11:14:07 -0000

--=red_noise_JPL_doctrine_Gazprom_CID_ammunition_AMW_UNSCOM_Qaddafi_swe
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 27 Oct 2017 12:38, hanno@hboeck.de said:

> Don't add multiple algorithms unless there isn't a very good reason for
> it. Add one that is good for everything. Having a "may" algorithm only

There is a good reason for adding a MAY mode:

=2D We want an AEAD mode.
=2D The WG seems not to like OCB for political (patent) reasons.
=2D Thus the proposed solution is to require EAX but prepare for other
  modes.
=2D OCB has been suggested as such another mode.
=2D We can add it to rfc4880bis as MAY mode to give a specification in
  case someone will implement it anyway.

Consider what will happen if we don't do this: OCB may be implemented
anyway but at best an I-D extending RFC4880bis is used as specification.
Or worse, there is no spec at all and everyone implements it in slightly
different ways.

Also: The first revisions of I-Ds for RFC6637 (ECC for OpenPGP)
specified _only_ NIST curves and didn't allowed for any other curves.
This has been challenged and fortunately RFC6637 allows for arbitrary
curves, albeit less well specified.  Without that semi-MAY we would not
have been able to deploy software using modern curves.  Patents on ECC
are still a minefield but nevertheless everyone is moving towards ECC.

> The GPG protocol is far more complex than it has to be.

You mean OpenPGP.


Shalom-Salam,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=red_noise_JPL_doctrine_Gazprom_CID_ammunition_AMW_UNSCOM_Qaddafi_swe
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWfMThAAKCRD/gK6dHew1
jarnAPsGpU3zFOy934wB85yuvf2oUouhKqTUNXxWubGw953wbQEAlb3Fh+Mn0g1t
Uoi1zOzBOwfldswVYrrLRHat03lrCg4=
=7kBw
-----END PGP SIGNATURE-----
--=red_noise_JPL_doctrine_Gazprom_CID_ammunition_AMW_UNSCOM_Qaddafi_swe--


From nobody Fri Oct 27 04:17:41 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8227413F4D3 for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 04:17:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cK3hfz0rCFZS for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 04:17:37 -0700 (PDT)
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-eopbgr1280054.outbound.protection.outlook.com [40.107.128.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAC4D13B109 for <openpgp@ietf.org>; Fri, 27 Oct 2017 04:17:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Tk4gdAVzUe41PXHsbpr7kbSrdn7T/xc0Jx9rjlx8qek=; b=YHM11ORsXr5a9e3ZWfM1cIFntShH0iE/w937r5xEtU6tTbyR22/ZVUqBUsVhNMMvEwGmDZkT0HPFqmYMViC7PKHJfo8Iz7lCjtRhDKCeQlKkUd+9XTJq8kfyDoHsfHe4pjU6MQoEJpN2j2Xrkzh/OBNQxVZJ6xaENvk5T25QVCg=
Received: from KL1PR01MB1047.apcprd01.prod.exchangelabs.com (10.169.108.13) by KL1PR01MB1048.apcprd01.prod.exchangelabs.com (10.169.108.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.156.4; Fri, 27 Oct 2017 11:17:31 +0000
Received: from KL1PR01MB1047.apcprd01.prod.exchangelabs.com ([fe80::8063:56cb:84b9:41c5]) by KL1PR01MB1047.apcprd01.prod.exchangelabs.com ([fe80::8063:56cb:84b9:41c5%14]) with mapi id 15.20.0156.007; Fri, 27 Oct 2017 11:17:31 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL1WjoAgAAH/ICAAXdQgIAAibPGgAAB+YCAABgzAIAABycAgAAKAQCAAADogA==
Date: Fri, 27 Oct 2017 11:17:31 +0000
Message-ID: <0E4099C2-B727-41E9-8F25-BDBD07C2FA75@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171027123826.693047e6@pc1> <87she44znf.fsf@wheatstone.g10code.de>
In-Reply-To: <87she44znf.fsf@wheatstone.g10code.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [203.145.95.11]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; KL1PR01MB1048; 6:1tILyk0p1V19rKLd7wEsjfsNQ50b+8aYUNQf+a6ylksRlFHpLG6MCKsDaj912RYcbO/mvOnFX+1DWIZ18JjLtMbaIGMdu3LFDmR/YV1CEMnjvRgJwWKMTfx6svRp/B0wFnobZeKglzhJz1oJ0aeH3vtcEBfjrjwJ/fqWOS9W87bvM3NZSTQI9ffq1z5sYHQteqCycSaGbwg/WBTrVCUMBNkINuliT5vrMp23d4iIxxJ6fWCkIGbAUK5bmsFszHEkr3rsqWa3VKwhsM29f3CURvsbuhFdnaipvnI9MKdIhBYULzEGWKeFNAXUPd0uN8A+00smRy2ZRedXLN4e+RCoIg==; 5:DlYCXV/WMfw+sFmcl/VnL/coRFygb+BzGJ+WVaXb4XZw5WHBTXixTmozGZOj+gyRpHACKV+tIsUBsegDjdcmd1KOScSWKNCjS2/atw+oONQ1y1rhwEbaDzvC5S2Di2knmVIsZWFzYXtZMr91AEwixQ==; 24:5Zdxr6dz9VJB+I4qTgzcstIegOIf4cpyIXgMGyIKMc6gKgB4vtwgyNEN4qhqjYvOTMxa/CoOiCziBLPUhCE6p6L3IMj3S7w+5kevc2tmavQ=; 7:SjrasFSKqacJwGygaX+E9pCfIuESLZbMHUOQXxC3StpcONDUucnxnNVNdEfA1V30nhsgGF1vJfrsW9rtzbLrb7upkav8MGvatVBGtWzOA1xDIM2R8lpCxXKXSnwPHIAsGRw/UUOqErW3jJMGsK6/oz2up9SOEnU3D3Bty213tGlTGq9HCejHzL7gZ4DkHLZeeYMVww/sSLlEcfDnPlm/5GtPT6h5T/zSrShIiV/V1BQ=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: bab59852-7585-4707-d5d7-08d51d2c50dc
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(2017052603238)(49563074); SRVR:KL1PR01MB1048; 
x-ms-traffictypediagnostic: KL1PR01MB1048:
x-exchange-antispam-report-test: UriScan:;
x-microsoft-antispam-prvs: <KL1PR01MB1048C46207F31D0E1478EF17D75A0@KL1PR01MB1048.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(102415395)(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231020)(100000703101)(100105400095)(6041248)(20161123555025)(20161123564025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(2016111802025)(20161123558100)(20161123562025)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:KL1PR01MB1048; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:KL1PR01MB1048; 
x-forefront-prvs: 0473A03F3F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(39830400002)(376002)(346002)(199003)(189002)(24454002)(8936002)(3280700002)(8676002)(6246003)(33656002)(229853002)(82746002)(54356999)(101416001)(76176999)(105586002)(189998001)(7736002)(6436002)(97736004)(36756003)(81166006)(83716003)(81156014)(102836003)(6506006)(3846002)(50986999)(3660700001)(106356001)(99936001)(1730700003)(68736007)(6486002)(5640700003)(6116002)(25786009)(5660300001)(966005)(316002)(5250100002)(66066001)(6306002)(478600001)(53546010)(53936002)(2900100001)(236005)(2501003)(14454004)(2906002)(6916009)(54896002)(93886005)(2950100002)(2351001)(86362001)(99286003)(6512007)(217873001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:KL1PR01MB1048; H:KL1PR01MB1047.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:3; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; boundary="Apple-Mail=_DF4D40AE-B596-4CA5-8E93-5B61BED7C633"; protocol="application/pgp-signature"; micalg=pgp-sha256
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bab59852-7585-4707-d5d7-08d51d2c50dc
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2017 11:17:31.3803 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: KL1PR01MB1048
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/I4Bg1d_-UDLaigol3DLZitCj7R4>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 11:17:40 -0000

--Apple-Mail=_DF4D40AE-B596-4CA5-8E93-5B61BED7C633
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_C6491B4C-046F-423D-B2C1-F12B931ABFBF"


--Apple-Mail=_C6491B4C-046F-423D-B2C1-F12B931ABFBF
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Thank you Werner, I share the same opinion.

One-size-fits-all is often a misnomer. I believe having an option is =
usually better than not having one.

_____________________________________

Ronald Tse
Ribose Inc.

> On Oct 27, 2017, at 7:07 PM, Werner Koch <wk@gnupg.org> wrote:
>=20
> On Fri, 27 Oct 2017 12:38, hanno@hboeck.de said:
>=20
>> Don't add multiple algorithms unless there isn't a very good reason =
for
>> it. Add one that is good for everything. Having a "may" algorithm =
only
>=20
> There is a good reason for adding a MAY mode:
>=20
> - We want an AEAD mode.
> - The WG seems not to like OCB for political (patent) reasons.
> - Thus the proposed solution is to require EAX but prepare for other
>  modes.
> - OCB has been suggested as such another mode.
> - We can add it to rfc4880bis as MAY mode to give a specification in
>  case someone will implement it anyway.
>=20
> Consider what will happen if we don't do this: OCB may be implemented
> anyway but at best an I-D extending RFC4880bis is used as =
specification.
> Or worse, there is no spec at all and everyone implements it in =
slightly
> different ways.
>=20
> Also: The first revisions of I-Ds for RFC6637 (ECC for OpenPGP)
> specified _only_ NIST curves and didn't allowed for any other curves.
> This has been challenged and fortunately RFC6637 allows for arbitrary
> curves, albeit less well specified.  Without that semi-MAY we would =
not
> have been able to deploy software using modern curves.  Patents on ECC
> are still a minefield but nevertheless everyone is moving towards ECC.
>=20
>> The GPG protocol is far more complex than it has to be.
>=20
> You mean OpenPGP.
>=20
>=20
> Shalom-Salam,
>=20
>   Werner
>=20
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp


--Apple-Mail=_C6491B4C-046F-423D-B2C1-F12B931ABFBF
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;" class=3D"">Thank=
 you Werner, I share the same opinion.<div class=3D""><br =
class=3D""></div><div class=3D"">One-size-fits-all is often a misnomer. =
I believe having an option is usually better than not having one.<div =
class=3D""><br class=3D""><div class=3D"">
<div style=3D"color: rgb(0, 0, 0); letter-spacing: normal; orphans: =
auto; text-align: start; text-indent: 0px; text-transform: none; =
white-space: normal; widows: auto; word-spacing: 0px; =
-webkit-text-stroke-width: 0px; word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D"">_____________________________________<br class=3D""><br =
class=3D"">Ronald Tse<br class=3D"">Ribose Inc.<br class=3D""><br =
class=3D""></div></div><div><blockquote type=3D"cite" class=3D""><div =
class=3D"">On Oct 27, 2017, at 7:07 PM, Werner Koch &lt;<a =
href=3D"mailto:wk@gnupg.org" class=3D"">wk@gnupg.org</a>&gt; =
wrote:</div><br class=3D"Apple-interchange-newline"><div class=3D""><div =
class=3D"">On Fri, 27 Oct 2017 12:38, <a href=3D"mailto:hanno@hboeck.de" =
class=3D"">hanno@hboeck.de</a> said:<br class=3D""><br =
class=3D""><blockquote type=3D"cite" class=3D"">Don't add multiple =
algorithms unless there isn't a very good reason for<br class=3D"">it. =
Add one that is good for everything. Having a "may" algorithm only<br =
class=3D""></blockquote><br class=3D"">There is a good reason for adding =
a MAY mode:<br class=3D""><br class=3D"">- We want an AEAD mode.<br =
class=3D"">- The WG seems not to like OCB for political (patent) =
reasons.<br class=3D"">- Thus the proposed solution is to require EAX =
but prepare for other<br class=3D""> &nbsp;modes.<br class=3D"">- OCB =
has been suggested as such another mode.<br class=3D"">- We can add it =
to rfc4880bis as MAY mode to give a specification in<br class=3D""> =
&nbsp;case someone will implement it anyway.<br class=3D""><br =
class=3D"">Consider what will happen if we don't do this: OCB may be =
implemented<br class=3D"">anyway but at best an I-D extending RFC4880bis =
is used as specification.<br class=3D"">Or worse, there is no spec at =
all and everyone implements it in slightly<br class=3D"">different =
ways.<br class=3D""><br class=3D"">Also: The first revisions of I-Ds for =
RFC6637 (ECC for OpenPGP)<br class=3D"">specified _only_ NIST curves and =
didn't allowed for any other curves.<br class=3D"">This has been =
challenged and fortunately RFC6637 allows for arbitrary<br =
class=3D"">curves, albeit less well specified. &nbsp;Without that =
semi-MAY we would not<br class=3D"">have been able to deploy software =
using modern curves. &nbsp;Patents on ECC<br class=3D"">are still a =
minefield but nevertheless everyone is moving towards ECC.<br =
class=3D""><br class=3D""><blockquote type=3D"cite" class=3D"">The GPG =
protocol is far more complex than it has to be.<br =
class=3D""></blockquote><br class=3D"">You mean OpenPGP.<br class=3D""><br=
 class=3D""><br class=3D"">Shalom-Salam,<br class=3D""><br class=3D""> =
&nbsp;&nbsp;Werner<br class=3D""><br class=3D"">-- <br class=3D"">Die =
Gedanken sind frei. &nbsp;Ausnahmen regelt ein Bundesgesetz.<br =
class=3D"">_______________________________________________<br =
class=3D"">openpgp mailing list<br class=3D""><a =
href=3D"mailto:openpgp@ietf.org" class=3D"">openpgp@ietf.org</a><br =
class=3D"">https://www.ietf.org/mailman/listinfo/openpgp<br =
class=3D""></div></div></blockquote></div><br =
class=3D""></div></div></body></html>=

--Apple-Mail=_C6491B4C-046F-423D-B2C1-F12B931ABFBF--

--Apple-Mail=_DF4D40AE-B596-4CA5-8E93-5B61BED7C633
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="signature.asc"
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEVqvqh2I10lDVb5euPK6eITJcoCwFAlnzFckACgkQPK6eITJc
oCxn/A//T8l8W4VGb53Y+MhPJeTY54qJI3Ma4IL4CN7GAjBWqIrVbMm/CCf8WwTr
fRPY/K0A4ree9TULIJLq5wE3t7v9rUk3pyTuOeMrWKL8bbVUHZ/nmR7rIpcDcYxh
E7nNC9CXpEdlpZmLXHM57wFebUAIlAzjqfzSLMIrE6mfXV4zqMHdsmvOxnvdgYvg
VPl6sjtS7y79qiJD3+yZeuWeqHYclo56wsTNQXIlKljGVlJK7AckQJh4HKGFfr7B
lE4YM2/MM3TkdXfG38yScu71fZNYua1tZ51y4yCr/I4i3mjDPRuy2M0jEH8gaCg0
krx+sYxJIjHI0QaCV/zdP3cylKvUY8Box4h6HfDgnxQtaG/rmjGa3CPmmP1T8tUB
zAoEvO4X4y9h7qmAFYFLW+b7OXE9TQhoRQux6oLSJXcUR1I2/FImjmX5WiZBTwnF
ZNXog0IS/ocoA7TFiwsqZFMBqbY7uIezm37hL0ZiW0WzyEEX04Brhhv8detvUwMN
xOCsCIsw4n4YescT1aV+NQ/aqMLzsl/6tWKV8qugI+R6VNV4And+wk9/XBFL9ggJ
WbxXlXBWJrmk+2JhshiXnGfAUi5uCsxiLWrYz8QEFBVDZBDxQx+9nnB2fxrrzKAB
JOI0YN/2FxviudvA8AIVopr7f04a+QYn6aZo9rtq+l6aGsBkO84=
=1mTe
-----END PGP SIGNATURE-----

--Apple-Mail=_DF4D40AE-B596-4CA5-8E93-5B61BED7C633--


From nobody Fri Oct 27 17:33:55 2017
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A66A13954B for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 17:33:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001,  URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w8JdDbbKWfMv for <openpgp@ietfa.amsl.com>; Fri, 27 Oct 2017 17:33:52 -0700 (PDT)
Received: from injection.crustytoothpaste.net (injection.crustytoothpaste.net [192.241.140.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B83C91389E6 for <openpgp@ietf.org>; Fri, 27 Oct 2017 17:33:52 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by injection.crustytoothpaste.net (Postfix) with ESMTPSA id BBC1F6044A; Sat, 28 Oct 2017 00:33:50 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crustytoothpaste.net; s=default; t=1509150831; bh=XWy0EDu+qaqPkzCL2QQ0444BpaqO5mYq8XvvxbGbjDQ=; h=Date:From:To:Cc:Subject:References:Content-Type: Content-Disposition:In-Reply-To:From:Reply-To:Subject:Date:To:CC: Resent-Date:Resent-From:Resent-To:Resent-Cc:In-Reply-To:References: Content-Type:Content-Disposition; b=WcQw//vyE15V/C3g9/pGQMdPmVV4hCO8vXsAmrrtJ6gxc7h9VOJoc7gqes8vwDmHp Qgs965LpRgX5gbTHjeGRaXU5U348LOVgzVti4NEWj+wWOPsdvGXCinGJ+482NzDcEk tdDfy98NLIM5TknvvG0HBNXK3A4v9oN6/F/m0IYYuSl5jYUx8DLnF+s8jedwNQpBAX 8B02NNdoIm2WilxNUKrthk1lVnRrmzo9s01+GF/Fi9q+gYR6MjQmmP5pacnNkP40XZ q2sMV9bgjdvHtGvwU3iKMNfYXXpIVrWsMBMKr6y2B56GMSE+S/kpeqiFA0xpwiWnPV G0EVXarfKyXbS6M1nwIMAPZvFDD4mZHn8bKxHYdxTBERcZb3/ZXgUN4hJUZnUaiEJ6 4gw3BIsCOsW+ShoO6Pnrv3lyDOnCIF1tf6stBWw22mKWQGiGeDxnipAAr6QZhx7Y8V /rnz81oAFpe1+NSXSShwPk5WlXyDNoeRVrIcRGQ0+zWHVFwRDwf
Date: Sat, 28 Oct 2017 00:33:46 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Ronald Tse <tse@ribose.com>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
Message-ID: <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="jgskmus6tj5kniir"
Content-Disposition: inline
In-Reply-To: <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.13.0-1-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
X-Scanned-By: MIMEDefang 2.79 on 127.0.1.1
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/a-lzf3T4203jYZgDnYMUzmKAiXE>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Oct 2017 00:33:54 -0000

--jgskmus6tj5kniir
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Oct 27, 2017 at 10:12:51AM +0000, Ronald Tse wrote:
> 3. The misunderstanding that OpenPGP implementers will not implement OCB =
due to IPR disclosures.

This has nothing to do with whether implementers will implement it.
This has to do with whether users will be willing to use a spec or
implementation that has patent concerns associated with it.

> Werner of GnuPG, has already indicated support to OCB on multiple
> occasions. Our own open-source OpenPGP implementation, RNP, will
> implement OCB. Anyone that uses popular cryptographic libraries like
> OpenSSL and Botan can already implement this and is covered by the
> licenses.

GnuPG relies on libgcrypt for cryptographic functionality.  On Debian,
libgcrypt is linked into Xorg, which is often linked to proprietary
software such as graphics drivers.  Since Debian cannot avail itself of
license 2 (because restrictions on military use are unacceptable) and
license 1 prohibits uses with proprietary software, Debian's GnuPG is
unlikely to have support for OCB unless Debian ships two separate copies
of libgcrypt.  For the same reason, Ubuntu is also likely to have the
same policy.

I've filed a bug with Debian to bring this to their attention.

These are the kind of practical reasons that patented software is
problematic and should not be a part of any specifications.  I don't
believe there's a consensus on adding this, since the groups seem at
best evenly split.  Previous opinions in the working group were mostly
negative.

I remain wholly opposed to including OCB in the OpenPGP specification,
and if this specification should make it to last call with OCB included,
I will oppose it on those grounds.
--=20
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204

--jgskmus6tj5kniir
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.2.1 (GNU/Linux)

iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAlnz0GkACgkQv1NdgR9S
9osmAQ//cV79ecaBHyXRLZkStAxfqEidnf1SAiDkjRN2PzsI4ubxdw7JwT5O609C
y2Cn7DinlO9if7ym7kcxxNfWl843hpH/hQ6pGPUvj1zcI0bocmFBC4hp2GbOjm3v
oZWRyjB+0ph1dW6YSMzUSz+CXv8rLRB/wadmRSrWgBHlhCox7ptNn4+ROZTvVHq5
SoMKYDx0i8eXdQGmuKVEK+uMpCwQTAD5puDyzV142tUV4pKOANMWeydMtBabjSmB
sRydb47IGrOoRjzm+9BcpjkUajOu1hevi42eawfIC+uFRTeYhjuj0/4Rf5OeZ0cd
eO7QuN2cxfOnqbQxOkte2RpLguq+dq6k+gNTEZ3h6pJ6wKdmdJGsYNwetyw6oARm
+LO+2lddQ5akzmPUv//38mf+k6w77ky3DV6BAMreWAc9Aupqulkg1qVFBb1kQyK5
90n2n/snSKsJMXQHf1gGh7Y2t6VyLovBnLiuvrgh97QLLWqZnLULgDBaqNGZ4MuL
R3ExdAO2jRoo07xdjPzYmjzqBGrgRMyqUgMZIrrSkzzXe39DPyOdZhu0De81nVAs
9dxhctiuCGhUNXUHjmFKqkhW/MiWXOaWuxURaIB3eFfCAVaO6xAeohbU94sy+xk3
1adjD5mnFudHAO5zXqoxPtGSlsY1LApTAlCr3riL3TbvXqRfKG0=
=bTaC
-----END PGP SIGNATURE-----

--jgskmus6tj5kniir--


From nobody Sat Oct 28 01:02:13 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F79013FAC1 for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2017 01:02:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level: 
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YHkpudC4yRFZ for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2017 01:02:08 -0700 (PDT)
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-hk2apc01on0072.outbound.protection.outlook.com [104.47.124.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE5FE13FABF for <openpgp@ietf.org>; Sat, 28 Oct 2017 01:02:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Lhq4lO1hW9Xc64VBpGqA5SXVs+XhzX4SawVavHAmKUs=; b=w7FlVPgigJCZG/+cM/CpKo1yr9AmltWsDDpSQnim5Q32zWoNapNNLAZIDYPI4Ugf0sd9VX+NJVhPgTdwFZh6fLN73QPhpQe3UUf5RtYDZBW/YbCwAzR+krffoUQ4r8K3qC/Q/XqRVC4rIHE2FkOlPCJ4LofqzAFV0IvvGbCgEqI=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.178.6; Sat, 28 Oct 2017 08:02:01 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038%14]) with mapi id 15.20.0178.010; Sat, 28 Oct 2017 08:02:00 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL1WjoAgAAH/ICAAXdQgIAAibPGgAAB+YCAABgzAIAA8IsAgAB9O4A=
Date: Sat, 28 Oct 2017 08:02:00 +0000
Message-ID: <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net>
In-Reply-To: <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [220.246.174.191]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:qgFsqAcPdZoOcUucQLDN+Rs46ECu+l/MKRzVRXBk4h2wkMUIhT3APYJNELlYyh1S2KC1p3yJ+WhGD4a3RDUcv+3M2rdG2Oq9iVzPkOPrUJPbP+S+TectA64InbfkPQETUyDRTsCcGISbXWzi7EiyKO3D/w/FBqBq9qiNe3non4VDInYkQ0vXacL13djFL+rE35DtP/cvovMccPWYzKRYDO3qZ/a949LVfOKRVaqsTsgs1OX6urKbEbowGBew2GwEOu2Qyhext1ruEjC40aECrwmobuQhin5fcqZ+4J+3s0mtmILMxt2WBhEiRLlX/Es4Blpnaz6rb33hGOW4CkLoEMe9hFZRca2n2DxCC9IEtPA=; 5:kNdSS+cU/Equ6ApyQAPobloHMyi7Uswg5KcjVRgx8N+kE7FB0iOzT+0e1qHjPHPxdKH9wt7PauO0zez0ZYUSABlYVcKKsPLJWMMwsfZ3xhYL9Nr3f4aoxc7g7YATDvyou2T2zYgfoEExWoCEN94Rgizs3Cm/cjFMfWQI8M938Qg=; 24:OJnhEenLlFNwlbRSiGGItJVVdvOw2VZYeTLAfN5S2djmdZi1N/2ywrn5QJwzVR8jbf8LcRsfO+gMDw1QvJalgJhhhOvCT5tksZcWM4D9TWM=; 7:Ep2SSqX7ICndpmmep+5EILoHbhA7iFZNwZvBrfLkPXZh0fg8wQ4kX/d6vw17aqPDZKLQwZ95bsi4RZoIIVc0066lRsYs7aZaYJHbo6YUuuvEGUqiOlgD2hc3OMmoHxhC1cMU41pzo42roxj/LfEIWHeCHogQq7lVJLgbETvO2oEaBeVcE9QxSB4gVAkeq3V63EgrhJoAGPFAe6Jdwt59jYqi3t9eTTyeW3PM9T9x1r0Vj7qhwci9hfzSDq64c4KY
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: a02e6aa0-2099-48b0-b3ac-08d51dda2b4c
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:(100405760836317);
x-microsoft-antispam-prvs: <PS1PR01MB10501AEA05B895EEADBDFFA2D75B0@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(10201501046)(3002001)(93006095)(93001095)(100000703101)(100105400095)(6041248)(2016111802025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(20161123558100)(20161123564025)(6043046)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 04740D25F1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(39830400002)(24454002)(199003)(189002)(966005)(93886005)(81156014)(2950100002)(189998001)(5640700003)(6116002)(102836003)(606006)(101416001)(3846002)(5250100002)(2501003)(25786009)(53546010)(2900100001)(82746002)(5660300001)(54896002)(6306002)(53936002)(99286003)(6246003)(6436002)(83716003)(2351001)(105586002)(6512007)(478600001)(236005)(68736007)(3280700002)(7736002)(86362001)(3660700001)(14454004)(229853002)(36756003)(66066001)(6486002)(33656002)(2906002)(106356001)(6506006)(97736004)(81166006)(8676002)(8936002)(1730700003)(76176999)(50986999)(54356999)(316002)(6916009)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_06D50F4826BD47298071576DA8E226AAribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a02e6aa0-2099-48b0-b3ac-08d51dda2b4c
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2017 08:02:00.6503 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/3FZcftokZGh_3h-LY0l4Q_C9rYg>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Oct 2017 08:02:12 -0000

--_000_06D50F4826BD47298071576DA8E226AAribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SXQgaXMgb2YgY291cnNlIGFuIGlzc3VlIGZvciBpbXBsZW1lbnRlciBhZG9wdGlvbiBhcyB3ZWxs
IGFzIHVzZXIgYWRvcHRpb24uIElmIG5vIG9uZSBpbXBsZW1lbnRzIGl0LCBubyB1c2VyIGNhbiB1
c2UgaXQsIG5vIG1hdHRlciBob3cgbXVjaCB0aGV5IHdhbnQgaXQuIEFuZCBzaW5jZSB0aGVyZSBh
cmUgcGVvcGxlIHdobyB3YW50IHRvIGltcGxlbWVudCB0aGlzLCBJIGRvbuKAmXQgdGhpbmsgdGhl
IGludGVudGlvbiBvZiB0aGUgc3BlYyBpcyB0byBzdG9wIGltcGxlbWVudGVycyBmcm9tIGRvaW5n
IHNvLg0KDQpUaGUgc3RhdGVkIGNvbmNlcm4gaXMgb25seSBhYm91dCB3aGV0aGVyIERlYmlhbiB3
aWxsIGNhcnJ5IGFueSBjcnlwdG9ncmFwaGljIGxpYnJhcnkgdGhhdCBpbXBsZW1lbnRzIE9DQi4g
T3BlblNTTCBhbmQgQm90YW4gYXJlIGJvdGggRGViaWFuIHBhY2thZ2VzIHRoYXQgYWxyZWFkeSBj
b250YWluIE9DQiB0b2RheSwgYW5kIGl0IHNob3VsZCBub3QgYmUgZGlmZmVyZW50IHdpdGggbGli
Z2NyeXB0LiBBdCBsZWFzdCBpdCBzZWVtcyB0aGF0IHRoZSBvdGhlciBpc3N1ZXMgYXJlIGFkZHJl
c3NlZC4NCg0KRXZlcnlvbmUgaGFzIGRpZmZlcmVudCBleHBlY3RhdGlvbnMgb2Ygd2hhdCB0aGUg
c3BlYyBzaG91bGQgYmUsIG9yIHdoYXQgSUVURiBSRkNzIHNob3VsZCBiZSBvciBzaG91bGQgc3Rh
bmQgZm9yLiBJbiB0aGlzIGNhc2UsIEkgZG8gbm90IGJlbGlldmUgdGhlIElFVEYgcHVibGljYXRp
b24gcHJvY2VzcyBoYXMgYW55dGhpbmcgdG8gZG8gd2l0aCB0aGUgb2JqZWN0aW9uIG9mIE9DQi4g
RXNwZWNpYWxseSBpbiB0aGlzIGNhc2UsIHRoZSBwYXRlbnQgb3duZXIgaGFzIGFscmVhZHkgZGVt
b25zdHJhdGVkIHN0cm9uZyBoaXN0b3J5IG9mIGFsbG93aW5nIG9wZW4gc291cmNlIHVzYWdlLg0K
DQpXZSBhbGwgYXBwcmVjaWF0ZSB0aGUgd29yayBwdXQgaW50byBhZGRpbmcgdGhlIEFFQUQgcGFj
a2V0IHNwZWNpZmljYXRpb25zIGFuZCBtYWtpbmcgYSByZWFsIHJlZ2lzdHJ5IG9mIGl0LiBJdCBz
aG91bGQgYmUgYSBnb29kIHRoaW5nIHRoYXQgc29tZW9uZSBwcm9wb3NlcyB0byBhY3R1YWxseSB1
c2UgdGhlIEFFQUQgcmVnaXN0cnkuIFRoZXJl4oCZcyByZWFsbHkgbm8gcmVhc29uIGJsb2NraW5n
IG90aGVycyBmcm9tIGRvaW5nIHdoYXQgdGhleSB3YW50Lg0KDQpBZ2Fpbiwgbm8gb25lIGlzIHRh
a2luZyBhbnl0aGluZyBhd2F5IGZyb20gdGhlIHNwZWMgd2l0aCBhIOKAnE1BWeKAnSBwaHJhc2Uu
DQoNCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCg0KUm9uYWxkIFRzZQ0K
Umlib3NlIEluYy4NCg0KT24gT2N0IDI4LCAyMDE3LCBhdCA4OjMzIEFNLCBicmlhbiBtLiBjYXJs
c29uIDxzYW5kYWxzQGNydXN0eXRvb3RocGFzdGUubmV0PG1haWx0bzpzYW5kYWxzQGNydXN0eXRv
b3RocGFzdGUubmV0Pj4gd3JvdGU6DQoNCk9uIEZyaSwgT2N0IDI3LCAyMDE3IGF0IDEwOjEyOjUx
QU0gKzAwMDAsIFJvbmFsZCBUc2Ugd3JvdGU6DQozLiBUaGUgbWlzdW5kZXJzdGFuZGluZyB0aGF0
IE9wZW5QR1AgaW1wbGVtZW50ZXJzIHdpbGwgbm90IGltcGxlbWVudCBPQ0IgZHVlIHRvIElQUiBk
aXNjbG9zdXJlcy4NCg0KVGhpcyBoYXMgbm90aGluZyB0byBkbyB3aXRoIHdoZXRoZXIgaW1wbGVt
ZW50ZXJzIHdpbGwgaW1wbGVtZW50IGl0Lg0KVGhpcyBoYXMgdG8gZG8gd2l0aCB3aGV0aGVyIHVz
ZXJzIHdpbGwgYmUgd2lsbGluZyB0byB1c2UgYSBzcGVjIG9yDQppbXBsZW1lbnRhdGlvbiB0aGF0
IGhhcyBwYXRlbnQgY29uY2VybnMgYXNzb2NpYXRlZCB3aXRoIGl0Lg0KDQpXZXJuZXIgb2YgR251
UEcsIGhhcyBhbHJlYWR5IGluZGljYXRlZCBzdXBwb3J0IHRvIE9DQiBvbiBtdWx0aXBsZQ0Kb2Nj
YXNpb25zLiBPdXIgb3duIG9wZW4tc291cmNlIE9wZW5QR1AgaW1wbGVtZW50YXRpb24sIFJOUCwg
d2lsbA0KaW1wbGVtZW50IE9DQi4gQW55b25lIHRoYXQgdXNlcyBwb3B1bGFyIGNyeXB0b2dyYXBo
aWMgbGlicmFyaWVzIGxpa2UNCk9wZW5TU0wgYW5kIEJvdGFuIGNhbiBhbHJlYWR5IGltcGxlbWVu
dCB0aGlzIGFuZCBpcyBjb3ZlcmVkIGJ5IHRoZQ0KbGljZW5zZXMuDQoNCkdudVBHIHJlbGllcyBv
biBsaWJnY3J5cHQgZm9yIGNyeXB0b2dyYXBoaWMgZnVuY3Rpb25hbGl0eS4gIE9uIERlYmlhbiwN
CmxpYmdjcnlwdCBpcyBsaW5rZWQgaW50byBYb3JnLCB3aGljaCBpcyBvZnRlbiBsaW5rZWQgdG8g
cHJvcHJpZXRhcnkNCnNvZnR3YXJlIHN1Y2ggYXMgZ3JhcGhpY3MgZHJpdmVycy4gIFNpbmNlIERl
YmlhbiBjYW5ub3QgYXZhaWwgaXRzZWxmIG9mDQpsaWNlbnNlIDIgKGJlY2F1c2UgcmVzdHJpY3Rp
b25zIG9uIG1pbGl0YXJ5IHVzZSBhcmUgdW5hY2NlcHRhYmxlKSBhbmQNCmxpY2Vuc2UgMSBwcm9o
aWJpdHMgdXNlcyB3aXRoIHByb3ByaWV0YXJ5IHNvZnR3YXJlLCBEZWJpYW4ncyBHbnVQRyBpcw0K
dW5saWtlbHkgdG8gaGF2ZSBzdXBwb3J0IGZvciBPQ0IgdW5sZXNzIERlYmlhbiBzaGlwcyB0d28g
c2VwYXJhdGUgY29waWVzDQpvZiBsaWJnY3J5cHQuICBGb3IgdGhlIHNhbWUgcmVhc29uLCBVYnVu
dHUgaXMgYWxzbyBsaWtlbHkgdG8gaGF2ZSB0aGUNCnNhbWUgcG9saWN5Lg0KDQpJJ3ZlIGZpbGVk
IGEgYnVnIHdpdGggRGViaWFuIHRvIGJyaW5nIHRoaXMgdG8gdGhlaXIgYXR0ZW50aW9uLg0KDQpU
aGVzZSBhcmUgdGhlIGtpbmQgb2YgcHJhY3RpY2FsIHJlYXNvbnMgdGhhdCBwYXRlbnRlZCBzb2Z0
d2FyZSBpcw0KcHJvYmxlbWF0aWMgYW5kIHNob3VsZCBub3QgYmUgYSBwYXJ0IG9mIGFueSBzcGVj
aWZpY2F0aW9ucy4gIEkgZG9uJ3QNCmJlbGlldmUgdGhlcmUncyBhIGNvbnNlbnN1cyBvbiBhZGRp
bmcgdGhpcywgc2luY2UgdGhlIGdyb3VwcyBzZWVtIGF0DQpiZXN0IGV2ZW5seSBzcGxpdC4gIFBy
ZXZpb3VzIG9waW5pb25zIGluIHRoZSB3b3JraW5nIGdyb3VwIHdlcmUgbW9zdGx5DQpuZWdhdGl2
ZS4NCg0KSSByZW1haW4gd2hvbGx5IG9wcG9zZWQgdG8gaW5jbHVkaW5nIE9DQiBpbiB0aGUgT3Bl
blBHUCBzcGVjaWZpY2F0aW9uLA0KYW5kIGlmIHRoaXMgc3BlY2lmaWNhdGlvbiBzaG91bGQgbWFr
ZSBpdCB0byBsYXN0IGNhbGwgd2l0aCBPQ0IgaW5jbHVkZWQsDQpJIHdpbGwgb3Bwb3NlIGl0IG9u
IHRob3NlIGdyb3VuZHMuDQotLQ0KYnJpYW4gbS4gY2FybHNvbiAvIGJyaWFuIHdpdGggc2FuZGFs
czogSG91c3RvbiwgVGV4YXMsIFVTDQpodHRwczovL3d3dy5jcnVzdHl0b290aHBhc3RlLm5ldC9+
Ym1jIHwgTXkgb3BpbmlvbiBvbmx5DQpPcGVuUEdQOiBodHRwczovL2tleWJhc2UuaW8vYmsyMjA0
DQoNCg==

--_000_06D50F4826BD47298071576DA8E226AAribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <BA49D2269DDFD145B102242649A46FC5@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13
cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFm
dGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpJdCBpcyBvZiBjb3Vyc2UgYW4gaXNzdWUgZm9y
IGltcGxlbWVudGVyIGFkb3B0aW9uIGFzIHdlbGwgYXMgdXNlciBhZG9wdGlvbi4gSWYgbm8gb25l
IGltcGxlbWVudHMgaXQsIG5vIHVzZXIgY2FuIHVzZSBpdCwgbm8gbWF0dGVyIGhvdyBtdWNoIHRo
ZXkgd2FudCBpdC4gQW5kIHNpbmNlIHRoZXJlIGFyZSBwZW9wbGUgd2hvIHdhbnQgdG8gaW1wbGVt
ZW50IHRoaXMsIEkgZG9u4oCZdCB0aGluayB0aGUgaW50ZW50aW9uIG9mIHRoZSBzcGVjIGlzIHRv
IHN0b3ANCiBpbXBsZW1lbnRlcnMgZnJvbSBkb2luZyBzby48L2Rpdj4NCjxkaXYgZGlyPSJhdXRv
IiBzdHlsZT0id29yZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7
IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+
DQo8L2Rpdj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13b3JkOyAt
d2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIg
Y2xhc3M9IiI+DQpUaGUgc3RhdGVkIGNvbmNlcm4gaXMgb25seSBhYm91dCB3aGV0aGVyIERlYmlh
biB3aWxsIGNhcnJ5IGFueSBjcnlwdG9ncmFwaGljIGxpYnJhcnkgdGhhdCBpbXBsZW1lbnRzIE9D
Qi4gT3BlblNTTCBhbmQgQm90YW4gYXJlIGJvdGggRGViaWFuIHBhY2thZ2VzIHRoYXQgYWxyZWFk
eSBjb250YWluIE9DQiB0b2RheSwgYW5kIGl0IHNob3VsZCBub3QgYmUgZGlmZmVyZW50IHdpdGgg
bGliZ2NyeXB0LiBBdCBsZWFzdCBpdCBzZWVtcyB0aGF0IHRoZSBvdGhlcg0KIGlzc3VlcyBhcmUg
YWRkcmVzc2VkLiZuYnNwOzwvZGl2Pg0KPGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6
IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0ZXIt
d2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBkaXI9
ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBz
cGFjZTsgbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkV2ZXJ5b25l
IGhhcyBkaWZmZXJlbnQgZXhwZWN0YXRpb25zIG9mIHdoYXQgdGhlIHNwZWMgc2hvdWxkIGJlLCBv
ciB3aGF0IElFVEYgUkZDcyBzaG91bGQgYmUgb3Igc2hvdWxkIHN0YW5kIGZvci4gSW4gdGhpcyBj
YXNlLCBJIGRvIG5vdCBiZWxpZXZlIHRoZSBJRVRGIHB1YmxpY2F0aW9uIHByb2Nlc3MgaGFzIGFu
eXRoaW5nIHRvIGRvIHdpdGggdGhlIG9iamVjdGlvbiBvZiBPQ0IuIEVzcGVjaWFsbHkgaW4gdGhp
cyBjYXNlLCB0aGUgcGF0ZW50IG93bmVyDQogaGFzIGFscmVhZHkgZGVtb25zdHJhdGVkIHN0cm9u
ZyBoaXN0b3J5IG9mIGFsbG93aW5nIG9wZW4gc291cmNlIHVzYWdlLjwvZGl2Pg0KPGRpdiBkaXI9
ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBz
cGFjZTsgbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxiciBjbGFz
cz0iIj4NCjwvZGl2Pg0KPGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdv
cmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3Bh
Y2U7IiBjbGFzcz0iIj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13
b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNw
YWNlOyIgY2xhc3M9IiI+DQpXZSBhbGwgYXBwcmVjaWF0ZSB0aGUgd29yayBwdXQgaW50byBhZGRp
bmcgdGhlIEFFQUQgcGFja2V0IHNwZWNpZmljYXRpb25zIGFuZCBtYWtpbmcgYSByZWFsIHJlZ2lz
dHJ5IG9mIGl0LiBJdCBzaG91bGQgYmUgYSBnb29kIHRoaW5nIHRoYXQgc29tZW9uZSBwcm9wb3Nl
cyB0byBhY3R1YWxseSB1c2UgdGhlIEFFQUQgcmVnaXN0cnkuIFRoZXJl4oCZcyByZWFsbHkgbm8g
cmVhc29uIGJsb2NraW5nIG90aGVycyBmcm9tIGRvaW5nIHdoYXQgdGhleSB3YW50LjwvZGl2Pg0K
PGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJz
cC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4N
CjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6
IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0ZXIt
d2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCkFnYWluLCBubyBvbmUgaXMgdGFraW5nIGFueXRoaW5n
IGF3YXkgZnJvbSB0aGUgc3BlYyB3aXRoIGEg4oCcTUFZ4oCdIHBocmFzZS48L2Rpdj4NCjxkaXYg
ZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9k
ZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQo8YnIg
Y2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0KPGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+DQo8ZGl2IHN0eWxlPSJj
b2xvcjogcmdiKDAsIDAsIDApOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRv
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7
IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgd29yZC13cmFwOiBicmVhay13b3JkOyAt
d2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IC13ZWJraXQtbGluZS1icmVhazogYWZ0ZXItd2hpdGUt
c3BhY2U7IiBjbGFzcz0iIj4NCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX188
YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpSb25hbGQgVHNlPGJyIGNsYXNzPSIiPg0KUmli
b3NlIEluYy48YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvZGl2Pg0KPGRp
dj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIGNsYXNzPSIiPg0KPGRpdiBjbGFzcz0iIj5PbiBP
Y3QgMjgsIDIwMTcsIGF0IDg6MzMgQU0sIGJyaWFuIG0uIGNhcmxzb24gJmx0OzxhIGhyZWY9Im1h
aWx0bzpzYW5kYWxzQGNydXN0eXRvb3RocGFzdGUubmV0IiBjbGFzcz0iIj5zYW5kYWxzQGNydXN0
eXRvb3RocGFzdGUubmV0PC9hPiZndDsgd3JvdGU6PC9kaXY+DQo8YnIgY2xhc3M9IkFwcGxlLWlu
dGVyY2hhbmdlLW5ld2xpbmUiPg0KPGRpdiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+T24gRnJp
LCBPY3QgMjcsIDIwMTcgYXQgMTA6MTI6NTFBTSAmIzQzOzAwMDAsIFJvbmFsZCBUc2Ugd3JvdGU6
PGJyIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgY2xhc3M9IiI+My4gVGhlIG1p
c3VuZGVyc3RhbmRpbmcgdGhhdCBPcGVuUEdQIGltcGxlbWVudGVycyB3aWxsIG5vdCBpbXBsZW1l
bnQgT0NCIGR1ZSB0byBJUFIgZGlzY2xvc3VyZXMuPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3Rl
Pg0KPGJyIGNsYXNzPSIiPg0KVGhpcyBoYXMgbm90aGluZyB0byBkbyB3aXRoIHdoZXRoZXIgaW1w
bGVtZW50ZXJzIHdpbGwgaW1wbGVtZW50IGl0LjxiciBjbGFzcz0iIj4NClRoaXMgaGFzIHRvIGRv
IHdpdGggd2hldGhlciB1c2VycyB3aWxsIGJlIHdpbGxpbmcgdG8gdXNlIGEgc3BlYyBvcjxiciBj
bGFzcz0iIj4NCmltcGxlbWVudGF0aW9uIHRoYXQgaGFzIHBhdGVudCBjb25jZXJucyBhc3NvY2lh
dGVkIHdpdGggaXQuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlw
ZT0iY2l0ZSIgY2xhc3M9IiI+V2VybmVyIG9mIEdudVBHLCBoYXMgYWxyZWFkeSBpbmRpY2F0ZWQg
c3VwcG9ydCB0byBPQ0Igb24gbXVsdGlwbGU8YnIgY2xhc3M9IiI+DQpvY2Nhc2lvbnMuIE91ciBv
d24gb3Blbi1zb3VyY2UgT3BlblBHUCBpbXBsZW1lbnRhdGlvbiwgUk5QLCB3aWxsPGJyIGNsYXNz
PSIiPg0KaW1wbGVtZW50IE9DQi4gQW55b25lIHRoYXQgdXNlcyBwb3B1bGFyIGNyeXB0b2dyYXBo
aWMgbGlicmFyaWVzIGxpa2U8YnIgY2xhc3M9IiI+DQpPcGVuU1NMIGFuZCBCb3RhbiBjYW4gYWxy
ZWFkeSBpbXBsZW1lbnQgdGhpcyBhbmQgaXMgY292ZXJlZCBieSB0aGU8YnIgY2xhc3M9IiI+DQps
aWNlbnNlcy48YnIgY2xhc3M9IiI+DQo8L2Jsb2NrcXVvdGU+DQo8YnIgY2xhc3M9IiI+DQpHbnVQ
RyByZWxpZXMgb24gbGliZ2NyeXB0IGZvciBjcnlwdG9ncmFwaGljIGZ1bmN0aW9uYWxpdHkuICZu
YnNwO09uIERlYmlhbiw8YnIgY2xhc3M9IiI+DQpsaWJnY3J5cHQgaXMgbGlua2VkIGludG8gWG9y
Zywgd2hpY2ggaXMgb2Z0ZW4gbGlua2VkIHRvIHByb3ByaWV0YXJ5PGJyIGNsYXNzPSIiPg0Kc29m
dHdhcmUgc3VjaCBhcyBncmFwaGljcyBkcml2ZXJzLiAmbmJzcDtTaW5jZSBEZWJpYW4gY2Fubm90
IGF2YWlsIGl0c2VsZiBvZjxiciBjbGFzcz0iIj4NCmxpY2Vuc2UgMiAoYmVjYXVzZSByZXN0cmlj
dGlvbnMgb24gbWlsaXRhcnkgdXNlIGFyZSB1bmFjY2VwdGFibGUpIGFuZDxiciBjbGFzcz0iIj4N
CmxpY2Vuc2UgMSBwcm9oaWJpdHMgdXNlcyB3aXRoIHByb3ByaWV0YXJ5IHNvZnR3YXJlLCBEZWJp
YW4ncyBHbnVQRyBpczxiciBjbGFzcz0iIj4NCnVubGlrZWx5IHRvIGhhdmUgc3VwcG9ydCBmb3Ig
T0NCIHVubGVzcyBEZWJpYW4gc2hpcHMgdHdvIHNlcGFyYXRlIGNvcGllczxiciBjbGFzcz0iIj4N
Cm9mIGxpYmdjcnlwdC4gJm5ic3A7Rm9yIHRoZSBzYW1lIHJlYXNvbiwgVWJ1bnR1IGlzIGFsc28g
bGlrZWx5IHRvIGhhdmUgdGhlPGJyIGNsYXNzPSIiPg0Kc2FtZSBwb2xpY3kuPGJyIGNsYXNzPSIi
Pg0KPGJyIGNsYXNzPSIiPg0KSSd2ZSBmaWxlZCBhIGJ1ZyB3aXRoIERlYmlhbiB0byBicmluZyB0
aGlzIHRvIHRoZWlyIGF0dGVudGlvbi48YnIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpUaGVz
ZSBhcmUgdGhlIGtpbmQgb2YgcHJhY3RpY2FsIHJlYXNvbnMgdGhhdCBwYXRlbnRlZCBzb2Z0d2Fy
ZSBpczxiciBjbGFzcz0iIj4NCnByb2JsZW1hdGljIGFuZCBzaG91bGQgbm90IGJlIGEgcGFydCBv
ZiBhbnkgc3BlY2lmaWNhdGlvbnMuICZuYnNwO0kgZG9uJ3Q8YnIgY2xhc3M9IiI+DQpiZWxpZXZl
IHRoZXJlJ3MgYSBjb25zZW5zdXMgb24gYWRkaW5nIHRoaXMsIHNpbmNlIHRoZSBncm91cHMgc2Vl
bSBhdDxiciBjbGFzcz0iIj4NCmJlc3QgZXZlbmx5IHNwbGl0LiAmbmJzcDtQcmV2aW91cyBvcGlu
aW9ucyBpbiB0aGUgd29ya2luZyBncm91cCB3ZXJlIG1vc3RseTxiciBjbGFzcz0iIj4NCm5lZ2F0
aXZlLjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCkkgcmVtYWluIHdob2xseSBvcHBvc2Vk
IHRvIGluY2x1ZGluZyBPQ0IgaW4gdGhlIE9wZW5QR1Agc3BlY2lmaWNhdGlvbiw8YnIgY2xhc3M9
IiI+DQphbmQgaWYgdGhpcyBzcGVjaWZpY2F0aW9uIHNob3VsZCBtYWtlIGl0IHRvIGxhc3QgY2Fs
bCB3aXRoIE9DQiBpbmNsdWRlZCw8YnIgY2xhc3M9IiI+DQpJIHdpbGwgb3Bwb3NlIGl0IG9uIHRo
b3NlIGdyb3VuZHMuPGJyIGNsYXNzPSIiPg0KLS0gPGJyIGNsYXNzPSIiPg0KYnJpYW4gbS4gY2Fy
bHNvbiAvIGJyaWFuIHdpdGggc2FuZGFsczogSG91c3RvbiwgVGV4YXMsIFVTPGJyIGNsYXNzPSIi
Pg0KPGEgaHJlZj0iaHR0cHM6Ly93d3cuY3J1c3R5dG9vdGhwYXN0ZS5uZXQvfmJtYyIgY2xhc3M9
IiI+aHR0cHM6Ly93d3cuY3J1c3R5dG9vdGhwYXN0ZS5uZXQvfmJtYzwvYT4gfCBNeSBvcGluaW9u
IG9ubHk8YnIgY2xhc3M9IiI+DQpPcGVuUEdQOiA8YSBocmVmPSJodHRwczovL2tleWJhc2UuaW8v
YmsyMjA0IiBjbGFzcz0iIj5odHRwczovL2tleWJhc2UuaW8vYmsyMjA0PC9hPjxiciBjbGFzcz0i
Ij4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Jsb2NrcXVvdGU+DQo8L2Rpdj4NCjxiciBjbGFzcz0iIj4N
CjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K

--_000_06D50F4826BD47298071576DA8E226AAribosecom_--


From nobody Sat Oct 28 01:24:02 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B579C139976 for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2017 01:24:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bSyrFRPelc5p for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2017 01:23:58 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB0FB139982 for <openpgp@ietf.org>; Sat, 28 Oct 2017 01:23:57 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yPDKk4sFWz1L5; Sat, 28 Oct 2017 10:23:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509179034; bh=+vvV4z8FchW2Hz3QKucVDRwgJLo7hGHKlKm2xSJaFbI=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=uxTCG8TShcmC84rRzFApaoBT46LLU3e3jgyqyfYoajFpKTj+AkhU5WRhavc2VP6hb Fn9iw68YbtooA2kthuuj4mN9ugHRc+C5HdB2LEbKFcmLQ56IKNC+Htfv9TxJ4Aj2j5 1x077ZtgJq1VjdtlNOFae+s4UiTWeoHR1GmD2ad0=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id yzsWGN3fnw9e; Sat, 28 Oct 2017 10:23:53 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Sat, 28 Oct 2017 10:23:53 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 2950462D29; Sat, 28 Oct 2017 04:23:52 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 2950462D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 251BB40D35AF; Sat, 28 Oct 2017 04:23:52 -0400 (EDT)
Date: Sat, 28 Oct 2017 04:23:51 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Ronald Tse <tse@ribose.com>
cc: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com>
Message-ID: <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8BIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/6DUXmzQ4jkue9JrZkmCqNDVnfWA>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Oct 2017 08:24:01 -0000

On Sat, 28 Oct 2017, Ronald Tse wrote:

> We all appreciate the work put into adding the AEAD packet specifications and making a real registry of it. It
> should be a good thing that someone proposes to actually use the AEAD registry. There’s really no reason blocking
> others from doing what they want.
> 
> Again, no one is taking anything away from the spec with a “MAY” phrase.

For protocols like IKE/IPsec or TLS, where you negotiate a cipher suite,
MAY algorithms are fine.

For a protocol where both parties are not online at the same time, and
where one party might not know the other party's capabilities at all,
a MAY algorithm can lead to non-interoperability (with human latency
involved)

Do OpenPGP public keys list all the encryption algorithms and signature
algorithms supported by that user? If not, then there should really only
be MUST algorithms (current crypto) and SHOULD algorithms (for things
being sunset). If OpenPGP public keys do list these, do we have any
information how current these are for most published public keys?

It would have been nice to have had OCB support when it was invented.
By now, the gains are pretty minimal. While there is an argument for
having a "stand by" or "backup" algorithm that is universially supported,
I would say chacha20/poly would be the better AEAD candidate.

And I don't agree with your handwaiving about the various different
licenses and use cases. The fact that there is a discussion and unclarity
about this at all shows that there is an issue here.

It's not that I dislike OCB. I looked at OCB a few years ago when TLS got
special permission to use it, to see about defining it for IKE/IPsec as
well, but the TLS draft authors made it clear they took years getting all
the permissions and licensing in place, and it listed "TLS" specifically
at places, so I could not re-use their work at the time for IKE/IPsec. So
I decided not to pursue it for IKE/IPsec.

The lesson here is, don't put arbitrary restrictions on your algorithm if
you want to see widespread adoption.

Paul


From nobody Mon Oct 30 08:17:12 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD65413FA55 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:17:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9hlUHq2m1igF for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:17:09 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44F7613FA5B for <openpgp@ietf.org>; Mon, 30 Oct 2017 08:16:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 19ABFE2066; Mon, 30 Oct 2017 11:16:19 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 01532-03; Mon, 30 Oct 2017 11:16:16 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::530:248d:f760:bb62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 5518EE2054; Mon, 30 Oct 2017 11:16:16 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509376576; bh=XepcppmYYd1vwoqbzO7ojshF/oDDT+LuIwB+mVfMowQ=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=cl/DNJbB56hn1nUymKHOx+Fyf7d0jzU9kJqRJObbChGktghd2Eev4tMwiB7iuLLN1 UbZ7n9Xb2sK+4M6mWorwQz0KxOAYTzXQL/b9lB6rFVZysnMk0Hg+IlBJP/7gnMZ0Ub Kq1KEN8JupQbnqT6QHPWCb47T+RRe/YZzx+81pQU=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id v9UFGFOT015743; Mon, 30 Oct 2017 11:16:15 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Paul Wouters <paul@nohats.ca>
Cc: Ronald Tse <tse@ribose.com>, "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca>
Date: Mon, 30 Oct 2017 11:16:15 -0400
In-Reply-To: <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> (Paul Wouters's message of "Wed, 25 Oct 2017 12:27:30 -0400 (EDT)")
Message-ID: <sjmfua01xa8.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/-J0wJalBA5U42WXmVTVWOC8USok>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 15:17:11 -0000

Paul Wouters <paul@nohats.ca> writes:

> On Wed, 25 Oct 2017, Ronald Tse wrote:
>
>> Since bis-02 now formally defines the AEAD packet and an AEAD
>> algorithm registry, I=E2=80=99d like to bring up the topic again of
>> adding OCB to the draft given its clear benefits. There have been
>> previous mentions of patent concerns, but OCB is freely
>> licensed for open source tools and has been included in libraries
>> like OpenSSL and Botan.
>
> What is the advantage of adding more and more algorithms and variants?

Different requirements in different use-cases.

> If OCB is clearly a winner over another algorithm candidate to be added,
> is the inferior other candidate removed?

Not necessarily.  Just because one is a "winner" does not necessarily
mean the other is "inferior".  Again, different use-cases have different
requirements that could result in different preferred choices.

> Adding algorithms is easy. Removing them is hard. That should raise the
> bar for adding new ones.

Historically the OpenPGP group has been relatively inviting and open to
addition (non-mandatory) algorithms.  I see no reason today that this
decades-old practice be changed.

> Paul

-derek
--=20
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 08:21:45 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59E8513FAD1 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:21:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CeDqXnw1cbD8 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:21:24 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94FCC13FA9B for <openpgp@ietf.org>; Mon, 30 Oct 2017 08:19:52 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 6FA7FE2082; Mon, 30 Oct 2017 11:19:51 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 01532-05; Mon, 30 Oct 2017 11:19:48 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::530:248d:f760:bb62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id A42B8E2081; Mon, 30 Oct 2017 11:19:48 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509376788; bh=at0HFO3vebCw9NPcOP/sXx+3iUOhZDdywaWRRXHDY5M=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=qCSBU8wNsGXukiOMVGYrhuEiBPP1Cf5ntKx1bVxC61vV9/EcJ4NVvM0LX2MG/M7JV A99L59ojfTlq3bUc0ia2vf72sjQpEQJxmf75Um0tK+UgMegfAalJVjKJ2S9/v42jsA GI7uUqwv3b/6mK8AD8Lnn7jImDqFlDg3g6Td7Tlk=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id v9UFJf1J003393; Mon, 30 Oct 2017 11:19:41 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Rick van Rein <rick@openfortress.nl>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl>
Date: Mon, 30 Oct 2017 11:19:41 -0400
In-Reply-To: <59F0C015.2050303@openfortress.nl> (Rick van Rein's message of "Wed, 25 Oct 2017 18:47:17 +0200")
Message-ID: <sjmbmko1x4i.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/UzG1OlEnU5BscSIR7X8R5B9h4Hk>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 15:21:27 -0000

Rick van Rein <rick@openfortress.nl> writes:

> Along the same lines I'm also surprised that no effort has been made to
> deprecate 2.x PGP packet formats and public key formats, for instance.
> We all know that such old keys don't have a reason to exist anymore,
> but we're all still coding the old and new in order to be compliant to
> the standards.  Such a waste of time...

I have files encrypted 20+ years ago (to a 20+ year old key) sitting
around in storage.  Are you saying that those encrypted files should not
be readable anymore?

And note that if your response is "but just re-encrypt them", I'll add
that then I lose a lot of the original data, like original signing date
etc.  Moreover, AFAIK there is no tool that I can use to re-encrypt a
message while keeping signature data intact.  (Please correct me if I'm
missing something, but even gpg does not seem to have a "re-encrypt"
option).

> -Rick

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 08:35:41 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2A001FF6E9 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:35:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OB2KM9PpTdk for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:35:34 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60A6A1FF46E for <openpgp@ietf.org>; Mon, 30 Oct 2017 08:28:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 187ADE2050; Mon, 30 Oct 2017 11:28:22 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 01673-03; Mon, 30 Oct 2017 11:28:15 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::530:248d:f760:bb62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 21DEDE203F; Mon, 30 Oct 2017 11:28:15 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509377295; bh=qzYoJNi+TaKvj2/bgQDxihqWJC+BaXJEumucSG3Fqj8=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=nX2a3rHCzK00S25EBNukUBsHmBxLP77jnk5WozKxZoroi2zStpzDrkI3uwm8KBWBQ wyKrCqUolMpaLUq8rywPUbnavJrYlJLFwiDAIRPBndNr3v79XC6Z2xol1OJCJqL2+8 TrA8xPIH6rYMwd9nfwi6s/mUTZqFMccvY16G6QA8=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id v9UFSEOR021282; Mon, 30 Oct 2017 11:28:14 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Paul Wouters <paul@nohats.ca>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca>
Date: Mon, 30 Oct 2017 11:28:14 -0400
In-Reply-To: <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca> (Paul Wouters's message of "Sat, 28 Oct 2017 04:23:51 -0400 (EDT)")
Message-ID: <sjm4lqg1wq9.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/3-qgyg6cg7D8pMe3OfbR3WZfSSM>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 15:35:40 -0000

Paul Wouters <paul@nohats.ca> writes:

> Do OpenPGP public keys list all the encryption algorithms and signature
> algorithms supported by that user? If not, then there should really only
> be MUST algorithms (current crypto) and SHOULD algorithms (for things
> being sunset). If OpenPGP public keys do list these, do we have any
> information how current these are for most published public keys?

Yes, they do. "Preferred algorothm notations".

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 08:36:16 2017
Return-Path: <rick@openfortress.nl>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D9E613FA93 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:36:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.221
X-Spam-Level: 
X-Spam-Status: No, score=-1.221 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w3S294LMYISg for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 08:36:13 -0700 (PDT)
Received: from lb2-smtp-cloud7.xs4all.net (lb2-smtp-cloud7.xs4all.net [194.109.24.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12F8A1394E4 for <openpgp@ietf.org>; Mon, 30 Oct 2017 08:29:20 -0700 (PDT)
Received: from fame.vanrein.org ([IPv6:2001:980:93a5:1::7]) by smtp-cloud7.xs4all.net with ESMTP id 9C04eMfw6VNbY9C05euuYw; Mon, 30 Oct 2017 16:29:18 +0100
Received: by fame.vanrein.org (Postfix, from userid 1006) id 2A62125DAC; Mon, 30 Oct 2017 15:29:16 +0000 (UTC)
X-Original-To: openpgp@ietf.org
Received: from airhead.local (phantom.vanrein.org [83.161.146.46]) by fame.vanrein.org (Postfix) with ESMTPA id 0F51B25DA9; Mon, 30 Oct 2017 15:29:13 +0000 (UTC)
Message-ID: <59F74542.5080409@openfortress.nl>
Date: Mon, 30 Oct 2017 16:29:06 +0100
From: Rick van Rein <rick@openfortress.nl>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Derek Atkins <derek@ihtfp.com>
CC: "openpgp@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org>
In-Reply-To: <sjmbmko1x4i.fsf@securerf.ihtfp.org>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Bogosity: Unsure, tests=bogofilter, spamicity=0.520000, version=1.2.4
X-CMAE-Envelope: MS4wfFxD0z3LgvpsOCpte2ae2Io61apYjNcYvaYwAH5FUdfG35jWibNSOvZfsarXfYbwbIyiw75IbA3JkZ/lOB4uElqlmUPuAUNYshqlxksqrzL/ab2ZLJph KOSUknhMqOXsFxM+4fViUD+dCAvxSL0f4qZWxaTOhbnAZ/PNyniQ4TCzAvpq1s0QfaoEKTcA1xpEfGQsbVa137fEQ01kccecC2w=
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/QxqQPqs9XdeCk09yyGd0TK0qtQc>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 15:36:15 -0000

Hi Derek,

>> Along the same lines I'm also surprised that no effort has been made to
>> deprecate 2.x PGP packet formats and public key formats, for instance.
>> We all know that such old keys don't have a reason to exist anymore,
>> but we're all still coding the old and new in order to be compliant to
>> the standards.  Such a waste of time...
>
> I have files encrypted 20+ years ago (to a 20+ year old key) sitting
> around in storage.  Are you saying that those encrypted files should not
> be readable anymore?

I was thinking about signing, which was indeed an oversight.

One might question if current-day crypto software should continue to
support old encrypted files though, or that a fork would be wiser.  The
added complexity of the software is far from helpful in keeping software
clear and bug free.  Also, this old material may end up being treated by
hardly-tested code, which is another undesirable part.

Anyhow, I brought this up to agree that we should be careful what is
being added, and your response is in fact confirming that.

-Rick


From nobody Mon Oct 30 11:01:11 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3B1D98B5 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 11:01:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level: 
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id biynXKuSSVBJ for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 11:00:57 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC21798AD for <openpgp@ietf.org>; Mon, 30 Oct 2017 11:00:57 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yQj2b3KMQzF76; Mon, 30 Oct 2017 19:00:55 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509386455; bh=26SxNosYMKCagpLbxldwqolr3oZHgvArmFb8O9cIg9c=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=AkKd6yb0qXftmPwoio7edTGm3h3K4sxhfQ9c0BmuhE1MXCZ4q3d7FAvS1y0/mEn1O /Z8wKqaul3WvtCsSARtBp2RtO62zVlXwpfkE9Z314RzQ48PDWCOwgUFw36LOAaw+80 bJ4nIDyx6PnCrufnoqon4NDcIkMvCKaYTScnHKF8=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 5ezaqyrT7Fmn; Mon, 30 Oct 2017 19:00:53 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 30 Oct 2017 19:00:53 +0100 (CET)
Received: from [10.252.1.42] (unknown [2.50.18.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 0709F62D29; Mon, 30 Oct 2017 14:00:52 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 0709F62D29
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
From: Paul Wouters <paul@nohats.ca>
X-Mailer: iPhone Mail (15A432)
In-Reply-To: <59F74542.5080409@openfortress.nl>
Date: Mon, 30 Oct 2017 22:00:47 +0400
Cc: Derek Atkins <derek@ihtfp.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl>
To: Rick van Rein <rick@openfortress.nl>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/AZMbaGkCl1L-b657Z-yOrekTEv4>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 18:01:10 -0000

On Oct 30, 2017, at 19:29, Rick van Rein <rick@openfortress.nl> wrote:
>=20
> Hi Derek,
>=20
>>=20
>> I have files encrypted 20+ years ago (to a 20+ year old key) sitting
>> around in storage.  Are you saying that those encrypted files should not
>> be readable anymore?

So when do we stop supporting an algorithm? When it can be brute forces in a=
 month? A year ? A day?


> One might question if current-day crypto software should continue to
> support old encrypted files though, or that a fork would be wiser.

Like pgp 2.6 and pgp 5. Yes.

A way to also stimulate upgrading could be to demote algorithms to decrypt/v=
erify only and not allow them for creating new encrypted/signed material.

As for we have been doing this for  20 years argument, I am still carrying i=
dea.c and still have to manually compile it every time gpg upgrades. So the =E2=
=80=9Ccurrent=E2=80=9D scheme has proven to not work well at all for me.

Paul=


From nobody Mon Oct 30 11:19:29 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A753A04D for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 11:19:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NOOVR3qAbhZP for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 11:19:25 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E26113FA13 for <openpgp@ietf.org>; Mon, 30 Oct 2017 11:19:25 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 23D82E205D; Mon, 30 Oct 2017 14:18:54 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 03280-01; Mon, 30 Oct 2017 14:18:51 -0400 (EDT)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id C24BBE2050; Mon, 30 Oct 2017 14:18:51 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509387531; bh=b9mrnTTd8QCCpCaTsElLoVCUwfcL3xEh2n7imr1qTyg=; h=In-Reply-To:References:Date:Subject:From:To:Cc; b=Gh26SCaT8u8YwZ9BfMkBEmXZJ1sGYOaYRlo+iboOED34dDw3Q93Qd9Yd/2+ajO6Wj ivHEyIlfv2rNfC2+A+b/vrnXF3X6k/z68+ioP19Zl6TL8DRsH+PLVa+ntAYsv7Jy3m npMppYQBosvqPRGdYpF2DVcS5fgCYF2DKhGlTVxg=
Received: from 192.168.248.250 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Mon, 30 Oct 2017 14:18:51 -0400
Message-ID: <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org>
In-Reply-To: <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl> <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca>
Date: Mon, 30 Oct 2017 14:18:51 -0400
From: "Derek Atkins" <derek@ihtfp.com>
To: "Paul Wouters" <paul@nohats.ca>
Cc: "Rick van Rein" <rick@openfortress.nl>, "openpgp@ietf.org" <openpgp@ietf.org>, "Derek Atkins" <derek@ihtfp.com>
User-Agent: SquirrelMail/1.4.22-14.fc20
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Jsty6ugPp8d2e6f9fU1axq_n0Ck>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 18:19:27 -0000

On Mon, October 30, 2017 2:00 pm, Paul Wouters wrote:
> On Oct 30, 2017, at 19:29, Rick van Rein <rick@openfortress.nl> wrote:
>>
>> Hi Derek,
>>
>>>
>>> I have files encrypted 20+ years ago (to a 20+ year old key) sitting
>>> around in storage.  Are you saying that those encrypted files should
>>> not
>>> be readable anymore?
>
> So when do we stop supporting an algorithm? When it can be brute forces in
> a month? A year ? A day?

That's a good question, but considering none of it applies to pretty much
any method we've supported (except, perhaps, MD5) it's a bit moot.

>> One might question if current-day crypto software should continue to
>> support old encrypted files though, or that a fork would be wiser.
>
> Like pgp 2.6 and pgp 5. Yes.
>
> A way to also stimulate upgrading could be to demote algorithms to
> decrypt/verify only and not allow them for creating new encrypted/signed
> material.

We've already done that.  It "works" (to some degree) to get people to
upgrade.

> As for we have been doing this for  20 years argument, I am still carrying
> idea.c and still have to manually compile it every time gpg upgrades. So
> the “current” scheme has proven to not work well at all for me.

Honestly, AFAIK there has never been a security issue with IDEA; just
patent/licensing.  At this point I think all those issues are gone, too,
so honestly there's little reason not to include it natively.

But the real point is that there are so few methods that people want to
support *IN THE PROTOCOL* that there is little reason, IMNSHO, to prevent
them from doing so in a standard way.

Remember, just because the protocol supports a method does not mean
implementations will.  But if the protocol does NOT support some methods
it might prevent some users from using the protocol.  Hence, if we want to
encourage adoption (even if it's in a closed environment) we should
encourage method adoption.  Again, it's not that expensive to do so on our
part.

> Paul

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 12:23:06 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CDE013F7B1 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 12:23:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KgfJPiH6kvM4 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 12:23:03 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70C29138D8F for <openpgp@ietf.org>; Mon, 30 Oct 2017 12:23:03 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yQksF65V6zF7B; Mon, 30 Oct 2017 20:22:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509391377; bh=/djk3mGz3OayVcixXWrkBMm8dLfld1jZRtXCVYPav7s=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=CRvwXqOnUMiJt+SL8odJ33pC0oCjIeUJ8k7p8RjGiAF8hq1LdWkRlTTyhPGdBSiZY h9OgxW6glxFkKC19xAtRzzS0M0DMxzFHKr/1j2iuPrlArYnkkfv3J1YUoV/g1+3Rl1 9FAPExQjP7TbJ0E64/0j8woA6NjaWdRioLQHs8WE=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id iEGECBkpfCIv; Mon, 30 Oct 2017 20:22:57 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 30 Oct 2017 20:22:56 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id A921762D29; Mon, 30 Oct 2017 15:22:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca A921762D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 995AF40D35AF; Mon, 30 Oct 2017 15:22:55 -0400 (EDT)
Date: Mon, 30 Oct 2017 15:22:55 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Derek Atkins <derek@ihtfp.com>
cc: Rick van Rein <rick@openfortress.nl>,  "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org>
Message-ID: <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl> <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca> <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8BIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/7QJB2SJOLatJ9clLl4exkCI49_M>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 19:23:05 -0000

On Mon, 30 Oct 2017, Derek Atkins wrote:

>> As for we have been doing this for  20 years argument, I am still carrying
>> idea.c and still have to manually compile it every time gpg upgrades. So
>> the “current” scheme has proven to not work well at all for me.
>
> Honestly, AFAIK there has never been a security issue with IDEA; just
> patent/licensing.  At this point I think all those issues are gone, too,
> so honestly there's little reason not to include it natively.

It was an example of how some people having IDEA and other not having it
causes interop issues to the point that I need to manually hack my
implementation to talk to those people. That's something you want to
avoid more then giving people a list of 6 sexy algorithms to choose
from.

> But the real point is that there are so few methods that people want to
> support *IN THE PROTOCOL* that there is little reason, IMNSHO, to prevent
> them from doing so in a standard way.

I don't understand that sentence.

> Remember, just because the protocol supports a method does not mean
> implementations will.

If you add things to the protocol that the vast majority will not
implement, you have lost already and that added thing becomes useless.

> But if the protocol does NOT support some methods
> it might prevent some users from using the protocol.

Which is a good thing? Do you think most users can make a meaningful
decision about which algorithms to trust or not and for how long?

The reason for a lot variance with TLS or IKE/IPsec with protocols is
that performance does matter. For openpgp, performance hardly matters.
You're not doing 1Gbps or running on an IoT device with 32kb RAM or
require less then 25ms latency.

Paul


From nobody Mon Oct 30 12:52:29 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D53113F65D for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 12:52:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RV9DsV_uOncm for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 12:52:25 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 262EF13FAFF for <openpgp@ietf.org>; Mon, 30 Oct 2017 12:51:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id D33A2E2047; Mon, 30 Oct 2017 15:51:43 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 04007-03; Mon, 30 Oct 2017 15:51:41 -0400 (EDT)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id 24298E2064; Mon, 30 Oct 2017 15:51:41 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509393101; bh=XTG2x5FoCVZGiZMvgEzowMslU9UYsTHKkcCDUZ+8h8A=; h=In-Reply-To:References:Date:Subject:From:To:Cc; b=PAN1rZ34NrQl8FHvqh5DOa5QBIjm2B9qBlQM59pe0J8bJ6nZopY/it9Lg4L6Am1A+ 3ykLLb8dS7pjZZ1XCopACbeRU1xqHsKto+X0+3eeQIeMQ5r7qhnDkVSK8PLyArcT8u zrzp0YPDtbRoAcpvlDfpsbhWdL2rBkCMLzpz/Z2U=
Received: from 192.168.248.250 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Mon, 30 Oct 2017 15:51:41 -0400
Message-ID: <704d117e3b4f3b093d2846d8433ebbf2.squirrel@mail2.ihtfp.org>
In-Reply-To: <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl> <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca> <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca>
Date: Mon, 30 Oct 2017 15:51:41 -0400
From: "Derek Atkins" <derek@ihtfp.com>
To: "Paul Wouters" <paul@nohats.ca>
Cc: "Rick van Rein" <rick@openfortress.nl>, "openpgp@ietf.org" <openpgp@ietf.org>
User-Agent: SquirrelMail/1.4.22-14.fc20
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/jnwCIqqrNoi9a9MVRaU7alUIcBE>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 19:52:27 -0000

Paul,

On Mon, October 30, 2017 3:22 pm, Paul Wouters wrote:

> It was an example of how some people having IDEA and other not having it
> causes interop issues to the point that I need to manually hack my
> implementation to talk to those people.

Yes, and IMHO, IDEA should get added back in.  In this day and age there
is zero reason to prohibit it.

>     That's something you want to
> avoid more then giving people a list of 6 sexy algorithms to choose
> from.

Note that it's not "PEOPLE" who are choosing them, per se.  It's the
implementers, who one would think would have a better idea of what to
implement and why.

>> But the real point is that there are so few methods that people want to
>> support *IN THE PROTOCOL* that there is little reason, IMNSHO, to
>> prevent
>> them from doing so in a standard way.
>
> I don't understand that sentence.

Okay, let me try again.

How many public key methods are there?  Not many.
How many ciphers are there?   Again, not many.
Similarly, how many AEAD methods are there?   Again... not many.

Even moreso, there are even fewer methods people are proposing to include
in the OpenPGP protocol than the limited number of methods that are out
there.

There are SO FEW methods that, indeed, if even one implementer wants to do
it in a standard way we should let them.

Maybe that implementer is doing something privately, but still wants to do
it in a standard way.  We should let them.

Maybe they feel that it'll be years before someone else is interested, but
they want to ensure their code written today will work down the road.   We
should let them.

In other words, we should be accepting in relinquishing protocol numbers.

>> Remember, just because the protocol supports a method does not mean
>> implementations will.
>
> If you add things to the protocol that the vast majority will not
> implement, you have lost already and that added thing becomes useless.

You've clearly never worked on (or in) a private enclave.  The IETF should
not be in the position to say that private enclaves MAY NOT exist.  But
you seem to be implying that by your stance.

Maybe the implementer who wants to add OCB doesn't care if your
implementation can read it, because your implementation is very unlikely
to ever see an OCB message.  Why do you want to say that they may not do
that (which is what you're saying by implying that your implementation
must support every feature and that the protocol may not support features
that your implementation does not support).

>> But if the protocol does NOT support some methods
>> it might prevent some users from using the protocol.
>
> Which is a good thing?

No.  It's not.  We should encourage people to use OpenPGP.  It's a great
protocol, and anything we do that prohibits adoption is a bad thing.

>    Do you think most users can make a meaningful
> decision about which algorithms to trust or not and for how long?

That's irrelevant to this discussion.

> The reason for a lot variance with TLS or IKE/IPsec with protocols is
> that performance does matter. For openpgp, performance hardly matters.
> You're not doing 1Gbps or running on an IoT device with 32kb RAM or
> require less then 25ms latency.

I'm afraid you're wrong here.  I *AM* running OpenPGP on an IoT device,
and in fact that IoT device has less than 32kB RAM.  (I'm assuming you
meant 32kB, and not 32kb == 4KB, which is exactly how much RAM my device
has).

I'm running OpenPGP specifically because the data formats are smaller and
easier to generate/parse than X.509, so I *CAN* actually run it in an IoT
device.  Of course I'm extremely limited in what methods I support, but I
happen to control both ends of the communication so I can work in an
enclave and control the implementation.

This is exactly why we should be open in what we accept.  In my case, I
don't care if your implementation does not support my methods, but I want
to ensure that I can implement my methods in a standard way such that it
wont interfere with you (and you wont interfere with me).  Moreso, in a
few years, my messages might escape my enclave, which is yet another
reason I'd like to do it in a standard way.

(And yes, I've moved well beyond OCB in this discussion).

> Paul

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 13:29:28 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AF8213FAF2 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 13:29:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MTRkkL4wzkHQ for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 13:29:25 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 172CD13FB24 for <openpgp@ietf.org>; Mon, 30 Oct 2017 13:29:24 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yQmKs5C8szF7N; Mon, 30 Oct 2017 21:29:21 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509395361; bh=gtQ3yoNHk3Lt55455egh2I1Vk5q4+R5YDrF7Zv4r1gU=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=fRSfLudc6XG0xkU2v7wqxTyRCT5qDUMoI9aaa2ne0oeJ0etTUNAopskWZKEwh03X4 HeywQnEpgUASOtYma+01Z9Ii9Lv3VYX0DEgOlLBdklzcwlZ+T7u08CgeIB6jAftWVG 5Ad8khZV3NzGPjFyTlFOEDZwXSSaRQxLyrWFvn18=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id qnIFs0TZIj-B; Mon, 30 Oct 2017 21:29:18 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 30 Oct 2017 21:29:18 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id B0FCA62D29; Mon, 30 Oct 2017 16:29:17 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca B0FCA62D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 9D40440D35AF; Mon, 30 Oct 2017 16:29:17 -0400 (EDT)
Date: Mon, 30 Oct 2017 16:29:17 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Derek Atkins <derek@ihtfp.com>
cc: Rick van Rein <rick@openfortress.nl>,  "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <704d117e3b4f3b093d2846d8433ebbf2.squirrel@mail2.ihtfp.org>
Message-ID: <alpine.LRH.2.21.1710301606430.31082@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl>  <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca> <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca> <704d117e3b4f3b093d2846d8433ebbf2.squirrel@mail2.ihtfp.org>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/_dfMqG6LZaG-wcZGSnvlb3kUaxM>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 20:29:27 -0000

On Mon, 30 Oct 2017, Derek Atkins wrote:

> On Mon, October 30, 2017 3:22 pm, Paul Wouters wrote:
>
>> It was an example of how some people having IDEA and other not having it
>> causes interop issues to the point that I need to manually hack my
>> implementation to talk to those people.
>
> Yes, and IMHO, IDEA should get added back in.  In this day and age there
> is zero reason to prohibit it.

You miss my point. Implementors made decisions and as a result, non-expert
endusers ended up not being able to send each other encrypted email. I
am sayong don't repeat that mistake.

> Note that it's not "PEOPLE" who are choosing them, per se.  It's the
> implementers, who one would think would have a better idea of what to
> implement and why.

That still does not help much against someone using a new algorithm and
someone else using old software that does not have that algorithm.

How long does it take for any now added algorithm to be commonly
supported? By paranoid people who dont want to upgrade their offline
systems? :)

> Maybe that implementer is doing something privately, but still wants to do
> it in a standard way.  We should let them.

That's what private number ranges are for.

> Maybe the implementer who wants to add OCB doesn't care if your
> implementation can read it, because your implementation is very unlikely
> to ever see an OCB message.  Why do you want to say that they may not do
> that (which is what you're saying by implying that your implementation
> must support every feature and that the protocol may not support features
> that your implementation does not support).

As long as you can detect the support when you have the public key, that's
probably okay. But that's still a weak argument to allow vanity
algorithms, as it will still increase the chance that multiple parties
don't share those in their implementation.

And how does this work when my phone supports some algorithms, and my
laptop supports other. How do I announce that in my public key? It
looks like you'd be forced to only publish the shared algorithms. I
wouldn't even know how to announce that.

>>> But if the protocol does NOT support some methods
>>> it might prevent some users from using the protocol.
>>
>> Which is a good thing?
>
> No.  It's not.  We should encourage people to use OpenPGP.  It's a great
> protocol, and anything we do that prohibits adoption is a bad thing.

Swiss army knives are great tools. Raise your hand if you never cut
yourself with one.

> I'm running OpenPGP specifically because the data formats are smaller and
> easier to generate/parse than X.509, so I *CAN* actually run it in an IoT
> device.  Of course I'm extremely limited in what methods I support, but I
> happen to control both ends of the communication so I can work in an
> enclave and control the implementation.
>
> This is exactly why we should be open in what we accept.  In my case, I
> don't care if your implementation does not support my methods, but I want
> to ensure that I can implement my methods in a standard way such that it
> wont interfere with you (and you wont interfere with me).

Ok, well if all of that needs to be supported I guess we will be cursed
with an amount of failure as the price to pay for the freedom to
shoehorn openpgp on everything. I still think it is wise to try and
limit the number of algorithms with similar cryptographic and
architectural properties.

Paul


From nobody Mon Oct 30 14:10:17 2017
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EE0113FB7F for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 14:10:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level: 
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cRgJ99HYxWLz for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 14:10:03 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3285B13FB99 for <openpgp@ietf.org>; Mon, 30 Oct 2017 14:09:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 0260DE2035; Mon, 30 Oct 2017 17:09:17 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 06168-03; Mon, 30 Oct 2017 17:09:14 -0400 (EDT)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id D4394E2049; Mon, 30 Oct 2017 17:09:13 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1509397753; bh=6XWEFHXSzTRfMjo7nZRwPijUiPFDu/AqldWy3sbxnQA=; h=In-Reply-To:References:Date:Subject:From:To:Cc; b=Us5U7f7e0GazymCmwRmAoeh2i218iBGPFxrNBPOHHLwSbd8HB51+RpZqB3E2R43mm RwZN5frq6KJDLZTKVyp2tTkRyAak0KOqdi8zA/HbtzpAUSCbFbEHyX7mciWtMZ8Hvb wU/qXXns9hqgezJT6+Zo9+yFvE9OYBPs1XqvVLT4=
Received: from 192.168.248.250 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Mon, 30 Oct 2017 17:09:13 -0400
Message-ID: <f33b464975d7f08fb74999de94e4348c.squirrel@mail2.ihtfp.org>
In-Reply-To: <alpine.LRH.2.21.1710301606430.31082@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl> <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca> <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca> <704d117e3b4f3b093d2846d8433ebbf2.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301606430.31082@bofh.nohats.ca>
Date: Mon, 30 Oct 2017 17:09:13 -0400
From: "Derek Atkins" <derek@ihtfp.com>
To: "Paul Wouters" <paul@nohats.ca>
Cc: "Rick van Rein" <rick@openfortress.nl>, "openpgp@ietf.org" <openpgp@ietf.org>
User-Agent: SquirrelMail/1.4.22-14.fc20
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/nkmG8oovdZjB3rXh9WBWrjBuVo8>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 21:10:15 -0000

On Mon, October 30, 2017 4:29 pm, Paul Wouters wrote:
> On Mon, 30 Oct 2017, Derek Atkins wrote:
>
>> On Mon, October 30, 2017 3:22 pm, Paul Wouters wrote:
>>
>>> It was an example of how some people having IDEA and other not having
>>> it
>>> causes interop issues to the point that I need to manually hack my
>>> implementation to talk to those people.
>>
>> Yes, and IMHO, IDEA should get added back in.  In this day and age there
>> is zero reason to prohibit it.
>
> You miss my point. Implementors made decisions and as a result, non-expert
> endusers ended up not being able to send each other encrypted email. I
> am sayong don't repeat that mistake.

And you're saying the mistake is that IDEA was included in the first
place?  Or that IDEA was removed?  Or...???

>> Note that it's not "PEOPLE" who are choosing them, per se.  It's the
>> implementers, who one would think would have a better idea of what to
>> implement and why.
>
> That still does not help much against someone using a new algorithm and
> someone else using old software that does not have that algorithm.

Sure.  Just like you're not going to be able to run Linux on an Apple ][

> How long does it take for any now added algorithm to be commonly
> supported? By paranoid people who dont want to upgrade their offline
> systems? :)

Probably a few years at least, which is a good reason to get it into the
spec NOW for the hope that in 3-5 years it'll be more widely deployed.

>> Maybe that implementer is doing something privately, but still wants to
>> do
>> it in a standard way.  We should let them.
>
> That's what private number ranges are for.

That's not "in a standard way".  It also only works for experimentation. 
If you ever expect to deploy it you should NOT use a private number range,
because MY private numbers and YOUR private numbers may conflict.

>> Maybe the implementer who wants to add OCB doesn't care if your
>> implementation can read it, because your implementation is very unlikely
>> to ever see an OCB message.  Why do you want to say that they may not do
>> that (which is what you're saying by implying that your implementation
>> must support every feature and that the protocol may not support
>> features
>> that your implementation does not support).
>
> As long as you can detect the support when you have the public key, that's
> probably okay.

You can.  The self-signature on a key encodes that.

>    But that's still a weak argument to allow vanity
> algorithms, as it will still increase the chance that multiple parties
> don't share those in their implementation.

Perhaps, but that's a different argument and unrelated to whether the spec
should specify a code point.  You seem to be arguing that if it's not 100%
in use everywhere then we shouldn't allocate a code point.  I'm suggesting
that code points are relatively cheap and should be open to most all
comers with reasonable requests.

> And how does this work when my phone supports some algorithms, and my
> laptop supports other. How do I announce that in my public key? It
> looks like you'd be forced to only publish the shared algorithms. I
> wouldn't even know how to announce that.

How are you sharing your keypairs across your devices?

>>>> But if the protocol does NOT support some methods
>>>> it might prevent some users from using the protocol.
>>>
>>> Which is a good thing?
>>
>> No.  It's not.  We should encourage people to use OpenPGP.  It's a great
>> protocol, and anything we do that prohibits adoption is a bad thing.
>
> Swiss army knives are great tools. Raise your hand if you never cut
> yourself with one.

* Raises his hand *

You're right, they are great tools, and they are great because they
include so many tools, even tools that not everyone needs.  And even
better, there are different models of swiss army knifes (SAK) that include
different sets of tools.  So my knife probably has a different set than
yours.  And that's a good thing.

If every SAK contained the same set of tools then it would probably be
less useful.  When I was a kid I used the magnifying glass all the time,
but never the saw.  Later on I found uses for the saw, but kind of lost a
use case for the magnifying glass.

>> I'm running OpenPGP specifically because the data formats are smaller
>> and
>> easier to generate/parse than X.509, so I *CAN* actually run it in an
>> IoT
>> device.  Of course I'm extremely limited in what methods I support, but
>> I
>> happen to control both ends of the communication so I can work in an
>> enclave and control the implementation.
>>
>> This is exactly why we should be open in what we accept.  In my case, I
>> don't care if your implementation does not support my methods, but I
>> want
>> to ensure that I can implement my methods in a standard way such that it
>> wont interfere with you (and you wont interfere with me).
>
> Ok, well if all of that needs to be supported I guess we will be cursed
> with an amount of failure as the price to pay for the freedom to
> shoehorn openpgp on everything. I still think it is wise to try and
> limit the number of algorithms with similar cryptographic and
> architectural properties.

I think you're continually conflating the OpenPGP Specification / Protocol
with various implementations.  We already have the case that different
implementations include different crypto methods.  In fact we've lived
with that case for the past two decades and the world has not ended.

I'm saying that the SPEC should allow the freedom.  I also feel it's fine
if GPG chooses not to implement something that I want in my implementation
(or, vice versa).  I also feel it's fine if you choose even different.

This is exactly the purpose of MUST, SHOULD, and MAY in the spec.  You
KNOW that a compliant implementation will overlap in the MUST methods.

> Paul

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant


From nobody Mon Oct 30 16:58:26 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6C8613FC76 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 16:58:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level: 
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RDdZdFpfZkd0 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 16:58:22 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0069.outbound.protection.outlook.com [104.47.126.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 900E5CD15 for <openpgp@ietf.org>; Mon, 30 Oct 2017 16:50:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=I2av92G0OCGUJkMvGVLLxYEBC2GC2IiDKM6kKFizTXk=; b=vm64jHZGWE2mRHE0BomZe3+4tvCgh7JJYvCUzjSWT6I50FEYZNoKkhq8EBo9VCs49U5bmWBfE/FEbNQhetOIJieBwTPX3jwjFOaF7llqUAPdaxQ7lwR/Jbh99BgmSYwyl1aTr9T/vGnuz3BoG2G81cw73s6v4EYwXxFwj8VNgtY=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1052.apcprd01.prod.exchangelabs.com (10.165.211.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.178.6; Mon, 30 Oct 2017 23:50:01 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038%14]) with mapi id 15.20.0178.012; Mon, 30 Oct 2017 23:50:01 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL0wWoAgAAFh4CAB8PBK4AAAg8AgAAqYYCAAAUMgIAAEeeAgAAICYCAAAqCgIAACyiAgAAs7AA=
Date: Mon, 30 Oct 2017 23:50:01 +0000
Message-ID: <3BD06D06-2CDF-4D76-AA6B-F767B8E54C2E@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <alpine.LRH.2.21.1710251219190.18006@bofh.nohats.ca> <59F0C015.2050303@openfortress.nl> <sjmbmko1x4i.fsf@securerf.ihtfp.org> <59F74542.5080409@openfortress.nl> <37D92E03-5071-42AC-B057-AA3C18B0762A@nohats.ca> <c67d205fcc8d65c48dd7f3af01e03684.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301516360.31082@bofh.nohats.ca> <704d117e3b4f3b093d2846d8433ebbf2.squirrel@mail2.ihtfp.org> <alpine.LRH.2.21.1710301606430.31082@bofh.nohats.ca> <f33b464975d7f08fb74999de94e4348c.squirrel@mail2.ihtfp.org>
In-Reply-To: <f33b464975d7f08fb74999de94e4348c.squirrel@mail2.ihtfp.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [220.246.174.191]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1052; 6:jeVKkFo0QJHJW6+FfUFcM4NVhusqJ3VllnqHfpJDCOKj546MNcGNNfioFfgEKk1eIoWxFynnKUiFi9n8Qiy63kA87t+BEBly7+SKvQhRq6cdv314pSmFYTC8QafumE/cF6kjSdOiiYZlMEnteGTEIf0AdqdhL2/vYH2OiG2b/MVE0LDtc+HRNSaF28ssGiHtT5VV4ZtFLdMLwIBt4CqE1wt4l10KdZlzqx6qxGh4CLJF2u4+EOx2IhNdmg0mQmnsMjJBAAUF1myITfxz3Nww4/0ibk3FuF6BtEyQgmOtvk9DoTReDwvZQ5Edl2opS9mUzleoQ0QDK3gcMu/U3pp9d/BZ726DLFR2FKYqmoLaM6k=; 5:MqE+IWdniWnBaj+7FD+4HoDeMEremsQ4L95nZkAeOkUXzfmKAuFWPzzR+u1KOR14rR30vBnhQDwhAWp1AvTLUSdYFHde1VnDHPUnGO3NJx7eayRrdlXdiC8ZKXeGxa7O5v/s3XBhoz+p2i9+Jchu+YfE2HxL+BMoC8F+AA2gl+I=; 24:N2WzoaEkRwcBkr4TIUkY9IQ6XemLMYaoH516fWJUXKsBbYsgqM/UANf3F8SmXudMbRa03VeLA6/pTuJYv5i09ljLEnj0zzoNq4KtqHxkjEQ=; 7:H75YlfOjQKujSikqNirE8rSMCzsHb/+sRQK7FmJGMMYZEiFmbOnr5pfM1X7qNw5a5rzwzb8+CU+tbzterE52QY8ew4FSaMfis0U5YwW3US+pScQYpANcDiSAeXq3Kht1+zbrvZq8CM8Fp6Qf8uXJT4GFOo8aYDIFGw/qSes27LxALM7F7CdypXK2xH0nRbs5668+cKFc6w0dgICQeQ+gPd+iboNYZp60lPpIJPpfuZNA+hMDx8MzPiJiIJJMRfGq
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: bab2d5df-d56b-49d9-7bf4-08d51ff0efd6
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(2017052603199); SRVR:PS1PR01MB1052; 
x-ms-traffictypediagnostic: PS1PR01MB1052:
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-microsoft-antispam-prvs: <PS1PR01MB105296B0F43A0E39B37E1D48D7590@PS1PR01MB1052.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3231020)(10201501046)(100000703101)(100105400095)(93006095)(93001095)(3002001)(6041248)(20161123558100)(2016111802025)(20161123555025)(20161123562025)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1052; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1052; 
x-forefront-prvs: 0476D4AB88
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(376002)(346002)(189002)(24454002)(199003)(50986999)(101416001)(106356001)(2900100001)(25786009)(76176999)(3846002)(6116002)(99286003)(33656002)(102836003)(54896002)(53946003)(6306002)(6512007)(236005)(478600001)(105586002)(6246003)(53936002)(66066001)(6506006)(6486002)(2351001)(54356999)(36756003)(6436002)(189998001)(82746002)(1730700003)(97736004)(83716003)(68736007)(5640700003)(5660300001)(2950100002)(229853002)(2906002)(81166006)(8676002)(81156014)(8936002)(6916009)(316002)(966005)(2501003)(3280700002)(5250100002)(3660700001)(93886005)(86362001)(14454004)(606006)(53546010)(7736002)(217873001)(579004)(559001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1052; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_3BD06D062CDF4D76AA6BF767B8E54C2Eribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bab2d5df-d56b-49d9-7bf4-08d51ff0efd6
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Oct 2017 23:50:01.6716 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1052
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/VuSfTDbjg64sOPyQuEHZmS0IA68>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Oct 2017 23:58:25 -0000

--_000_3BD06D062CDF4D76AA6BF767B8E54C2Eribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

VGhhbmsgeW91IERlcmVrIGZvciB0aGUgaW5zaWdodGZ1bCBjb21tZW50cy4gSSBmdWxseSBhZ3Jl
ZSB3aXRoIHRoZW0uDQoNClRoZSDigJxhbGdvcml0aG0gcmVnaXN0cmllc+KAnSAoaW5jbHVkaW5n
IHRoZSBBRUFEIHJlZ2lzdHJ5KSBleGlzdCB0byBhbGxvdyBtdWx0aXBsZSBhbGdvcml0aG1zLCB3
aGV0aGVyIG9wdGlvbmFsIG9yIG1hbmRhdG9yeSwgdG8gZXhpc3QuIE90aGVyd2lzZSB0aGVyZSBz
aG91bGQganVzdCBiZSBvbmUgYmlnIE1VU1QgYW5kIHdlIGFsbCBnZXQgb24gd2l0aCBpdC4gVGhl
IHBvaW50IG9mIGEgc3RhbmRhcmQgaXMgdG8gYWxsb3cgaW5kZXBlbmRlbnQgaW1wbGVtZW50YXRp
b25zIHRvIGludGVyb3BlcmF0ZSDigJQgdGhlIHVzYWdlIG9mIHByaXZhdGUgbnVtYmVycyBkZWZl
YXRzIHRoYXQgaW50ZW50aW9uLg0KDQpPcGVuUEdQIGlzIGFscmVhZHkgdXNlZCBpbiBtb3JlIHBs
YWNlcyB0aGFuIGp1c3QgZW1haWwgZXhjaGFuZ2VzLCB0YWtlIGZpbGUgc2lnbmF0dXJlIHZlcmlm
aWNhdGlvbiBhcyBhbiBleGFtcGxlLiBJdCBzaG91bGQgbm90IGJlIHVwIHRvIHRoZSB3b3JrZ3Jv
dXAgdG8gZGVjaWRlIHRoYXQgc3VjaCB1c2FnZSBzaG91bGQgbm93IGJlIHByb2hpYml0ZWQuIElu
IGZhY3Qgd2l0aGluIHRoZSBlbnRpcmUgUkZDIDQ4ODAsIHRoZXJlIGlzIG5vIG1lbnRpb24gdGhh
dCBPcGVuUEdQIGlzIGludGVuZGVkIGZvciBlbWFpbCBleGNoYW5nZSDigJQgdGhlIHNwZWMgd2Fz
IGludGVuZGVkIHRvIGJlIGEgZ2VuZXJpYyBtZXNzYWdlIGZvcm1hdCBhbGxvd2luZyBwZW9wbGUg
dG8gdXNlIGl0IGFzIHRoZXkgc2VlIGZpdC4NCg0KVG8gYW5zd2VyIHRoZSBwYXRlbnQgY29uY2Vy
bnMgb2YgT0NCOiBSb2dhd2F5IGlzIHdpbGxpbmcgdG8gcHJvdmlkZSBhIHJveWFsdHktZnJlZSBs
aWNlbnNlIGZvciBhbGwgaW1wbGVtZW50ZXJzIGFuZCB1c2VycyBvZiBPcGVuUEdQLCBzZXJ2ZWQg
YWxvbmdzaWRlIHRoZSBkcmFmdCBhcyBhbiBJRVRGIElQUi4gVGhpcyBtZWFucyB0aGF0IHRoZSBw
cmV2aW91cyBwb2ludHMgb2Yg4oCcbWlsaXRhcnktdXNl4oCdIG9yIGxpbmthZ2UgdG8g4oCcY2xv
c2VkLXNvdXJjZeKAnSBzb2Z0d2FyZSBhcmUgcmVzb2x2ZWQuDQoNClJvbg0KDQpfX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fDQoNClJvbmFsZCBUc2UNClJpYm9zZSBJbmMuDQoN
Ck9uIE9jdCAzMSwgMjAxNywgYXQgNTowOSBBTSwgRGVyZWsgQXRraW5zIDxkZXJla0BpaHRmcC5j
b208bWFpbHRvOmRlcmVrQGlodGZwLmNvbT4+IHdyb3RlOg0KDQoNCk9uIE1vbiwgT2N0b2JlciAz
MCwgMjAxNyA0OjI5IHBtLCBQYXVsIFdvdXRlcnMgd3JvdGU6DQpPbiBNb24sIDMwIE9jdCAyMDE3
LCBEZXJlayBBdGtpbnMgd3JvdGU6DQoNCk9uIE1vbiwgT2N0b2JlciAzMCwgMjAxNyAzOjIyIHBt
LCBQYXVsIFdvdXRlcnMgd3JvdGU6DQoNCkl0IHdhcyBhbiBleGFtcGxlIG9mIGhvdyBzb21lIHBl
b3BsZSBoYXZpbmcgSURFQSBhbmQgb3RoZXIgbm90IGhhdmluZw0KaXQNCmNhdXNlcyBpbnRlcm9w
IGlzc3VlcyB0byB0aGUgcG9pbnQgdGhhdCBJIG5lZWQgdG8gbWFudWFsbHkgaGFjayBteQ0KaW1w
bGVtZW50YXRpb24gdG8gdGFsayB0byB0aG9zZSBwZW9wbGUuDQoNClllcywgYW5kIElNSE8sIElE
RUEgc2hvdWxkIGdldCBhZGRlZCBiYWNrIGluLiAgSW4gdGhpcyBkYXkgYW5kIGFnZSB0aGVyZQ0K
aXMgemVybyByZWFzb24gdG8gcHJvaGliaXQgaXQuDQoNCllvdSBtaXNzIG15IHBvaW50LiBJbXBs
ZW1lbnRvcnMgbWFkZSBkZWNpc2lvbnMgYW5kIGFzIGEgcmVzdWx0LCBub24tZXhwZXJ0DQplbmR1
c2VycyBlbmRlZCB1cCBub3QgYmVpbmcgYWJsZSB0byBzZW5kIGVhY2ggb3RoZXIgZW5jcnlwdGVk
IGVtYWlsLiBJDQphbSBzYXlvbmcgZG9uJ3QgcmVwZWF0IHRoYXQgbWlzdGFrZS4NCg0KQW5kIHlv
dSdyZSBzYXlpbmcgdGhlIG1pc3Rha2UgaXMgdGhhdCBJREVBIHdhcyBpbmNsdWRlZCBpbiB0aGUg
Zmlyc3QNCnBsYWNlPyAgT3IgdGhhdCBJREVBIHdhcyByZW1vdmVkPyAgT3IuLi4/Pz8NCg0KTm90
ZSB0aGF0IGl0J3Mgbm90ICJQRU9QTEUiIHdobyBhcmUgY2hvb3NpbmcgdGhlbSwgcGVyIHNlLiAg
SXQncyB0aGUNCmltcGxlbWVudGVycywgd2hvIG9uZSB3b3VsZCB0aGluayB3b3VsZCBoYXZlIGEg
YmV0dGVyIGlkZWEgb2Ygd2hhdCB0bw0KaW1wbGVtZW50IGFuZCB3aHkuDQoNClRoYXQgc3RpbGwg
ZG9lcyBub3QgaGVscCBtdWNoIGFnYWluc3Qgc29tZW9uZSB1c2luZyBhIG5ldyBhbGdvcml0aG0g
YW5kDQpzb21lb25lIGVsc2UgdXNpbmcgb2xkIHNvZnR3YXJlIHRoYXQgZG9lcyBub3QgaGF2ZSB0
aGF0IGFsZ29yaXRobS4NCg0KU3VyZS4gIEp1c3QgbGlrZSB5b3UncmUgbm90IGdvaW5nIHRvIGJl
IGFibGUgdG8gcnVuIExpbnV4IG9uIGFuIEFwcGxlIF1bDQoNCkhvdyBsb25nIGRvZXMgaXQgdGFr
ZSBmb3IgYW55IG5vdyBhZGRlZCBhbGdvcml0aG0gdG8gYmUgY29tbW9ubHkNCnN1cHBvcnRlZD8g
QnkgcGFyYW5vaWQgcGVvcGxlIHdobyBkb250IHdhbnQgdG8gdXBncmFkZSB0aGVpciBvZmZsaW5l
DQpzeXN0ZW1zPyA6KQ0KDQpQcm9iYWJseSBhIGZldyB5ZWFycyBhdCBsZWFzdCwgd2hpY2ggaXMg
YSBnb29kIHJlYXNvbiB0byBnZXQgaXQgaW50byB0aGUNCnNwZWMgTk9XIGZvciB0aGUgaG9wZSB0
aGF0IGluIDMtNSB5ZWFycyBpdCdsbCBiZSBtb3JlIHdpZGVseSBkZXBsb3llZC4NCg0KTWF5YmUg
dGhhdCBpbXBsZW1lbnRlciBpcyBkb2luZyBzb21ldGhpbmcgcHJpdmF0ZWx5LCBidXQgc3RpbGwg
d2FudHMgdG8NCmRvDQppdCBpbiBhIHN0YW5kYXJkIHdheS4gIFdlIHNob3VsZCBsZXQgdGhlbS4N
Cg0KVGhhdCdzIHdoYXQgcHJpdmF0ZSBudW1iZXIgcmFuZ2VzIGFyZSBmb3IuDQoNClRoYXQncyBu
b3QgImluIGEgc3RhbmRhcmQgd2F5Ii4gIEl0IGFsc28gb25seSB3b3JrcyBmb3IgZXhwZXJpbWVu
dGF0aW9uLg0KSWYgeW91IGV2ZXIgZXhwZWN0IHRvIGRlcGxveSBpdCB5b3Ugc2hvdWxkIE5PVCB1
c2UgYSBwcml2YXRlIG51bWJlciByYW5nZSwNCmJlY2F1c2UgTVkgcHJpdmF0ZSBudW1iZXJzIGFu
ZCBZT1VSIHByaXZhdGUgbnVtYmVycyBtYXkgY29uZmxpY3QuDQoNCk1heWJlIHRoZSBpbXBsZW1l
bnRlciB3aG8gd2FudHMgdG8gYWRkIE9DQiBkb2Vzbid0IGNhcmUgaWYgeW91cg0KaW1wbGVtZW50
YXRpb24gY2FuIHJlYWQgaXQsIGJlY2F1c2UgeW91ciBpbXBsZW1lbnRhdGlvbiBpcyB2ZXJ5IHVu
bGlrZWx5DQp0byBldmVyIHNlZSBhbiBPQ0IgbWVzc2FnZS4gIFdoeSBkbyB5b3Ugd2FudCB0byBz
YXkgdGhhdCB0aGV5IG1heSBub3QgZG8NCnRoYXQgKHdoaWNoIGlzIHdoYXQgeW91J3JlIHNheWlu
ZyBieSBpbXBseWluZyB0aGF0IHlvdXIgaW1wbGVtZW50YXRpb24NCm11c3Qgc3VwcG9ydCBldmVy
eSBmZWF0dXJlIGFuZCB0aGF0IHRoZSBwcm90b2NvbCBtYXkgbm90IHN1cHBvcnQNCmZlYXR1cmVz
DQp0aGF0IHlvdXIgaW1wbGVtZW50YXRpb24gZG9lcyBub3Qgc3VwcG9ydCkuDQoNCkFzIGxvbmcg
YXMgeW91IGNhbiBkZXRlY3QgdGhlIHN1cHBvcnQgd2hlbiB5b3UgaGF2ZSB0aGUgcHVibGljIGtl
eSwgdGhhdCdzDQpwcm9iYWJseSBva2F5Lg0KDQpZb3UgY2FuLiAgVGhlIHNlbGYtc2lnbmF0dXJl
IG9uIGEga2V5IGVuY29kZXMgdGhhdC4NCg0KICBCdXQgdGhhdCdzIHN0aWxsIGEgd2VhayBhcmd1
bWVudCB0byBhbGxvdyB2YW5pdHkNCmFsZ29yaXRobXMsIGFzIGl0IHdpbGwgc3RpbGwgaW5jcmVh
c2UgdGhlIGNoYW5jZSB0aGF0IG11bHRpcGxlIHBhcnRpZXMNCmRvbid0IHNoYXJlIHRob3NlIGlu
IHRoZWlyIGltcGxlbWVudGF0aW9uLg0KDQpQZXJoYXBzLCBidXQgdGhhdCdzIGEgZGlmZmVyZW50
IGFyZ3VtZW50IGFuZCB1bnJlbGF0ZWQgdG8gd2hldGhlciB0aGUgc3BlYw0Kc2hvdWxkIHNwZWNp
ZnkgYSBjb2RlIHBvaW50LiAgWW91IHNlZW0gdG8gYmUgYXJndWluZyB0aGF0IGlmIGl0J3Mgbm90
IDEwMCUNCmluIHVzZSBldmVyeXdoZXJlIHRoZW4gd2Ugc2hvdWxkbid0IGFsbG9jYXRlIGEgY29k
ZSBwb2ludC4gIEknbSBzdWdnZXN0aW5nDQp0aGF0IGNvZGUgcG9pbnRzIGFyZSByZWxhdGl2ZWx5
IGNoZWFwIGFuZCBzaG91bGQgYmUgb3BlbiB0byBtb3N0IGFsbA0KY29tZXJzIHdpdGggcmVhc29u
YWJsZSByZXF1ZXN0cy4NCg0KQW5kIGhvdyBkb2VzIHRoaXMgd29yayB3aGVuIG15IHBob25lIHN1
cHBvcnRzIHNvbWUgYWxnb3JpdGhtcywgYW5kIG15DQpsYXB0b3Agc3VwcG9ydHMgb3RoZXIuIEhv
dyBkbyBJIGFubm91bmNlIHRoYXQgaW4gbXkgcHVibGljIGtleT8gSXQNCmxvb2tzIGxpa2UgeW91
J2QgYmUgZm9yY2VkIHRvIG9ubHkgcHVibGlzaCB0aGUgc2hhcmVkIGFsZ29yaXRobXMuIEkNCndv
dWxkbid0IGV2ZW4ga25vdyBob3cgdG8gYW5ub3VuY2UgdGhhdC4NCg0KSG93IGFyZSB5b3Ugc2hh
cmluZyB5b3VyIGtleXBhaXJzIGFjcm9zcyB5b3VyIGRldmljZXM/DQoNCkJ1dCBpZiB0aGUgcHJv
dG9jb2wgZG9lcyBOT1Qgc3VwcG9ydCBzb21lIG1ldGhvZHMNCml0IG1pZ2h0IHByZXZlbnQgc29t
ZSB1c2VycyBmcm9tIHVzaW5nIHRoZSBwcm90b2NvbC4NCg0KV2hpY2ggaXMgYSBnb29kIHRoaW5n
Pw0KDQpOby4gIEl0J3Mgbm90LiAgV2Ugc2hvdWxkIGVuY291cmFnZSBwZW9wbGUgdG8gdXNlIE9w
ZW5QR1AuICBJdCdzIGEgZ3JlYXQNCnByb3RvY29sLCBhbmQgYW55dGhpbmcgd2UgZG8gdGhhdCBw
cm9oaWJpdHMgYWRvcHRpb24gaXMgYSBiYWQgdGhpbmcuDQoNClN3aXNzIGFybXkga25pdmVzIGFy
ZSBncmVhdCB0b29scy4gUmFpc2UgeW91ciBoYW5kIGlmIHlvdSBuZXZlciBjdXQNCnlvdXJzZWxm
IHdpdGggb25lLg0KDQoqIFJhaXNlcyBoaXMgaGFuZCAqDQoNCllvdSdyZSByaWdodCwgdGhleSBh
cmUgZ3JlYXQgdG9vbHMsIGFuZCB0aGV5IGFyZSBncmVhdCBiZWNhdXNlIHRoZXkNCmluY2x1ZGUg
c28gbWFueSB0b29scywgZXZlbiB0b29scyB0aGF0IG5vdCBldmVyeW9uZSBuZWVkcy4gIEFuZCBl
dmVuDQpiZXR0ZXIsIHRoZXJlIGFyZSBkaWZmZXJlbnQgbW9kZWxzIG9mIHN3aXNzIGFybXkga25p
ZmVzIChTQUspIHRoYXQgaW5jbHVkZQ0KZGlmZmVyZW50IHNldHMgb2YgdG9vbHMuICBTbyBteSBr
bmlmZSBwcm9iYWJseSBoYXMgYSBkaWZmZXJlbnQgc2V0IHRoYW4NCnlvdXJzLiAgQW5kIHRoYXQn
cyBhIGdvb2QgdGhpbmcuDQoNCklmIGV2ZXJ5IFNBSyBjb250YWluZWQgdGhlIHNhbWUgc2V0IG9m
IHRvb2xzIHRoZW4gaXQgd291bGQgcHJvYmFibHkgYmUNCmxlc3MgdXNlZnVsLiAgV2hlbiBJIHdh
cyBhIGtpZCBJIHVzZWQgdGhlIG1hZ25pZnlpbmcgZ2xhc3MgYWxsIHRoZSB0aW1lLA0KYnV0IG5l
dmVyIHRoZSBzYXcuICBMYXRlciBvbiBJIGZvdW5kIHVzZXMgZm9yIHRoZSBzYXcsIGJ1dCBraW5k
IG9mIGxvc3QgYQ0KdXNlIGNhc2UgZm9yIHRoZSBtYWduaWZ5aW5nIGdsYXNzLg0KDQpJJ20gcnVu
bmluZyBPcGVuUEdQIHNwZWNpZmljYWxseSBiZWNhdXNlIHRoZSBkYXRhIGZvcm1hdHMgYXJlIHNt
YWxsZXINCmFuZA0KZWFzaWVyIHRvIGdlbmVyYXRlL3BhcnNlIHRoYW4gWC41MDksIHNvIEkgKkNB
TiogYWN0dWFsbHkgcnVuIGl0IGluIGFuDQpJb1QNCmRldmljZS4gIE9mIGNvdXJzZSBJJ20gZXh0
cmVtZWx5IGxpbWl0ZWQgaW4gd2hhdCBtZXRob2RzIEkgc3VwcG9ydCwgYnV0DQpJDQpoYXBwZW4g
dG8gY29udHJvbCBib3RoIGVuZHMgb2YgdGhlIGNvbW11bmljYXRpb24gc28gSSBjYW4gd29yayBp
biBhbg0KZW5jbGF2ZSBhbmQgY29udHJvbCB0aGUgaW1wbGVtZW50YXRpb24uDQoNClRoaXMgaXMg
ZXhhY3RseSB3aHkgd2Ugc2hvdWxkIGJlIG9wZW4gaW4gd2hhdCB3ZSBhY2NlcHQuICBJbiBteSBj
YXNlLCBJDQpkb24ndCBjYXJlIGlmIHlvdXIgaW1wbGVtZW50YXRpb24gZG9lcyBub3Qgc3VwcG9y
dCBteSBtZXRob2RzLCBidXQgSQ0Kd2FudA0KdG8gZW5zdXJlIHRoYXQgSSBjYW4gaW1wbGVtZW50
IG15IG1ldGhvZHMgaW4gYSBzdGFuZGFyZCB3YXkgc3VjaCB0aGF0IGl0DQp3b250IGludGVyZmVy
ZSB3aXRoIHlvdSAoYW5kIHlvdSB3b250IGludGVyZmVyZSB3aXRoIG1lKS4NCg0KT2ssIHdlbGwg
aWYgYWxsIG9mIHRoYXQgbmVlZHMgdG8gYmUgc3VwcG9ydGVkIEkgZ3Vlc3Mgd2Ugd2lsbCBiZSBj
dXJzZWQNCndpdGggYW4gYW1vdW50IG9mIGZhaWx1cmUgYXMgdGhlIHByaWNlIHRvIHBheSBmb3Ig
dGhlIGZyZWVkb20gdG8NCnNob2Vob3JuIG9wZW5wZ3Agb24gZXZlcnl0aGluZy4gSSBzdGlsbCB0
aGluayBpdCBpcyB3aXNlIHRvIHRyeSBhbmQNCmxpbWl0IHRoZSBudW1iZXIgb2YgYWxnb3JpdGht
cyB3aXRoIHNpbWlsYXIgY3J5cHRvZ3JhcGhpYyBhbmQNCmFyY2hpdGVjdHVyYWwgcHJvcGVydGll
cy4NCg0KSSB0aGluayB5b3UncmUgY29udGludWFsbHkgY29uZmxhdGluZyB0aGUgT3BlblBHUCBT
cGVjaWZpY2F0aW9uIC8gUHJvdG9jb2wNCndpdGggdmFyaW91cyBpbXBsZW1lbnRhdGlvbnMuICBX
ZSBhbHJlYWR5IGhhdmUgdGhlIGNhc2UgdGhhdCBkaWZmZXJlbnQNCmltcGxlbWVudGF0aW9ucyBp
bmNsdWRlIGRpZmZlcmVudCBjcnlwdG8gbWV0aG9kcy4gIEluIGZhY3Qgd2UndmUgbGl2ZWQNCndp
dGggdGhhdCBjYXNlIGZvciB0aGUgcGFzdCB0d28gZGVjYWRlcyBhbmQgdGhlIHdvcmxkIGhhcyBu
b3QgZW5kZWQuDQoNCkknbSBzYXlpbmcgdGhhdCB0aGUgU1BFQyBzaG91bGQgYWxsb3cgdGhlIGZy
ZWVkb20uICBJIGFsc28gZmVlbCBpdCdzIGZpbmUNCmlmIEdQRyBjaG9vc2VzIG5vdCB0byBpbXBs
ZW1lbnQgc29tZXRoaW5nIHRoYXQgSSB3YW50IGluIG15IGltcGxlbWVudGF0aW9uDQoob3IsIHZp
Y2UgdmVyc2EpLiAgSSBhbHNvIGZlZWwgaXQncyBmaW5lIGlmIHlvdSBjaG9vc2UgZXZlbiBkaWZm
ZXJlbnQuDQoNClRoaXMgaXMgZXhhY3RseSB0aGUgcHVycG9zZSBvZiBNVVNULCBTSE9VTEQsIGFu
ZCBNQVkgaW4gdGhlIHNwZWMuICBZb3UNCktOT1cgdGhhdCBhIGNvbXBsaWFudCBpbXBsZW1lbnRh
dGlvbiB3aWxsIG92ZXJsYXAgaW4gdGhlIE1VU1QgbWV0aG9kcy4NCg0KUGF1bA0KDQotZGVyZWsN
Cg0KLS0NCiAgICAgIERlcmVrIEF0a2lucyAgICAgICAgICAgICAgICAgNjE3LTYyMy0zNzQ1DQog
ICAgICBkZXJla0BpaHRmcC5jb208bWFpbHRvOmRlcmVrQGlodGZwLmNvbT4gICAgICAgICAgICAg
d3d3LmlodGZwLmNvbTxodHRwOi8vd3d3LmlodGZwLmNvbS8+DQogICAgICBDb21wdXRlciBhbmQg
SW50ZXJuZXQgU2VjdXJpdHkgQ29uc3VsdGFudA0KDQpfX19fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fXw0Kb3BlbnBncCBtYWlsaW5nIGxpc3QNCm9wZW5wZ3BAaWV0
Zi5vcmc8bWFpbHRvOm9wZW5wZ3BAaWV0Zi5vcmc+DQpodHRwczovL3d3dy5pZXRmLm9yZy9tYWls
bWFuL2xpc3RpbmZvL29wZW5wZ3ANCg0K

--_000_3BD06D062CDF4D76AA6BF767B8E54C2Eribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <8DB4A1671AD4A54F9CA0AB57E9860C64@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13
cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFm
dGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpUaGFuayB5b3UgRGVyZWsgZm9yIHRoZSBpbnNp
Z2h0ZnVsIGNvbW1lbnRzLiBJIGZ1bGx5IGFncmVlIHdpdGggdGhlbS48L2Rpdj4NCjxkaXYgZGly
PSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTog
c3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQo8YnIgY2xh
c3M9IiI+DQo8L2Rpdj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13
b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNw
YWNlOyIgY2xhc3M9IiI+DQpUaGUg4oCcYWxnb3JpdGhtIHJlZ2lzdHJpZXPigJ0gKGluY2x1ZGlu
ZyB0aGUgQUVBRCByZWdpc3RyeSkgZXhpc3QgdG8gYWxsb3cgbXVsdGlwbGUgYWxnb3JpdGhtcywg
d2hldGhlciBvcHRpb25hbCBvciBtYW5kYXRvcnksIHRvIGV4aXN0LiBPdGhlcndpc2UgdGhlcmUg
c2hvdWxkIGp1c3QgYmUgb25lIGJpZyBNVVNUIGFuZCB3ZSBhbGwgZ2V0IG9uIHdpdGggaXQuIFRo
ZSBwb2ludCBvZiBhIHN0YW5kYXJkIGlzIHRvIGFsbG93IGluZGVwZW5kZW50IGltcGxlbWVudGF0
aW9ucw0KIHRvIGludGVyb3BlcmF0ZSDigJQgdGhlIHVzYWdlIG9mIHByaXZhdGUgbnVtYmVycyBk
ZWZlYXRzIHRoYXQgaW50ZW50aW9uLjwvZGl2Pg0KPGRpdiBkaXI9ImF1dG8iIHN0eWxlPSJ3b3Jk
LXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazog
YWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCjwvZGl2Pg0KPGRp
diBkaXI9ImF1dG8iIHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1t
b2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCk9w
ZW5QR1AgaXMgYWxyZWFkeSB1c2VkIGluIG1vcmUgcGxhY2VzIHRoYW4ganVzdCBlbWFpbCBleGNo
YW5nZXMsIHRha2UgZmlsZSBzaWduYXR1cmUgdmVyaWZpY2F0aW9uIGFzIGFuIGV4YW1wbGUuIEl0
IHNob3VsZCBub3QgYmUgdXAgdG8gdGhlIHdvcmtncm91cCB0byBkZWNpZGUgdGhhdCBzdWNoIHVz
YWdlIHNob3VsZCBub3cgYmUgcHJvaGliaXRlZC4gSW4gZmFjdCB3aXRoaW4gdGhlIGVudGlyZSBS
RkMgNDg4MCwgdGhlcmUgaXMgbm8gbWVudGlvbg0KIHRoYXQgT3BlblBHUCBpcyBpbnRlbmRlZCBm
b3IgZW1haWwgZXhjaGFuZ2Ug4oCUIHRoZSBzcGVjIHdhcyBpbnRlbmRlZCB0byBiZSBhIGdlbmVy
aWMgbWVzc2FnZSBmb3JtYXQgYWxsb3dpbmcgcGVvcGxlIHRvIHVzZSBpdCBhcyB0aGV5IHNlZSBm
aXQuPC9kaXY+DQo8ZGl2IGRpcj0iYXV0byIgc3R5bGU9IndvcmQtd3JhcDogYnJlYWstd29yZDsg
LXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyBsaW5lLWJyZWFrOiBhZnRlci13aGl0ZS1zcGFjZTsi
IGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGRpcj0iYXV0byIgc3R5bGU9
IndvcmQtd3JhcDogYnJlYWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyBsaW5lLWJy
ZWFrOiBhZnRlci13aGl0ZS1zcGFjZTsiIGNsYXNzPSIiPg0KVG8gYW5zd2VyIHRoZSBwYXRlbnQg
Y29uY2VybnMgb2YgT0NCOiBSb2dhd2F5IGlzIHdpbGxpbmcgdG8gcHJvdmlkZSBhIHJveWFsdHkt
ZnJlZSBsaWNlbnNlIGZvciBhbGwgaW1wbGVtZW50ZXJzIGFuZCB1c2VycyBvZiBPcGVuUEdQLCBz
ZXJ2ZWQgYWxvbmdzaWRlIHRoZSBkcmFmdCBhcyBhbiBJRVRGIElQUi4gVGhpcyBtZWFucyB0aGF0
IHRoZSBwcmV2aW91cyBwb2ludHMgb2Yg4oCcbWlsaXRhcnktdXNl4oCdIG9yIGxpbmthZ2UgdG8g
4oCcY2xvc2VkLXNvdXJjZeKAnQ0KIHNvZnR3YXJlIGFyZSByZXNvbHZlZC48L2Rpdj4NCjxkaXYg
ZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9k
ZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQo8YnIg
Y2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29yZC13cmFwOiBicmVh
ay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6IGFmdGVyLXdoaXRl
LXNwYWNlOyIgY2xhc3M9IiI+DQpSb248L2Rpdj4NCjxkaXYgZGlyPSJhdXRvIiBzdHlsZT0id29y
ZC13cmFwOiBicmVhay13b3JkOyAtd2Via2l0LW5ic3AtbW9kZTogc3BhY2U7IGxpbmUtYnJlYWs6
IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNz
PSIiPg0KPGRpdiBzdHlsZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgbGV0dGVyLXNwYWNpbmc6IG5v
cm1hbDsgb3JwaGFuczogYXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7
IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87
IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IHdvcmQt
d3JhcDogYnJlYWstd29yZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0LWxpbmUt
YnJlYWs6IGFmdGVyLXdoaXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KUm9uYWxkIFRz
ZTxiciBjbGFzcz0iIj4NClJpYm9zZSBJbmMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0K
PC9kaXY+DQo8L2Rpdj4NCjxkaXY+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj4N
CjxkaXYgY2xhc3M9IiI+T24gT2N0IDMxLCAyMDE3LCBhdCA1OjA5IEFNLCBEZXJlayBBdGtpbnMg
Jmx0OzxhIGhyZWY9Im1haWx0bzpkZXJla0BpaHRmcC5jb20iIGNsYXNzPSIiPmRlcmVrQGlodGZw
LmNvbTwvYT4mZ3Q7IHdyb3RlOjwvZGl2Pg0KPGJyIGNsYXNzPSJBcHBsZS1pbnRlcmNoYW5nZS1u
ZXdsaW5lIj4NCjxkaXYgY2xhc3M9IiI+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNh
OyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6
IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4
dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3
aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9r
ZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZl
dGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1j
YXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7
IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9u
ZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1z
dHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50
OyIgY2xhc3M9IiI+T24NCiBNb24sIE9jdG9iZXIgMzAsIDIwMTcgNDoyOSBwbSwgUGF1bCBXb3V0
ZXJzIHdyb3RlOjwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQt
c2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFs
OyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWdu
OiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNw
YWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRo
OiAwcHg7IiBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIHN0eWxlPSJmb250LWZh
bWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9u
dC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNp
bmc6IG5vcm1hbDsgb3JwaGFuczogYXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50
OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6
IGF1dG87IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc2l6ZS1hZGp1c3Q6IGF1dG87
IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KT24gTW9uLCAzMCBP
Y3QgMjAxNywgRGVyZWsgQXRraW5zIHdyb3RlOjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4N
CjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIGNsYXNzPSIiPk9uIE1vbiwgT2N0b2JlciAzMCwgMjAx
NyAzOjIyIHBtLCBQYXVsIFdvdXRlcnMgd3JvdGU6PGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIi
Pg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgY2xhc3M9IiI+SXQgd2FzIGFuIGV4YW1wbGUgb2Yg
aG93IHNvbWUgcGVvcGxlIGhhdmluZyBJREVBIGFuZCBvdGhlciBub3QgaGF2aW5nPGJyIGNsYXNz
PSIiPg0KaXQ8YnIgY2xhc3M9IiI+DQpjYXVzZXMgaW50ZXJvcCBpc3N1ZXMgdG8gdGhlIHBvaW50
IHRoYXQgSSBuZWVkIHRvIG1hbnVhbGx5IGhhY2sgbXk8YnIgY2xhc3M9IiI+DQppbXBsZW1lbnRh
dGlvbiB0byB0YWxrIHRvIHRob3NlIHBlb3BsZS48YnIgY2xhc3M9IiI+DQo8L2Jsb2NrcXVvdGU+
DQo8YnIgY2xhc3M9IiI+DQpZZXMsIGFuZCBJTUhPLCBJREVBIHNob3VsZCBnZXQgYWRkZWQgYmFj
ayBpbi4gJm5ic3A7SW4gdGhpcyBkYXkgYW5kIGFnZSB0aGVyZTxiciBjbGFzcz0iIj4NCmlzIHpl
cm8gcmVhc29uIHRvIHByb2hpYml0IGl0LjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxi
ciBjbGFzcz0iIj4NCllvdSBtaXNzIG15IHBvaW50LiBJbXBsZW1lbnRvcnMgbWFkZSBkZWNpc2lv
bnMgYW5kIGFzIGEgcmVzdWx0LCBub24tZXhwZXJ0PGJyIGNsYXNzPSIiPg0KZW5kdXNlcnMgZW5k
ZWQgdXAgbm90IGJlaW5nIGFibGUgdG8gc2VuZCBlYWNoIG90aGVyIGVuY3J5cHRlZCBlbWFpbC4g
STxiciBjbGFzcz0iIj4NCmFtIHNheW9uZyBkb24ndCByZXBlYXQgdGhhdCBtaXN0YWtlLjxiciBj
bGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGlj
YTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBz
OiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRl
eHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsg
d2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJv
a2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2
ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQt
Y2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQt
c3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFu
dDsiIGNsYXNzPSIiPkFuZA0KIHlvdSdyZSBzYXlpbmcgdGhlIG1pc3Rha2UgaXMgdGhhdCBJREVB
IHdhcyBpbmNsdWRlZCBpbiB0aGUgZmlyc3Q8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTog
SGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJp
YW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5v
cm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3Jt
OiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10
ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1p
bHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQt
dmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5n
OiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5z
Zm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJr
aXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAh
aW1wb3J0YW50OyIgY2xhc3M9IiI+cGxhY2U/DQogJm5ic3A7T3IgdGhhdCBJREVBIHdhcyByZW1v
dmVkPyAmbmJzcDtPci4uLj8/Pzwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRp
Y2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fw
czogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0
ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7
IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ry
b2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZl
dGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1j
YXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7
IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9u
ZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1z
dHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgc3R5
bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTog
bm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBs
ZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsg
dGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3Jt
YWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFk
anVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8
YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj5Ob3RlIHRoYXQgaXQncyBub3QgJnF1b3Q7
UEVPUExFJnF1b3Q7IHdobyBhcmUgY2hvb3NpbmcgdGhlbSwgcGVyIHNlLiAmbmJzcDtJdCdzIHRo
ZTxiciBjbGFzcz0iIj4NCmltcGxlbWVudGVycywgd2hvIG9uZSB3b3VsZCB0aGluayB3b3VsZCBo
YXZlIGEgYmV0dGVyIGlkZWEgb2Ygd2hhdCB0bzxiciBjbGFzcz0iIj4NCmltcGxlbWVudCBhbmQg
d2h5LjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxiciBjbGFzcz0iIj4NClRoYXQgc3Rp
bGwgZG9lcyBub3QgaGVscCBtdWNoIGFnYWluc3Qgc29tZW9uZSB1c2luZyBhIG5ldyBhbGdvcml0
aG0gYW5kPGJyIGNsYXNzPSIiPg0Kc29tZW9uZSBlbHNlIHVzaW5nIG9sZCBzb2Z0d2FyZSB0aGF0
IGRvZXMgbm90IGhhdmUgdGhhdCBhbGdvcml0aG0uPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3Rl
Pg0KPGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZv
bnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6
IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQt
aW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3
b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9
IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4
OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2Vp
Z2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0
ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1h
bDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxv
YXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+U3VyZS4NCiAm
bmJzcDtKdXN0IGxpa2UgeW91J3JlIG5vdCBnb2luZyB0byBiZSBhYmxlIHRvIHJ1biBMaW51eCBv
biBhbiBBcHBsZSBdWzwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZv
bnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9y
bWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFs
aWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRl
LXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdp
ZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsg
Zm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBu
b3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQt
YWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hp
dGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Ut
d2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgc3R5bGU9ImZv
bnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFs
OyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXIt
c3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1p
bmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdp
ZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDog
YXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQpIb3cgbG9u
ZyBkb2VzIGl0IHRha2UgZm9yIGFueSBub3cgYWRkZWQgYWxnb3JpdGhtIHRvIGJlIGNvbW1vbmx5
PGJyIGNsYXNzPSIiPg0Kc3VwcG9ydGVkPyBCeSBwYXJhbm9pZCBwZW9wbGUgd2hvIGRvbnQgd2Fu
dCB0byB1cGdyYWRlIHRoZWlyIG9mZmxpbmU8YnIgY2xhc3M9IiI+DQpzeXN0ZW1zPyA6KTxiciBj
bGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGlj
YTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBz
OiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRl
eHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsg
d2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJv
a2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2
ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQt
Y2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQt
c3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFu
dDsiIGNsYXNzPSIiPlByb2JhYmx5DQogYSBmZXcgeWVhcnMgYXQgbGVhc3QsIHdoaWNoIGlzIGEg
Z29vZCByZWFzb24gdG8gZ2V0IGl0IGludG8gdGhlPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1p
bHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQt
dmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5n
OiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5z
Zm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJr
aXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQt
ZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBm
b250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3Bh
Y2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10
cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAt
d2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxp
bmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPnNwZWMNCiBOT1cgZm9yIHRoZSBob3BlIHRoYXQgaW4g
My01IHllYXJzIGl0J2xsIGJlIG1vcmUgd2lkZWx5IGRlcGxveWVkLjwvc3Bhbj48YnIgc3R5bGU9
ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9y
bWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0
ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg
dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzog
MHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHls
ZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBu
b3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxl
dHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4
OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5n
OiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPGJsb2Nr
cXVvdGUgdHlwZT0iY2l0ZSIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6
ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBm
b250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRv
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7
IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0
aDogMHB4OyIgY2xhc3M9IiI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj5NYXli
ZSB0aGF0IGltcGxlbWVudGVyIGlzIGRvaW5nIHNvbWV0aGluZyBwcml2YXRlbHksIGJ1dCBzdGls
bCB3YW50cyB0bzxiciBjbGFzcz0iIj4NCmRvPGJyIGNsYXNzPSIiPg0KaXQgaW4gYSBzdGFuZGFy
ZCB3YXkuICZuYnNwO1dlIHNob3VsZCBsZXQgdGhlbS48YnIgY2xhc3M9IiI+DQo8L2Jsb2NrcXVv
dGU+DQo8YnIgY2xhc3M9IiI+DQpUaGF0J3Mgd2hhdCBwcml2YXRlIG51bWJlciByYW5nZXMgYXJl
IGZvci48YnIgY2xhc3M9IiI+DQo8L2Jsb2NrcXVvdGU+DQo8YnIgc3R5bGU9ImZvbnQtZmFtaWx5
OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZh
cmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzog
bm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zv
cm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0
LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZh
bWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9u
dC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNp
bmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJh
bnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdl
YmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5l
ICFpbXBvcnRhbnQ7IiBjbGFzcz0iIj5UaGF0J3MNCiBub3QgJnF1b3Q7aW4gYSBzdGFuZGFyZCB3
YXkmcXVvdDsuICZuYnNwO0l0IGFsc28gb25seSB3b3JrcyBmb3IgZXhwZXJpbWVudGF0aW9uLjxz
cGFuIGNsYXNzPSJBcHBsZS1jb252ZXJ0ZWQtc3BhY2UiPiZuYnNwOzwvc3Bhbj48L3NwYW4+PGJy
IHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5
bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1h
bDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50
OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNw
YWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8
c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250
LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBu
b3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWlu
ZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29y
ZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5v
bmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+SWYNCiB5b3UgZXZlciBl
eHBlY3QgdG8gZGVwbG95IGl0IHlvdSBzaG91bGQgTk9UIHVzZSBhIHByaXZhdGUgbnVtYmVyIHJh
bmdlLDwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTog
MTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250
LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFy
dDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBu
b3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7
IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNp
emU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsg
Zm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjog
c3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFj
ZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDog
MHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBvcnRhbnQ7IiBjbGFzcz0iIj5i
ZWNhdXNlDQogTVkgcHJpdmF0ZSBudW1iZXJzIGFuZCBZT1VSIHByaXZhdGUgbnVtYmVycyBtYXkg
Y29uZmxpY3QuPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1z
aXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7
IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246
IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3Bh
Y2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6
IDBweDsiIGNsYXNzPSIiPg0KPGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250
LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1h
bDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGln
bjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1z
cGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0
aDogMHB4OyIgY2xhc3M9IiI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBzdHlsZT0iZm9udC1m
YW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZv
bnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFj
aW5nOiBub3JtYWw7IG9ycGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVu
dDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd2lkb3dz
OiBhdXRvOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OiBhdXRv
OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxibG9ja3F1b3Rl
IHR5cGU9ImNpdGUiIGNsYXNzPSIiPk1heWJlIHRoZSBpbXBsZW1lbnRlciB3aG8gd2FudHMgdG8g
YWRkIE9DQiBkb2Vzbid0IGNhcmUgaWYgeW91cjxiciBjbGFzcz0iIj4NCmltcGxlbWVudGF0aW9u
IGNhbiByZWFkIGl0LCBiZWNhdXNlIHlvdXIgaW1wbGVtZW50YXRpb24gaXMgdmVyeSB1bmxpa2Vs
eTxiciBjbGFzcz0iIj4NCnRvIGV2ZXIgc2VlIGFuIE9DQiBtZXNzYWdlLiAmbmJzcDtXaHkgZG8g
eW91IHdhbnQgdG8gc2F5IHRoYXQgdGhleSBtYXkgbm90IGRvPGJyIGNsYXNzPSIiPg0KdGhhdCAo
d2hpY2ggaXMgd2hhdCB5b3UncmUgc2F5aW5nIGJ5IGltcGx5aW5nIHRoYXQgeW91ciBpbXBsZW1l
bnRhdGlvbjxiciBjbGFzcz0iIj4NCm11c3Qgc3VwcG9ydCBldmVyeSBmZWF0dXJlIGFuZCB0aGF0
IHRoZSBwcm90b2NvbCBtYXkgbm90IHN1cHBvcnQ8YnIgY2xhc3M9IiI+DQpmZWF0dXJlczxiciBj
bGFzcz0iIj4NCnRoYXQgeW91ciBpbXBsZW1lbnRhdGlvbiBkb2VzIG5vdCBzdXBwb3J0KS48YnIg
Y2xhc3M9IiI+DQo8L2Jsb2NrcXVvdGU+DQo8YnIgY2xhc3M9IiI+DQpBcyBsb25nIGFzIHlvdSBj
YW4gZGV0ZWN0IHRoZSBzdXBwb3J0IHdoZW4geW91IGhhdmUgdGhlIHB1YmxpYyBrZXksIHRoYXQn
czxiciBjbGFzcz0iIj4NCnByb2JhYmx5IG9rYXkuPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3Rl
Pg0KPGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZv
bnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6
IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQt
aW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3
b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9
IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4
OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2Vp
Z2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0
ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1h
bDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxv
YXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+WW91DQogY2Fu
LiAmbmJzcDtUaGUgc2VsZi1zaWduYXR1cmUgb24gYSBrZXkgZW5jb2RlcyB0aGF0Ljwvc3Bhbj48
YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1z
dHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9y
bWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRl
bnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQt
c3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4N
CjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250
LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBu
b3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWlu
ZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29y
ZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIi
Pg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7
IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczog
bm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBo
YW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFu
c2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFj
aW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQombmJzcDsmbmJzcDtCdXQgdGhhdCdzIHN0aWxs
IGEgd2VhayBhcmd1bWVudCB0byBhbGxvdyB2YW5pdHk8YnIgY2xhc3M9IiI+DQphbGdvcml0aG1z
LCBhcyBpdCB3aWxsIHN0aWxsIGluY3JlYXNlIHRoZSBjaGFuY2UgdGhhdCBtdWx0aXBsZSBwYXJ0
aWVzPGJyIGNsYXNzPSIiPg0KZG9uJ3Qgc2hhcmUgdGhvc2UgaW4gdGhlaXIgaW1wbGVtZW50YXRp
b24uPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3RlPg0KPGJyIHN0eWxlPSJmb250LWZhbWlseTog
SGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJp
YW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5v
cm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3Jt
OiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10
ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1p
bHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQt
dmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5n
OiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5z
Zm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJr
aXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAh
aW1wb3J0YW50OyIgY2xhc3M9IiI+UGVyaGFwcywNCiBidXQgdGhhdCdzIGEgZGlmZmVyZW50IGFy
Z3VtZW50IGFuZCB1bnJlbGF0ZWQgdG8gd2hldGhlciB0aGUgc3BlYzwvc3Bhbj48YnIgc3R5bGU9
ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9y
bWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0
ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg
dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzog
MHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0
eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6
IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsg
bGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAw
cHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNp
bmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlz
cGxheTogaW5saW5lICFpbXBvcnRhbnQ7IiBjbGFzcz0iIj5zaG91bGQNCiBzcGVjaWZ5IGEgY29k
ZSBwb2ludC4gJm5ic3A7WW91IHNlZW0gdG8gYmUgYXJndWluZyB0aGF0IGlmIGl0J3Mgbm90IDEw
MCU8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEy
cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13
ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7
IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9y
bWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIg
Y2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXpl
OiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZv
bnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0
YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6
IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBw
eDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+aW4N
CiB1c2UgZXZlcnl3aGVyZSB0aGVuIHdlIHNob3VsZG4ndCBhbGxvY2F0ZSBhIGNvZGUgcG9pbnQu
ICZuYnNwO0knbSBzdWdnZXN0aW5nPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZl
dGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1j
YXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7
IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9u
ZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1z
dHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBI
ZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlh
bnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9y
bWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06
IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRl
eHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9y
dGFudDsiIGNsYXNzPSIiPnRoYXQNCiBjb2RlIHBvaW50cyBhcmUgcmVsYXRpdmVseSBjaGVhcCBh
bmQgc2hvdWxkIGJlIG9wZW4gdG8gbW9zdCBhbGw8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWls
eTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12
YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6
IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNm
b3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtp
dC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1m
YW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZv
bnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFj
aW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRy
YW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13
ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGlu
ZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+Y29tZXJzDQogd2l0aCByZWFzb25hYmxlIHJlcXVlc3Rz
Ljwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJw
eDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdl
aWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsg
dGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3Jt
YWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBj
bGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAx
MnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQt
d2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0
OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5v
cm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsi
IGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgc3R5bGU9ImZvbnQtZmFtaWx5OiBI
ZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlh
bnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9y
bWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg
dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsg
d29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtp
dC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQpBbmQgaG93IGRvZXMgdGhpcyB3
b3JrIHdoZW4gbXkgcGhvbmUgc3VwcG9ydHMgc29tZSBhbGdvcml0aG1zLCBhbmQgbXk8YnIgY2xh
c3M9IiI+DQpsYXB0b3Agc3VwcG9ydHMgb3RoZXIuIEhvdyBkbyBJIGFubm91bmNlIHRoYXQgaW4g
bXkgcHVibGljIGtleT8gSXQ8YnIgY2xhc3M9IiI+DQpsb29rcyBsaWtlIHlvdSdkIGJlIGZvcmNl
ZCB0byBvbmx5IHB1Ymxpc2ggdGhlIHNoYXJlZCBhbGdvcml0aG1zLiBJPGJyIGNsYXNzPSIiPg0K
d291bGRuJ3QgZXZlbiBrbm93IGhvdyB0byBhbm5vdW5jZSB0aGF0LjxiciBjbGFzcz0iIj4NCjwv
YmxvY2txdW90ZT4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXpl
OiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZv
bnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0
YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6
IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBw
eDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQt
c2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFs
OyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWdu
OiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNw
YWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRo
OiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIi
Pkhvdw0KIGFyZSB5b3Ugc2hhcmluZyB5b3VyIGtleXBhaXJzIGFjcm9zcyB5b3VyIGRldmljZXM/
PC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4
OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2Vp
Z2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0
ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1h
bDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNs
YXNzPSIiPg0KPGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEy
cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13
ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7
IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9y
bWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIg
Y2xhc3M9IiI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBzdHlsZT0iZm9udC1mYW1pbHk6IEhl
bHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3Jt
YWw7IG9ycGhhbnM6IGF1dG87IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0
ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd2lkb3dzOiBhdXRvOyB3
b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXNpemUtYWRqdXN0OiBhdXRvOyAtd2Via2l0
LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNp
dGUiIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlwZT0iY2l0ZSIgY2xhc3M9IiI+DQo8YmxvY2tx
dW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj5CdXQgaWYgdGhlIHByb3RvY29sIGRvZXMgTk9UIHN1
cHBvcnQgc29tZSBtZXRob2RzPGJyIGNsYXNzPSIiPg0KaXQgbWlnaHQgcHJldmVudCBzb21lIHVz
ZXJzIGZyb20gdXNpbmcgdGhlIHByb3RvY29sLjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4N
CjxiciBjbGFzcz0iIj4NCldoaWNoIGlzIGEgZ29vZCB0aGluZz88YnIgY2xhc3M9IiI+DQo8L2Js
b2NrcXVvdGU+DQo8YnIgY2xhc3M9IiI+DQpOby4gJm5ic3A7SXQncyBub3QuICZuYnNwO1dlIHNo
b3VsZCBlbmNvdXJhZ2UgcGVvcGxlIHRvIHVzZSBPcGVuUEdQLiAmbmJzcDtJdCdzIGEgZ3JlYXQ8
YnIgY2xhc3M9IiI+DQpwcm90b2NvbCwgYW5kIGFueXRoaW5nIHdlIGRvIHRoYXQgcHJvaGliaXRz
IGFkb3B0aW9uIGlzIGEgYmFkIHRoaW5nLjxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxi
ciBjbGFzcz0iIj4NClN3aXNzIGFybXkga25pdmVzIGFyZSBncmVhdCB0b29scy4gUmFpc2UgeW91
ciBoYW5kIGlmIHlvdSBuZXZlciBjdXQ8YnIgY2xhc3M9IiI+DQp5b3Vyc2VsZiB3aXRoIG9uZS48
YnIgY2xhc3M9IiI+DQo8L2Jsb2NrcXVvdGU+DQo8YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2
ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQt
Y2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQt
c3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTog
SGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJp
YW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5v
cm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3Jt
OiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10
ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBv
cnRhbnQ7IiBjbGFzcz0iIj4qDQogUmFpc2VzIGhpcyBoYW5kICo8L3NwYW4+PGJyIHN0eWxlPSJm
b250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1h
bDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVy
LXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRl
eHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBw
eDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8YnIgc3R5bGU9
ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9y
bWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0
ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg
dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzog
MHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0
eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6
IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsg
bGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAw
cHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNp
bmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlz
cGxheTogaW5saW5lICFpbXBvcnRhbnQ7IiBjbGFzcz0iIj5Zb3UncmUNCiByaWdodCwgdGhleSBh
cmUgZ3JlYXQgdG9vbHMsIGFuZCB0aGV5IGFyZSBncmVhdCBiZWNhdXNlIHRoZXk8L3NwYW4+PGJy
IHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5
bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1h
bDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50
OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNw
YWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8
c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250
LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBu
b3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWlu
ZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29y
ZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5v
bmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+aW5jbHVkZQ0KIHNvIG1h
bnkgdG9vbHMsIGV2ZW4gdG9vbHMgdGhhdCBub3QgZXZlcnlvbmUgbmVlZHMuICZuYnNwO0FuZCBl
dmVuPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAx
MnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQt
d2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0
OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5v
cm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsi
IGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6
ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBm
b250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBz
dGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNl
OiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAw
cHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPmJl
dHRlciwNCiB0aGVyZSBhcmUgZGlmZmVyZW50IG1vZGVscyBvZiBzd2lzcyBhcm15IGtuaWZlcyAo
U0FLKSB0aGF0IGluY2x1ZGU8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNh
OyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6
IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4
dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3
aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9r
ZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZl
dGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1j
YXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7
IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9u
ZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1z
dHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50
OyIgY2xhc3M9IiI+ZGlmZmVyZW50DQogc2V0cyBvZiB0b29scy4gJm5ic3A7U28gbXkga25pZmUg
cHJvYmFibHkgaGFzIGEgZGlmZmVyZW50IHNldCB0aGFuPC9zcGFuPjxiciBzdHlsZT0iZm9udC1m
YW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZv
bnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFj
aW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRy
YW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13
ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZv
bnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFs
OyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXIt
c3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4
dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4
OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBp
bmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPnlvdXJzLg0KICZuYnNwO0FuZCB0aGF0J3MgYSBn
b29kIHRoaW5nLjwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQt
c2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFs
OyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWdu
OiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNw
YWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRo
OiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9u
dC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3Jt
YWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxp
Z246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUt
c3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lk
dGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7
IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczog
bm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0
LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdo
aXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tl
LXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNs
YXNzPSIiPklmDQogZXZlcnkgU0FLIGNvbnRhaW5lZCB0aGUgc2FtZSBzZXQgb2YgdG9vbHMgdGhl
biBpdCB3b3VsZCBwcm9iYWJseSBiZTwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2
ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQt
Y2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQt
c3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTog
SGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJp
YW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5v
cm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3Jt
OiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10
ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBv
cnRhbnQ7IiBjbGFzcz0iIj5sZXNzDQogdXNlZnVsLiAmbmJzcDtXaGVuIEkgd2FzIGEga2lkIEkg
dXNlZCB0aGUgbWFnbmlmeWluZyBnbGFzcyBhbGwgdGhlIHRpbWUsPC9zcGFuPjxiciBzdHlsZT0i
Zm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3Jt
YWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRl
ci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0
ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAw
cHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5
bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTog
bm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBs
ZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBw
eDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2lu
ZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNw
bGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPmJ1dA0KIG5ldmVyIHRoZSBzYXcuICZu
YnNwO0xhdGVyIG9uIEkgZm91bmQgdXNlcyBmb3IgdGhlIHNhdywgYnV0IGtpbmQgb2YgbG9zdCBh
PC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4
OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2Vp
Z2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0
ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1h
bDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNs
YXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTog
MTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250
LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFy
dDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBu
b3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7
IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPnVzZQ0K
IGNhc2UgZm9yIHRoZSBtYWduaWZ5aW5nIGdsYXNzLjwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFt
aWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250
LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2lu
Zzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFu
c2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Vi
a2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1m
YW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZv
bnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFj
aW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRy
YW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13
ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPGJsb2NrcXVvdGUgdHlw
ZT0iY2l0ZSIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsg
Zm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdo
dDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFs
aWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRl
LXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQt
dGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIg
Y2xhc3M9IiI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj5JJ20gcnVubmluZyBP
cGVuUEdQIHNwZWNpZmljYWxseSBiZWNhdXNlIHRoZSBkYXRhIGZvcm1hdHMgYXJlIHNtYWxsZXI8
YnIgY2xhc3M9IiI+DQphbmQ8YnIgY2xhc3M9IiI+DQplYXNpZXIgdG8gZ2VuZXJhdGUvcGFyc2Ug
dGhhbiBYLjUwOSwgc28gSSAqQ0FOKiBhY3R1YWxseSBydW4gaXQgaW4gYW48YnIgY2xhc3M9IiI+
DQpJb1Q8YnIgY2xhc3M9IiI+DQpkZXZpY2UuICZuYnNwO09mIGNvdXJzZSBJJ20gZXh0cmVtZWx5
IGxpbWl0ZWQgaW4gd2hhdCBtZXRob2RzIEkgc3VwcG9ydCwgYnV0PGJyIGNsYXNzPSIiPg0KSTxi
ciBjbGFzcz0iIj4NCmhhcHBlbiB0byBjb250cm9sIGJvdGggZW5kcyBvZiB0aGUgY29tbXVuaWNh
dGlvbiBzbyBJIGNhbiB3b3JrIGluIGFuPGJyIGNsYXNzPSIiPg0KZW5jbGF2ZSBhbmQgY29udHJv
bCB0aGUgaW1wbGVtZW50YXRpb24uPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KVGhpcyBp
cyBleGFjdGx5IHdoeSB3ZSBzaG91bGQgYmUgb3BlbiBpbiB3aGF0IHdlIGFjY2VwdC4gJm5ic3A7
SW4gbXkgY2FzZSwgSTxiciBjbGFzcz0iIj4NCmRvbid0IGNhcmUgaWYgeW91ciBpbXBsZW1lbnRh
dGlvbiBkb2VzIG5vdCBzdXBwb3J0IG15IG1ldGhvZHMsIGJ1dCBJPGJyIGNsYXNzPSIiPg0Kd2Fu
dDxiciBjbGFzcz0iIj4NCnRvIGVuc3VyZSB0aGF0IEkgY2FuIGltcGxlbWVudCBteSBtZXRob2Rz
IGluIGEgc3RhbmRhcmQgd2F5IHN1Y2ggdGhhdCBpdDxiciBjbGFzcz0iIj4NCndvbnQgaW50ZXJm
ZXJlIHdpdGggeW91IChhbmQgeW91IHdvbnQgaW50ZXJmZXJlIHdpdGggbWUpLjxiciBjbGFzcz0i
Ij4NCjwvYmxvY2txdW90ZT4NCjxiciBjbGFzcz0iIj4NCk9rLCB3ZWxsIGlmIGFsbCBvZiB0aGF0
IG5lZWRzIHRvIGJlIHN1cHBvcnRlZCBJIGd1ZXNzIHdlIHdpbGwgYmUgY3Vyc2VkPGJyIGNsYXNz
PSIiPg0Kd2l0aCBhbiBhbW91bnQgb2YgZmFpbHVyZSBhcyB0aGUgcHJpY2UgdG8gcGF5IGZvciB0
aGUgZnJlZWRvbSB0bzxiciBjbGFzcz0iIj4NCnNob2Vob3JuIG9wZW5wZ3Agb24gZXZlcnl0aGlu
Zy4gSSBzdGlsbCB0aGluayBpdCBpcyB3aXNlIHRvIHRyeSBhbmQ8YnIgY2xhc3M9IiI+DQpsaW1p
dCB0aGUgbnVtYmVyIG9mIGFsZ29yaXRobXMgd2l0aCBzaW1pbGFyIGNyeXB0b2dyYXBoaWMgYW5k
PGJyIGNsYXNzPSIiPg0KYXJjaGl0ZWN0dXJhbCBwcm9wZXJ0aWVzLjxiciBjbGFzcz0iIj4NCjwv
YmxvY2txdW90ZT4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXpl
OiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZv
bnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0
YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6
IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBw
eDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQt
c2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFs
OyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWdu
OiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNw
YWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRo
OiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIi
PkkNCiB0aGluayB5b3UncmUgY29udGludWFsbHkgY29uZmxhdGluZyB0aGUgT3BlblBHUCBTcGVj
aWZpY2F0aW9uIC8gUHJvdG9jb2w8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0
aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNh
cHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsg
dGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25l
OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhl
bHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3Jt
YWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTog
bm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4
dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0
YW50OyIgY2xhc3M9IiI+d2l0aA0KIHZhcmlvdXMgaW1wbGVtZW50YXRpb25zLiAmbmJzcDtXZSBh
bHJlYWR5IGhhdmUgdGhlIGNhc2UgdGhhdCBkaWZmZXJlbnQ8L3NwYW4+PGJyIHN0eWxlPSJmb250
LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsg
Zm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNw
YWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQt
dHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsg
LXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0i
Zm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3Jt
YWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRl
ci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0
ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAw
cHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6
IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+aW1wbGVtZW50YXRpb25zDQogaW5jbHVkZSBk
aWZmZXJlbnQgY3J5cHRvIG1ldGhvZHMuICZuYnNwO0luIGZhY3Qgd2UndmUgbGl2ZWQ8L3NwYW4+
PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQt
c3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5v
cm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5k
ZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3Jk
LXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+
DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBm
b250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0
OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0
LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsg
d29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6
IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+d2l0aA0KIHRoYXQg
Y2FzZSBmb3IgdGhlIHBhc3QgdHdvIGRlY2FkZXMgYW5kIHRoZSB3b3JsZCBoYXMgbm90IGVuZGVk
Ljwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJw
eDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdl
aWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsg
dGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3Jt
YWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBj
bGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAx
MnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQt
d2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0
OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5v
cm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsi
IGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6
ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBm
b250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBz
dGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNl
OiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAw
cHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPkkn
bQ0KIHNheWluZyB0aGF0IHRoZSBTUEVDIHNob3VsZCBhbGxvdyB0aGUgZnJlZWRvbS4gJm5ic3A7
SSBhbHNvIGZlZWwgaXQncyBmaW5lPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZl
dGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1j
YXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7
IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9u
ZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1z
dHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiBI
ZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlh
bnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9y
bWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06
IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRl
eHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWltcG9y
dGFudDsiIGNsYXNzPSIiPmlmDQogR1BHIGNob29zZXMgbm90IHRvIGltcGxlbWVudCBzb21ldGhp
bmcgdGhhdCBJIHdhbnQgaW4gbXkgaW1wbGVtZW50YXRpb248L3NwYW4+PGJyIHN0eWxlPSJmb250
LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsg
Zm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNw
YWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQt
dHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsg
LXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0i
Zm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3Jt
YWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRl
ci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0
ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAw
cHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6
IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+KG9yLA0KIHZpY2UgdmVyc2EpLiAmbmJzcDtJ
IGFsc28gZmVlbCBpdCdzIGZpbmUgaWYgeW91IGNob29zZSBldmVuIGRpZmZlcmVudC48L3NwYW4+
PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQt
c3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5v
cm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5k
ZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3Jk
LXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+
DQo8YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9u
dC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDog
bm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1p
bmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdv
cmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0i
Ij4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7
IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWln
aHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRl
eHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFs
OyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyBmbG9h
dDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBvcnRhbnQ7IiBjbGFzcz0iIj5UaGlzDQogaXMg
ZXhhY3RseSB0aGUgcHVycG9zZSBvZiBNVVNULCBTSE9VTEQsIGFuZCBNQVkgaW4gdGhlIHNwZWMu
ICZuYnNwO1lvdTwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQt
c2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFs
OyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWdu
OiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNw
YWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRo
OiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBm
b250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5v
cm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1h
bGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0
ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13
aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBvcnRhbnQ7IiBjbGFz
cz0iIj5LTk9XDQogdGhhdCBhIGNvbXBsaWFudCBpbXBsZW1lbnRhdGlvbiB3aWxsIG92ZXJsYXAg
aW4gdGhlIE1VU1QgbWV0aG9kcy48L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0
aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNh
cHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsg
dGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25l
OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2
ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQt
Y2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFs
OyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5v
bmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQt
c3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxibG9ja3F1b3RlIHR5cGU9ImNpdGUiIHN0
eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6
IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsg
bGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogYXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7
IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9y
bWFsOyB3aWRvd3M6IGF1dG87IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc2l6ZS1h
ZGp1c3Q6IGF1dG87IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0K
UGF1bDxiciBjbGFzcz0iIj4NCjwvYmxvY2txdW90ZT4NCjxiciBzdHlsZT0iZm9udC1mYW1pbHk6
IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFy
aWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBu
b3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9y
bTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQt
dGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFt
aWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250
LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2lu
Zzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFu
c2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Vi
a2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUg
IWltcG9ydGFudDsiIGNsYXNzPSIiPi1kZXJlazwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5
OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZh
cmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzog
bm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zv
cm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0
LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0iZm9udC1mYW1p
bHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQt
dmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5n
OiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5z
Zm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJr
aXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQt
ZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBm
b250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3Bh
Y2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10
cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAt
d2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxp
bmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPi0tPHNwYW4gY2xhc3M9IkFwcGxlLWNvbnZlcnRlZC1z
cGFjZSI+Jm5ic3A7PC9zcGFuPjwvc3Bhbj48YnIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRp
Y2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fw
czogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0
ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7
IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0LXRleHQtc3Ry
b2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogSGVs
dmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50
LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1h
bDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBu
b25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0
LXN0cm9rZS13aWR0aDogMHB4OyBmbG9hdDogbm9uZTsgZGlzcGxheTogaW5saW5lICFpbXBvcnRh
bnQ7IiBjbGFzcz0iIj4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDtEZXJlaw0K
IEF0a2lucyAmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm
bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDs2MTctNjIzLTM3
NDU8L3NwYW4+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEy
cHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13
ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7
IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9y
bWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIg
Y2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXpl
OiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZv
bnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0
YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6
IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBw
eDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0YW50OyIgY2xhc3M9IiI+Jm5i
c3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7PC9zcGFuPjxhIGhyZWY9Im1haWx0bzpk
ZXJla0BpaHRmcC5jb20iIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6
IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9u
dC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogYXV0bzsg
dGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25l
OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87IHdvcmQtc3BhY2luZzogMHB4OyAt
d2Via2l0LXRleHQtc2l6ZS1hZGp1c3Q6IGF1dG87IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6
IDBweDsiIGNsYXNzPSIiPmRlcmVrQGlodGZwLmNvbTwvYT48c3BhbiBzdHlsZT0iZm9udC1mYW1p
bHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQt
dmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5n
OiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5z
Zm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJr
aXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAh
aW1wb3J0YW50OyIgY2xhc3M9IiI+PHNwYW4gY2xhc3M9IkFwcGxlLWNvbnZlcnRlZC1zcGFjZSI+
Jm5ic3A7PC9zcGFuPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZu
YnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOzwvc3Bhbj48YSBocmVmPSJodHRwOi8vd3d3Lmlo
dGZwLmNvbS8iIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7
IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWln
aHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczogYXV0bzsgdGV4dC1h
bGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0
ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0
LXRleHQtc2l6ZS1hZGp1c3Q6IGF1dG87IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsi
IGNsYXNzPSIiPnd3dy5paHRmcC5jb208L2E+PGJyIHN0eWxlPSJmb250LWZhbWlseTogSGVsdmV0
aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5vcm1hbDsgZm9udC12YXJpYW50LWNh
cHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsg
dGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3JtOiBub25l
OyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6IDBweDsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6IEhl
bHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3Jt
YWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTog
bm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4
dC1zdHJva2Utd2lkdGg6IDBweDsgZmxvYXQ6IG5vbmU7IGRpc3BsYXk6IGlubGluZSAhaW1wb3J0
YW50OyIgY2xhc3M9IiI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Q29tcHV0
ZXINCiBhbmQgSW50ZXJuZXQgU2VjdXJpdHkgQ29uc3VsdGFudDwvc3Bhbj48YnIgc3R5bGU9ImZv
bnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFs
OyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXIt
c3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4
dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4
OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxiciBzdHlsZT0i
Zm9udC1mYW1pbHk6IEhlbHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3Jt
YWw7IGZvbnQtdmFyaWFudC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRl
ci1zcGFjaW5nOiBub3JtYWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0
ZXh0LXRyYW5zZm9ybTogbm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAw
cHg7IC13ZWJraXQtdGV4dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5
bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTog
bm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBs
ZXR0ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBw
eDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2lu
ZzogMHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNw
bGF5OiBpbmxpbmUgIWltcG9ydGFudDsiIGNsYXNzPSIiPl9fX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fPC9zcGFuPjxiciBzdHlsZT0iZm9udC1mYW1pbHk6IEhl
bHZldGljYTsgZm9udC1zaXplOiAxMnB4OyBmb250LXN0eWxlOiBub3JtYWw7IGZvbnQtdmFyaWFu
dC1jYXBzOiBub3JtYWw7IGZvbnQtd2VpZ2h0OiBub3JtYWw7IGxldHRlci1zcGFjaW5nOiBub3Jt
YWw7IHRleHQtYWxpZ246IHN0YXJ0OyB0ZXh0LWluZGVudDogMHB4OyB0ZXh0LXRyYW5zZm9ybTog
bm9uZTsgd2hpdGUtc3BhY2U6IG5vcm1hbDsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4
dC1zdHJva2Utd2lkdGg6IDBweDsiIGNsYXNzPSIiPg0KPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5
OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZh
cmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzog
bm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zv
cm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzogMHB4OyAtd2Via2l0
LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IGZsb2F0OiBub25lOyBkaXNwbGF5OiBpbmxpbmUgIWlt
cG9ydGFudDsiIGNsYXNzPSIiPm9wZW5wZ3ANCiBtYWlsaW5nIGxpc3Q8L3NwYW4+PGJyIHN0eWxl
PSJmb250LWZhbWlseTogSGVsdmV0aWNhOyBmb250LXNpemU6IDEycHg7IGZvbnQtc3R5bGU6IG5v
cm1hbDsgZm9udC12YXJpYW50LWNhcHM6IG5vcm1hbDsgZm9udC13ZWlnaHQ6IG5vcm1hbDsgbGV0
dGVyLXNwYWNpbmc6IG5vcm1hbDsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7
IHRleHQtdHJhbnNmb3JtOiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3b3JkLXNwYWNpbmc6
IDBweDsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+DQo8YSBocmVm
PSJtYWlsdG86b3BlbnBncEBpZXRmLm9yZyIgc3R5bGU9ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7
IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFsOyBmb250LXZhcmlhbnQtY2Fwczog
bm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXItc3BhY2luZzogbm9ybWFsOyBvcnBo
YW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsgdGV4dC10cmFu
c2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdpZG93czogYXV0bzsgd29yZC1zcGFj
aW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDogYXV0bzsgLXdlYmtpdC10ZXh0LXN0
cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+b3BlbnBncEBpZXRmLm9yZzwvYT48YnIgc3R5bGU9
ImZvbnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9y
bWFsOyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0
ZXItc3BhY2luZzogbm9ybWFsOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1pbmRlbnQ6IDBweDsg
dGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdvcmQtc3BhY2luZzog
MHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IiBjbGFzcz0iIj4NCjxhIGhyZWY9
Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vb3BlbnBncCIgc3R5bGU9ImZv
bnQtZmFtaWx5OiBIZWx2ZXRpY2E7IGZvbnQtc2l6ZTogMTJweDsgZm9udC1zdHlsZTogbm9ybWFs
OyBmb250LXZhcmlhbnQtY2Fwczogbm9ybWFsOyBmb250LXdlaWdodDogbm9ybWFsOyBsZXR0ZXIt
c3BhY2luZzogbm9ybWFsOyBvcnBoYW5zOiBhdXRvOyB0ZXh0LWFsaWduOiBzdGFydDsgdGV4dC1p
bmRlbnQ6IDBweDsgdGV4dC10cmFuc2Zvcm06IG5vbmU7IHdoaXRlLXNwYWNlOiBub3JtYWw7IHdp
ZG93czogYXV0bzsgd29yZC1zcGFjaW5nOiAwcHg7IC13ZWJraXQtdGV4dC1zaXplLWFkanVzdDog
YXV0bzsgLXdlYmtpdC10ZXh0LXN0cm9rZS13aWR0aDogMHB4OyIgY2xhc3M9IiI+aHR0cHM6Ly93
d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0aW5mby9vcGVucGdwPC9hPjwvZGl2Pg0KPC9ibG9ja3F1
b3RlPg0KPC9kaXY+DQo8YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg==

--_000_3BD06D062CDF4D76AA6BF767B8E54C2Eribosecom_--


From nobody Mon Oct 30 19:29:58 2017
Return-Path: <gmaxwell@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A42041389E6 for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 19:29:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cm2yq3ObtjKX for <openpgp@ietfa.amsl.com>; Mon, 30 Oct 2017 19:29:55 -0700 (PDT)
Received: from mail-ua0-x230.google.com (mail-ua0-x230.google.com [IPv6:2607:f8b0:400c:c08::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2E3F13374A for <openpgp@ietf.org>; Mon, 30 Oct 2017 19:29:54 -0700 (PDT)
Received: by mail-ua0-x230.google.com with SMTP id v27so10977253uav.7 for <openpgp@ietf.org>; Mon, 30 Oct 2017 19:29:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;  h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xgc5tayMIjfTiGEmPi1cMPGqH4pzbNkNyUKj+O7QWDA=; b=hVBLVP71Nm/W4TYSl9QE++fNymo/2gMtGa04vqmwzofoIFaCUliQBWlUdjIrmLrWRm 8AhkNuTLPsDB80LXg6X9cVk/bWPgFYGXsHUjBnzjtGmKbSGXoxfZUbJHfEc4HvkbjY9V jSiD1OPN2W8/H1Vp05NX18b3x6gF2tPV6VyeuO9hVBrkruWyM9okXdrOXv0pEIAKDUpz e+EwvHAikJ/hYWWgwJx+lTeg0lsGRHI/ZzbVT4WQIzyJ2JBgZwOJEXujNM9nA+ku3yRF DnHjzg3NHXRPGzBpWhebrNGO6mmITxNKoVttsd6F8LoQgaRaEwdgosdYlQ2FPWnnBmYt zhaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xgc5tayMIjfTiGEmPi1cMPGqH4pzbNkNyUKj+O7QWDA=; b=WSunMDNln57UqMdKAy2SIMTNxgFvZrlpAx49MGeXqbKEwmMZAsgjGRrsMfx+lCkXRq 4wmNEOj+NwPEhN7XM6KS0ZL1Kxak9ogdrREt5P62210C3uK07s5PzBjB2mV/g+QuPVMr dSQneI0Gr+s9rrhfm/AqzKwAgo3dkYFtdaziqjWR6mN1fnTzuPCdsa1tlcKwHgno8H2W L3c4WkdQedcoxRqv7tRMy2GuK+LHIOaOvdoaDtsnDCQBT0ZkvCBj8DahSa2nb0FMTheH cTOLLv8ekilyohDI+oMRIkzIJR9Opub/duZq7Nlq3jci9D5qd736dWIjV8dd7FvN5Elb zVOw==
X-Gm-Message-State: AMCzsaVQIyfgULnAVTHnY2ayrN5tptgm7yFP4MpnLNe0XdUGQ+SwFmMM 8daOFUkkvtYwbzxM5mZLnG0EcCmf92mhX0j980I=
X-Google-Smtp-Source: ABhQp+QYUOBob7sXIkR3Rh+pZQEWx2f20jjUOBl1cwz7lSFOBWve0rOPSdO66iVeZ3yKmvFKHiS2UGT4J4zHuPMdIFM=
X-Received: by 10.176.20.143 with SMTP id d15mr318929uae.127.1509416993893; Mon, 30 Oct 2017 19:29:53 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.87.93 with HTTP; Mon, 30 Oct 2017 19:29:52 -0700 (PDT)
In-Reply-To: <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca>
From: Gregory Maxwell <gmaxwell@gmail.com>
Date: Tue, 31 Oct 2017 02:29:52 +0000
Message-ID: <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/iiqEYCAdn5Ry7rPErRCMR659SOY>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 02:29:57 -0000

On Sat, Oct 28, 2017 at 8:23 AM, Paul Wouters <paul@nohats.ca> wrote:
> For protocols like IKE/IPsec or TLS, where you negotiate a cipher suite,
> MAY algorithms are fine.
>
> For a protocol where both parties are not online at the same time, and
> where one party might not know the other party's capabilities at all,
> a MAY algorithm can lead to non-interoperability (with human latency
> involved)

This is a great argument but it does not apply here: A PGP public key
lists the suites that it supports. The only way you get an
incompatibility is if the far end is OCB-only and you can't support it
and that failure is "realtime" not delayed.

> It would have been nice to have had OCB support when it was invented.
> By now, the gains are pretty minimal. While there is an argument for

IIRC most or all of the popular OCB alternatives are CTR based and
highly brittle to nonce reuse.

SIV mode is the only currently standardized-in-any-way AEAD mode that
I'm aware of that has some robustness to nonce reuse.

Not that IV reuse should be a major risk factor for OpenPGP-- but I
think we've all learned that brittle constructions tend to result in
unwelcome surprises, that line if thinking is why AEAD modes exists in
the first place.

>The fact that there is a discussion and unclarity
> about this at all shows that there is an issue here.

Never underestimate people's ability to have a debate.

> The lesson here is, don't put arbitrary restrictions on your algorithm if
> you want to see widespread adoption.

This seems rather moralistic rather than a practical consideration.

IETF protocols routinely register encodings and codepoints for highly
restricted techniques:  OCB in OpenPGP would only get used when there
is mutual support on both ends.

I don't think the laudable effort of avoiding restricted techniques as
mandatory in standardized protocols is aided by a total war on them
that covers optional use of less restrictively licensed things.

The standards process question should primarily be will it get use if
it exists? If not, don't bother. The licensing of OCB appears to be
very permissive for more than a few very broad classes (including Free
Software implementations).  Input from implementers on if they'd
implement it if specified should be the primary metric.

Also, if it gets used will it enhance or harm security (seems more
like the former in this case)?

I don't believe there is any 1:1 replacement for it currently, if
there were that would be a consideration too.

One could make an argument that the grab-bag-choose-your-own-adventure
of many cryptographic options is a bad design, but I think the ship
has already sailed on that one in OpenPGP. :)


From nobody Tue Oct 31 00:03:55 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40FE313FDD4 for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 00:03:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uD2oDrYLDk5G for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 00:03:51 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7CE31394F1 for <openpgp@ietf.org>; Tue, 31 Oct 2017 00:03:50 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yR2Pv4Zhqz35H; Tue, 31 Oct 2017 08:03:47 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509433427; bh=rKO8l8AGZu/qpncAbpVqdOnmDYEiV6CustkF1aknqhg=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=EpSzU/QTX7AWKBhqb+QPsze7NkJWj6tsNUZOlbxtE5KsVPuXRdba1dOH7dNBhyAvw khgCc6YUw97bOcIKExPqki0wTCZwjkEirYmq05gzIaVI/VL1b9VL22iDPGhWJVoXFK 82KtNuHm0Ai9H6fmmtsWhYsqf6RM+2o1izB4++iY=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 0EAKZgItZbA0; Tue, 31 Oct 2017 08:03:45 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 31 Oct 2017 08:03:44 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 046B862D29; Tue, 31 Oct 2017 03:03:43 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 046B862D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id E1E0A40D35AF; Tue, 31 Oct 2017 03:03:43 -0400 (EDT)
Date: Tue, 31 Oct 2017 03:03:43 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Gregory Maxwell <gmaxwell@gmail.com>
cc: Ronald Tse <tse@ribose.com>, "Salz, Rich" <rsalz@akamai.com>,  "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1710310254050.8644@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca> <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/7sPRwfH18rKmsAx9IyaQNOU6g5w>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 07:03:53 -0000

On Tue, 31 Oct 2017, Gregory Maxwell wrote:

As the signaling of support for algorithms is better then I realised,
I'll let myself be convinced that adding a new algorithm isn't too
bad. While I still think there is an increased risk of non-interoperability
or non-adoption, I guess it is not a deal breaker for new algorithms.

>> The lesson here is, don't put arbitrary restrictions on your algorithm if
>> you want to see widespread adoption.
>
> This seems rather moralistic rather than a practical consideration.
>
> IETF protocols routinely register encodings and codepoints for highly
> restricted techniques:  OCB in OpenPGP would only get used when there
> is mutual support on both ends.
>
> I don't think the laudable effort of avoiding restricted techniques as
> mandatory in standardized protocols is aided by a total war on them
> that covers optional use of less restrictively licensed things.
>
> The standards process question should primarily be will it get use if
> it exists? If not, don't bother. The licensing of OCB appears to be
> very permissive for more than a few very broad classes (including Free
> Software implementations).  Input from implementers on if they'd
> implement it if specified should be the primary metric.

This is still a potential issue. As long as the algorithm has restrictions
on it that are discriminatory, their inclusion in a free software library
poses a risk for those companies shipping the software that have money
in the bank to attract lawsuits.

I'm worried about OCB support in openssl and/or other libraries as
part of the OS, because when a vendor's customers will use it for some
"unauthorised use", the vendor might get involved in a lawsuit.

I'm also confused about these restrictions. If opensource is allowed to
use it, anyone could use openssl under the newly minted (still minting?)
license to link against properietary code, meaning that there are in
practise, no restrictions left. So why doesn't Rogaway just release an
IPR statement to the IETF allowing its free and unrestrictive use?

Rich, do you know anything about the OCB code in openssl and how the
relicensing of openssl would mean the OCB code can remain or has to go?

Paul


From nobody Tue Oct 31 01:10:35 2017
Return-Path: <tse@ribose.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85C4B13F69A for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 01:10:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level: 
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ribose.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id na6nxiSpW278 for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 01:10:31 -0700 (PDT)
Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01on0068.outbound.protection.outlook.com [104.47.125.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B252313F6A1 for <openpgp@ietf.org>; Tue, 31 Oct 2017 01:10:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ribose.onmicrosoft.com; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=m1t5c7NKXwyGxWgu7PBEyaPGUMdWexHnfZowzrDS/nA=; b=G824izyl2We02Qs76+Ukgb7XK4mjV7Fu8a5WqOJMFnFOnH33CbPPpED89Rx825zWSSZbmRLaT39QEBvUKplUQrzRgRrYJcVl1HOZa8/kz3aAmT9tMwW13iczx/BHZB7g/ragGNFypMdnMzTeB7cVC7zMiO89RgJRfPIglieF4I8=
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com (10.165.210.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.178.6; Tue, 31 Oct 2017 08:10:26 +0000
Received: from PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038]) by PS1PR01MB1050.apcprd01.prod.exchangelabs.com ([fe80::38f5:8fb:9da0:a038%14]) with mapi id 15.20.0178.012; Tue, 31 Oct 2017 08:10:25 +0000
From: Ronald Tse <tse@ribose.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5xYQNIsRUz0C1s+LLoU2hJaL1WjoAgAAH/ICAAXdQgIAAibPGgAAB+YCAABgzAIAA8IsAgAB9O4CAAAYcgIAEVBgAgABMg4CAABKhAA==
Date: Tue, 31 Oct 2017 08:10:25 +0000
Message-ID: <0A4C446D-AACC-4B4E-928A-88C653260A3C@ribose.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca> <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com> <alpine.LRH.2.21.1710310254050.8644@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1710310254050.8644@bofh.nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tse@ribose.com; 
x-originating-ip: [118.140.121.70]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1050; 6:NqJ8zM0kQtU+yGv257yE5CIF6PtPM5XRu4IrB+iTsruEcc/xwIrykoCzRdrqPK1y3cKwXlbNQTk/l/5c7RjR/GyWFI5I+Y3tvGV2n0EADuw8WpjL5LY/o7LVveHJexHl0O6CDaAsKIyMW5OGQFwdzOoHxVuMvf8pUfyihxqiCKElKdh2DY6AEDyqi7PBh4nTGboqn8QElZLQ51ft2flOKkxlvxPuc+eufM9hTa6iJ/pS2YGrgAt+ZV5LUqck6xLdiA/XFR0vfaEvGRp6KUhcE3m8MS7WBsHb/Ph2rRpnT3BwojSwiZmWhWPmZt5MhJ2tX2VnHWzPpZexZXizqzq3fS0adznB1JvkF/A851kop+c=; 5:6nIJJUdMqyfjdrDOYHZuat6oaK89xqyhFQ6GYh8dyVaNWvcRerDxD2v7gzVcL4gUMYt1tseY0KtWp8apzxqnhgOa2zNXomywIO0flJEhk5YwL86v8gsZuTHV7mDFOqLhW6OsdMuiCS4J+Lvqe/Yugi0F4COqIdN+f0fZSlYAXuU=; 24:qo0t3C0cGiMUfN9ABVmDUFi4foDnU5dVWZjtH9VTZxpObYHV5Utv57WuH/oiiCMsziFL6ANMsgzsaRvgCDym3JykiCzOjwsA1ldMEOCzu8M=; 7:DxzTlQOeZdwqPi7jzDTTkpzkPSxKND7XYvm0/PjJUpShB9zvwPEBU3XdbHLf69D0BA01fgnDSi/OVM7H/lrWvs77yPBtbeN4GMqTq0umfCGrSBfmX88dthoHtLTNPO370lDsq4VQyRPgX0wlVHSK8B5JDbtjctQHeWHEbfd6ASdkOaui950w5FNL6dY6EEpSDvgI4F/V5SMIKVsYqie7PRvt94vIQN0y5LizVsBO9h4ZAW7e7B1CQwUAlIrZjb3a
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: e295edec-c7f0-4cce-bcef-08d52036d792
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4603075)(2017052603199); SRVR:PS1PR01MB1050; 
x-ms-traffictypediagnostic: PS1PR01MB1050:
x-exchange-antispam-report-test: UriScan:;
x-microsoft-antispam-prvs: <PS1PR01MB1050ADD799FC3C235BB4D015D75E0@PS1PR01MB1050.apcprd01.prod.exchangelabs.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(3002001)(3231020)(100000703101)(100105400095)(10201501046)(6041248)(20161123560025)(2016111802025)(20161123562025)(20161123555025)(20161123558100)(201703131423075)(201703061421075)(20161123564025)(6072148)(6043046)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:PS1PR01MB1050; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:PS1PR01MB1050; 
x-forefront-prvs: 04772EA191
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(346002)(199003)(24454002)(189002)(2950100002)(93886005)(6436002)(101416001)(25786009)(68736007)(2906002)(66066001)(33656002)(99286003)(53936002)(189998001)(5660300001)(6506006)(6246003)(236005)(6512007)(50986999)(53546010)(3660700001)(229853002)(2900100001)(81156014)(54356999)(54896002)(6486002)(5640700003)(81166006)(8676002)(3846002)(6116002)(106356001)(14454004)(7736002)(76176999)(36756003)(2501003)(2351001)(102836003)(5250100002)(1730700003)(105586002)(86362001)(82746002)(508600001)(6916009)(97736004)(3280700002)(8936002)(83716003)(2004002)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1050; H:PS1PR01MB1050.apcprd01.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: ribose.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_0A4C446DAACC4B4E928A88C653260A3Cribosecom_"
MIME-Version: 1.0
X-OriginatorOrg: ribose.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e295edec-c7f0-4cce-bcef-08d52036d792
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Oct 2017 08:10:25.6240 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1050
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/NBtHR5nl8d_qIy895rXP2PGmRPk>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 08:10:33 -0000

--_000_0A4C446DAACC4B4E928A88C653260A3Cribosecom_
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

SeKAmW0gc3VyZSBSaWNoIGNvdWxkIHNoaW5lIG1vcmUgbGlnaHQgb24gdGhpcywgYnV0IE9wZW5T
U0wgaGFzIGFscmVhZHkgcmVjZWl2ZWQgYSBzcGVjaWZpYyBPQ0IgbGljZW5zZSBmcm9tIFByb2Yu
IFJvZ2F3YXkgdGhhdCBhbGxvd3MgdXNlcnMgb2YgT3BlblNTTCB0byB1c2UgT0NCIGZyZWVseSwg
aW5jbHVkaW5nIHdoZW4gbGlua2VkIGFnYWluc3QgcHJvcHJpZXRhcnkgY29kZSAoSXTigJlzIG9u
IHRoZSBPcGVuU1NMIHdlYnNpdGUpLiBOb3RlIHRoYXQgdGhlIE9wZW5TU0wgbGljZW5zZSBpcyBt
b3JlIGJyb2FkIHRoYW4gTGljZW5zZSAxIGFuZCAyIG9uIHRoZSBPQ0IgRkFRIHBhZ2UuDQoNCkFz
IG1lbnRpb25lZCwgUHJvZi4gUm9nYXdheSBpcyB3aWxsaW5nIHRvIGZpbGUgYW4gSVBSIHN0YXRl
bWVudCBhbGxvd2luZyB0aGUgdXNlIG9mIE9DQiBmb3IgYWxsIE9wZW5QR1AgaW1wbGVtZW50YXRp
b25zLCBzbyBJIHRoaW5rIHRoZSBwYXRlbnQgaXNzdWUgY2FuIHByb2JhYmx5IGJlIHB1dCB0byBy
ZXN0IGhlcmUuDQoNClJvbg0KDQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
DQoNClJvbmFsZCBUc2UNClJpYm9zZSBJbmMuDQoNCk9uIE9jdCAzMSwgMjAxNywgYXQgMzowMyBQ
TSwgUGF1bCBXb3V0ZXJzIDxwYXVsQG5vaGF0cy5jYTxtYWlsdG86cGF1bEBub2hhdHMuY2E+PiB3
cm90ZToNCg0KT24gVHVlLCAzMSBPY3QgMjAxNywgR3JlZ29yeSBNYXh3ZWxsIHdyb3RlOg0KDQpB
cyB0aGUgc2lnbmFsaW5nIG9mIHN1cHBvcnQgZm9yIGFsZ29yaXRobXMgaXMgYmV0dGVyIHRoZW4g
SSByZWFsaXNlZCwNCkknbGwgbGV0IG15c2VsZiBiZSBjb252aW5jZWQgdGhhdCBhZGRpbmcgYSBu
ZXcgYWxnb3JpdGhtIGlzbid0IHRvbw0KYmFkLiBXaGlsZSBJIHN0aWxsIHRoaW5rIHRoZXJlIGlz
IGFuIGluY3JlYXNlZCByaXNrIG9mIG5vbi1pbnRlcm9wZXJhYmlsaXR5DQpvciBub24tYWRvcHRp
b24sIEkgZ3Vlc3MgaXQgaXMgbm90IGEgZGVhbCBicmVha2VyIGZvciBuZXcgYWxnb3JpdGhtcy4N
Cg0KVGhlIGxlc3NvbiBoZXJlIGlzLCBkb24ndCBwdXQgYXJiaXRyYXJ5IHJlc3RyaWN0aW9ucyBv
biB5b3VyIGFsZ29yaXRobSBpZg0KeW91IHdhbnQgdG8gc2VlIHdpZGVzcHJlYWQgYWRvcHRpb24u
DQoNClRoaXMgc2VlbXMgcmF0aGVyIG1vcmFsaXN0aWMgcmF0aGVyIHRoYW4gYSBwcmFjdGljYWwg
Y29uc2lkZXJhdGlvbi4NCg0KSUVURiBwcm90b2NvbHMgcm91dGluZWx5IHJlZ2lzdGVyIGVuY29k
aW5ncyBhbmQgY29kZXBvaW50cyBmb3IgaGlnaGx5DQpyZXN0cmljdGVkIHRlY2huaXF1ZXM6ICBP
Q0IgaW4gT3BlblBHUCB3b3VsZCBvbmx5IGdldCB1c2VkIHdoZW4gdGhlcmUNCmlzIG11dHVhbCBz
dXBwb3J0IG9uIGJvdGggZW5kcy4NCg0KSSBkb24ndCB0aGluayB0aGUgbGF1ZGFibGUgZWZmb3J0
IG9mIGF2b2lkaW5nIHJlc3RyaWN0ZWQgdGVjaG5pcXVlcyBhcw0KbWFuZGF0b3J5IGluIHN0YW5k
YXJkaXplZCBwcm90b2NvbHMgaXMgYWlkZWQgYnkgYSB0b3RhbCB3YXIgb24gdGhlbQ0KdGhhdCBj
b3ZlcnMgb3B0aW9uYWwgdXNlIG9mIGxlc3MgcmVzdHJpY3RpdmVseSBsaWNlbnNlZCB0aGluZ3Mu
DQoNClRoZSBzdGFuZGFyZHMgcHJvY2VzcyBxdWVzdGlvbiBzaG91bGQgcHJpbWFyaWx5IGJlIHdp
bGwgaXQgZ2V0IHVzZSBpZg0KaXQgZXhpc3RzPyBJZiBub3QsIGRvbid0IGJvdGhlci4gVGhlIGxp
Y2Vuc2luZyBvZiBPQ0IgYXBwZWFycyB0byBiZQ0KdmVyeSBwZXJtaXNzaXZlIGZvciBtb3JlIHRo
YW4gYSBmZXcgdmVyeSBicm9hZCBjbGFzc2VzIChpbmNsdWRpbmcgRnJlZQ0KU29mdHdhcmUgaW1w
bGVtZW50YXRpb25zKS4gIElucHV0IGZyb20gaW1wbGVtZW50ZXJzIG9uIGlmIHRoZXknZA0KaW1w
bGVtZW50IGl0IGlmIHNwZWNpZmllZCBzaG91bGQgYmUgdGhlIHByaW1hcnkgbWV0cmljLg0KDQpU
aGlzIGlzIHN0aWxsIGEgcG90ZW50aWFsIGlzc3VlLiBBcyBsb25nIGFzIHRoZSBhbGdvcml0aG0g
aGFzIHJlc3RyaWN0aW9ucw0Kb24gaXQgdGhhdCBhcmUgZGlzY3JpbWluYXRvcnksIHRoZWlyIGlu
Y2x1c2lvbiBpbiBhIGZyZWUgc29mdHdhcmUgbGlicmFyeQ0KcG9zZXMgYSByaXNrIGZvciB0aG9z
ZSBjb21wYW5pZXMgc2hpcHBpbmcgdGhlIHNvZnR3YXJlIHRoYXQgaGF2ZSBtb25leQ0KaW4gdGhl
IGJhbmsgdG8gYXR0cmFjdCBsYXdzdWl0cy4NCg0KSSdtIHdvcnJpZWQgYWJvdXQgT0NCIHN1cHBv
cnQgaW4gb3BlbnNzbCBhbmQvb3Igb3RoZXIgbGlicmFyaWVzIGFzDQpwYXJ0IG9mIHRoZSBPUywg
YmVjYXVzZSB3aGVuIGEgdmVuZG9yJ3MgY3VzdG9tZXJzIHdpbGwgdXNlIGl0IGZvciBzb21lDQoi
dW5hdXRob3Jpc2VkIHVzZSIsIHRoZSB2ZW5kb3IgbWlnaHQgZ2V0IGludm9sdmVkIGluIGEgbGF3
c3VpdC4NCg0KSSdtIGFsc28gY29uZnVzZWQgYWJvdXQgdGhlc2UgcmVzdHJpY3Rpb25zLiBJZiBv
cGVuc291cmNlIGlzIGFsbG93ZWQgdG8NCnVzZSBpdCwgYW55b25lIGNvdWxkIHVzZSBvcGVuc3Ns
IHVuZGVyIHRoZSBuZXdseSBtaW50ZWQgKHN0aWxsIG1pbnRpbmc/KQ0KbGljZW5zZSB0byBsaW5r
IGFnYWluc3QgcHJvcGVyaWV0YXJ5IGNvZGUsIG1lYW5pbmcgdGhhdCB0aGVyZSBhcmUgaW4NCnBy
YWN0aXNlLCBubyByZXN0cmljdGlvbnMgbGVmdC4gU28gd2h5IGRvZXNuJ3QgUm9nYXdheSBqdXN0
IHJlbGVhc2UgYW4NCklQUiBzdGF0ZW1lbnQgdG8gdGhlIElFVEYgYWxsb3dpbmcgaXRzIGZyZWUg
YW5kIHVucmVzdHJpY3RpdmUgdXNlPw0KDQpSaWNoLCBkbyB5b3Uga25vdyBhbnl0aGluZyBhYm91
dCB0aGUgT0NCIGNvZGUgaW4gb3BlbnNzbCBhbmQgaG93IHRoZQ0KcmVsaWNlbnNpbmcgb2Ygb3Bl
bnNzbCB3b3VsZCBtZWFuIHRoZSBPQ0IgY29kZSBjYW4gcmVtYWluIG9yIGhhcyB0byBnbz8NCg0K
UGF1bA0KDQo=

--_000_0A4C446DAACC4B4E928A88C653260A3Cribosecom_
Content-Type: text/html; charset="utf-8"
Content-ID: <A4E416CE60E99A41AD7A4BD7693EBB7A@apcprd01.prod.exchangelabs.com>
Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i
dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5IHN0eWxlPSJ3b3JkLXdy
YXA6IGJyZWFrLXdvcmQ7IC13ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgbGluZS1icmVhazogYWZ0
ZXItd2hpdGUtc3BhY2U7IiBjbGFzcz0iIj4NCknigJltIHN1cmUgUmljaCBjb3VsZCBzaGluZSBt
b3JlIGxpZ2h0IG9uIHRoaXMsIGJ1dCBPcGVuU1NMIGhhcyBhbHJlYWR5IHJlY2VpdmVkIGEgc3Bl
Y2lmaWMgT0NCIGxpY2Vuc2UgZnJvbSBQcm9mLiBSb2dhd2F5IHRoYXQgYWxsb3dzIHVzZXJzIG9m
IE9wZW5TU0wgdG8gdXNlIE9DQiBmcmVlbHksIGluY2x1ZGluZyB3aGVuIGxpbmtlZCBhZ2FpbnN0
IHByb3ByaWV0YXJ5IGNvZGUgKEl04oCZcyBvbiB0aGUgT3BlblNTTCB3ZWJzaXRlKS4gTm90ZSB0
aGF0DQogdGhlIE9wZW5TU0wgbGljZW5zZSBpcyBtb3JlIGJyb2FkIHRoYW4gTGljZW5zZSAxIGFu
ZCAyIG9uIHRoZSBPQ0IgRkFRIHBhZ2UuDQo8ZGl2IGNsYXNzPSIiPg0KPGRpdiBjbGFzcz0iIj48
YnIgY2xhc3M9IiI+DQo8L2Rpdj4NCjxkaXYgY2xhc3M9IiI+QXMgbWVudGlvbmVkLCBQcm9mLiBS
b2dhd2F5IGlzIHdpbGxpbmcgdG8gZmlsZSBhbiBJUFIgc3RhdGVtZW50IGFsbG93aW5nIHRoZSB1
c2Ugb2YgT0NCIGZvciBhbGwgT3BlblBHUCBpbXBsZW1lbnRhdGlvbnMsIHNvIEkgdGhpbmsgdGhl
IHBhdGVudCBpc3N1ZSBjYW4gcHJvYmFibHkgYmUgcHV0IHRvIHJlc3QgaGVyZS48L2Rpdj4NCjxk
aXYgY2xhc3M9IiI+PGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8ZGl2IGNsYXNzPSIiPlJvbjwvZGl2
Pg0KPGRpdiBjbGFzcz0iIj48YnIgY2xhc3M9IiI+DQo8ZGl2IGNsYXNzPSIiPg0KPGRpdiBzdHls
ZT0iY29sb3I6IHJnYigwLCAwLCAwKTsgbGV0dGVyLXNwYWNpbmc6IG5vcm1hbDsgb3JwaGFuczog
YXV0bzsgdGV4dC1hbGlnbjogc3RhcnQ7IHRleHQtaW5kZW50OiAwcHg7IHRleHQtdHJhbnNmb3Jt
OiBub25lOyB3aGl0ZS1zcGFjZTogbm9ybWFsOyB3aWRvd3M6IGF1dG87IHdvcmQtc3BhY2luZzog
MHB4OyAtd2Via2l0LXRleHQtc3Ryb2tlLXdpZHRoOiAwcHg7IHdvcmQtd3JhcDogYnJlYWstd29y
ZDsgLXdlYmtpdC1uYnNwLW1vZGU6IHNwYWNlOyAtd2Via2l0LWxpbmUtYnJlYWs6IGFmdGVyLXdo
aXRlLXNwYWNlOyIgY2xhc3M9IiI+DQpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KUm9uYWxkIFRzZTxiciBjbGFzcz0iIj4N
ClJpYm9zZSBJbmMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4N
CjxkaXY+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFzcz0iIj4NCjxkaXYgY2xhc3M9IiI+
T24gT2N0IDMxLCAyMDE3LCBhdCAzOjAzIFBNLCBQYXVsIFdvdXRlcnMgJmx0OzxhIGhyZWY9Im1h
aWx0bzpwYXVsQG5vaGF0cy5jYSIgY2xhc3M9IiI+cGF1bEBub2hhdHMuY2E8L2E+Jmd0OyB3cm90
ZTo8L2Rpdj4NCjxiciBjbGFzcz0iQXBwbGUtaW50ZXJjaGFuZ2UtbmV3bGluZSI+DQo8ZGl2IGNs
YXNzPSIiPg0KPGRpdiBjbGFzcz0iIj5PbiBUdWUsIDMxIE9jdCAyMDE3LCBHcmVnb3J5IE1heHdl
bGwgd3JvdGU6PGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KQXMgdGhlIHNpZ25hbGluZyBv
ZiBzdXBwb3J0IGZvciBhbGdvcml0aG1zIGlzIGJldHRlciB0aGVuIEkgcmVhbGlzZWQsPGJyIGNs
YXNzPSIiPg0KSSdsbCBsZXQgbXlzZWxmIGJlIGNvbnZpbmNlZCB0aGF0IGFkZGluZyBhIG5ldyBh
bGdvcml0aG0gaXNuJ3QgdG9vPGJyIGNsYXNzPSIiPg0KYmFkLiBXaGlsZSBJIHN0aWxsIHRoaW5r
IHRoZXJlIGlzIGFuIGluY3JlYXNlZCByaXNrIG9mIG5vbi1pbnRlcm9wZXJhYmlsaXR5PGJyIGNs
YXNzPSIiPg0Kb3Igbm9uLWFkb3B0aW9uLCBJIGd1ZXNzIGl0IGlzIG5vdCBhIGRlYWwgYnJlYWtl
ciBmb3IgbmV3IGFsZ29yaXRobXMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KPGJsb2Nr
cXVvdGUgdHlwZT0iY2l0ZSIgY2xhc3M9IiI+DQo8YmxvY2txdW90ZSB0eXBlPSJjaXRlIiBjbGFz
cz0iIj5UaGUgbGVzc29uIGhlcmUgaXMsIGRvbid0IHB1dCBhcmJpdHJhcnkgcmVzdHJpY3Rpb25z
IG9uIHlvdXIgYWxnb3JpdGhtIGlmPGJyIGNsYXNzPSIiPg0KeW91IHdhbnQgdG8gc2VlIHdpZGVz
cHJlYWQgYWRvcHRpb24uPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3RlPg0KPGJyIGNsYXNzPSIi
Pg0KVGhpcyBzZWVtcyByYXRoZXIgbW9yYWxpc3RpYyByYXRoZXIgdGhhbiBhIHByYWN0aWNhbCBj
b25zaWRlcmF0aW9uLjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCklFVEYgcHJvdG9jb2xz
IHJvdXRpbmVseSByZWdpc3RlciBlbmNvZGluZ3MgYW5kIGNvZGVwb2ludHMgZm9yIGhpZ2hseTxi
ciBjbGFzcz0iIj4NCnJlc3RyaWN0ZWQgdGVjaG5pcXVlczogJm5ic3A7T0NCIGluIE9wZW5QR1Ag
d291bGQgb25seSBnZXQgdXNlZCB3aGVuIHRoZXJlPGJyIGNsYXNzPSIiPg0KaXMgbXV0dWFsIHN1
cHBvcnQgb24gYm90aCBlbmRzLjxiciBjbGFzcz0iIj4NCjxiciBjbGFzcz0iIj4NCkkgZG9uJ3Qg
dGhpbmsgdGhlIGxhdWRhYmxlIGVmZm9ydCBvZiBhdm9pZGluZyByZXN0cmljdGVkIHRlY2huaXF1
ZXMgYXM8YnIgY2xhc3M9IiI+DQptYW5kYXRvcnkgaW4gc3RhbmRhcmRpemVkIHByb3RvY29scyBp
cyBhaWRlZCBieSBhIHRvdGFsIHdhciBvbiB0aGVtPGJyIGNsYXNzPSIiPg0KdGhhdCBjb3ZlcnMg
b3B0aW9uYWwgdXNlIG9mIGxlc3MgcmVzdHJpY3RpdmVseSBsaWNlbnNlZCB0aGluZ3MuPGJyIGNs
YXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KVGhlIHN0YW5kYXJkcyBwcm9jZXNzIHF1ZXN0aW9uIHNo
b3VsZCBwcmltYXJpbHkgYmUgd2lsbCBpdCBnZXQgdXNlIGlmPGJyIGNsYXNzPSIiPg0KaXQgZXhp
c3RzPyBJZiBub3QsIGRvbid0IGJvdGhlci4gVGhlIGxpY2Vuc2luZyBvZiBPQ0IgYXBwZWFycyB0
byBiZTxiciBjbGFzcz0iIj4NCnZlcnkgcGVybWlzc2l2ZSBmb3IgbW9yZSB0aGFuIGEgZmV3IHZl
cnkgYnJvYWQgY2xhc3NlcyAoaW5jbHVkaW5nIEZyZWU8YnIgY2xhc3M9IiI+DQpTb2Z0d2FyZSBp
bXBsZW1lbnRhdGlvbnMpLiAmbmJzcDtJbnB1dCBmcm9tIGltcGxlbWVudGVycyBvbiBpZiB0aGV5
J2Q8YnIgY2xhc3M9IiI+DQppbXBsZW1lbnQgaXQgaWYgc3BlY2lmaWVkIHNob3VsZCBiZSB0aGUg
cHJpbWFyeSBtZXRyaWMuPGJyIGNsYXNzPSIiPg0KPC9ibG9ja3F1b3RlPg0KPGJyIGNsYXNzPSIi
Pg0KVGhpcyBpcyBzdGlsbCBhIHBvdGVudGlhbCBpc3N1ZS4gQXMgbG9uZyBhcyB0aGUgYWxnb3Jp
dGhtIGhhcyByZXN0cmljdGlvbnM8YnIgY2xhc3M9IiI+DQpvbiBpdCB0aGF0IGFyZSBkaXNjcmlt
aW5hdG9yeSwgdGhlaXIgaW5jbHVzaW9uIGluIGEgZnJlZSBzb2Z0d2FyZSBsaWJyYXJ5PGJyIGNs
YXNzPSIiPg0KcG9zZXMgYSByaXNrIGZvciB0aG9zZSBjb21wYW5pZXMgc2hpcHBpbmcgdGhlIHNv
ZnR3YXJlIHRoYXQgaGF2ZSBtb25leTxiciBjbGFzcz0iIj4NCmluIHRoZSBiYW5rIHRvIGF0dHJh
Y3QgbGF3c3VpdHMuPGJyIGNsYXNzPSIiPg0KPGJyIGNsYXNzPSIiPg0KSSdtIHdvcnJpZWQgYWJv
dXQgT0NCIHN1cHBvcnQgaW4gb3BlbnNzbCBhbmQvb3Igb3RoZXIgbGlicmFyaWVzIGFzPGJyIGNs
YXNzPSIiPg0KcGFydCBvZiB0aGUgT1MsIGJlY2F1c2Ugd2hlbiBhIHZlbmRvcidzIGN1c3RvbWVy
cyB3aWxsIHVzZSBpdCBmb3Igc29tZTxiciBjbGFzcz0iIj4NCiZxdW90O3VuYXV0aG9yaXNlZCB1
c2UmcXVvdDssIHRoZSB2ZW5kb3IgbWlnaHQgZ2V0IGludm9sdmVkIGluIGEgbGF3c3VpdC48YnIg
Y2xhc3M9IiI+DQo8YnIgY2xhc3M9IiI+DQpJJ20gYWxzbyBjb25mdXNlZCBhYm91dCB0aGVzZSBy
ZXN0cmljdGlvbnMuIElmIG9wZW5zb3VyY2UgaXMgYWxsb3dlZCB0bzxiciBjbGFzcz0iIj4NCnVz
ZSBpdCwgYW55b25lIGNvdWxkIHVzZSBvcGVuc3NsIHVuZGVyIHRoZSBuZXdseSBtaW50ZWQgKHN0
aWxsIG1pbnRpbmc/KTxiciBjbGFzcz0iIj4NCmxpY2Vuc2UgdG8gbGluayBhZ2FpbnN0IHByb3Bl
cmlldGFyeSBjb2RlLCBtZWFuaW5nIHRoYXQgdGhlcmUgYXJlIGluPGJyIGNsYXNzPSIiPg0KcHJh
Y3Rpc2UsIG5vIHJlc3RyaWN0aW9ucyBsZWZ0LiBTbyB3aHkgZG9lc24ndCBSb2dhd2F5IGp1c3Qg
cmVsZWFzZSBhbjxiciBjbGFzcz0iIj4NCklQUiBzdGF0ZW1lbnQgdG8gdGhlIElFVEYgYWxsb3dp
bmcgaXRzIGZyZWUgYW5kIHVucmVzdHJpY3RpdmUgdXNlPzxiciBjbGFzcz0iIj4NCjxiciBjbGFz
cz0iIj4NClJpY2gsIGRvIHlvdSBrbm93IGFueXRoaW5nIGFib3V0IHRoZSBPQ0IgY29kZSBpbiBv
cGVuc3NsIGFuZCBob3cgdGhlPGJyIGNsYXNzPSIiPg0KcmVsaWNlbnNpbmcgb2Ygb3BlbnNzbCB3
b3VsZCBtZWFuIHRoZSBPQ0IgY29kZSBjYW4gcmVtYWluIG9yIGhhcyB0byBnbz88YnIgY2xhc3M9
IiI+DQo8YnIgY2xhc3M9IiI+DQpQYXVsPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4NCjwv
YmxvY2txdW90ZT4NCjwvZGl2Pg0KPGJyIGNsYXNzPSIiPg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9k
eT4NCjwvaHRtbD4NCg==

--_000_0A4C446DAACC4B4E928A88C653260A3Cribosecom_--


From nobody Tue Oct 31 02:19:21 2017
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1513D13F63F for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 02:19:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SCQe03WEypBB for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 02:19:13 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E3A413F620 for <openpgp@ietf.org>; Tue, 31 Oct 2017 02:19:13 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yR5Q53Rkqzvk; Tue, 31 Oct 2017 10:19:09 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509441549; bh=lrXyMZoEaSG6qTyd/6WQAr7EfBM4aa8VdtSxI0aHsk0=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=QIf6aFd+DIiLWz8wLTyQOHYfL9YlQuJu5BNUa0EkGpIuzXBDDFSlu4FQHdfOJhe7V 08Fnmf4AOAOamFoCvnp1DaiE4GuKskeM2rsLV0bI2g/2st2dwJVtoXWMhsVSXBCz8P uy9sP1GQI9TMh9S3rbOaqTM3biVD9dE0gyViTyh0=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id fxrW25quzcQO; Tue, 31 Oct 2017 10:19:08 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 31 Oct 2017 10:19:08 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id A16C762D29; Tue, 31 Oct 2017 05:19:07 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca A16C762D29
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 8ECE940D35AF; Tue, 31 Oct 2017 05:19:07 -0400 (EDT)
Date: Tue, 31 Oct 2017 05:19:07 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Ronald Tse <tse@ribose.com>
cc: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <0A4C446D-AACC-4B4E-928A-88C653260A3C@ribose.com>
Message-ID: <alpine.LRH.2.21.1710310516530.12676@bofh.nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca> <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com> <alpine.LRH.2.21.1710310254050.8644@bofh.nohats.ca> <0A4C446D-AACC-4B4E-928A-88C653260A3C@ribose.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8BIT
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/5dU4ekechNRFcF4Nrfz58Ot1j48>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 09:19:15 -0000

On Tue, 31 Oct 2017, Ronald Tse wrote:

> I’m sure Rich could shine more light on this, but OpenSSL has already received a specific OCB license from Prof. Rogaway that allows users of OpenSSL to use OCB freely, including when
> linked against proprietary code (It’s on the OpenSSL website). Note that the OpenSSL license is more broad than License 1 and 2 on the OCB FAQ page.
> As mentioned, Prof. Rogaway is willing to file an IPR statement allowing the use of OCB for all OpenPGP implementations, so I think the patent issue can probably be put to rest here.

The recent I'm asking is because openssl is being relicensed and I don't
know how this affects things.

As for getting a license for openpgp (and TLS), putting support in a
general library where it can be used for other things is still an issue
that needs to be looked at by lawyers, not engineers. And since that
in itself will impact whether OCB would be made available in generic
distributions, I don't think this issue can be put to rest yet.

Paul


From nobody Tue Oct 31 06:19:00 2017
Return-Path: <rsalz@akamai.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5224913F4F8 for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 06:18:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level: 
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tpKRgPudaqeF for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 06:18:57 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 041E613F5EF for <openpgp@ietf.org>; Tue, 31 Oct 2017 06:18:48 -0700 (PDT)
Received: from pps.filterd (m0050102.ppops.net [127.0.0.1]) by m0050102.ppops.net-00190b01. (8.16.0.21/8.16.0.21) with SMTP id v9VD7ZCR032620; Tue, 31 Oct 2017 13:18:45 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=sMWIBZ3kAz0E2E4YvYSnbCk++WEBxuYlLNiwXVommCY=; b=d0O/4rH+qjBSCNNu4j0v5vEC5n19oLdnxSkVtgVDFbHZkiKDg182BDzbtYv8sRvqX/DW KVyCZ8mNyg2SByX3KfKHLnol6DFXyj4JQIx8RB/BiXSgawO4z9FYSLH6zRpvsKV400pk BYonyvKCRMdXVZXjaVouDP4xq6JDcuxbJ/kQ+WCVZIOWITuqXpEYIk3sy9Mr4x7uOpml xpasen11uQgm6y0BeisLMhxzhEMu+FrNNtFZBhRQMhuenPpaOG7j6kTZc8BYKDdhyPTU g/xePFoieLEDtq3e0oQ02jOHvUzjPO0ZmaeRDD1q0fq27mdI30OWbCQZunbDwvwzxcvt WQ== 
Received: from prod-mail-ppoint3 ([96.6.114.86]) by m0050102.ppops.net-00190b01. with ESMTP id 2dvmqntxpd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 31 Oct 2017 13:18:45 +0000
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.21/8.16.0.21) with SMTP id v9VD1hd3029257; Tue, 31 Oct 2017 09:18:44 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint3.akamai.com with ESMTP id 2dvn7w20cw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 31 Oct 2017 09:18:44 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 31 Oct 2017 09:18:43 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1263.000; Tue, 31 Oct 2017 09:18:43 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Paul Wouters <paul@nohats.ca>, Ronald Tse <tse@ribose.com>
CC: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Proposal to include AEAD OCB mode to 4880bis
Thread-Index: AQHTTXH5w45VH0tw2ky7nHf16p0Us6L1We9kgABLVgCAAXdPgIAARqrygABFAoCAABg1gIAA8IkAgAB9PACAAAYbgIAEVBgAgABMg4CAABKjgIAAEzKAgABC8YA=
Date: Tue, 31 Oct 2017 13:18:42 +0000
Message-ID: <F27AAF10-75DB-4DF6-9871-E35A592DF97D@akamai.com>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <06D50F48-26BD-4729-8071-576DA8E226AA@ribose.com> <alpine.LRH.2.21.1710280403490.7356@bofh.nohats.ca> <CAAS2fgSfY5YqT2ExhtY6MrEJxNWMN77rJTtsO1r6aixOAJexFw@mail.gmail.com> <alpine.LRH.2.21.1710310254050.8644@bofh.nohats.ca> <0A4C446D-AACC-4B4E-928A-88C653260A3C@ribose.com> <alpine.LRH.2.21.1710310516530.12676@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1710310516530.12676@bofh.nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
user-agent: Microsoft-MacOutlook/f.27.0.171010
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.44.91]
Content-Type: text/plain; charset="utf-8"
Content-ID: <DC2F4F0DD8B0F54BAC76C7BB4EF083EF@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-31_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710310173
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-10-31_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710310172
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/oz73XeAnOJG7Op65Io6eCmLKyc0>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 13:18:59 -0000

DQrinqIgICAgIFRoZSByZWNlbnQgSSdtIGFza2luZyBpcyBiZWNhdXNlIG9wZW5zc2wgaXMgYmVp
bmcgcmVsaWNlbnNlZCBhbmQgSSBkb24ndA0KICAgIGtub3cgaG93IHRoaXMgYWZmZWN0cyB0aGlu
Z3MuDQogICAgDQpCYXNlZCBvbiBvdXIgY291bnNlbCwgdGhlIHBsYW5uZWQgY2hhbmdlIHRvIEFw
YWNoZTIgbGljZW5zZSB3aWxsIG5vdCBjaGFuZ2UgYW55IHBhdGVudCBncmFudHMgd2UgaGF2ZSBi
ZWVuIGdpdmVuLg0KDQoNCg==


From nobody Tue Oct 31 08:49:30 2017
Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E54E13F76E for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 08:49:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9jgcUTxGrS7b for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 08:49:26 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F63E13F4E9 for <openpgp@ietf.org>; Tue, 31 Oct 2017 08:49:11 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1e9Ymr-0001rL-Ld for <openpgp@ietf.org>; Tue, 31 Oct 2017 16:49:09 +0100
Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1e9YiL-0006cQ-DR; Tue, 31 Oct 2017 16:44:29 +0100
From: Werner Koch <wk@gnupg.org>
To: "brian m. carlson" <sandals@crustytoothpaste.net>
Cc: Ronald Tse <tse@ribose.com>,  "openpgp\@ietf.org" <openpgp@ietf.org>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net>
Organisation: The GnuPG Project
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: "brian m. carlson" <sandals@crustytoothpaste.net>, Ronald Tse <tse@ribose.com>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Tue, 31 Oct 2017 16:44:23 +0100
In-Reply-To: <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> (brian m. carlson's message of "Sat, 28 Oct 2017 00:33:46 +0000")
Message-ID: <87o9onz5ig.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=UFO_red_noise_JFK_high_security_kilderkin_ANZUS_credit_card_Sundevil"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0SBl_i_bAeTVB1twtMGhUdGgk9Y>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 15:49:28 -0000

--=UFO_red_noise_JFK_high_security_kilderkin_ANZUS_credit_card_Sundevil
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

<offtopic>

On Sat, 28 Oct 2017 02:33, sandals@crustytoothpaste.net said:

> GnuPG relies on libgcrypt for cryptographic functionality.  On Debian,
> libgcrypt is linked into Xorg, which is often linked to proprietary
> software such as graphics drivers.  Since Debian cannot avail itself of

There are no proprietary drivers in Debian.  Further it is not instantly
possible to decide what makes up a derivative work, "linking" would be
just one data point but even that term "linking" is not well defined.

> license 1 prohibits uses with proprietary software, Debian's GnuPG is
> unlikely to have support for OCB unless Debian ships two separate copies

GnuPG already uses OCB for the private key storage format and will
protect keys using this format if you use --enable-extended-key-format.
Eventually this will be the default key storage format for private keys.

</>=20

> I remain wholly opposed to including OCB in the OpenPGP specification,

Do you prefer that we put a "2 - reserved for OCB" into the specs and
have an I-D to specify the oue of OCB in OpenPGP?  This would make the
life for implementors and auditors harder.


Shalom-Salam,

   Werner

=2D-=20
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

--=UFO_red_noise_JFK_high_security_kilderkin_ANZUS_credit_card_Sundevil
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQTX/8BjtAoilLlm20f/gK6dHew1jQUCWfiaVwAKCRD/gK6dHew1
jWvsAQC5uS28cIJyYtWNY8YNTv8SlOhflNkOughevVv+mnBNRwD+IOXXWPvNYr6e
rFW+Rfufvk5efXk9olyZGo6d2HxMUwM=
=k+NL
-----END PGP SIGNATURE-----
--=UFO_red_noise_JFK_high_security_kilderkin_ANZUS_credit_card_Sundevil--


From nobody Tue Oct 31 17:27:08 2017
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 812A113F828 for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 17:27:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level: 
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,  DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001,  URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v6HDCn8mZhy9 for <openpgp@ietfa.amsl.com>; Tue, 31 Oct 2017 17:27:06 -0700 (PDT)
Received: from injection.crustytoothpaste.net (injection.crustytoothpaste.net [192.241.140.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36E4613F5C4 for <openpgp@ietf.org>; Tue, 31 Oct 2017 17:27:06 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by injection.crustytoothpaste.net (Postfix) with ESMTPSA id C9B796046C; Wed,  1 Nov 2017 00:26:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crustytoothpaste.net; s=default; t=1509495993; bh=Z7WMA8PgZfsAzFCn4pTNHUZz3L2cv41tl4bWPnrn0bA=; h=Date:From:To:Subject:References:Content-Type:Content-Disposition: In-Reply-To:From:Reply-To:Subject:Date:To:CC:Resent-Date: Resent-From:Resent-To:Resent-Cc:In-Reply-To:References: Content-Type:Content-Disposition; b=i5Jjp/yaal5+H8t1V+xIVBohx7xA8qsKJvBm0yn9+C2Av7Wo526Bl9o3Ra7EAm3vF AgqMxjWW0hG1dcs8d0NuaSNWO/2s5fGR53osOvrHqlmoR5Wgj1tCqMGSUTMPuF4W/d 18hSKliDeJgfrkUvgnOwItYbYq4vcc3BqXPChVbi/Ya5nlEIF/oYrc/hjGP2/yf0m8 VyacctHNiYKMUI/jMPFf4vJ9sfKl70hOZ6I5kksG6A+y6JFhi7RdV2DSfSNitUnLfU JnbX0tHC9Xb16OVc2Gn2sJTbZCMIlT8YPnH+INP9VLAVrEYPrUyx1QbZDCim5bhYYG toFFo1JMZVNxMObeojEbbhMPnnFKcitBLdgR4pNMFEhCO8IlRDlabylgPDmrPxLX7b PUXl7N7yu7KhBPBiEX8IJZMAOmXlPoL0SxqaIfwbMt5ua3l2f+bJrZYfg2cmI9Bkdg q79UuS46xFRM4kOle3lVAvTmyGBTBxrFTwsoea87RI32SeA1l7k
Date: Wed, 1 Nov 2017 00:26:28 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Ronald Tse <tse@ribose.com>, "openpgp@ietf.org" <openpgp@ietf.org>
Message-ID: <20171101002627.re4cgtirwoijyg53@genre.crustytoothpaste.net>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com> <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca> <87she556tv.fsf@wheatstone.g10code.de> <1509093954061.51049@cs.auckland.ac.nz> <36023233-856C-4A6D-BAF9-28037B4DA0F7@ribose.com> <20171028003345.6y5igwx5cuxfxlkm@genre.crustytoothpaste.net> <87o9onz5ig.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="uyeemil6yqati5io"
Content-Disposition: inline
In-Reply-To: <87o9onz5ig.fsf@wheatstone.g10code.de>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.13.0-1-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
X-Scanned-By: MIMEDefang 2.79 on 127.0.1.1
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/uYstKt7KzE6kM1CUGrT23NafLOQ>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 00:27:07 -0000

--uyeemil6yqati5io
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 31, 2017 at 04:44:23PM +0100, Werner Koch wrote:
> > I remain wholly opposed to including OCB in the OpenPGP specification,
>=20
> Do you prefer that we put a "2 - reserved for OCB" into the specs and
> have an I-D to specify the oue of OCB in OpenPGP?  This would make the
> life for implementors and auditors harder.

Yes, I would much prefer that we let OCB happen in a separate draft.
Then all the patent problems occur in a separate specification that
doesn't affect the core OpenPGP.
--=20
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204

--uyeemil6yqati5io
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.2.1 (GNU/Linux)

iQIzBAABCgAdFiEEX8OngXdrJt+H9ww3v1NdgR9S9osFAln5FLMACgkQv1NdgR9S
9ovEThAAypRw5iCj2Qbhz+9gMx+vq5HW+e1sjz0zJ8t3kc6iEFHzVScCnyxN8jCe
DKsBonTdpmpYN/EnrM/fwwBe1zxV1IWHCikG/mLpVjjMtUzfZL2SJUTyjhGjYSHK
0bmpxtQLSM7tSrJOjdA2A0wangfkVSzOnqjIFBMAPktOVBFnE/9sY+8+jrB2xlg+
/EwDYpJmkeWyNIieoWldvLruy0k6woSMNueGyY3M0JLfxibwD7qVP6/j4hP17Joa
EjUNoQwn4KyHegBSESBN6BUScBd2/04wzpbJOerES4X5yK1yj0+uxrOcxfDcJ1Ql
HMVFJysApSIBPGbAX9zHx2JUK8kjrjR83LMKHB8/zmcfx0IexldM1NU/t0Wxmbq7
1KORvVzu7HHkPyZi26o2b7rwEhauLlN6JdCPg19CQA3yDX7kBpHux8XzVMAAXPpR
ybqRz+zi4zPMdWvO6XflLDunGve6+1wtl1vq5NXKGiL/dn3ttutzfxqBZ6uOI6ke
BPO0mGNq0DWDuApokGyEiL9mqA42mqjnYzvtFRyFetGGXmtVNNC4U4lmnL0iRRi0
x1GUPpUOKbxpigRmkQ7vr/jTMblhIhzscxH01gZkyOXaD4Ynq99lk8YTFPpqgo3x
oEb20vuJ/xgicRCQv95OsUdIOZDbGcg4QUz3ZTpcV9V/ChDn47E=
=mwCd
-----END PGP SIGNATURE-----

--uyeemil6yqati5io--