From nobody Fri Jun 3 12:02:42 2016 Return-Path: X-Original-To: openpgp@ietf.org Delivered-To: openpgp@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A950912B04C; Fri, 3 Jun 2016 12:02:41 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Meeting Session Request Tool\"" To: X-Test-IDTracker: no X-IETF-IDTracker: 6.21.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160603190241.1334.28100.idtracker@ietfa.amsl.com> Date: Fri, 03 Jun 2016 12:02:41 -0700 Archived-At: Cc: openpgp-chairs@ietf.org, openpgp@ietf.org, dkg@fifthhorseman.net, stephen.farrell@cs.tcd.ie Subject: [openpgp] openpgp - New Meeting Session Request for IETF 96 X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jun 2016 19:02:41 -0000 A new meeting session request has just been submitted by Daniel Kahn Gillmor, a Chair of the openpgp working group. --------------------------------------------------------- Working Group Name: Open Specification for Pretty Good Privacy Area Name: Security Area Session Requester: Daniel Kahn Gillmor Number of Sessions: 1 Length of Session(s): 1.5 Hours Number of Attendees: 30 Conflicts to Avoid: First Priority: dprive tcpinc tls Second Priority: acme dane cfrg Special Requests: please avoid july 22nd --------------------------------------------------------- From nobody Mon Jun 6 08:31:18 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3564E12D80E for ; Mon, 6 Jun 2016 08:31:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.4 X-Spam-Level: X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.198, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LrQ-WNYKCcQ2 for ; Mon, 6 Jun 2016 08:31:04 -0700 (PDT) Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0557412D80C for ; Mon, 6 Jun 2016 08:31:04 -0700 (PDT) Received: by mail-qk0-x22d.google.com with SMTP id i187so80349489qkd.3 for ; Mon, 06 Jun 2016 08:31:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=CtlMPhcL3HvzdOkNiXYjPUbJYINc2tliYi+m++SOjtE=; b=KyUmlBpF2oJhed7E9bSCvnDQr/2C2wFrFILggJ7A894vwz7C5Si8G5/A4eL8HJ337O 2QoWPpO6bjmQUklnTzRc+vfu3klhRnLIDiQXd7MQIqgKHO3HHe6LXKLga/kC9hoceG+F JDC+ghJZqR43HRC2HBovDyVUvZeXYHiNfiLUEc5vRceRUZhjIUHsjDXcBrZm28s2XcSJ wgCOmHj9egDT+pYLMQ4/34tZ6O6anEig00IqGmdmqyc0NQAM+XJ/PmgvHPHUwe0+leY4 E/CB8z2qu4hizB9MX+feAbrSdb54BjE3bIDz4Uvj+hkEyefAONU8P2VNKYxHxKd6lg07 z9eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=CtlMPhcL3HvzdOkNiXYjPUbJYINc2tliYi+m++SOjtE=; b=JALKZl1Dqk1R2XUDyAJpUg1i7f8a+4D0d06bg0VtTfKZ8It95szXKlgKk6vrt6afq0 85QstZIAAs94WAc103lEODiaY2Db/QOF/d5YACGPS+5IVp9adIMJQC8L1BpykIBNljGr MRrIFYGXxjqMdalAWWrJUreVbUKS54/D2jMA5L6KbAhJajvxg8t5xa0pY8B4SN4zxDWr bkJRDV7Q1Oz83uWASJ3sdnr+SpHIx89E0e+6T+Dfsihgkd4tmK6pGcVaxzpFY4HQ2FKh hJjdeZTfngtQRFCZjiRHLJ8mnadzxrXYPE54vborkpz2/6pDgv4ixRHlislzNhln3ICV mo2w== X-Gm-Message-State: ALyK8tIKX7SI4YUCQX8uOQX6WYSAA1nmkiYqptHp/gy+dIQG9hlo90vqYaGt14kvf7/vrCfLtevrWekmAi1z0g== X-Received: by 10.55.114.71 with SMTP id n68mr16919430qkc.37.1465227063114; Mon, 06 Jun 2016 08:31:03 -0700 (PDT) MIME-Version: 1.0 Sender: hallam@gmail.com Received: by 10.55.25.85 with HTTP; Mon, 6 Jun 2016 08:31:02 -0700 (PDT) From: Phillip Hallam-Baker Date: Mon, 6 Jun 2016 11:31:02 -0400 X-Google-Sender-Auth: 8J8lWcL6pIWrFRxsl3srToKCABQ Message-ID: To: IETF OpenPGP Content-Type: multipart/alternative; boundary=001a114fef8a9cc18405349dc2f6 Archived-At: Subject: [openpgp] Hardening fingerprints X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2016 15:31:06 -0000 --001a114fef8a9cc18405349dc2f6 Content-Type: text/plain; charset=UTF-8 So I am currently working on some code that does fingerprint hardening. There are two main objectives: 1) To reduce the size of the fingerprint that a user needs to print on a business card etc. while preserving the same work factor. 2) To discourage the use of 'vanity fingerprints' such as 'PHBIS-MEEEE-2QHE8-2IIW9-3IIS2' which look really kewl but are actually a major security hole as they encourage people to only check the signature part that is easily memorized. 3) To improve the level of security achieved in the system in practice by reducing the number of characters that need to be checked to preserve strength. Some observations: 1) Even the slowest modern machine can produce tens of thousands of hashes a second, i.e. 2^12. 2) The difference in speed between the slowest modern machines and the fastest isn't really very much when you compare single cores. 3) Searching for fingerprints is a trivial parallelizable problem and can be performed by multiple cores. Since I have 2000+ cores in my GPU, I can search for fingerprints at a very fast rate indeed. 4) Generating DH/ECDH public key pairs takes a small amount of time but generating RSA keypairs causes a noticeable delay if performed repeatedly. [The delay for ordinary keygen is also noticeable without a properly threaded UI but no amount of threading hides hardening] 5) Regardless of the size of the machine, diminishing returns are hit after an hour. Running for a day only reduces the fingerprint by two more characters and a month only gives another two. To reduce the fingerprint by five characters takes half a year. 6) This is not the type of program we want running on Amazon compute cloud unless the fingerprint variation only involves the private key. 7) Since we look set for Base32 output, it makes sense to limit hardening to increments of 5 bits with some minimum floor. 8) Five Base32 characters is 125 bits which is in the ballpark for a 2^128 work factor. Four groups of five characters, 20 in all is probably as long a string as we can expect people to check. That requires an expected 15 million trials, not allowing for whatever overhead the control info requires. The last part means that if you want to harden RSA fingerprints, you really have to design the fingerprint in such a fashion that you can generate the key once and introduce some sort of salt to let you vary it. This is a problem with my current code as even running it on an overclocked machine with 12 processing threads, hardening to reduce the fingerprint size of RSA keys without a salt is just not feasible. I do not have code for the CFRG ECC algs yet so I am working on DH keys as dummies. The best way to organize the UI seems to be to have the user estimate how much time they want to put into hardening the key and then give them continuous feedback on the best fingerprint found so far. It is fairly easy to work out how long it is likely to take to cut 25, 30, 35... bits off the fingerprint length. Conclusion, hardening is worth having, it is not just a matter of convenience, it makes the system more robust. But if it is supported, some form of salting mechanism is essential. --001a114fef8a9cc18405349dc2f6 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
So I am currently working on some code that does fingerpri= nt hardening. There are two main objectives:

1) To reduc= e the size of the fingerprint that a user needs to print on a business card= etc. while preserving the same work factor.

2) To= discourage the use of 'vanity fingerprints' such as 'PHBIS-MEE= EE-2QHE8-2IIW9-3IIS2' which look really kewl but are actually a major s= ecurity hole as they encourage people to only check the signature part that= is easily memorized.

3) To improve the level of s= ecurity achieved in the system in practice by reducing the number of charac= ters that need to be checked to preserve strength.


Some observations:

1) Even the slo= west modern machine can produce tens of thousands of hashes a second, i.e. = 2^12.

2) The difference in speed between the slowe= st modern machines and the fastest isn't really very much when you comp= are single cores.

3) Searching for fingerprints is= a trivial parallelizable problem and can be performed by multiple cores. S= ince I have 2000+ cores in my GPU, I can search for fingerprints at a very = fast rate indeed.=C2=A0

4) Generating DH/ECDH publ= ic key pairs takes a small amount of time but generating RSA keypairs cause= s a noticeable delay if performed repeatedly. [The delay for ordinary keyge= n is also noticeable without a properly threaded UI but no amount of thread= ing hides hardening]

5) Regardless of the siz= e of the machine, diminishing returns are hit after an hour. Running for a = day only reduces the fingerprint by two more characters and a month only gi= ves another two. To reduce the fingerprint by five characters takes half a = year.

6) This is not the type of program we want r= unning on Amazon compute cloud unless the fingerprint variation only involv= es the private key.

7) Since we look set for Base3= 2 output, it makes sense to limit hardening to increments of 5 bits with so= me minimum floor.

8) Five Base32 characters is 125= bits which is in the ballpark for a 2^128 work factor. Four groups of five= characters, 20 in all is probably as long a string as we can expect people= to check. That requires an expected 15 million trials, not allowing for wh= atever overhead the control info requires.

<= br>
The last part means that if you want to harden RSA fingerprin= ts, you really have to design the fingerprint in such a fashion that you ca= n generate the key once and introduce some sort of salt to let you vary it.= This is a problem with my current code as even running it on an overclocke= d machine with 12 processing threads, hardening to reduce the fingerprint s= ize of RSA keys without a salt is just not feasible.

I do not have code for the CFRG ECC algs yet so I am working on DH keys = as dummies.

The best way to organize the UI seems = to be to have the user estimate how much time they want to put into hardeni= ng the key and then give them continuous feedback on the best fingerprint f= ound so far. It is fairly easy to work out how long it is likely to take to= cut 25, 30, 35... bits off the fingerprint length.


Conclusion, hardening is worth having, it is not just a ma= tter of convenience, it makes the system more robust. But if it is supporte= d, some form of salting mechanism is essential.
--001a114fef8a9cc18405349dc2f6-- From nobody Mon Jun 6 11:35:22 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92D7612D578 for ; Mon, 6 Jun 2016 11:35:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 414h_FjCRsoa for ; Mon, 6 Jun 2016 11:35:17 -0700 (PDT) Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0B2612D548 for ; Mon, 6 Jun 2016 11:35:16 -0700 (PDT) Received: from localhost (dhcp176-121.wlan.rz.tu-bs.de [134.169.176.121]) by mail.mugenguild.com (Postfix) with ESMTPSA id 693BA5FAB3 for ; Mon, 6 Jun 2016 20:35:14 +0200 (CEST) Date: Mon, 6 Jun 2016 20:35:11 +0200 From: Vincent Breitmoser To: IETF OpenPGP Message-ID: <20160606183511.GA14829@littlepip.fritz.box> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="qMm9M+Fa2AknHoGS" Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) Archived-At: Subject: [openpgp] Secure and interoperable secret key transfer X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2016 18:35:20 -0000 --qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, there should be a standardized format to transfer secret keys in a way which provides confidentiality and integrity protection. At the moment, most tools leave the user completely on their own to perform this not too common but centrally important operation. While symmetric file encryption is a technically usable mechanism, the de facto state of the art is that no implementation enforces (or even encourages) its use for secret key transfer, or provides support for decryption on the import side. Which very likely means that many users move their keys around unprotected. The passphrase is not a suitable mechanism for this: It provides only partial confidentiality, no integrity protection, and most importantly its use for this purpose confuses users about what the actual purpose of the passphrase is - and how strong it should be for each use case. The tl;dr of this post is that I would really like to get rid of these two FAQ points of ours: https://www.openkeychain.org/faq/#how-to-import-an-openkeychain-backup-with-gpg https://www.openkeychain.org/faq/#what-is-the-best-way-to-transfer-my-own-key-to-openkeychain All this said, I'm not entirely sure what the best way to do this could be. Since symmetrically encrypted data packets exist, it's quite possible that just a paragraph encouraging its use for this purpose somewhere near the transferable secret key section would suffice. - V --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXVcJfAAoJEHvRgyDerfoRUhUQALeN+1AwVJmmPG+f2C8mk0uM 2zWg//QTsMLDlSqve8oznSP/daMVBxgOR0mUTu5OAIfX+x9o9ZZ1gDKeOXm1263h uclZ6YMm1DTGqQFSwtSMNSnbQfT6iFwyKEhXQl5yd+ogZ4KuAIDNykFEMd/Obshw 3Ug/agh0RtK65a3VflPaGMcIoJEXrFEt7v7N1uuigFs5DtphAQaiKnQrDv3oIdgy CDnMToTdtUhHUmlWNPtULc8OTcYcgaa/lQxmRAAFWIFcHmuduQHWYpFlB1GMgCKW WCWKjcb+WW2KItziffTbk75PEG9cVL1LEed+8S7YzCjCrGN1WsWJ54FWZsJCCRtt GioAd6fOV1wIXLDOh91E473an8zFDIVe9VZQzoGZFEuDM6OgGkoiWPuBvqZ3Z85C hXtSCAicmFvmwJYqgiy+GWjXR42V1b/4Ven204eSbLKTrsBIukHGMswZ1Z1E8cc0 5EF+TYMwhJeolY6G5FVMtgTHfwRAg2ycIZ/8CYJHxjyd2RdCr26kxKm1pvbcLC1Q hblHGXToybJMD5Ho7ZsGEescOUG6J9ekHeqmEFOXhWDWFZnu07XOOCVJ5W/626Dp NMl44pF3wfqT+DAN59dcARqmJ7LxNllRd+ZZClvzJzzyTiYr0574UJU7cYJsd0W0 vjWpaAHi7JfWqwHZ5PUG =gzPa -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS-- From nobody Fri Jun 10 07:30:34 2016 Return-Path: X-Original-To: openpgp@ietf.org Delivered-To: openpgp@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B07E412D0A9; Fri, 10 Jun 2016 07:30:33 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Meeting Session Request Tool\"" To: X-Test-IDTracker: no X-IETF-IDTracker: 6.21.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160610143033.15435.44245.idtracker@ietfa.amsl.com> Date: Fri, 10 Jun 2016 07:30:33 -0700 Archived-At: Cc: openpgp-chairs@ietf.org, openpgp@ietf.org, dkg@fifthhorseman.net, stephen.farrell@cs.tcd.ie Subject: [openpgp] openpgp - Update to a Meeting Session Request for IETF 96 X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Jun 2016 14:30:34 -0000 An update to a meeting session request has just been submitted by Daniel Kahn Gillmor, a Chair of the openpgp working group. --------------------------------------------------------- Working Group Name: Open Specification for Pretty Good Privacy Area Name: Security Area Session Requester: Daniel Kahn Gillmor Number of Sessions: 1 Length of Session(s): 1.5 Hours Number of Attendees: 30 Conflicts to Avoid: First Priority: dprive tcpinc tls Second Priority: acme dane cfrg Special Requests: If we have the meeting on Monday July 18th, that would be ideal, because Werner Koch would be able to make it. If we can't make it on Monday, at least please avoid July 22nd as dkg may leave early. --------------------------------------------------------- From nobody Mon Jun 13 03:11:39 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E8F612B01E for ; Mon, 13 Jun 2016 03:11:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZA4snnI3i_2C for ; Mon, 13 Jun 2016 03:11:36 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 682B612B00F for ; Mon, 13 Jun 2016 03:11:36 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bCOqE-0003OH-1e for ; Mon, 13 Jun 2016 12:11:34 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bCOmL-0003KO-Ot for ; Mon, 13 Jun 2016 12:07:33 +0200 From: Werner Koch To: openpgp@ietf.org Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: openpgp@ietf.org Date: Mon, 13 Jun 2016 12:07:33 +0200 Message-ID: <87mvmp5rmi.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Subject: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jun 2016 10:11:38 -0000 Hi! It is a long time problem in OpenPGP that signatures have no way to unambiguously specify the key used to create the signature. The specs suggest the use of the Issuer subpacket to convey the long keyid of the issuing key. However, it is possible to create colliding 64 bit keyids and thus it is possible that a user downloads the wrong key for a signature; this will yield a bad signature status and the user has no easy means to decide whether this is is really a bad signature, or due to the use of a colliding public key. This can easily be solved by including the full fingerprint of the key in the signature. Introducing such a feature can be made orthogonal to a new fingerprint format. I propose this change: --8<---------------cut here---------------start------------->8--- @@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification 30 Features 31 Signature Target 32 Embedded Signature + 33 Issuer Fingerprint 100 to 110 Private or experimental An implementation SHOULD ignore any subpacket of a type that it does @@ -1615,6 +1616,16 @@ #### {5.2.3.26} Embedded Signature in Section 5.2 above. It is useful when one signature needs to refer to, or be incorporated in, another signature. +#### Issuer Fingerprint + +(1 octet key version number, N octets of fingerprint) + +The OpenPGP Key fingerprint of the key issuing the signature. The +only possible key version number is 4 and thus N must be 20. This +subpacket is intended to eventually replace the issuer subpacket which +does not not unambiguously specify the key. It SHOULD be part of all +signatures. + ### {5.2.4} Computing Signatures All signatures are formed by producing a hash over the signature data, --8<---------------cut here---------------end--------------->8--- Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Tue Jun 14 05:25:20 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2141912DBC0 for ; Tue, 14 Jun 2016 05:25:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dTzHSE-baY-E for ; Tue, 14 Jun 2016 05:25:17 -0700 (PDT) Received: from mail-vk0-x229.google.com (mail-vk0-x229.google.com [IPv6:2607:f8b0:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0655212DBBC for ; Tue, 14 Jun 2016 05:25:16 -0700 (PDT) Received: by mail-vk0-x229.google.com with SMTP id u64so107240585vkf.3 for ; Tue, 14 Jun 2016 05:25:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=SuMsxQ+4XzdsSM8BlMstbWK8SNWJzkSXy2i9DiKhPZ8=; b=FhfVNT6/Cur6L8otbAzWn704Vzf6A7OeqVyftD3iS04IU2NcKxn3mWY3r2QMoZsvKa DnXH0YqLz/3mpUPcAlwiFQLBfS100oqN0rXv75mOxiCjMd7DA2mdh1MNpJjq89jlXejE wnahsYW5oB78mLo4DRRhYAeJgUTnzxrtuqTgU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to; bh=SuMsxQ+4XzdsSM8BlMstbWK8SNWJzkSXy2i9DiKhPZ8=; b=h9XssVs8Q4CW4oedE2u4ESsHA3qVdjUIkqH8nEVf9aiSOLWImz8QfXeptVk78hB6lI aHCRAewFVIEI41bHUkYwBx/GSzi+e0MptgKKcWAtF2uJ59cajDV17HVtUc0KwtWFazcT 1QToo/HP+ky4ocgn2DKgGQsmKM4b6jIo2qvq8rgi1bbo5wrx2BPQUIYgrFID3tINK0rT waSn2iNeF6iNTq/jDluAgfrAbZ6INeaqH7ByowmYwZrXJsHlnliEIO5ELVZ65SP8shmq cEtTILuyuVE/8vnq5qnrK2BF8aAYxlxJjKchX3ovydPMxD5/b6Gz1+ijSbSycednErdh QrvQ== X-Gm-Message-State: ALyK8tJ1sWItkl2NZo1m9qR1ivHzYcPxwU2MiDpsgQNChgCXnc6MwPImFXwAeBfscEwJJq8EzsVGHtXSCskiXw+j MIME-Version: 1.0 X-Received: by 10.176.3.72 with SMTP id 66mr8355518uat.146.1465907115914; Tue, 14 Jun 2016 05:25:15 -0700 (PDT) Received: by 10.103.27.195 with HTTP; Tue, 14 Jun 2016 05:25:15 -0700 (PDT) In-Reply-To: <87mvmp5rmi.fsf@wheatstone.g10code.de> References: <87mvmp5rmi.fsf@wheatstone.g10code.de> Date: Tue, 14 Jun 2016 08:25:15 -0400 Message-ID: From: Joseph Lorenzo Hall To: "openpgp@ietf.org" Content-Type: multipart/alternative; boundary=001a113f2694eb1f7105353c1894 Archived-At: Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 12:25:19 -0000 --001a113f2694eb1f7105353c1894 Content-Type: text/plain; charset=UTF-8 Sounds like it doesn't make sense to make this optional for signatures as implicit signature identity could result in attacks where the attacker changes an implicit identity and signature verification fails? On Monday, June 13, 2016, Werner Koch wrote: > Hi! > > It is a long time problem in OpenPGP that signatures have no way to > unambiguously specify the key used to create the signature. The specs > suggest the use of the Issuer subpacket to convey the long keyid of the > issuing key. However, it is possible to create colliding 64 bit keyids > and thus it is possible that a user downloads the wrong key for a > signature; this will yield a bad signature status and the user has no > easy means to decide whether this is is really a bad signature, or due > to the use of a colliding public key. > > This can easily be solved by including the full fingerprint of the key > in the signature. Introducing such a feature can be made orthogonal to > a new fingerprint format. I propose this change: > > --8<---------------cut here---------------start------------->8--- > @@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification > 30 Features > 31 Signature Target > 32 Embedded Signature > + 33 Issuer Fingerprint > 100 to 110 Private or experimental > > An implementation SHOULD ignore any subpacket of a type that it does > @@ -1615,6 +1616,16 @@ #### {5.2.3.26} Embedded Signature > in Section 5.2 above. It is useful when one signature needs to refer > to, or be incorporated in, another signature. > > +#### Issuer Fingerprint > + > +(1 octet key version number, N octets of fingerprint) > + > +The OpenPGP Key fingerprint of the key issuing the signature. The > +only possible key version number is 4 and thus N must be 20. This > +subpacket is intended to eventually replace the issuer subpacket which > +does not not unambiguously specify the key. It SHOULD be part of all > +signatures. > + > ### {5.2.4} Computing Signatures > > All signatures are formed by producing a hash over the signature data, > --8<---------------cut here---------------end--------------->8--- > > > > Shalom-Salam, > > Werner > > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > /* EFH in Erkrath: https://alt-hochdahl.de/haus */ > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp > -- Joseph Lorenzo Hall Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] 1401 K ST NW STE 200, Washington DC 20005-3497 e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 --001a113f2694eb1f7105353c1894 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Sounds like it doesn't make sense to make this optional for signatures = as implicit signature identity could result in attacks where the attacker c= hanges an implicit identity and signature verification fails?<= br>
On Monday, June 13, 2016, Werner Koch <wk@gnupg.org> wrote:
Hi!

It is a long time problem in OpenPGP that signatures have no way to
unambiguously specify the key used to create the signature.=C2=A0 The specs=
suggest the use of the Issuer subpacket to convey the long keyid of the
issuing key.=C2=A0 However, it is possible to create colliding 64 bit keyid= s
and thus it is possible that a user downloads the wrong key for a
signature; this will yield a bad signature status and the user has no
easy means to decide whether this is is really a bad signature, or due
to the use of a colliding public key.

This can easily be solved by including the full fingerprint of the key
in the signature.=C2=A0 Introducing such a feature can be made orthogonal t= o
a new fingerprint format.=C2=A0 I propose this change:

--8<---------------cut here---------------start------------->8---
@@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A030=C2=A0 =C2=A0Features
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A031=C2=A0 =C2=A0Signature Target =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A032=C2=A0 =C2=A0Embedded Signature<= br> +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 33=C2=A0 =C2=A0Issuer Fingerprint
=C2=A0 =C2=A0100 to 110=C2=A0 =C2=A0Private or experimental

=C2=A0An implementation SHOULD ignore any subpacket of a type that it does<= br> @@ -1615,6 +1616,16 @@ #### {5.2.3.26} Embedded Signature
=C2=A0in Section 5.2 above.=C2=A0 It is useful when one signature needs to = refer
=C2=A0to, or be incorporated in, another signature.

+#### Issuer Fingerprint
+
+(1 octet key version number, N octets of fingerprint)
+
+The OpenPGP Key fingerprint of the key issuing the signature.=C2=A0 The +only possible key version number is 4 and thus N must be 20.=C2=A0 This +subpacket is intended to eventually replace the issuer subpacket which
+does not not unambiguously specify the key.=C2=A0 It SHOULD be part of all=
+signatures.
+
=C2=A0### {5.2.4} Computing Signatures

=C2=A0All signatures are formed by producing a hash over the signature data= ,
--8<---------------cut here---------------end--------------->8---



Shalom-Salam,

=C2=A0 =C2=A0Werner


--
Die Gedanken sind frei.=C2=A0 Ausnahmen regelt ein Bundesgesetz.
=C2=A0 =C2=A0 /* EFH in Erkrath: https://alt-hochdahl.de/haus */

_______________________________________________
openpgp mailing list
openpgp@ietf.org
https://www.ietf.org/mailman/listinfo/openpgp


--
Joseph Lorenzo Hall
Chief Technologist, Cent= er for Democracy & Technology [https://www.cdt.org]
1401 K ST NW STE 200, Washington DC= 20005-3497
e: joe@cdt= .org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
Fingerprint: 3CA2 8= D7B 9F6D DBD3 4B10 =C2=A01607 5F86 6987 40A9 A871
--001a113f2694eb1f7105353c1894-- From nobody Tue Jun 14 06:21:44 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EED6112D6AE for ; Tue, 14 Jun 2016 06:21:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aAjKcfJ4VGyo for ; Tue, 14 Jun 2016 06:21:39 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48EA812D149 for ; Tue, 14 Jun 2016 06:21:37 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bCoHf-00074o-Et for ; Tue, 14 Jun 2016 15:21:35 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bCoDd-0000Tp-Ux; Tue, 14 Jun 2016 15:17:25 +0200 From: Werner Koch To: Joseph Lorenzo Hall References: <87mvmp5rmi.fsf@wheatstone.g10code.de> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Joseph Lorenzo Hall , "openpgp\@ietf.org" Date: Tue, 14 Jun 2016 15:17:25 +0200 In-Reply-To: (Joseph Lorenzo Hall's message of "Tue, 14 Jun 2016 08:25:15 -0400") Message-ID: <87mvmnyknu.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: "openpgp@ietf.org" Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 13:21:43 -0000 On Tue, 14 Jun 2016 14:25, joe@cdt.org said: > Sounds like it doesn't make sense to make this optional for signatures as > implicit signature identity could result in attacks where the attacker > changes an implicit identity and signature verification fails? Well, it is a SHOULD feature: SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course. I can imagine valid reasons not to use this; in particular if you want a very short signature and the key is already known my other means. An attacker who wants to mount a DoS can simply flip a bit in the signature to force the verification to fail. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Tue Jun 14 06:27:14 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 401B412D6AE for ; Tue, 14 Jun 2016 06:27:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e8XNUd2P7Paq for ; Tue, 14 Jun 2016 06:27:10 -0700 (PDT) Received: from mail.mugenguild.com (mugenguild.com [5.135.189.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6562F12D67E for ; Tue, 14 Jun 2016 06:27:09 -0700 (PDT) Received: from localhost (dhcp181-201.wlan.rz.tu-bs.de [134.169.181.201]) by mail.mugenguild.com (Postfix) with ESMTPSA id 0627F5FC07; Tue, 14 Jun 2016 15:27:07 +0200 (CEST) Date: Tue, 14 Jun 2016 15:27:05 +0200 From: Vincent Breitmoser To: Joseph Lorenzo Hall , "openpgp@ietf.org" Message-ID: <20160614132705.GA28122@littlepip.fritz.box> References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87mvmnyknu.fsf@wheatstone.g10code.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline In-Reply-To: <87mvmnyknu.fsf@wheatstone.g10code.de> User-Agent: Mutt/1.5.23 (2014-03-12) Archived-At: Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 13:27:13 -0000 --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Werner Koch(wk@gnupg.org)@Tue, Jun 14, 2016 at 03:17:25PM +0200: > I can imagine valid reasons not to use this; in particular if you want a > very short signature and the key is already known my other means. I'd have thought it's mostly an issue of backwards compatibility? Generally though, I think this type of "there may be valid scenarios", which make a standard less strict and give more freedom to the implementation, result in severely hampered interoperability, defeating the purpose of having a standard in the first place. - V --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXYAYpAAoJEHvRgyDerfoRJ4UP/RW0OpxD7+jz4yUKhKkLj2+x D6rJ3njSCzMjSI8rH3P8FH088DbUXCkInhONmOOZwkd0wxEdpDCYDqrllVvAqQ+i /PH8NalqhB7nZOu2nYG+njBQG7Vp3oicpappslptrHNNq8SI5Sv9G5XTSylpJnJD de+HYwuFS6SzQRBrcc/mMdOLt8QTsXliPzO0660sIIOyVBKSngjI+TpqYV/OjiQC Ngb5kYh2UULATRI7K2XpKXcZJj+tLoe3IYMaqQwCaZZkyzEoXh8mM4ZYlEDHO7Ae CeFXjn3vxz6/ruMoqx5b2ETdVMWQHn+sdTxYNSYIRdAZwV3vJMonC0XbklDlEbRH daq9CaxmLfBxWAFSHcMLBG2TCXzMH9JKmLXQkxcSwUqRwPerVPMv6mLfmBwNV7pB /Ge5VQeLmnJ1ejBQHVkaAbFd+lQld6/qtotWPL7pYcUVtdEvyd4+ZNla8y6ykfDQ LgqpPWXMFuD/oMLjPacvP97tBfY07Woez5SsvD9gZa+eZi9GX1MXu44/j581pmXh Xf6FqjutCA3ch/7ByNIdkIkovdiZYAwdKduMKWkztCMZZV/WyRq9YXC5yqSouphV nXQ9EMB9z8KpOpWL8kkyJQd1g0pYwfZzfeBoCMePfj2ZbfJQT8Ba8htIIlgtbUXi nBp+l92K+03vfz7rI5JW =6WMI -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh-- From nobody Tue Jun 14 07:46:42 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB4DE12DBAC for ; Tue, 14 Jun 2016 07:46:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZrW9kflzTIV for ; Tue, 14 Jun 2016 07:46:38 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 306B512DBA3 for ; Tue, 14 Jun 2016 07:46:38 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bCpbw-0007aq-Kg for ; Tue, 14 Jun 2016 16:46:36 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bCpYq-00044I-10; Tue, 14 Jun 2016 16:43:24 +0200 From: Werner Koch To: Vincent Breitmoser References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87mvmnyknu.fsf@wheatstone.g10code.de> <20160614132705.GA28122@littlepip.fritz.box> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Vincent Breitmoser , Joseph Lorenzo Hall , "openpgp\@ietf.org" Date: Tue, 14 Jun 2016 16:43:23 +0200 In-Reply-To: <20160614132705.GA28122@littlepip.fritz.box> (Vincent Breitmoser's message of "Tue, 14 Jun 2016 15:27:05 +0200") Message-ID: <8760tbygok.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: "openpgp@ietf.org" , Joseph Lorenzo Hall Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 14:46:40 -0000 On Tue, 14 Jun 2016 15:27, look@my.amazin.horse said: > Generally though, I think this type of "there may be valid scenarios", > which make a standard less strict and give more freedom to the > implementation, result in severely hampered interoperability, defeating > the purpose of having a standard in the first place. I strongly disagree for OpenPGP. The MUSTs, SHOULDs, and MAYs have been carefully designed and implemented in a sensible way. Thus there are no real world interoperability problems between OpenPGP implementations. Case in point, 23 extra bytes make a big difference on embedded systems if the signature can be encoded in 86 bytes (detached, Ed25519, no Issuer subpacket). No, this is not a use case you would handle with a general purpose tool, but OpenPGP should not forbid this use case. After all we are all better off if a common standard is used also in - for most people - esoteric use cases. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Tue Jun 14 09:29:40 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3C5D12D80F for ; Tue, 14 Jun 2016 09:29:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1CWNoJXz8Ako for ; Tue, 14 Jun 2016 09:29:37 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 6F25312D80B for ; Tue, 14 Jun 2016 09:29:37 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id D8FE4F98B; Tue, 14 Jun 2016 12:29:35 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 292F222AFF; Tue, 14 Jun 2016 12:29:35 -0400 (EDT) From: Daniel Kahn Gillmor To: Werner Koch , openpgp@ietf.org In-Reply-To: <87mvmp5rmi.fsf@wheatstone.g10code.de> References: <87mvmp5rmi.fsf@wheatstone.g10code.de> User-Agent: Notmuch/0.22+69~gd812194 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) Date: Tue, 14 Jun 2016 12:29:35 -0400 Message-ID: <87y46720pc.fsf@alice.fifthhorseman.net> MIME-Version: 1.0 Content-Type: text/plain Archived-At: Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 16:29:39 -0000 Hi there-- On Mon 2016-06-13 06:07:33 -0400, Werner Koch wrote: > --8<---------------cut here---------------start------------->8--- > @@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification > 30 Features > 31 Signature Target > 32 Embedded Signature > + 33 Issuer Fingerprint > 100 to 110 Private or experimental > > An implementation SHOULD ignore any subpacket of a type that it does > @@ -1615,6 +1616,16 @@ #### {5.2.3.26} Embedded Signature > in Section 5.2 above. It is useful when one signature needs to refer > to, or be incorporated in, another signature. > > +#### Issuer Fingerprint > + > +(1 octet key version number, N octets of fingerprint) > + > +The OpenPGP Key fingerprint of the key issuing the signature. The > +only possible key version number is 4 and thus N must be 20. This > +subpacket is intended to eventually replace the issuer subpacket which > +does not not unambiguously specify the key. It SHOULD be part of all > +signatures. > + > ### {5.2.4} Computing Signatures > > All signatures are formed by producing a hash over the signature data, > --8<---------------cut here---------------end--------------->8--- I like this proposal. I wonder if there should be some text about its interaction with the Issuer subpacket beyond "is intended to eventually replace" ? something like "If an Issuer subpacket is included in the same packet as an Issuer Fingerprint subpacket, the Issuer Fingerprint subpacket MUST be version 4, and the Issuer subpacket MUST be the low 64 bits of the fingerprint. If the Issuer Fingerprint subpacket version is greater than 4, there MUST NOT be an Issuer subpacket included in the same packet." --dkg From nobody Tue Jun 14 10:21:41 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D677812D84C for ; Tue, 14 Jun 2016 10:21:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WJBAuorkNlwe for ; Tue, 14 Jun 2016 10:21:38 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C92AA12D7A2 for ; Tue, 14 Jun 2016 10:21:37 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bCs1w-0008WV-2F for ; Tue, 14 Jun 2016 19:21:36 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bCrz3-0004tl-NC; Tue, 14 Jun 2016 19:18:37 +0200 From: Werner Koch To: Daniel Kahn Gillmor References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87y46720pc.fsf@alice.fifthhorseman.net> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Daniel Kahn Gillmor , openpgp@ietf.org Date: Tue, 14 Jun 2016 19:18:37 +0200 In-Reply-To: <87y46720pc.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Tue, 14 Jun 2016 12:29:35 -0400") Message-ID: <87vb1bu1si.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: openpgp@ietf.org Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 17:21:40 -0000 On Tue, 14 Jun 2016 18:29, dkg@fifthhorseman.net said: > replace" ? something like "If an Issuer subpacket is included in the > same packet as an Issuer Fingerprint subpacket, the Issuer Fingerprint > subpacket MUST be version 4, and the Issuer subpacket MUST be the low 64 I considered this but decided against it because I view the Issuer Fingerprint as an extension to OpenPGP which is independent of any v5 work we will do. It seem more naturally to me to add this along with the description of the v5 format. However, if we want to prepare Issuer and this new Issuer Fingerprint for v5 keys, we can also use the final text. I'll post a second version based on your idea. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Tue Jun 14 11:01:41 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA7C712D883 for ; Tue, 14 Jun 2016 11:01:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VyitMb0Twb1c for ; Tue, 14 Jun 2016 11:01:38 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 598BE12D866 for ; Tue, 14 Jun 2016 11:01:38 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bCsee-0000Jm-OB for ; Tue, 14 Jun 2016 20:01:36 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bCsbx-00058q-9P; Tue, 14 Jun 2016 19:58:49 +0200 From: Werner Koch To: Daniel Kahn Gillmor References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87y46720pc.fsf@alice.fifthhorseman.net> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Daniel Kahn Gillmor , openpgp@ietf.org Date: Tue, 14 Jun 2016 19:58:49 +0200 In-Reply-To: <87y46720pc.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Tue, 14 Jun 2016 12:29:35 -0400") Message-ID: <87r3bztzxi.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: openpgp@ietf.org Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2016 18:01:40 -0000 Hi, here is another try with dkg's suggestions: --8<---------------cut here---------------start------------->8--- @@ -1055,6 +1055,7 @@ #### {5.2.3.1} Signature Subpacket Specification 30 Features 31 Signature Target 32 Embedded Signature + 33 Issuer Fingerprint 100 to 110 Private or experimental An implementation SHOULD ignore any subpacket of a type that it does @@ -1155,7 +1156,9 @@ #### {5.2.3.5} Issuer (8-octet Key ID) -The OpenPGP Key ID of the key issuing the signature. +The OpenPGP Key ID of the key issuing the signature. If the version +of that key is greater than 4, this subpacket MUST NOT be included in +the signature. #### {5.2.3.6} Key Expiration Time @@ -1615,6 +1618,19 @@ #### {5.2.3.26} Embedded Signature in Section 5.2 above. It is useful when one signature needs to refer to, or be incorporated in, another signature. +#### Issuer Fingerprint + +(1 octet key version number, N octets of fingerprint) + +The OpenPGP Key fingerprint of the key issuing the signature. This +subpacket SHOULD be included in all signatures. If the version of the +issuing key is 4 and an Issuer subpacket is also included in the +signature, the key ID of the Issuer subpacket MUST match the low +64 bits of the fingerprint. + +Note that the length N of the fingerprint for a version 4 key is 20 +octets. + ### {5.2.4} Computing Signatures All signatures are formed by producing a hash over the signature data, --8<---------------cut here---------------end--------------->8--- Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Fri Jun 17 12:02:18 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93DF112D9DF for ; Fri, 17 Jun 2016 12:02:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.626 X-Spam-Level: X-Spam-Status: No, score=-5.626 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H0Wx_ut-SIef for ; Fri, 17 Jun 2016 12:02:11 -0700 (PDT) Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED02C12D9DB for ; Fri, 17 Jun 2016 12:02:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1466190129; x=1497726129; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=SxXKDGUjA3q949ruLC50qNHSp2CVaNcgvxstOMDKiF8=; b=FE3ZZaGsVLyl67tWCGnfFBfF80S5MZW+BTBs8bhEkExtf2vdbAgNctzi l/dlsmL4W0QplG0fSqFgvuVA9FeNgDtsnMDuZNDto1Zdj9BB5Lu1bQscv 7vxf3mRdmp9t13STAsbIFDHUskH3a/1iZO45D+Y5/9klf3tDTuV0YHw+m yxH1NP/C456a2EcPLkU9zLXWtAcnUozOM9sZfsh40wlFxUm2Ivu/nDqaC KFiyASYQdQMStbbuCDT/OoNRBDBOGS5GpPe/24hGYEhd0L8Swy5/o0HR2 E2aytCV6Qap+ipRYKqYvAmSqi+5pVAQqAcqkgKXRU0P66IZVTKApaJwl8 Q==; X-IronPort-AV: E=Sophos;i="5.26,484,1459771200"; d="scan'208";a="91977715" X-Ironport-HAT: MAIL-SERVERS - $RELAYED X-Ironport-Source: 130.216.4.171 - Outgoing - Outgoing Received: from uxchange10-fe4.uoa.auckland.ac.nz ([130.216.4.171]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 18 Jun 2016 07:02:07 +1200 Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.93]) by uxchange10-fe4.UoA.auckland.ac.nz ([169.254.109.63]) with mapi id 14.03.0266.001; Sat, 18 Jun 2016 07:02:06 +1200 From: Peter Gutmann To: Werner Koch , Vincent Breitmoser Thread-Topic: [openpgp] Issuer Fingerprint Thread-Index: AQHRxVv+XkgLTKRZjUCqSa/FVCgLe5/oG7mAgADZDYD//zg6gIAA326vgAT9/1Y= Date: Fri, 17 Jun 2016 19:02:05 +0000 Message-ID: <9A043F3CF02CD34C8E74AC1594475C73F4CA3941@uxcn10-5.UoA.auckland.ac.nz> References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87mvmnyknu.fsf@wheatstone.g10code.de> <20160614132705.GA28122@littlepip.fritz.box>, <8760tbygok.fsf@wheatstone.g10code.de> In-Reply-To: <8760tbygok.fsf@wheatstone.g10code.de> Accept-Language: en-NZ, en-GB, en-US Content-Language: en-NZ X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.6.2.5] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Cc: "openpgp@ietf.org" , Joseph Lorenzo Hall Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Jun 2016 19:02:17 -0000 Werner Koch writes:=0A= =0A= >I strongly disagree for OpenPGP. The MUSTs, SHOULDs, and MAYs have been= =0A= >carefully designed and implemented in a sensible way. Thus there are no r= eal=0A= >world interoperability problems between OpenPGP implementations.=0A= =0A= Uhh, I'll have to disagree (strongly) with that, perhaps from the point of = GPG=0A= this is true since it's the de facto reference implementation that everyone= =0A= makes their code compatible with, but when you need to interop across non-G= PG=0A= implementations it can get pretty hairy, I've had to reverse-engineer sourc= e=0A= code and create instrumented versions of other apps that hex-dump data so I= =0A= can see what they're doing. I've also had to do that with GPG on a couple = of=0A= occasions where the spec was unclear on which data needed to be processed i= n=0A= which way. I assume that a lot, if not all, the code out there is written = to=0A= be compatible with the GPG de facto profile, in the same way that SSH code = is=0A= written to be compatible with the OpenSSH (server) and Putty (client) de fa= cto=0A= profiles.=0A= =0A= Peter.= From nobody Mon Jun 20 02:09:08 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A70E812B053 for ; Mon, 20 Jun 2016 02:09:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gdwYyLhtpxPg for ; Mon, 20 Jun 2016 02:09:05 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D81712B04D for ; Mon, 20 Jun 2016 02:09:05 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bEvCY-0002FD-Me for ; Mon, 20 Jun 2016 11:09:02 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bEtpP-0002M5-MB; Mon, 20 Jun 2016 09:41:03 +0200 From: Werner Koch To: Peter Gutmann References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87mvmnyknu.fsf@wheatstone.g10code.de> <20160614132705.GA28122@littlepip.fritz.box> <8760tbygok.fsf@wheatstone.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4CA3941@uxcn10-5.UoA.auckland.ac.nz> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Peter Gutmann , Vincent Breitmoser , "openpgp\@ietf.org" , Joseph Lorenzo Hall Date: Mon, 20 Jun 2016 09:41:01 +0200 In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4CA3941@uxcn10-5.UoA.auckland.ac.nz> (Peter Gutmann's message of "Fri, 17 Jun 2016 19:02:05 +0000") Message-ID: <87vb1471f6.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: "openpgp@ietf.org" , Joseph Lorenzo Hall , Vincent Breitmoser Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jun 2016 09:09:08 -0000 On Fri, 17 Jun 2016 21:02, pgut001@cs.auckland.ac.nz said: > Uhh, I'll have to disagree (strongly) with that, perhaps from the point of GPG > this is true since it's the de facto reference implementation that everyone Actually that is only the case for a couple of years. Before that we (GPG team) had to add a lot of of minor things to our code base to make GPG interoperable with PGP >= 5. Thus back then PGP was the de-facto reference implementation. True, there has been Tom Ritter's reference implementation for OpenPGP (also published as a book) but it had not all the little bells and whistles you need to have for true interoperability. > makes their code compatible with, but when you need to interop across non-GPG > implementations it can get pretty hairy, I've had to reverse-engineer source > code and create instrumented versions of other apps that hex-dump data so I Right, RFC-2440 (from 1998) missed to clearly document a couple of important things. So back then everyone either had to look at the PGP-5 source of PGP-5 (or had someone else to look at it), or to ask Derek or Jon. In the end this was taken to this list and eventually put into RFC-4880. If you, or any of the other implementers, still remember the problems encountered while writing your OpenPGP code, I would very much appreciate if you can tell us, so it can make it into 4880bis. > be compatible with the GPG de facto profile, in the same way that SSH code is > written to be compatible with the OpenSSH (server) and Putty (client) de facto Ack. I consider a spec modeled around _one_ existing implementation a Good Thing. My statement "The MUSTs, SHOULDs, and MAYs have been carefully designed " was not meant to say that OpenPGP is a complete and bug free specification but that it specifies enough to allow the creation of a mostly *PGP-5 compatible* implementation without asking too much. Compare that to the majority of other protocols which not only had interop problems but also no published reference implementation. BTW: Lacking an integrative implementers forum (like this OpenPGP WG), your X.509 style guide was the only way forward to write halfway X.509 compatible implementation. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Mon Jun 20 22:01:51 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9BD612D791 for ; Mon, 20 Jun 2016 22:01:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.9 X-Spam-Level: X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rRocZEcfQzNW for ; Mon, 20 Jun 2016 22:01:47 -0700 (PDT) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C58F912D5BE for ; Mon, 20 Jun 2016 22:01:47 -0700 (PDT) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1bFDon-0000Sj-Cm for ; Tue, 21 Jun 2016 07:01:45 +0200 Received: from wk by wheatstone.g10code.de with local (Exim 4.84 #3 (Debian)) id 1bFDmW-00039a-DO; Tue, 21 Jun 2016 06:59:24 +0200 From: Werner Koch To: Peter Gutmann References: <87mvmp5rmi.fsf@wheatstone.g10code.de> <87mvmnyknu.fsf@wheatstone.g10code.de> <20160614132705.GA28122@littlepip.fritz.box> <8760tbygok.fsf@wheatstone.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4CA3941@uxcn10-5.UoA.auckland.ac.nz> <87vb1471f6.fsf@wheatstone.g10code.de> Organisation: g10 Code GmbH X-message-flag: Mails containing HTML will not be read! Please send only plain text. OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367 Mail-Followup-To: Peter Gutmann , Vincent Breitmoser , "openpgp\@ietf.org" , Joseph Lorenzo Hall Date: Tue, 21 Jun 2016 06:59:24 +0200 In-Reply-To: <87vb1471f6.fsf@wheatstone.g10code.de> (Werner Koch's message of "Mon, 20 Jun 2016 09:41:01 +0200") Message-ID: <87porb16j7.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Archived-At: Cc: "openpgp@ietf.org" , Joseph Lorenzo Hall , Vincent Breitmoser Subject: Re: [openpgp] Issuer Fingerprint X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jun 2016 05:01:50 -0000 On Mon, 20 Jun 2016 09:41, wk@gnupg.org said: > reference implementation. True, there has been Tom Ritter's reference > implementation for OpenPGP (also published as a book) but it had not all Ooops, I had the wrong name in mind: That reference implementation is by Tom Zerucha: @Book{Cal:99:OPSC, editor = "Jonathan D. Callas", title = "OpenPGP Specification and Sample Code", language = "USenglish", publisher = "Printers{, Inc}", addr = "Phone +1 (650) 327-6500", year = "1999", ISBN = "1-58368-014-4", note = "Includes Tom Zerucha's implementation", } Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. /* EFH in Erkrath: https://alt-hochdahl.de/haus */ From nobody Thu Jun 23 04:10:49 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79C7612E2CE for ; Thu, 23 Jun 2016 04:10:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.727 X-Spam-Level: X-Spam-Status: No, score=-5.727 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EASWV2GggwnU for ; Thu, 23 Jun 2016 04:10:45 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24C1212E2D2 for ; Thu, 23 Jun 2016 04:10:45 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id D8393BE55; Thu, 23 Jun 2016 12:10:42 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id haUoaf6HT8fc; Thu, 23 Jun 2016 12:10:42 +0100 (IST) Received: from [134.226.36.93] (bilbo.dsg.cs.tcd.ie [134.226.36.93]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id F05B2BE4C; Thu, 23 Jun 2016 12:10:22 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1466680223; bh=BOX5qUHd+kw2S2RPkueYfkYLN3SNQaX2AMlPrucaQo4=; h=To:Cc:From:Subject:Date:From; b=XAKtPqClWSg2l033P37NBAdKLZJja/AeO4yaHH1VECz1cbTUXbjVFuiObuRPducqx Xr7JuTG9Y2Ec345ixveKQp7qTEW/6EltXB7H267tbMEtZkBXnIZ1kB56HyxLl4ct19 mSZk6AkieMFXJYjsCa7j6LkiwP3y0gaIE/GtdOQ8= To: "openpgp@ietf.org" From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <576BC39E.2060702@cs.tcd.ie> Date: Thu, 23 Jun 2016 12:10:22 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0 MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030804070909000400090207" Archived-At: Cc: Barry Leiba , Christopher LILJENSTOLPE Subject: [openpgp] WG chair swap... X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2016 11:10:47 -0000 This is a cryptographically signed message in MIME format. --------------ms030804070909000400090207 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hiya, I'm sorry to say that due to $dayjob changes, Chris hasn't had as much time as he'd like to help out chairing, and so asked that we try find someone else to help DKG with that. First, many thanks to Chris for the work you've done to help this group get started - and for being open about it when the time came that a change was needed. I hope that the new $dayjob thing works out as well as it looks it might! (If that makes you curious, ask Chris off list:-) Second, I'm delighted to say that Barry Leiba has agreed to step in to help DKG co-chair the group. For those of you who don't know Barry he's an ex Apps area director, and has done lots of work on email in the past. He and I had the fun of co-chairing the DKIM WG together so I can tell you he's good at this (though I hope this WG continues to be less exciting than that one was:-) Barry and DKG have been chatting about next steps and will be sending mail on that shortly. Cheers, S. --------------ms030804070909000400090207 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC CvIwggUIMIID8KADAgECAhBPzaE7pzYviUJyhmHTFBdnMA0GCSqGSIb3DQEBCwUAMHUxCzAJ BgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSkwJwYDVQQLEyBTdGFydENvbSBD ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEjMCEGA1UEAxMaU3RhcnRDb20gQ2xhc3MgMSBDbGll bnQgQ0EwHhcNMTYwMjA5MDkyODE1WhcNMTcwMjA5MDkyODE1WjBOMSIwIAYDVQQDDBlzdGVw aGVuLmZhcnJlbGxAY3MudGNkLmllMSgwJgYJKoZIhvcNAQkBFhlzdGVwaGVuLmZhcnJlbGxA Y3MudGNkLmllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuC0rYze/2JinSra C9F2RjGdQZjNALLcW9C3WKTwYII3wBslobmHuPEYE5JaGItmzuKnAW619R1rD/kfoNWC19N3 rBZ6UX9Cmb9D9exCwYIwVuSwjrCQWGxgCtNQTrwKzCCpI790GRiMTvxvO7UmzmBrCaBLiZW5 R0fBjK5Yn6hUhAzGBkNbkIEL28cLJqH0yVz7Kl92OlzrQqTPEts5m6cDnNdY/ADfeAX18c1r dxZqcAxhLotrCqgsVA4ilbQDMMXGTLlB5TP35HeWZuGBU7xu003rLcFLdOkD8xvpJoYZy9Kt 3oABXPS5yqtMK+XCNdqmMn+4mOtLwQSMmPCSiQIDAQABo4IBuTCCAbUwCwYDVR0PBAQDAgSw MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAJBgNVHRMEAjAAMB0GA1UdDgQWBBQJ QhvwQ5Fl372Z6xqo6fdn8XejTTAfBgNVHSMEGDAWgBQkgWw5Yb5JD4+3G0YrySi1J0htaDBv BggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbTA5 BggrBgEFBQcwAoYtaHR0cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc2NhLmNsaWVudDEu Y3J0MDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL3NjYS1jbGll bnQxLmNybDAkBgNVHREEHTAbgRlzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllMCMGA1UdEgQc MBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzBGBgNVHSAEPzA9MDsGCysGAQQBgbU3AQIE MCwwKgYIKwYBBQUHAgEWHmh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeTANBgkqhkiG 9w0BAQsFAAOCAQEArzrSv2C8PlBBmGuiGrzm2Wma46/KHtXmZYS0bsd43pM66Pc/MsqPE0HD C1GzMFfwB6BfkJn8ijNSIhlgj898WzjvnpM/SO8KStjlB8719ig/xKISrOl5mX55XbFlQtX9 U6MrqRgbDIATxhD9IDr+ryvovDzChqgQj7mt2jYr4mdlRjsjod3H1VY6XglRmaaNGZfsCARM aE/TU5SXIiqauwt5KxNGYAY67QkOBs7O1FkSXpTk7+1MmzJMF4nP8QQ5n8vhVNseF+/Wm7ai 9mtnrkLbaznMsy/ULo/C2yuLUWTbZZbf4EKNmVdme6tUDgYkFjAFOblfA7W1fSPiQGagYzCC BeIwggPKoAMCAQICEGunin0K14jWUQr5WeTntOEwDQYJKoZIhvcNAQELBQAwfTELMAkGA1UE BhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFs IENlcnRpZmljYXRlIFNpZ25pbmcxKTAnBgNVBAMTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24g QXV0aG9yaXR5MB4XDTE1MTIxNjAxMDAwNVoXDTMwMTIxNjAxMDAwNVowdTELMAkGA1UEBhMC SUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKTAnBgNVBAsTIFN0YXJ0Q29tIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5MSMwIQYDVQQDExpTdGFydENvbSBDbGFzcyAxIENsaWVudCBDQTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL192vfDon2D9luC/dtbX64eG3XAtRmv mCSsu1d52DXsCR58zJQbCtB2/A5uFqNxWacpXGGtTCRk9dEDBlmixEd8QiLkUfvHpJX/xKnm VkS6Iye8wUbYzMsDzgnpazlPg19dnSqfhM+Cevdfa89VLnUztRr2cgmCfyO9Otrh7LJDPG+4 D8ZnAqDtVB8MKYJL6QgKyVhhaBc4y3bGWxKyXEtx7QIZZGxPwSkzK3WIN+VKNdkiwTubW5PI dopmykwvIjLPqbJK7yPwFZYekKE015OsW6FV+s4DIM8UlVS8pkIsoGGJtMuWjLL4tq2hYQuu N0jhrxK1ljz50hH23gA9cbMCAwEAAaOCAWQwggFgMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUE FjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0TAQH/BAgwBgEB/wIBADAyBgNVHR8EKzAp MCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9zZnNjYS5jcmwwZgYIKwYBBQUHAQEE WjBYMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5zdGFydHNzbC5jb20wMAYIKwYBBQUHMAKG JGh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL2NhLmNydDAdBgNVHQ4EFgQUJIFsOWG+ SQ+PtxtGK8kotSdIbWgwHwYDVR0jBBgwFoAUTgvvGqRAW6UXaYcwyjRoQ9BBrvIwPwYDVR0g BDgwNjA0BgRVHSAAMCwwKgYIKwYBBQUHAgEWHmh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3Bv bGljeTANBgkqhkiG9w0BAQsFAAOCAgEAi+P3h+wBi4StDwECW5zhIycjBL008HACblIf26HY 0JdOruKbrWDsXUsiI0j/7Crft9S5oxvPiDtVqspBOB/y5uzSns1lZwh7sG96bYBZpcGzGxpF NjDmQbcM3yl3WFIRS4WhNrsOY14V7y2IrUGsvetsD+bjyOngCIVeC/GmsmtbuLOzJ606tEc9 uRbhjTu/b0x2Fo+/e7UkQvKzNeo7OMhijixaULyINBfCBJb+e29bLafgu6JqjOUJ9eXXj20p 6q/CW+uVrZiSW57+q5an2P2i7hP85jQJcy5j4HzA0rSiF3YPhKGAWUxKPMAVGgcYoXzWydOv Z3UDsTDTagXpRDIKQLZo02wrlxY6iMFqvlzsemVf1odhQJmi7Eh5TbxI40kDGcBOBHhwnaOu mZhLP+SWJQnjpLpSlUOj95uf1zo9oz9e0NgIJoz/tdfrBzez76xtDsK0KfUDHt1/q59BvDI7 RX6gVr0fQoCyMczNzCTcRXYHY0tq2J0oT+bsb6sH2b4WVWAiJKnSYaWDjdA70qHX4mq9MIjO /ZskmSY8wtAk24orAc0vwXgYanqNsBX5Yv4sN4Z9VyrwMdLcusP7HJgRdAGKpkR2I9U4zEsN JQJewM7S4Jalo1DyPrLpL2nTET8ZrSl5Utp1UeGp/2deoprGevfnxWB+vHNQiu85o6MxggPM MIIDyAIBATCBiTB1MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcG A1UECxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIzAhBgNVBAMTGlN0YXJ0 Q29tIENsYXNzIDEgQ2xpZW50IENBAhBPzaE7pzYviUJyhmHTFBdnMA0GCWCGSAFlAwQCAQUA oIICEzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjA2MjMx MTEwMjJaMC8GCSqGSIb3DQEJBDEiBCCCOsIdsJElA0Da17OUEaSAkeM+BkoAsoyydpyZiwhg qTBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcN AwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMC AgEoMIGaBgkrBgEEAYI3EAQxgYwwgYkwdTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0 Q29tIEx0ZC4xKTAnBgNVBAsTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSMw IQYDVQQDExpTdGFydENvbSBDbGFzcyAxIENsaWVudCBDQQIQT82hO6c2L4lCcoZh0xQXZzCB nAYLKoZIhvcNAQkQAgsxgYyggYkwdTELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29t IEx0ZC4xKTAnBgNVBAsTIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSMwIQYD VQQDExpTdGFydENvbSBDbGFzcyAxIENsaWVudCBDQQIQT82hO6c2L4lCcoZh0xQXZzANBgkq hkiG9w0BAQEFAASCAQBNxvuoW14O0+s4z71XfUMKfd8t/ZZng11gX7ySz9oJi1oAa/xXidfr YW78HuBK+6rXFb5Q/HZ+zY/bXoWQ+Eb+M2tf+a4JZaiZ2Ica0SUzONmC4QVZkNOz0VWxiCMN PfiSt2xT0qokH2MRT9nwPQui4qi34Q2CecogCm4tQT81ZHEX95khUZnMB/YQu1GkO7uvWwUi bM1nh5XYcVGrV+F6SXdv7yeHGEVd4DZLXFgxBRW58BKn4qFskpWr0eafA2ekcIVtdkc4FGVl wYcWIFrAch3otoeaGvvX8lb2CGdhtDzO/+o5UApXeDJaeVMtjdfKo4Rvi4eqBucKK59vZI8M AAAAAAAA --------------ms030804070909000400090207-- From nobody Thu Jun 23 05:25:10 2016 Return-Path: X-Original-To: openpgp@ietf.org Delivered-To: openpgp@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B7AE612D0E6 for ; Thu, 23 Jun 2016 05:25:08 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: X-Test-IDTracker: no X-IETF-IDTracker: 6.24.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160623122508.31140.39196.idtracker@ietfa.amsl.com> Date: Thu, 23 Jun 2016 05:25:08 -0700 From: IETF Secretariat Archived-At: Subject: [openpgp] Milestones changed for openpgp WG X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2016 12:25:08 -0000 Changed milestone "Working Group (rough) consensus on the necessary updates to RFC4880.", resolved as "Done". Changed milestone "First wg-id for RFC4880bis", set due date to July 2016 from February 2016. Changed milestone "RFC4880bis wg-id final call", set due date to December 2016 from July 2016. URL: https://datatracker.ietf.org/wg/openpgp/charter/ From nobody Thu Jun 23 12:17:33 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 650D112D756 for ; Thu, 23 Jun 2016 12:17:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lyLgtOraAfI2 for ; Thu, 23 Jun 2016 12:17:30 -0700 (PDT) Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0697.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:697]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B837A12D69C for ; Thu, 23 Jun 2016 12:17:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.onmicrosoft.com; s=selector1-isoc-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Ak7GOCBKm54lo/3x5UNfU7Byx/Qwu5NE4NnV6a8YFoo=; b=VI1lhCTF+ZrvGkthNblhcoGRzl3wp56aXd/ZHT7Kn9+HikAckGkNlfrEMoRguoTFkmG9H4EJ7/xB43PmC0nGGi8qWzN6rTn5zR5nQ/bozXwSWGhvq0rWnOlWTbYVct50gWgG9QhuPcyJ7X8OB2fBPq9HJbMxsSiLbHMcwXXdwHI= Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) with Microsoft SMTP Server (TLS) id 15.1.523.12; Thu, 23 Jun 2016 19:17:08 +0000 Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0523.019; Thu, 23 Jun 2016 19:17:08 +0000 From: Robin Wilton To: "openpgp@ietf.org" Thread-Topic: openpgp WG chair-swap Thread-Index: AQHRzYPVqHkQOb3J80iP7oIeDwbWfg== Date: Thu, 23 Jun 2016 19:17:07 +0000 Message-ID: <0C4E1AD1-72F2-4D82-BA23-F90635F82BAA@isoc.org> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=wilton@isoc.org; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [213.180.180.202] x-ms-office365-filtering-correlation-id: 596fa1ca-a2e2-44d3-68a3-08d39b9af828 x-microsoft-exchange-diagnostics: 1; SN1PR06MB1839; 6:l6l+1Ap6CW2vxkdo9eQ3e1PwRGWx+46hegbQey1iwGly1dXYLGOnFF2ZrC5O5rPOaVhiHqsXgk9L19DTx+AZaDZivch95m2uKxa57gmftnS51w5ac34jU6HqEHHD8haXaVSIXR5uCJgUprh3SQMFPFtKbgLdovNcWuMGbf46gLFqTQu2BTbZJcqyKHq8F+20gAKeEJoxOAnm1qcQmd6h2/m6MvT92ykajZT6gLQ4gKDEH7S0HRa6Kv5bccWR29/7DiS+9j0IohNJfUlN19YqI1jA6Q96CsdW6VRjws8yXNf16MnCJCostUUuXBfxe3vY; 5:y1I7H5QVedxPIwqtZ8Y/aJoRMjNmGOS68M7NUBzTIRfmK86EIOygW+xN2dXwPkdqlSKsAZd/tBaopDYdr/k9IpeBoaIG0sult6HCSYyw28eLoazUDG3xP2Daxh3iKRcyoxU3CQEwIMlxWDNRYD9gcQ==; 24:XMpxD7cy3t8Z5RsIfm6iwpNjItI/xz5ujqSGWmgM9hzuiEzz4wsneaH01ysg1dkeObGpQOEkvSvHSJ/hdOM0O2IgTXHjVyUg/XgJPRwAzbc=; 7:BNv6awcl9mJLXCjx6qmUAwxporSW4Q/s25nqne3i0bA4zGtcz4BYaHa/W6mqWSDTzEUNCp+v9LpoVDJI6IM9TspsiRrBMZp92T/0K5j2kEVh9nWEAYat0HGCVHQaJnDXPn2FHikAXgjp8ptUMwooIUWhJcMv+wNROpdWZdH4iD5sH5QcbcUDGK/pmmaR976e/mDz7CAksblj+7AsI/ZkFyyMlfn1wuLE0B1C0JUiYBdWFnY7RmdbttCpKpBWe0fGr47B8gyvtcst6fnGEjdr4A== x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1839; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(32856632585715); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415321)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:SN1PR06MB1839; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1839; x-forefront-prvs: 098291215C x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(199003)(24454002)(27574002)(189002)(66654002)(3280700002)(586003)(82746002)(3846002)(102836003)(6116002)(83716003)(11100500001)(87936001)(1730700003)(81166006)(8676002)(81156014)(2351001)(107886002)(110136002)(189998001)(16236675004)(97736004)(77096005)(106356001)(122556002)(106116001)(99286002)(33656002)(15975445007)(105586002)(92566002)(5002640100001)(10400500002)(36756003)(7846002)(2900100001)(86362001)(66066001)(50986999)(450100001)(76176999)(99936001)(54356999)(101416001)(8936002)(2501003)(19580405001)(3660700001)(19580395003)(5640700001)(68736007)(7736002)(2906002)(2950100001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1839; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/signed; boundary="Apple-Mail=_6FD4804E-EF24-493E-8B92-8F0C484DDE1F"; protocol="application/pgp-signature"; micalg=pgp-sha512 MIME-Version: 1.0 X-OriginatorOrg: isoc.org X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2016 19:17:07.8377 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1839 Archived-At: Subject: Re: [openpgp] openpgp WG chair-swap X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Jun 2016 19:17:32 -0000 --Apple-Mail=_6FD4804E-EF24-493E-8B92-8F0C484DDE1F Content-Type: multipart/alternative; boundary="Apple-Mail=_0B134EBC-F5FF-4E57-90D5-28820B5DB484" --Apple-Mail=_0B134EBC-F5FF-4E57-90D5-28820B5DB484 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 I=E2=80=99d like to add my thanks to Christopher for his work getting = the WG going, and to Barry for stepping up. Yrs., Robin > On 23 Jun 2016, at 14:00, openpgp-request@ietf.org wrote: >=20 > Send openpgp mailing list submissions to > openpgp@ietf.org >=20 > To subscribe or unsubscribe via the World Wide Web, visit > https://www.ietf.org/mailman/listinfo/openpgp > or, via email, send a message with subject or body 'help' to > openpgp-request@ietf.org >=20 > You can reach the person managing the list at > openpgp-owner@ietf.org >=20 > When replying, please edit your Subject line so it is more specific > than "Re: Contents of openpgp digest..." > Today's Topics: >=20 > 1. WG chair swap... (Stephen Farrell) > 2. Milestones changed for openpgp WG (IETF Secretariat) >=20 > From: Stephen Farrell > Subject: [openpgp] WG chair swap... > Date: 23 June 2016 at 06:10:22 GMT-5 > To: "openpgp@ietf.org" > Cc: Barry Leiba , Christopher LILJENSTOLPE = >=20 >=20 >=20 > Hiya, >=20 > I'm sorry to say that due to $dayjob changes, Chris hasn't had > as much time as he'd like to help out chairing, and so asked > that we try find someone else to help DKG with that. >=20 > First, many thanks to Chris for the work you've done to help > this group get started - and for being open about it when the > time came that a change was needed. I hope that the new $dayjob > thing works out as well as it looks it might! (If that makes > you curious, ask Chris off list:-) >=20 > Second, I'm delighted to say that Barry Leiba has agreed to > step in to help DKG co-chair the group. For those of you who > don't know Barry he's an ex Apps area director, and has done > lots of work on email in the past. He and I had the fun of > co-chairing the DKIM WG together so I can tell you he's good > at this (though I hope this WG continues to be less exciting > than that one was:-) >=20 > Barry and DKG have been chatting about next steps and will be > sending mail on that shortly. >=20 > Cheers, > S. >=20 --Apple-Mail=_0B134EBC-F5FF-4E57-90D5-28820B5DB484 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 I=E2=80=99d like to add my thanks to Christopher for his work = getting the WG going, and to Barry for stepping up.

Yrs.,
Robin

On 23 Jun 2016, at 14:00, openpgp-request@ietf.org wrote:

Send openpgp mailing = list submissions to
openpgp@ietf.org

To = subscribe or unsubscribe via the World Wide Web, visit
= https://www.ietf.org/mailman/listinfo/openpgp
or, = via email, send a message with subject or body 'help' to
= openpgp-request@ietf.org

You can = reach the person managing the list at
= openpgp-owner@ietf.org

When = replying, please edit your Subject line so it is more specific
than "Re: Contents of openpgp digest..."
Today's = Topics:

  1. WG chair swap... = (Stephen Farrell)
  2. Milestones changed for = openpgp WG (IETF Secretariat)

From: = Stephen Farrell = <stephen.farrell@cs.tcd.ie>
Subject: = [openpgp] WG = chair swap...
Date: 23= June 2016 at 06:10:22 GMT-5
To: = "openpgp@ietf.org" = <openpgp@ietf.org>
Cc: = Barry Leiba = <barryleiba@computer.org>, Christopher LILJENSTOLPE = <cdl@asgaard.org>



Hiya,

I'm sorry = to say that due to $dayjob changes, Chris hasn't had
as = much time as he'd like to help out chairing, and so asked
that we try find someone else to help DKG with that.

First, many thanks to Chris for the work = you've done to help
this group get started - and for being = open about it when the
time came that a change was needed. = I hope that the new $dayjob
thing works out as well as it = looks it might! (If that makes
you curious, ask Chris off = list:-)

Second, I'm delighted to say that = Barry Leiba has agreed to
step in to help DKG co-chair the = group. For those of you who
don't know Barry he's an ex = Apps area director, and has done
lots of work on email in = the past. He and I had the fun of
co-chairing the DKIM WG = together so I can tell you he's good
at this (though I = hope this WG continues to be less exciting
than that one = was:-)

Barry and DKG have been chatting = about next steps and will be
sending mail on that = shortly.

Cheers,
S.


= --Apple-Mail=_0B134EBC-F5FF-4E57-90D5-28820B5DB484-- --Apple-Mail=_6FD4804E-EF24-493E-8B92-8F0C484DDE1F Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="signature.asc" Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iF4EAREKAAYFAldsNbMACgkQ646Z8yy2wEzpwAD/UxAouhzYt7MeFUKM/W6Zlq0N F8kw7ZRLX6GbnYCnDHkA+gPy9UFNbnLvpPJjBv6+T0xrmAvJ26gAxHd2dWUyldxg =p9ai -----END PGP SIGNATURE----- --Apple-Mail=_6FD4804E-EF24-493E-8B92-8F0C484DDE1F-- From nobody Fri Jun 24 09:06:13 2016 Return-Path: X-Original-To: openpgp@ietf.org Delivered-To: openpgp@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6ECFC12DCF4; Fri, 24 Jun 2016 09:00:54 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Secretariat\"" To: , X-Test-IDTracker: no X-IETF-IDTracker: 6.24.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160624160054.10933.39132.idtracker@ietfa.amsl.com> Date: Fri, 24 Jun 2016 09:00:54 -0700 Archived-At: Cc: openpgp@ietf.org, stephen.farrell@cs.tcd.ie Subject: [openpgp] openpgp - Requested session has been scheduled for IETF 96 X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Jun 2016 16:00:56 -0000 Dear Daniel Gillmor, The session(s) that you have requested have been scheduled. Below is the scheduled session information followed by the original request. openpgp Session 1 (1:30:00) Monday, Afternoon Session I 1400-1530 Room Name: Charlottenburg I size: 80 --------------------------------------------- Request Information: --------------------------------------------------------- Working Group Name: Open Specification for Pretty Good Privacy Area Name: Security Area Session Requester: Daniel Gillmor Number of Sessions: 1 Length of Session(s): 1.5 Hours Number of Attendees: 30 Conflicts to Avoid: First Priority: dprive tcpinc tls Second Priority: acme dane cfrg Special Requests: If we have the meeting on Monday July 18th, that would be ideal, because Werner Koch would be able to make it. If we can't make it on Monday, at least please avoid July 22nd as dkg may leave early. --------------------------------------------------------- From nobody Sat Jun 25 08:31:01 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E70C12B078 for ; Sat, 25 Jun 2016 08:31:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H_w_9UFLfe3u for ; Sat, 25 Jun 2016 08:30:58 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 8D07812B074 for ; Sat, 25 Jun 2016 08:30:58 -0700 (PDT) Received: from fifthhorseman.net (pool-100-35-130-80.nwrknj.fios.verizon.net [100.35.130.80]) by che.mayfirst.org (Postfix) with ESMTPSA id DC885F98B for ; Sat, 25 Jun 2016 11:30:57 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 6B07320368; Sat, 25 Jun 2016 11:30:57 -0400 (EDT) From: Daniel Kahn Gillmor To: IETF OpenPGP User-Agent: Notmuch/0.22+69~gd812194 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) Date: Sat, 25 Jun 2016 11:30:53 -0400 Message-ID: <878txtjnf6.fsf@alice.fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Archived-At: Subject: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2016 15:31:00 -0000 --=-=-= Content-Type: text/plain hey OpenPGP folks-- We've had a slow start on 4880bis, but i'm hoping we can get things moving again. One of the things we need to do bureaucratically is to officially adopt a specific draft as the basis of our ongoing work. Werner Koch has prepared and submitted the beginnings of the new revision of RFC 4880, the current version of which you can see here: https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 This is a call for adoption of this draft by the OpenPGP WG. Please speak up soon if you have any concerns, or if you think this document should not be adopted by the WG for some reason. Please also speak up if you are in favor of adoption. A brief reminder of what adoption by the WG would mean: * this draft would become the *starting point* for RFC 4880bis; the draft is currently not complete, but it would be the basis upon which the group would build the new proposal. * Werner Koch would be the document editor, but the decisions about the draft would be made by the working group. I want to thank Werner for his willingness to put in his time as the document editor. * Since our charter (https://datatracker.ietf.org/wg/openpgp/charter/) is aimed primarily at making a revision to RFC 4880, we would hopefully focus our efforts on contributing review and amendments to this draft, with a goal of driving it to IETF Last Call within the year. Please give feedback on draft adoption! --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJXbqOtXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFREIyRTc0RjU2RkNGMkI2NzI5N0I3MzUy NEVDRkY1QUZGNjgzNzBBAAoJECTs/1r/aDcKdogP/24yJwKWWOnTgJT8gDcel5rW Nts63cL1LAf/nwBxEeEFTGObayZuJQgSFEUCXXgT9I8NkTFPFqRulFGOXep65yQ/ lCFF+vdUWYfiC/EU+BkgMIGfzf5ytcVGviI4u0lNlIlZOntJxXgro9H9I+NOf1rQ 1x4k8vQbJAkvtuEX5Us3QdXpK6okNljzZBwDkY6oc6YXPbwf0heLgcCt87DRWFQ3 jQDuiglQ7gjFQFkDX8zIFuOwmGFyfOwTKTpn4yH6p4gYSpCr0XKJR/fgEz7JGQp2 dGACm4ha0gH/RzGk43U6mUBCm+Dc1WXKds7RTBeOxhyD0b57YRfxvS2agJLT98xJ hOLgAnpL61b4DdAIhP/VU0KHCw8IOZ/07LyQa5UOZtYS9zFwBh8mkHBggcgLKxay uUpmmmTXltSqQPd33FDiq9c5LJafoDHZLtGbvDKP4ZTKeUIMlOsNKZWHTHqtImOx dhU6cojB3/APEt1pFuNbI1SYF97N5p+eyuhUQ/VM6/fxeygaE3/v6vN8AiDw5SWB P2i9nyVbBsTgi29IebUmziptTyBOBuTWValgM+h2LYWZnurrHvQ8OHH3z6PgYzD+ lqhhVOf64W0oq9HZkMwsxUS2psezCdMQXqIhDTBlsW4lyPSYm7rQ+rWflZTsPGoW /bXpHxrQCN9l2Kr9nLWP =g6o5 -----END PGP SIGNATURE----- --=-=-=-- From nobody Sat Jun 25 08:41:26 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F41C912B074 for ; Sat, 25 Jun 2016 08:41:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S4hYfA6jyxiY for ; Sat, 25 Jun 2016 08:41:23 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 5319012B01D for ; Sat, 25 Jun 2016 08:41:23 -0700 (PDT) Received: from fifthhorseman.net (pool-100-35-130-80.nwrknj.fios.verizon.net [100.35.130.80]) by che.mayfirst.org (Postfix) with ESMTPSA id 01356F98B for ; Sat, 25 Jun 2016 11:41:22 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id A175A203DC; Sat, 25 Jun 2016 11:41:22 -0400 (EDT) From: Daniel Kahn Gillmor To: IETF OpenPGP User-Agent: Notmuch/0.22+69~gd812194 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) Date: Sat, 25 Jun 2016 11:41:19 -0400 Message-ID: <877fddjmxs.fsf@alice.fifthhorseman.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Archived-At: Subject: [openpgp] Using Git for RFC 4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2016 15:41:25 -0000 --=-=-= Content-Type: text/plain Hi OpenPGP folks-- As i understand it, Werner is currently working on his draft of 4880bis using a pandoc2rfc toolchain. If we choose to adopt this draft (see my previous e-mail to the list), the underlying source of the document will actually be markdown. The work is being kept under revision control using git. We appreciate (and encourage!) any changes people want to suggest the usual way: via an e-mail to this mailing list explaining what text you think needs to be changed and why. However, some people may find it more convenient to propose specific machine-readable changes that can be applied directly to the source; if you want to do that, making them in the form of patches against the markdown is probably best. A public-facing copy of the git repo is hosted at gitlab for anyone who wants to make edits against the source: https://gitlab.com/openpgp-wg/rfc4880bis If you want to submit patches to the markdown in the draft's working copy, you can send them directly to this mailing list. I'm happy to help folks sort out using "git send-email" if they want guidance on making this toolchain work. In my own local copy, i've done: git config sendemail.to 'IETF OpenPGP WG ' I find the documentation presented by "git help send-email" to be useful if you're unfamiliar with this workflow. Also, feel free to ask me for help if you have any questions with the tooling. While it's ok to submit pull requests or open issues (as placeholders for things that need to be addressed) via the gitlab repository, all IETF discussion should end up taking place on this mailing list. See CONTRIBUTING.md in the git repo if you're considering gitlab as a place to report issues. Whenever substantial changes to the document have been made and stabilized by WG consensus, we'll tag the git repo and submit another revision of the draft to the IETF datatracker so that changes and progress are visible to everyone, including the folks who are not using git. Please speak up if you have any concerns or questions about this mechanism. --dkg --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJXbqYfXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFREIyRTc0RjU2RkNGMkI2NzI5N0I3MzUy NEVDRkY1QUZGNjgzNzBBAAoJECTs/1r/aDcK4iUP/R5690HpVPEIVn2XfibRrL2r Ko5qRVEIKLTiuTMEze0DtaqvpTEDVSubcoygF6JDjG7zEbsqTrOgr94oZ2XHXkl0 qcLHcupXAQy51GADFX5hVrWbHk9QcOzYn9oQQpubRuhoYPZ3+iGjDSZxIdrZa/W3 F18KrfI6xuPCf8+g5ax89lYTzcth2tWcxKOCCDoi8PVrGgBmtHmExWb+Oh4P2xqE mUdQ1JekGBXMGCQTeV7AmySFOx/mmzp38K8dVyhuMQvM9WRMVLIinzha6WGR5+vN cqm3cevEPTgU1IwXfy8S22+Uv6tPjImiIHItl0noa+qwcpYG1kYi/hikph7IjAEm QMNmQwd3Z1YpMcQwrt7dAp6cZ5zfAp3xwtEnSAzLUJYMXHauPtuuYl+C2FF5rqqQ d6b3vZOud0//Bg0ysGr7/8YMNoD+/fxBBvnGHgeV/hgefcBM0SY6+f3iCinZP8W4 6i13pWdul8qGeYc+zpTWE1JM4Hb10wt0JC5hrxvpHx1OUgt4m4p7S9kFFJJ8MgY/ HRryMJq6LOrYzHbVHoG0LNV704RYStkhK4piEpsL38HtCuVyWPdDDIrWqTzCxmQF RQkeh5bHn072Hz9C7O2JZKr4uzPN+gTsBwXJ+I0mnQm8tpko62TPvvuBwtS31+Iu rKS+HCltcPb3DVJ6o59L =dNjb -----END PGP SIGNATURE----- --=-=-=-- From nobody Sat Jun 25 08:42:20 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD47612D0DC for ; Sat, 25 Jun 2016 08:42:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sumptuouscapital-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gpp3bPMgIgRZ for ; Sat, 25 Jun 2016 08:42:18 -0700 (PDT) Received: from mail-lf0-x231.google.com (mail-lf0-x231.google.com [IPv6:2a00:1450:4010:c07::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3EDB12D095 for ; Sat, 25 Jun 2016 08:42:17 -0700 (PDT) Received: by mail-lf0-x231.google.com with SMTP id l188so131616778lfe.2 for ; Sat, 25 Jun 2016 08:42:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sumptuouscapital-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=cfJfool1z70SJfY9G4eXX8I/CMw5HtRt2NbRziWor8g=; b=rxpbj4ydSxUxWBEOXtGFlwXwGajOT909/72tlZO4heENRBLcMwkhchBe9uVJNUznxX vLsreKsJhY20v+XaXvI1/M3k6SN2DpiOxBcARFD9DV0BJYJfxVUHmCc3rPdK+E5St+U0 Uc2Ekzht3USu4NYq2lQYVdK2IAyJqIZBd/50vO5pNM52UQiR9R37UlPmfaN3EHsLCGI9 fvakN0WsF73gPSFBetADiC7pWhDVvoGP/2Hb3Yn98FKGueyFZq8Yh7YGpLeULmcDeouL QKzewGAxsCjdZyH99ysGC7cY41Uoqdy2m/shpdNVSutZw3pnnMhbINM3UDhZnQUHjutp nqEA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=cfJfool1z70SJfY9G4eXX8I/CMw5HtRt2NbRziWor8g=; b=dMdOnc8/oBOh+65vpvi8JM2VtWgh6l/2r3iIU6UKyaxb6EUbFQF0kc6AzQpnRVCReH V9Pb8ieQsESLrzm/LpZwPooFcmtJMGspgLZgVnV/TgmzzahyAVCuAKfS2QCh5lnCcyWd A/C3c/0Hfa2bWT/sJyisOS7wm6Hx58oE4i8p3zlI4ZcCHonIVDE85q4fkmN6wf+7VlS/ yklvXvZNDLBvqrZVz715dSWkiYlpB9MQQiSeaDANBStleA+CskuzWjuhevk5Xre6wGgy 9cBY/GFi/6i4V3eVh5m1VSQXSB2z0Zee+Lo9Ux+sP8lCyncBiF/J2VUyq57Uv044Ut6d 3LxA== X-Gm-Message-State: ALyK8tK/MZ0VLbvvQSqapZm1XxNC37SKmatV8o8kqvHGIomMkYm+a2eJ+GjAqARbb9YIsQ== X-Received: by 10.46.71.5 with SMTP id u5mr2868509lja.49.1466869335919; Sat, 25 Jun 2016 08:42:15 -0700 (PDT) Received: from [10.144.0.7] (host-37-191-220-247.lynet.no. [37.191.220.247]) by smtp.googlemail.com with ESMTPSA id j192sm1779547lfg.28.2016.06.25.08.42.14 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 25 Jun 2016 08:42:14 -0700 (PDT) To: IETF OpenPGP References: <878txtjnf6.fsf@alice.fifthhorseman.net> From: Kristian Fiskerstrand Message-ID: <31dd03ad-d3a3-707c-5791-3b0254e6fc7d@sumptuouscapital.com> Date: Sat, 25 Jun 2016 17:42:10 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: <878txtjnf6.fsf@alice.fifthhorseman.net> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="rqvwMo9LIgDkkUu6v3D4DNMPr3fxd2l6e" Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2016 15:42:20 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --rqvwMo9LIgDkkUu6v3D4DNMPr3fxd2l6e Content-Type: multipart/mixed; boundary="dBwnlcjH8rNbv5lJ8AF6CID975DV4j1Fh" From: Kristian Fiskerstrand To: IETF OpenPGP Message-ID: <31dd03ad-d3a3-707c-5791-3b0254e6fc7d@sumptuouscapital.com> Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis References: <878txtjnf6.fsf@alice.fifthhorseman.net> In-Reply-To: <878txtjnf6.fsf@alice.fifthhorseman.net> --dBwnlcjH8rNbv5lJ8AF6CID975DV4j1Fh Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 06/25/2016 05:30 PM, Daniel Kahn Gillmor wrote: > hey OpenPGP folks-- >=20 > We've had a slow start on 4880bis, but i'm hoping we can get things > moving again. One of the things we need to do bureaucratically is to > officially adopt a specific draft as the basis of our ongoing work. >=20 > Werner Koch has prepared and submitted the beginnings of the new > revision of RFC 4880, the current version of which you can see here: >=20 > https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 >=20 > This is a call for adoption of this draft by the OpenPGP WG. Please > speak up soon if you have any concerns, or if you think this document > should not be adopted by the WG for some reason. Please also speak up > if you are in favor of adoption. I'm in favor of adopting this document as a starting point for the WG. --=20 ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP certificate at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Nomina stultorum scribuntur ubique locorum Fools have the habit of writing their names everywhere --dBwnlcjH8rNbv5lJ8AF6CID975DV4j1Fh-- --rqvwMo9LIgDkkUu6v3D4DNMPr3fxd2l6e Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJXbqZSAAoJECULev7WN52FmIAH+QGVPAO7yrgGS4jK/FIgECVE ol4wt3i4g7h/0IU0zTeHWbU5Elim/oMOJcPlA8kbXX1GJZN6dEu31xlRRTnwcPtK XCjzUJdSTvsaK5q4+JSDPjHjKCKelK2chFr30ucAxWvD78Stj5nj3rTzouPc5kuC xML6f5PAVhhBcoB5CyTY1aKkxfSa0SryUJQgGERz8wgBa2eJEsEe6gNCHjcp9zsH Zxi6H9L4RmyYT1RjY3kLLMUvGgmwTznSCh2CY/Yy6M2PregMjqTBdM08F9frUy0D lboMV2m18WZkq1PRyZNJ/buIAX0KyVjsaqN3VnkqOh1j8UlAoo3W6yoivsSq3i8= =dtUI -----END PGP SIGNATURE----- --rqvwMo9LIgDkkUu6v3D4DNMPr3fxd2l6e-- From nobody Sat Jun 25 09:52:16 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B84BF12D145 for ; Sat, 25 Jun 2016 09:52:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.699 X-Spam-Level: X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TVpm-fvrQQJV for ; Sat, 25 Jun 2016 09:52:11 -0700 (PDT) Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A188812D531 for ; Sat, 25 Jun 2016 09:52:11 -0700 (PDT) Received: by mail-vk0-x22b.google.com with SMTP id u64so186933654vkf.3 for ; Sat, 25 Jun 2016 09:52:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=xXnfqp2oROp3oZlRJEZulTIA1f5SyJft+9JOfUZ9Uvk=; b=UWleoD1zVY3G1pDh/cTnOI6CYpOi2VhXhdqB4yjI1JC/CMyobQUsxB/pEHD1xcx/lL X7Szl0m54rkU9i+nxC7LVKrNuHzJU8OjpFGx1U67DcBtSBAgAy6OK8ux5eSB+uDcZt5Q wk1H74ezqfL6bSfoazWkyTJId9NefUIDjL8B8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=xXnfqp2oROp3oZlRJEZulTIA1f5SyJft+9JOfUZ9Uvk=; b=OfQXxkg67sAa5bHxCSK5Es7fV76XpVnraJcSpr2i1634hl0IatOcfSaIhbihv9VC+b L0RRK4h9YMIY5UFXaK4mOTfbr6WXrwDYw4RG7wNcgsa7TF0HrSB/b6pkDx5vE/scAPXb XSEbLY0EL0Izntgy+XUYp0qCr9B71rJI/WUVIR9F8QT+HHMWyVJLBKt5cKPb+fda57iJ HnB1h9in1OgKRnUYr9Tu007vkQB8jconG4GgklVgIkSVZuHXDRKoFyk1KhKmjyIfDehH n6FYb7b8f6e/W0F9f8iyLxrgRI98l9M5zfEkn519PyPGDXrFQz2iRYdTfe9zmR0tb/U8 zUeg== X-Gm-Message-State: ALyK8tJRDpQQJZziyO8kduRgqlre8jczfC9kixa2py29WELzh7S+ULnrS6Fts7aQfBdmoxSUyLgs4RinhBQzCRyk MIME-Version: 1.0 X-Received: by 10.31.153.139 with SMTP id b133mr5098237vke.64.1466873530657; Sat, 25 Jun 2016 09:52:10 -0700 (PDT) Received: by 10.103.29.71 with HTTP; Sat, 25 Jun 2016 09:52:10 -0700 (PDT) In-Reply-To: <31dd03ad-d3a3-707c-5791-3b0254e6fc7d@sumptuouscapital.com> References: <878txtjnf6.fsf@alice.fifthhorseman.net> <31dd03ad-d3a3-707c-5791-3b0254e6fc7d@sumptuouscapital.com> Date: Sat, 25 Jun 2016 12:52:10 -0400 Message-ID: From: Joseph Lorenzo Hall To: Kristian Fiskerstrand Content-Type: multipart/alternative; boundary=001a113d3a4eb9c40d05361d1ba2 Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jun 2016 16:52:15 -0000 --001a113d3a4eb9c40d05361d1ba2 Content-Type: text/plain; charset=UTF-8 also in favor On Saturday, June 25, 2016, Kristian Fiskerstrand < kristian.fiskerstrand@sumptuouscapital.com> wrote: > On 06/25/2016 05:30 PM, Daniel Kahn Gillmor wrote: > > hey OpenPGP folks-- > > > > We've had a slow start on 4880bis, but i'm hoping we can get things > > moving again. One of the things we need to do bureaucratically is to > > officially adopt a specific draft as the basis of our ongoing work. > > > > Werner Koch has prepared and submitted the beginnings of the new > > revision of RFC 4880, the current version of which you can see here: > > > > https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 > > > > This is a call for adoption of this draft by the OpenPGP WG. Please > > speak up soon if you have any concerns, or if you think this document > > should not be adopted by the WG for some reason. Please also speak up > > if you are in favor of adoption. > > I'm in favor of adopting this document as a starting point for the WG. > > -- > ---------------------------- > Kristian Fiskerstrand > Blog: https://blog.sumptuouscapital.com > Twitter: @krifisk > ---------------------------- > Public OpenPGP certificate at hkp://pool.sks-keyservers.net > fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 > ---------------------------- > Nomina stultorum scribuntur ubique locorum > Fools have the habit of writing their names everywhere > > -- Joseph Lorenzo Hall Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] 1401 K ST NW STE 200, Washington DC 20005-3497 e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 --001a113d3a4eb9c40d05361d1ba2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable also in favor

On Saturday, June 25, 2016, Kristian Fisk= erstrand <= kristian.fiskerstrand@sumptuouscapital.com> wrote:
On 06/25/2016 05:30 PM, Daniel Kahn Gillmor wrote:
> hey OpenPGP folks--
>
> We've had a slow start on 4880bis, but i'm hoping we can get t= hings
> moving again.=C2=A0 One of the things we need to do bureaucratically i= s to
> officially adopt a specific draft as the basis of our ongoing work. >
> Werner Koch has prepared and submitted the beginnings of the new
> revision of RFC 4880, the current version of which you can see here: >
>=C2=A0 =C2=A0 https://tools.ietf.org/html/draft-koch-op= enpgp-rfc4880bis-02
>
> This is a call for adoption of this draft by the OpenPGP WG.=C2=A0 Ple= ase
> speak up soon if you have any concerns, or if you think this document<= br> > should not be adopted by the WG for some reason.=C2=A0 Please also spe= ak up
> if you are in favor of adoption.

I'm in favor of adopting this document as a starting point for the WG.<= br>
--
----------------------------
Kristian Fiskerstrand
Blog: https= ://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Nomina stultorum scribuntur ubique locorum
Fools have the habit of writing their names everywhere



--
Joseph Lorenzo Hall
Chief Technologist, Cent= er for Democracy & Technology [https://www.cdt.org]
1401 K ST NW STE 200, Washington DC= 20005-3497
e: joe@cdt= .org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
Fingerprint: 3CA2 8= D7B 9F6D DBD3 4B10 =C2=A01607 5F86 6987 40A9 A871
--001a113d3a4eb9c40d05361d1ba2-- From nobody Sun Jun 26 19:33:13 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C15212D593 for ; Sun, 26 Jun 2016 19:33:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.701 X-Spam-Level: X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ritter.vg Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qFCWtnDZJZ6y for ; Sun, 26 Jun 2016 19:33:09 -0700 (PDT) Received: from mail-vk0-x230.google.com (mail-vk0-x230.google.com [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B12B12D58E for ; Sun, 26 Jun 2016 19:33:09 -0700 (PDT) Received: by mail-vk0-x230.google.com with SMTP id j2so215240048vkg.2 for ; Sun, 26 Jun 2016 19:33:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=XBwX3FqnQUxGz06HulBzoSuq58tOWAe22aCcvwsOPPg=; b=l9G27LEWQmr4YoGQ0RKR0+VQXp6OSImYAIfRYSafuLPLPHmCfYW0jd+VOtDsLA15fv hvHldzLAweHPZy0NU8qYJefRzU/EIJgIv55nGfD2UtCcIbt6+VC48vOoIyVL386+e0lj 67nMrQSpWTKygzy+MxSQZh/gZTPNujrooVk5U= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=XBwX3FqnQUxGz06HulBzoSuq58tOWAe22aCcvwsOPPg=; b=YcT/4uTVuPKdytZylmv2Bv1CrVJMJuJDJv/qQFUcRDj8Nkb7t2Nd3xr/n6pb5KIooE AfP1F0qWghkj+18V54uADJXN0zfCeKxxWmtIDaeG7GEJMkH7AFp4xhT/q1wMyoO2fjHR +WgVDLr8SG4YBRARzXgmMOHgyzbdKTon28eyoGEe5aKDgXpvznX9KCrHlcxWX4dxElaw MAA3K6BdeNm4kw688SVoUJg6Nl1GGgW3O/ttSUDYvDr+eSD9z5rp41Up+/d2cFTLlla6 h2MMFpUoLRdG3TMBZiYuNX9eobBpbS2hOBtSQVCQOeUAc+iGMxpEGvsmbQlcdsck41DW 31ng== X-Gm-Message-State: ALyK8tIjTV8icxkPhw8fQZpYWd3lsDxVZM0YTotM9YmDFYHVVmLuBQaIvxMNcRkPzEnuPropL3YTw9OLJYylV/l8 X-Received: by 10.31.63.205 with SMTP id m196mr7621807vka.93.1466994788593; Sun, 26 Jun 2016 19:33:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.141.201 with HTTP; Sun, 26 Jun 2016 19:32:49 -0700 (PDT) In-Reply-To: References: <878txtjnf6.fsf@alice.fifthhorseman.net> <31dd03ad-d3a3-707c-5791-3b0254e6fc7d@sumptuouscapital.com> From: Tom Ritter Date: Sun, 26 Jun 2016 21:32:49 -0500 Message-ID: To: Joseph Lorenzo Hall Content-Type: text/plain; charset=UTF-8 Archived-At: Cc: IETF OpenPGP , Kristian Fiskerstrand Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 02:33:12 -0000 +1 On 25 June 2016 at 11:52, Joseph Lorenzo Hall wrote: > also in favor > > > On Saturday, June 25, 2016, Kristian Fiskerstrand > wrote: >> >> On 06/25/2016 05:30 PM, Daniel Kahn Gillmor wrote: >> > hey OpenPGP folks-- >> > >> > We've had a slow start on 4880bis, but i'm hoping we can get things >> > moving again. One of the things we need to do bureaucratically is to >> > officially adopt a specific draft as the basis of our ongoing work. >> > >> > Werner Koch has prepared and submitted the beginnings of the new >> > revision of RFC 4880, the current version of which you can see here: >> > >> > https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 >> > >> > This is a call for adoption of this draft by the OpenPGP WG. Please >> > speak up soon if you have any concerns, or if you think this document >> > should not be adopted by the WG for some reason. Please also speak up >> > if you are in favor of adoption. >> >> I'm in favor of adopting this document as a starting point for the WG. >> >> -- >> ---------------------------- >> Kristian Fiskerstrand >> Blog: https://blog.sumptuouscapital.com >> Twitter: @krifisk >> ---------------------------- >> Public OpenPGP certificate at hkp://pool.sks-keyservers.net >> fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 >> ---------------------------- >> Nomina stultorum scribuntur ubique locorum >> Fools have the habit of writing their names everywhere >> > > > -- > Joseph Lorenzo Hall > Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] > 1401 K ST NW STE 200, Washington DC 20005-3497 > e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key > Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp > From nobody Sun Jun 26 19:36:33 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2841F12D595 for ; Sun, 26 Jun 2016 19:36:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.701 X-Spam-Level: X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ritter.vg Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7D4Ki2TnqiIQ for ; Sun, 26 Jun 2016 19:36:30 -0700 (PDT) Received: from mail-vk0-x22d.google.com (mail-vk0-x22d.google.com [IPv6:2607:f8b0:400c:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4DEE12D594 for ; Sun, 26 Jun 2016 19:36:23 -0700 (PDT) Received: by mail-vk0-x22d.google.com with SMTP id j3so2577694vkb.0 for ; Sun, 26 Jun 2016 19:36:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=V4QbmMVlMQGqE364a33w8CuAdNAgv7ztnRa7dsrjXHc=; b=I+h4/tfPv9UkvUkavECAiKRjshZIe6BqhHp45+FVZCRAvPeJ6Oog5S8aaCfeq5YVIT q4sWNo1m1pkZMTeEf7wPNeXnyaca36lnhgwmuOMmYYjk+ktlFBorirNEy7AveAkJNgke l5b1V1FDyArZ30jI/nAJ55fjvHm2+5Xxd76OM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=V4QbmMVlMQGqE364a33w8CuAdNAgv7ztnRa7dsrjXHc=; b=eyXAGwvpCJK/ywuvcQ5tcAHWPP4+rRB97W5AWS6ZQeLrQPtIySgLk8RFPXSirjuFPy lou26AIOHj49g+0oxWkdbuuXp9b48ETZCav7kD+lZdWmcHb4gzBHQkxwoCCVx8HdaQWc OfmJ8FpgXDpOgcYJ8Cen+A/Y9dxJChHHG7HttEeWsdP7z4m+RkjwegmgtVd/+Eh5SMJU F3Y/BWPJUXnN7FBVRIItEK0Tzm/GzyBAlSXIXdYqQCEVXvau4JY5UzGVZt5OH12n9//L aXn0g0s0GhS4NVQz0A+OFGfzpEqnG96Kk9x4j2XxzY1hP8YdXh3Yt1ZQ/7BL6F2ALPsr 3UgQ== X-Gm-Message-State: ALyK8tIpAMjUW9QIEdnYXo6jfvwGP2g24GG9HZiN+D9004QcpxYbQbyuVdV0VwBcCKnamHFN/TqEuNf7WxaUr/5H X-Received: by 10.31.171.74 with SMTP id u71mr7803980vke.119.1466994982729; Sun, 26 Jun 2016 19:36:22 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.141.201 with HTTP; Sun, 26 Jun 2016 19:36:03 -0700 (PDT) In-Reply-To: <877fddjmxs.fsf@alice.fifthhorseman.net> References: <877fddjmxs.fsf@alice.fifthhorseman.net> From: Tom Ritter Date: Sun, 26 Jun 2016 21:36:03 -0500 Message-ID: To: Daniel Kahn Gillmor Content-Type: text/plain; charset=UTF-8 Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] Using Git for RFC 4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 02:36:32 -0000 Can we use the Issues tracker (either in Gitlab or the IETF tools, but not both) to note what changes are outstanding (but encourage people to send the text proposals to the list)? It would be helpful to have some sort of list of outstanding changes we have rough consensus to make but lack text proposals. For example, using a real authenticated mode instead of the MDC is a definite. I'm not sure if a streaming-friendly mode there is consensus for, but it could be noted as 'under discussion' or something. -tom From nobody Mon Jun 27 09:25:07 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D529112D7B5 for ; Mon, 27 Jun 2016 09:25:05 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2WCeMevZfLeL for ; Mon, 27 Jun 2016 09:25:02 -0700 (PDT) Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1899312D7BB for ; Mon, 27 Jun 2016 09:25:02 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 4F189E2043; Mon, 27 Jun 2016 12:24:30 -0400 (EDT) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 21035-05; Mon, 27 Jun 2016 12:24:27 -0400 (EDT) Received: from securerf.ihtfp.org (IHTFP-DHCP-159.IHTFP.ORG [192.168.248.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 8CBE6E2042; Mon, 27 Jun 2016 12:24:27 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1467044667; bh=seZaucDxfo/1JnehnYW+F4KYn1NmePvQ3BJZxg7EKgQ=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=qyAsWedPOCJc3fcvdeDE1O/auC96fmZpEs5fBGeeTl/jY5mvBlESf8JFXvuLzLFj7 l5ij3hO1AbnkRZkfX4RmFYkYb6roW9CigTgbYY+F4bd1luRkZSGErrJv5v4vpbqdYk FlxwvBECUQnlzS1JdNenH6Z7VBa73DH0NnPywRj0= Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u5RGOQbK032297; Mon, 27 Jun 2016 12:24:26 -0400 From: Derek Atkins To: Daniel Kahn Gillmor References: <878txtjnf6.fsf@alice.fifthhorseman.net> Date: Mon, 27 Jun 2016 12:24:25 -0400 In-Reply-To: <878txtjnf6.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Sat, 25 Jun 2016 11:30:53 -0400") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: Maia Mailguard 1.0.2a Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 16:25:06 -0000 Hi, I'm in favor of accepting this. I'll also point out that I had made another suggested update on April 14 (Subject: Proposed Patch to RFC4880bis to reserve two public key numbers) which has not been incorporated into the document. -derek Daniel Kahn Gillmor writes: > hey OpenPGP folks-- > > We've had a slow start on 4880bis, but i'm hoping we can get things > moving again. One of the things we need to do bureaucratically is to > officially adopt a specific draft as the basis of our ongoing work. > > Werner Koch has prepared and submitted the beginnings of the new > revision of RFC 4880, the current version of which you can see here: > > https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 > > This is a call for adoption of this draft by the OpenPGP WG. Please > speak up soon if you have any concerns, or if you think this document > should not be adopted by the WG for some reason. Please also speak up > if you are in favor of adoption. > > A brief reminder of what adoption by the WG would mean: > > * this draft would become the *starting point* for RFC 4880bis; the > draft is currently not complete, but it would be the basis upon which > the group would build the new proposal. > > * Werner Koch would be the document editor, but the decisions about the > draft would be made by the working group. I want to thank Werner for > his willingness to put in his time as the document editor. > > * Since our charter (https://datatracker.ietf.org/wg/openpgp/charter/) > is aimed primarily at making a revision to RFC 4880, we would > hopefully focus our efforts on contributing review and amendments to > this draft, with a goal of driving it to IETF Last Call within the > year. > > Please give feedback on draft adoption! > > --dkg > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant From nobody Mon Jun 27 09:45:49 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2689A12D825 for ; Mon, 27 Jun 2016 09:45:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.935 X-Spam-Level: X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sumptuouscapital-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ErROmHgi6lFw for ; Mon, 27 Jun 2016 09:45:46 -0700 (PDT) Received: from mail-lf0-x236.google.com (mail-lf0-x236.google.com [IPv6:2a00:1450:4010:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D38912D81F for ; Mon, 27 Jun 2016 09:45:46 -0700 (PDT) Received: by mail-lf0-x236.google.com with SMTP id f6so159947004lfg.0 for ; Mon, 27 Jun 2016 09:45:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sumptuouscapital-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to; bh=/u1UPqf076IBEJsjqz2SZj85EtII8KlfXFoP1vUQpJE=; b=pzeHXTNCWH/bCXlhYVjRJSxYsNAvt/9iWA+2GRGtV/niAy47ehhXrTFoFZd+fefj0Q RYxYeoNnJXnqrtFxOXju3tacW6gbRdmkkVCSy91wkcNYgagBVNmOgFRIUjeFeo0iVplC Va3PQruUG3rqUEneuNyb3NZcJ2AR2Vvzl5mLbzI7sfmGvpeolShSQ1R4mS0J53rrm6/Z d2SGgomgObnHJn79kaIWfruF1HhZAZIBMYRhvSQAfAWPEeIF5OqJSsFNtMNRq5uuCEYt zCnO29xJ8ojx+oP+0bboa8l+3ogfZRrk/DgRPLe5u7qmpfNpUKm5by+hsUqejVHdZuZK xPcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to; bh=/u1UPqf076IBEJsjqz2SZj85EtII8KlfXFoP1vUQpJE=; b=UaTO3XyRNh1KTVX9oYc7QCdPdXtHU4xrXQUY1kSQdELIbtiBSsbWS1ILWDDC1EzRsH JnR/iSsC0+gjjHIsTGEviB45ciSogWD3gp51u8AndDb1qa9wPGEktCFDl0NHM/ScvLik 4zZH2/WdPyV3TgV3Jp9zxEQ0GI92o8Lo4d4dUF0lETX22Mm3NgAje7AyB1Loi1b3Tvu4 eM9LCPv4Sv0Jo6lGCjxaauLtxjyQvDJEjY1kb9rUFo/lliCicL3syPK/Lw5slyjXE1ca B/h+WljAhlif5ybadJMBtUfH9TmE3aXjKVKB3zVwFz8n98cs3UHFkVucMKNZ9GkRooFJ yvog== X-Gm-Message-State: ALyK8tJKYRF0ezsgcGk0MtFdncHDzgxP5TXr6kG2ANdrHNiLsE333t9wYENVoRNgprwr9w== X-Received: by 10.25.149.6 with SMTP id x6mr565993lfd.106.1467045944267; Mon, 27 Jun 2016 09:45:44 -0700 (PDT) Received: from [10.144.0.7] (host-37-191-220-247.lynet.no. [37.191.220.247]) by smtp.googlemail.com with ESMTPSA id 5sm3399009lja.34.2016.06.27.09.45.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Jun 2016 09:45:42 -0700 (PDT) To: Derek Atkins References: <878txtjnf6.fsf@alice.fifthhorseman.net> From: Kristian Fiskerstrand Message-ID: <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> Date: Mon, 27 Jun 2016 18:45:39 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="FHbpHESFojgAaIwocd6G5eTr7UMs0LNO7" Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 16:45:49 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --FHbpHESFojgAaIwocd6G5eTr7UMs0LNO7 Content-Type: multipart/mixed; boundary="DCA9K07wkkNCFD2ou7DRvRUoxRQC7vhic" From: Kristian Fiskerstrand To: Derek Atkins Cc: IETF OpenPGP Message-ID: <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis References: <878txtjnf6.fsf@alice.fifthhorseman.net> In-Reply-To: --DCA9K07wkkNCFD2ou7DRvRUoxRQC7vhic Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 06/27/2016 06:24 PM, Derek Atkins wrote: > Hi, >=20 > I'm in favor of accepting this. >=20 > I'll also point out that I had made another suggested update on April 1= 4 > (Subject: Proposed Patch to RFC4880bis to reserve two public key > numbers) which has not been incorporated into the document. There seems to be a lot of doubt about the security of Algebraic Eraser protocols (at least controversy) and little research compared to other key exchange methods, without much gain from implementing it. What would be the rationale for adding it? --=20 ---------------------------- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk ---------------------------- Public OpenPGP certificate at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 ---------------------------- Aurum est Potestas Gold is power --DCA9K07wkkNCFD2ou7DRvRUoxRQC7vhic-- --FHbpHESFojgAaIwocd6G5eTr7UMs0LNO7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJXcVgzAAoJECULev7WN52F4hIH/Rg6cLT81rcEUjI3T6QQzbJr 8tecYbQf3znf4N+gFNfhGcb7aocdSfotpUUPKYYGu1l2SR+DdALxwWDKzlfpv9AK H1SMFgRuhRjVK2RkCT32OOndn9eNK/hiykd9/wd+4qt/FNHxpAGLGuLIzPBz8VPA VBaueZjQD/V1vKNCxN2OX2tyZuX6laKHv3XeaeDEnwplBzlDunew5nHURteNsCcA MLVjsAwq8OPlPV/u9cAY+3k96Ebl7liWDL28xS0V5z6cQDkWNqJRnNJliHVBy91X onCATcC2wQKDHp5HYsthfVOP+RYxnjAbTVpnMXiik14lmCgixG1/ZZ29czRf8pY= =nH+i -----END PGP SIGNATURE----- --FHbpHESFojgAaIwocd6G5eTr7UMs0LNO7-- From nobody Mon Jun 27 09:56:10 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7BE812D82C for ; Mon, 27 Jun 2016 09:56:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lo3CsNxnbqRD for ; Mon, 27 Jun 2016 09:56:08 -0700 (PDT) Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8ECE212D858 for ; Mon, 27 Jun 2016 09:56:06 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 03220E203F; Mon, 27 Jun 2016 12:55:35 -0400 (EDT) Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 21076-09; Mon, 27 Jun 2016 12:55:32 -0400 (EDT) Received: by mail2.ihtfp.org (Postfix, from userid 48) id 414AFE2040; Mon, 27 Jun 2016 12:55:32 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1467046532; bh=+WllKt3u0KYRYa2CBQUGqXsiXlYNlFM+Y2/od+nWhSA=; h=In-Reply-To:References:Date:Subject:From:To:Cc; b=dESuRcub8t2xU0Nl4R2W/mHUd4cWOMtdRqBUCMFLv2VYNrBhJ5/wdscwoQaCNjZ9z Hh/tTOQ0xTHuMLaBEyZMp9hRrPxLhpVfucqB4S95a6t0J27uTGGDoLNzWmuui7+F9f 5xMhH/+SPhL3xp1nMYp+QA9kxdYehjeyy6hRQFzc= Received: from 192.168.248.159 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Mon, 27 Jun 2016 12:55:32 -0400 Message-ID: <899ea0af118daae68588bd79af729c72.squirrel@mail2.ihtfp.org> In-Reply-To: <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> Date: Mon, 27 Jun 2016 12:55:32 -0400 From: "Derek Atkins" To: "Kristian Fiskerstrand" User-Agent: SquirrelMail/1.4.22-14.fc20 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: Maia Mailguard 1.0.2a Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 16:56:10 -0000 Hi, On Mon, June 27, 2016 12:45 pm, Kristian Fiskerstrand wrote: > On 06/27/2016 06:24 PM, Derek Atkins wrote: >> Hi, >> >> I'm in favor of accepting this. >> >> I'll also point out that I had made another suggested update on April 14 >> (Subject: Proposed Patch to RFC4880bis to reserve two public key >> numbers) which has not been incorporated into the document. > > There seems to be a lot of doubt about the security of Algebraic Eraser > protocols (at least controversy) and little research compared to other > key exchange methods, without much gain from implementing it. What > would be the rationale for adding it? Then don't implement it. I'm not asking for it to be mandatory to implement, so if you don't trust it for some reason then you can choose not to accept it. The rationale for adding it is that it MAY be used by implementations who want/need it. If that happens to be only a single implementation (ours) then so be it. I'd pose the question in the opposite direction: what HARM is there in adding it to the list of known algorithms? -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant From nobody Mon Jun 27 09:59:44 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 690DC12D860 for ; Mon, 27 Jun 2016 09:59:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.702 X-Spam-Level: X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HZX0rsHccHPv for ; Mon, 27 Jun 2016 09:59:39 -0700 (PDT) Received: from st13p27im-asmtp004.me.com (st13p27im-asmtp004.me.com [17.162.190.113]) (using TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DCEF12D825 for ; Mon, 27 Jun 2016 09:59:39 -0700 (PDT) Received: from process-dkim-sign-daemon.st13p27im-asmtp004.me.com by st13p27im-asmtp004.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) id <0O9F00Z00WCPFI00@st13p27im-asmtp004.me.com> for openpgp@ietf.org; Mon, 27 Jun 2016 16:59:18 +0000 (GMT) Received: from [10.0.23.24] (media.merrymeet.com [173.164.244.98]) by st13p27im-asmtp004.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) with ESMTPSA id <0O9F00Z9IWIRKI40@st13p27im-asmtp004.me.com>; Mon, 27 Jun 2016 16:59:17 +0000 (GMT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2016-06-27_11:,, signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1011 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1510270003 definitions=main-1606270175 Content-type: text/plain; charset=us-ascii MIME-version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Jon Callas In-reply-to: <878txtjnf6.fsf@alice.fifthhorseman.net> Date: Mon, 27 Jun 2016 09:59:15 -0700 Content-transfer-encoding: 7bit Message-id: <99CD3D6B-5663-4D60-9196-1337A5CFB9D4@icloud.com> References: <878txtjnf6.fsf@alice.fifthhorseman.net> To: Daniel Kahn Gillmor X-Mailer: Apple Mail (2.3124) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=4d515a; t=1467046758; bh=v6FZ18p7GfAcXdKTjHx4kcYnIurONJTHp5XuoKzLuEc=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=Mx6ZRKSX0gY4SEZC/F9LNUBYxHEhgIapoj6xnp4AT8DWlI3Jp0U+PY/3felI8mZ3J KKiAiFYGtnbccv+rr4JJWTS4UDiJGCZ39tNCq/feTrPM4UWD0nEGQG5YP6AclCS8E9 LsMn2qrY/5Yx72AtxhD6HlvDVj/vG3wEb/8xhxFUolpkH5KEGcGWogJ6S83z2CBwD7 LyDjBu5rBiLQ6b0VjxQQzNc5zIkwvZBVpg861OBlLOwdsrKkc+PENQ9j/Z5pOvQT3n YIgmCGMkM2NlZk6invZtkyg0ktc15Yh3zwQX6OOx48EaTbw9MxB+Lmn/jQ4MxkhSWS wWTvIxSc3+VJw== Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 16:59:42 -0000 > > Please give feedback on draft adoption! > +1 Sounds great to me. Jon From nobody Mon Jun 27 10:41:42 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E158012D62C for ; Mon, 27 Jun 2016 10:41:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.702 X-Spam-Level: X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XYXA2B_RqZFz for ; Mon, 27 Jun 2016 10:41:39 -0700 (PDT) Received: from st13p27im-asmtp003.me.com (st13p27im-asmtp003.me.com [17.162.190.112]) (using TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F6CF12D0E4 for ; Mon, 27 Jun 2016 10:41:39 -0700 (PDT) Received: from process-dkim-sign-daemon.st13p27im-asmtp003.me.com by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) id <0O9F00B00YB17L00@st13p27im-asmtp003.me.com> for openpgp@ietf.org; Mon, 27 Jun 2016 17:41:38 +0000 (GMT) Received: from [10.0.23.24] (media.merrymeet.com [173.164.244.98]) by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) with ESMTPSA id <0O9F000VMYHB8E40@st13p27im-asmtp003.me.com>; Mon, 27 Jun 2016 17:41:38 +0000 (GMT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2016-06-27_12:,, signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1011 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1510270003 definitions=main-1606270181 Content-type: text/plain; charset=us-ascii MIME-version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Jon Callas In-reply-to: <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> Date: Mon, 27 Jun 2016 10:41:35 -0700 Content-transfer-encoding: quoted-printable Message-id: <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> To: Kristian Fiskerstrand X-Mailer: Apple Mail (2.3124) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=4d515a; t=1467049298; bh=g0XGGveAYp1Bri8hZSke8277Y+6sNHbiD99rCyWs03k=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=nnYp4yXFMI4ZG9r+uAQbx+LNCd3CvRnsGa8n/qgi1nhDRgtLkMCd/i8R5HjaGQutM dXip8YZjuPZQ7BFmyDzBtkY3dwCx+2FGmo+bYn9voWlC6hXfj+cyfMNHmozc4QFjjM 0uq2TZxuUnWxvFkFN68Rl8rsHJIg5tHhOwy82tSuerDh+nazeEM0MrKxmJPwvB5WEg ElTs1zIp9iRi5wpU+LAxSghRWjJnSg31YGvZmm7FvO2r87B9A3g8lc1h5feZvYBtlh tkjfFFEIomqs3kkVq7PhK+12cdwRdU9hHWLnrOJGpeCGEVsI+vkLffjUdL04FaFuHH m7j2/gS1ea2Ew== Archived-At: Cc: IETF OpenPGP , Derek Atkins , Jon Callas Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 17:41:41 -0000 > On Jun 27, 2016, at 9:45 AM, Kristian Fiskerstrand = wrote: >=20 > There seems to be a lot of doubt about the security of Algebraic = Eraser > protocols (at least controversy) and little research compared to other > key exchange methods, without much gain from implementing it. What > would be the rationale for adding it? Let me give two answers -- one a crypto answer and the other a standards = answer. Crypto-wise, Algebraic Eraser is a bit out there, but the issues with it = are far more issues with the ways it can be used badly than fundamental = ways it is horrible. Every major crypto mechanism we have, particularly = public-key ones, has major failure modes -- encoding and padding, = parameter selection, and many of those are nuanced as well. (Like using = an RSA exponent of 3, which you can do either wrong or right.) It is = outre in some ways, but it's also fascinating and useful. Standards-wise, to quote Jeff Schiller from long ago, the purpose of a = standard is interoperability. A standard exists so that you know what an = object *means*, so you can quickly accept things you like and reject = things you don't like. Ironically, if you don't like Algebraic Eraser, = you *want* it to get an identifier so you can quickly reject its use in = an implementation. Yes, on the one hand, you don't want your standard to be cluttered, but = on the other hand you want to encourage its use. You can give pejorative = terms to either side of it, but I think it's worse for a standard to be = overly-restrictive than overly-inclusive.=20 Traditionally in OpenPGP, we've gone towards being inclusive because we = didn't want people to either (1) just grab an identifier in the = experimental/private region or out in IANA space or (2) go use some = other standard where all they need is an OID. We've put in identifiers for controversial hash functions, Elgamal = signatures, X9.42 DH, symmetric crypto, and in many cases gone and = removed them later. Look at the differences between section 9 of 2440 = and section 9 of 4880. It's an interesting commentary on where thought = was in 1998 and 2007. Moreover, we survived! Nothing bad happened. We learned that OpenPGP is = amazingly resilient to the downsides of being inclusive. The worst issue = we had to deal with was Elgamal signatures -- controversial from the = start, tetchy to use, and there were flawed implementations. But it = ended up being retired because its proponents moved on. There is little risk to giving Derek what he wants. It's just an = identifier. In fact, the biggest risk in my opinion is that we tell him = no, he goes off and is successful using X.509. Jon From nobody Mon Jun 27 10:53:15 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C32912D0ED for ; Mon, 27 Jun 2016 10:53:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lgeOqWisro8o for ; Mon, 27 Jun 2016 10:53:13 -0700 (PDT) Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) by ietfa.amsl.com (Postfix) with ESMTP id 19F4312D17B for ; Mon, 27 Jun 2016 10:53:09 -0700 (PDT) Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id A3B06F98B; Mon, 27 Jun 2016 13:53:07 -0400 (EDT) Received: by fifthhorseman.net (Postfix, from userid 1000) id 6A9F1200CC; Mon, 27 Jun 2016 13:53:07 -0400 (EDT) From: Daniel Kahn Gillmor To: Tom Ritter In-Reply-To: References: <877fddjmxs.fsf@alice.fifthhorseman.net> User-Agent: Notmuch/0.22+69~gd812194 (https://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu) Date: Mon, 27 Jun 2016 13:53:07 -0400 Message-ID: <87h9ceh62k.fsf@alice.fifthhorseman.net> MIME-Version: 1.0 Content-Type: text/plain Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] Using Git for RFC 4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 17:53:14 -0000 Hi Tom-- On Sun 2016-06-26 22:36:03 -0400, Tom Ritter wrote: > Can we use the Issues tracker (either in Gitlab or the IETF tools, but > not both) to note what changes are outstanding (but encourage people > to send the text proposals to the list)? Yes. I think we should use the gitlab issues tracker, not the IETF tools, for the sake of simplicity. I'll see what i can do about adjusting the IETF tools issue tracker to indicate that the gitlab issues tracker is the place to use. As you say, actual discussion should take place on this list. > It would be helpful to have some sort of list of outstanding changes > we have rough consensus to make but lack text proposals. For example, > using a real authenticated mode instead of the MDC is a definite. I'm > not sure if a streaming-friendly mode there is consensus for, but it > could be noted as 'under discussion' or something. agreed. If folks want to document specific outstanding changes please feel free to open them as gitlab issues. If the chairs judge there is no consensus for a specific outstanding change after discussion, we might go ahead and close the corresponding issue. --dkg From nobody Mon Jun 27 12:35:51 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85E1612D5B9 for ; Mon, 27 Jun 2016 12:35:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.2 X-Spam-Level: X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DaRy2jXCBvun for ; Mon, 27 Jun 2016 12:35:40 -0700 (PDT) Received: from shards.monkeyblade.net (shards.monkeyblade.net [IPv6:2001:4f8:3:36:211:85ff:fe63:a549]) by ietfa.amsl.com (Postfix) with ESMTP id F2C0712D7A8 for ; Mon, 27 Jun 2016 12:35:39 -0700 (PDT) Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 7AE0D5BBD28 for ; Mon, 27 Jun 2016 12:35:39 -0700 (PDT) To: openpgp@ietf.org References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> From: "Robert J. Hansen" Message-ID: <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> Date: Mon, 27 Jun 2016 15:35:38 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Mon, 27 Jun 2016 12:35:39 -0700 (PDT) Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 19:35:42 -0000 > Let me give two answers -- one a crypto answer and the other a > standards answer. [de-lurks] Jon, it seems like you're saying "since this is a purely normative document we can be as extensive as we want, and there are good reasons for purely normative documents to be extensive." The presence of an algorithm in the spec tends to create pressure on implementations to support that algorithm. When RFC2440 had reserved entries for TIGER192, there was a small but vocal crowd in the GnuPG community crying out, "we need TIGER192, it's in the spec!" And as soon as TIGER192 was removed, those voices died out -- because hey, it's no longer in the spec. I am completely and vigorously in favor of OpenPGP retaining the ability to be agile with respect to algorithms. (In fact, I'd like to see more work go into this.) But with respect to adding new reserved numbers, due to the tendency of users to see the spec as prescriptive rather than normative, I'd like to see us be more conservative. Also, on a somewhat tangential note -- for more than twenty years we've been talking off and on about a prescriptive OpenPGP RFC, one that would focus on what was a good idea as opposed to what was strictly legal. We've never done it. I'd like to see that change. From nobody Mon Jun 27 12:40:03 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11A3912D0D9 for ; Mon, 27 Jun 2016 12:40:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.127 X-Spam-Level: X-Spam-Status: No, score=-4.127 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aQCfrNbu37Ht for ; Mon, 27 Jun 2016 12:40:00 -0700 (PDT) Received: from prod-mail-xrelay05.akamai.com (prod-mail-xrelay05.akamai.com [23.79.238.179]) by ietfa.amsl.com (Postfix) with ESMTP id B988312D0DA for ; Mon, 27 Jun 2016 12:39:59 -0700 (PDT) Received: from prod-mail-xrelay05.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id A28703F401B; Mon, 27 Jun 2016 19:39:58 +0000 (GMT) Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com [172.27.118.250]) by prod-mail-xrelay05.akamai.com (Postfix) with ESMTP id 8BB8F3F4005; Mon, 27 Jun 2016 19:39:58 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1467056398; bh=0Sy2S6s7R6w7Mw9mrwgZVrUrvH9smB3KiZC9NtUG7Wo=; l=484; h=From:To:Date:References:In-Reply-To:From; b=L58aCH6A2ECy/6sR+YuApZESDgo3rApbMv2mUFZr4d2Co3AvT2BG0Qu2XfmuMJLko aJI4Q/jkBJN+WyL78Kd2ul449akdnhUkwONRjaoSBTRf5bFt+5jwWXCrV61wn0kHQh 2aHpzPDlsACpNSUAGQMVb2VY5C8Ki9KJuyEOccBs= Received: from email.msg.corp.akamai.com (usma1ex-casadmn.msg.corp.akamai.com [172.27.123.33]) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id 85DB11FC88; Mon, 27 Jun 2016 19:39:58 +0000 (GMT) Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb1.msg.corp.akamai.com (172.27.123.101) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Mon, 27 Jun 2016 15:39:58 -0400 Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1130.005; Mon, 27 Jun 2016 15:39:58 -0400 From: "Salz, Rich" To: "Robert J. Hansen" , "openpgp@ietf.org" Thread-Topic: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis Thread-Index: AQHRzvaXj00ZvYzxeUipkq7vFR1qgJ/9gwm4gABIw4CAAA+hgIAAH90A//+9lwA= Date: Mon, 27 Jun 2016 19:39:57 +0000 Message-ID: <86a9b2b7dd8c438e9215a6633e0813fe@usma1ex-dag1mb1.msg.corp.akamai.com> References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> In-Reply-To: <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [172.19.115.73] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 19:40:02 -0000 > The presence of an algorithm in the spec tends to create pressure on > implementations to support that algorithm. When RFC2440 had reserved > entries for TIGER192, there was a small but vocal crowd in the GnuPG > community crying out, "we need TIGER192, it's in the spec!" And as soon = as > TIGER192 was removed, those voices died out -- because hey, it's no longe= r > in the spec. Separating maintenance of the registry from the spec should address this, r= ight?=20 From nobody Mon Jun 27 15:20:17 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2EC812D9E9 for ; Mon, 27 Jun 2016 15:20:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.702 X-Spam-Level: X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LuoP9_l_ek7Z for ; Mon, 27 Jun 2016 15:20:14 -0700 (PDT) Received: from st13p27im-asmtp003.me.com (st13p27im-asmtp003.me.com [17.162.190.112]) (using TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6B9C12D9FE for ; Mon, 27 Jun 2016 15:20:13 -0700 (PDT) Received: from process-dkim-sign-daemon.st13p27im-asmtp003.me.com by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) id <0O9G00100BD0QI00@st13p27im-asmtp003.me.com> for openpgp@ietf.org; Mon, 27 Jun 2016 22:20:13 +0000 (GMT) Received: from [10.119.8.204] (unknown [65.19.130.228]) by st13p27im-asmtp003.me.com (Oracle Communications Messaging Server 7.0.5.36.0 64bit (built Sep 8 2015)) with ESMTPSA id <0O9G00QI2BDJSS10@st13p27im-asmtp003.me.com>; Mon, 27 Jun 2016 22:20:12 +0000 (GMT) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2016-06-27_15:,, signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 clxscore=1011 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1510270003 definitions=main-1606270224 Content-type: text/plain; charset=us-ascii MIME-version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: Jon Callas In-reply-to: <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> Date: Mon, 27 Jun 2016 15:20:07 -0700 Content-transfer-encoding: quoted-printable Message-id: References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> To: "Robert J. Hansen" X-Mailer: Apple Mail (2.3124) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=4d515a; t=1467066013; bh=xUNC79AFO1osNBYUe2mAK0u86aaq6hgOc5FBHfYLV+0=; h=Content-type:MIME-version:Subject:From:Date:Message-id:To; b=ECvct0azKlQGcx/h9H0o6vjsxSb8wMJaKqNaRr36FVC3ZUJs1P5HEebwIWCxLnEOt v9eXmtJHEc4Mrmy5Mudb5051JUpWZhEPo5tTE1b1O5DJbv3cvwWHpnZEZsSYUgD7y3 howycELPzZ7QX5wIotkEBgFALvrHyomPp1x4RhOyVE7T4w2LoVIHE09DuVe0I7OQ3Z vfbmOeG4bFh3RiKa/UE7RlTtgCfDd+6xfOtyCvzWKEFoSa/iQMH1QVHmTlsYfckjcA R8oz5bjMssa0ANb7FEWZq1pl4PGuwc7IGJ5nnNWrZqdBKMPUDj2DhivKTuYUcn6GEx aLhXPaHc+z4Bw== Archived-At: Cc: openpgp@ietf.org, Jon Callas Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2016 22:20:16 -0000 > On Jun 27, 2016, at 12:35 PM, Robert J. Hansen = wrote: >=20 >> Let me give two answers -- one a crypto answer and the other a >> standards answer. >=20 > [de-lurks] >=20 > Jon, it seems like you're saying "since this is a purely normative > document we can be as extensive as we want, and there are good reasons > for purely normative documents to be extensive." Well, no, that's not what I'm saying. It seems to me that you're setting up a straw man. I realize you're = probably not, but that's what I'm saying. What I am saying is that in this *specific* case, the risks of adding it = are low. I recognize that options are good and options are bad. There's a cost to = options, but there's a cost to not having them. >=20 > The presence of an algorithm in the spec tends to create pressure on > implementations to support that algorithm. When RFC2440 had reserved > entries for TIGER192, there was a small but vocal crowd in the GnuPG > community crying out, "we need TIGER192, it's in the spec!" And as = soon > as TIGER192 was removed, those voices died out -- because hey, it's no > longer in the spec. I think I disagree, because one of the reasons Tiger and others were = removed is that they essentially weren't being used. But -- let me just concede the point. We made a mistake in removing = Tiger, then. We removed it because there was no constituency. If there = *was* a constituency and we didn't realize it, we made a mistake.=20 However, let me address your larger point, the "pressure" to support an = algorithm. In 2440/4880 there were two reference implementations, PGP and GnuPG. = For better or worse, PGP did not implement Blowfish (actually, it's more = complex than that -- PGP would *decrypt* a message encrypted with = Blowfish because some versions of GnuPG didn't do cipher negotiation = properly, but it wasn't offered as a choice and never encrypted to it). = It didn't implement SAFER nor DES/SK. It did not implement Elgamal = signatures. It didn't implement Tiger nor Haval nor MD2.=20 GnuPG took the admirable stand of implementing everything in the = standard, but still didn't implement RSA until the patents expired. (But = that is also something that's more complex than the simple preceding = sentence.) I know that today, there are a number of implementations that don't do = Camellia.=20 You are absolutely right that in some places implementers just go and = implement whatever. The OpenPGP community hasn't ever been one of those = places, it's been a raucous group of people with definite opinions and = tastes. That has never been a problem here. OpenPGP is designed so that = people can go play in their own sandbox with no detriment to the people = who don't want to play. Rich Salz brought up a great suggestion -- put the identifier registry = outside the main document, which would help as well. That takes pressure = off of the casual reader. >=20 > I am completely and vigorously in favor of OpenPGP retaining the = ability > to be agile with respect to algorithms. (In fact, I'd like to see = more > work go into this.) But with respect to adding new reserved numbers, > due to the tendency of users to see the spec as prescriptive rather = than > normative, I'd like to see us be more conservative. >=20 > Also, on a somewhat tangential note -- for more than twenty years = we've > been talking off and on about a prescriptive OpenPGP RFC, one that = would > focus on what was a good idea as opposed to what was strictly legal. > We've never done it. I'd like to see that change. Okay. That gets to the core of it. If the standard is prescriptive with = everything as MUST, then sure, you have to be difficult about what you = allow. If you don't want AE because it's an impediment to a prescriptive, = that's a different discussion. We should have the discussion of a = prescriptive standard on its own. Jon From nobody Tue Jun 28 01:18:50 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D999012DB4B for ; Tue, 28 Jun 2016 01:18:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.401 X-Spam-Level: X-Spam-Status: No, score=-2.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.198, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qGVtg4OALdgm for ; Tue, 28 Jun 2016 01:18:46 -0700 (PDT) Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 802F012B051 for ; Tue, 28 Jun 2016 01:18:46 -0700 (PDT) Received: by mail-it0-x234.google.com with SMTP id f6so19787622ith.0 for ; Tue, 28 Jun 2016 01:18:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:content-transfer-encoding; bh=qkLnYzIqnIhPnFQU87+rFBtFLGKKhpxaz2FaF6+OqkY=; b=r9r3AW/MrvOg19zAbKQx4aXxKKoF6aURPRZ0yboQPedoLumvDHNcg6eYDTeM61ulHj lsTCwOhk2BxWRqmLfrL7HuzkjNk5fJW26215jQJ5uDo3enlAvpP98Nxzuk2X9C0TiNj2 mV6ZTQZva5DnbQVIY+EOsur5PqUhDAEzsRcZllb1iXQSIBa4BpwxFpOKnx66w8BKmw0/ E1WA7Dt8e+vZR6MDZbfDnroimo01OTDS4E2PvPW3c4m7S8gjN3VSq/YnRPBPuZGNhN4n JjSmamWUtQvLB1XR+zbE2rpGkieTBfIFkK+5Er1QcaYX0pLKm4hvmZ0v/mghSb2kdmPW hfsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:content-transfer-encoding; bh=qkLnYzIqnIhPnFQU87+rFBtFLGKKhpxaz2FaF6+OqkY=; b=XDn2W+UW6n+fzgmitytDxkdl7hKnThBxKq0TKh0BtopHtkr1KmOzeq+K9iFqTxVzbQ voRugbEClvP9jRSSddGNtVcm/VDsxhGmyXpsnaGV6CXs9ujul9EeaRS7SCAoYI5Md6au vK5WsC+DOt1O1u+4TqYaTOQygHKv+NtdCyEFYqOHqEWJMQPkT19erwzcfj2HKis8GlZY lflWoYQpT09vP9IKJOlCs4h+39R4F8pW2QZASMfHE8Bitw+f+1GrGf0r1YDzctRansz+ ucYokc1s0VRPxu0qzV9FBZBYUevG1EJwR7HEi52mJ85SSihRp8IWqo4BLATqi4eZYF/W XFAw== X-Gm-Message-State: ALyK8tKG9lchuAmfYOic9g/YxzIS/4OslFyUPQdgRQE9YY+dzm8LHn+PTgP08UFSl5Uz0QnooLXIfM/HCAm1wQ== X-Received: by 10.36.60.80 with SMTP id m77mr12500358ita.96.1467101925707; Tue, 28 Jun 2016 01:18:45 -0700 (PDT) MIME-Version: 1.0 Sender: barryleiba.mailing.lists@gmail.com Received: by 10.107.153.78 with HTTP; Tue, 28 Jun 2016 01:18:44 -0700 (PDT) In-Reply-To: References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> From: Barry Leiba Date: Tue, 28 Jun 2016 04:18:44 -0400 X-Google-Sender-Auth: YQE_cEpeI8NsoqytEgRoRm4lDhA Message-ID: To: openpgp@ietf.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2016 08:18:49 -0000 Folks, if you want to discuss the document itself, please change the subject line appropriately, to start a new thread. Please leave this thread for comments about using this draft as the starting point for the work. Barry, as chair On Mon, Jun 27, 2016 at 6:20 PM, Jon Callas wrote: > >> On Jun 27, 2016, at 12:35 PM, Robert J. Hansen wro= te: >> >>> Let me give two answers -- one a crypto answer and the other a >>> standards answer. >> >> [de-lurks] >> >> Jon, it seems like you're saying "since this is a purely normative >> document we can be as extensive as we want, and there are good reasons >> for purely normative documents to be extensive." > > Well, no, that's not what I'm saying. > > It seems to me that you're setting up a straw man. I realize you're proba= bly not, but that's what I'm saying. > > What I am saying is that in this *specific* case, the risks of adding it = are low. > > I recognize that options are good and options are bad. There's a cost to = options, but there's a cost to not having them. > >> >> The presence of an algorithm in the spec tends to create pressure on >> implementations to support that algorithm. When RFC2440 had reserved >> entries for TIGER192, there was a small but vocal crowd in the GnuPG >> community crying out, "we need TIGER192, it's in the spec!" And as soon >> as TIGER192 was removed, those voices died out -- because hey, it's no >> longer in the spec. > > I think I disagree, because one of the reasons Tiger and others were remo= ved is that they essentially weren't being used. > > But -- let me just concede the point. We made a mistake in removing Tiger= , then. We removed it because there was no constituency. If there *was* a c= onstituency and we didn't realize it, we made a mistake. > > However, let me address your larger point, the "pressure" to support an a= lgorithm. > > In 2440/4880 there were two reference implementations, PGP and GnuPG. For= better or worse, PGP did not implement Blowfish (actually, it's more compl= ex than that -- PGP would *decrypt* a message encrypted with Blowfish becau= se some versions of GnuPG didn't do cipher negotiation properly, but it was= n't offered as a choice and never encrypted to it). It didn't implement SAF= ER nor DES/SK. It did not implement Elgamal signatures. It didn't implement= Tiger nor Haval nor MD2. > > GnuPG took the admirable stand of implementing everything in the standard= , but still didn't implement RSA until the patents expired. (But that is al= so something that's more complex than the simple preceding sentence.) > > I know that today, there are a number of implementations that don't do Ca= mellia. > > You are absolutely right that in some places implementers just go and imp= lement whatever. The OpenPGP community hasn't ever been one of those places= , it's been a raucous group of people with definite opinions and tastes. Th= at has never been a problem here. OpenPGP is designed so that people can go= play in their own sandbox with no detriment to the people who don't want t= o play. > > Rich Salz brought up a great suggestion -- put the identifier registry ou= tside the main document, which would help as well. That takes pressure off = of the casual reader. > > >> >> I am completely and vigorously in favor of OpenPGP retaining the ability >> to be agile with respect to algorithms. (In fact, I'd like to see more >> work go into this.) But with respect to adding new reserved numbers, >> due to the tendency of users to see the spec as prescriptive rather than >> normative, I'd like to see us be more conservative. >> >> Also, on a somewhat tangential note -- for more than twenty years we've >> been talking off and on about a prescriptive OpenPGP RFC, one that would >> focus on what was a good idea as opposed to what was strictly legal. >> We've never done it. I'd like to see that change. > > Okay. That gets to the core of it. If the standard is prescriptive with e= verything as MUST, then sure, you have to be difficult about what you allow= . > > If you don't want AE because it's an impediment to a prescriptive, that's= a different discussion. We should have the discussion of a prescriptive st= andard on its own. > > Jon > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp From nobody Tue Jun 28 01:20:57 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9212312DB4F for ; Tue, 28 Jun 2016 01:20:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.526 X-Spam-Level: X-Spam-Status: No, score=-2.526 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6emC-jFiT7Dx for ; Tue, 28 Jun 2016 01:20:53 -0700 (PDT) Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BE6B12B051 for ; Tue, 28 Jun 2016 01:20:53 -0700 (PDT) Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3rdzJL6XP1z21q for ; Tue, 28 Jun 2016 10:20:18 +0200 (CEST) X-Virus-Scanned: amavisd-new at mx.nohats.ca Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id jVcVZSSY7f-q for ; Tue, 28 Jun 2016 10:20:17 +0200 (CEST) Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for ; Tue, 28 Jun 2016 10:20:17 +0200 (CEST) Received: by bofh.nohats.ca (Postfix, from userid 1000) id 5E9B535D630; Tue, 28 Jun 2016 04:20:13 -0400 (EDT) DKIM-Filter: OpenDKIM Filter v2.10.3 bofh.nohats.ca 5E9B535D630 Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 42A6740D6EB3 for ; Tue, 28 Jun 2016 04:20:13 -0400 (EDT) Date: Tue, 28 Jun 2016 04:20:13 -0400 (EDT) From: Paul Wouters To: openpgp@ietf.org In-Reply-To: Message-ID: References: <878txtjnf6.fsf@alice.fifthhorseman.net> <8b0200bf-16a9-76e6-71e7-b2fe445257d2@sumptuouscapital.com> <89ED178E-039B-498A-B201-C9C159A669DD@icloud.com> <381dd7f1-6c74-e4e4-0c24-4dc0c13067bc@sixdemonbag.org> User-Agent: Alpine 2.20 (LRH 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2016 08:20:55 -0000 > To: openpgp@ietf.org > Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis +1 for adoption. Paul From nobody Wed Jun 29 16:05:00 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8F2B12DB13 for ; Wed, 29 Jun 2016 16:04:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.721 X-Spam-Level: X-Spam-Status: No, score=-0.721 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id giXskF3SvcVn for ; Wed, 29 Jun 2016 16:04:58 -0700 (PDT) Received: from elasmtp-scoter.atl.sa.earthlink.net (elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67]) by ietfa.amsl.com (Postfix) with ESMTP id 2743612DB10 for ; Wed, 29 Jun 2016 16:04:57 -0700 (PDT) Received: from [173.75.83.83] (helo=Williams-MacBook-Pro.local) by elasmtp-scoter.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from ) id 1bIOXH-000164-4K for openpgp@ietf.org; Wed, 29 Jun 2016 19:04:47 -0400 Date: Wed, 29 Jun 2016 16:04:40 -0700 From: Bill Frantz To: openpgp@ietf.org X-Priority: 3 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Mailer: Mailsmith 2.4 (470) X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec795083c88f892006a2dbde69bf6ddde1c2350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 173.75.83.83 Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2016 23:05:00 -0000 +1 for adoption. Cheers - Bill --------------------------------------------------------------------------- Bill Frantz | If you want total security, go to prison. There you're 408-356-8506 | fed, clothed, given medical care and so on. The only www.pwpconsult.com | thing lacking is freedom. - Dwight D. Eisenhower From nobody Wed Jun 29 20:19:23 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7CAC12D15F for ; Wed, 29 Jun 2016 20:19:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.327 X-Spam-Level: X-Spam-Status: No, score=-2.327 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_HOME=1, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAAkkqBEz9eI for ; Wed, 29 Jun 2016 20:19:21 -0700 (PDT) Received: from mail.jabberwocky.com (walrus.jabberwocky.com [173.9.29.57]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 457F212B031 for ; Wed, 29 Jun 2016 20:19:21 -0700 (PDT) Received: from grover.home.jabberwocky.com (grover.home.jabberwocky.com [172.24.84.28]) (authenticated bits=0) by mail.jabberwocky.com (8.14.4/8.14.4) with ESMTP id u5U3JJo8003740 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 29 Jun 2016 23:19:19 -0400 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) From: David Shaw In-Reply-To: <878txtjnf6.fsf@alice.fifthhorseman.net> Date: Wed, 29 Jun 2016 23:19:19 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <878txtjnf6.fsf@alice.fifthhorseman.net> To: IETF OpenPGP X-Mailer: Apple Mail (2.3124) Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2016 03:19:23 -0000 On Jun 25, 2016, at 11:30 AM, Daniel Kahn Gillmor = wrote: > This is a call for adoption of this draft by the OpenPGP WG. Please > speak up soon if you have any concerns, or if you think this document > should not be adopted by the WG for some reason. Please also speak up > if you are in favor of adoption. I am in favor of adopting this draft. David From nobody Wed Jun 29 20:46:36 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA4A412D5C6 for ; Wed, 29 Jun 2016 20:46:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.79 X-Spam-Level: X-Spam-Status: No, score=-1.79 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=teklife.info Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IhByBbxHfgLS for ; Wed, 29 Jun 2016 20:46:33 -0700 (PDT) Received: from atropos.hmdnsgroup.com (atropos.hmdnsgroup.com [63.247.142.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41A1912D17E for ; Wed, 29 Jun 2016 20:46:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=teklife.info; s=default; h=Content-Type:Mime-Version:Reply-To:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Cc:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:References:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=PQigT2pSY2leeFedl7EbnkmVey9xPkBaSG2IxNPE0qg=; b=wFgTiyqjmHBbnUYhWLk0BUPqDS CEwqejiMtZM7tKFuD8iYT31wXV+cb7lmcILGHSgzAL7BF/qyH1/H9EtlHVd8GoYsK7riTYvIjLio5 0aLo7ZxVSGitRb1VqHPKRi6Dm7198mmAV7B1popACvrmpVkk042gOHxn767gcAvhPWBCGEBTE3SJj V0Ti7pZPx287wbTKRj/VTTr7mhvc1vYyGGlr4fFNFKY8Q9064JdPAREYGYjCC09QqYePMunlr4hn+ 07CyCGKkl1vqUeRV4iBJNveWw48FlcEqZerdHAALpn9jv/xAYFlMs/x2RRHJ7mwE6bUA8zC/EAwsX i+hUMZDA==; Received: from [76.26.84.151] (port=51929 helo=[192.168.1.3]) by atropos.hmdnsgroup.com with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from ) id 1bISvf-0002iT-6c for openpgp@ietf.org; Wed, 29 Jun 2016 23:46:15 -0400 From: Levi To: "IETF OpenPGP" Date: Thu, 30 Jun 2016 03:46:20 +0000 Message-Id: In-Reply-To: <878txtjnf6.fsf@alice.fifthhorseman.net> User-Agent: eM_Client/6.0.24928.0 Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="------=_MB0A533B71-B876-497F-8197-358EE1C42313" X-HMDNSGroup-MailScanner-Information: Please contact the ISP for more information X-HMDNSGroup-MailScanner-ID: 1bISvf-0002iT-6c X-HMDNSGroup-MailScanner: Not scanned: please contact your Internet E-Mail Service Provider for details X-HMDNSGroup-MailScanner-SpamCheck: X-HMDNSGroup-MailScanner-From: levi@teklife.info X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - atropos.hmdnsgroup.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - teklife.info X-Get-Message-Sender-Via: atropos.hmdnsgroup.com: authenticated_id: levi@teklife.info X-Authenticated-Sender: atropos.hmdnsgroup.com: levi@teklife.info X-Source: X-Source-Args: X-Source-Dir: Archived-At: Subject: Re: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Levi List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2016 03:46:35 -0000 --------=_MB0A533B71-B876-497F-8197-358EE1C42313 Content-Type: text/plain; format=flowed; charset=utf-8 Content-Transfer-Encoding: quoted-printable +1 :) ------ Original Message ------ From: "Daniel Kahn Gillmor" To: "IETF OpenPGP" Sent: 6/25/2016 11:30:53 AM Subject: [openpgp] call for adoption of draft-koch-openpgp-rfc4880bis >hey OpenPGP folks-- > >We've had a slow start on 4880bis, but i'm hoping we can get things >moving again. One of the things we need to do bureaucratically is to >officially adopt a specific draft as the basis of our ongoing work. > >Werner Koch has prepared and submitted the beginnings of the new >revision of RFC 4880, the current version of which you can see here: > > https://tools.ietf.org/html/draft-koch-openpgp-rfc4880bis-02 > >This is a call for adoption of this draft by the OpenPGP WG. Please >speak up soon if you have any concerns, or if you think this document >should not be adopted by the WG for some reason. Please also speak up >if you are in favor of adoption. > >A brief reminder of what adoption by the WG would mean: > > * this draft would become the *starting point* for RFC 4880bis; the > draft is currently not complete, but it would be the basis upon=20 >which > the group would build the new proposal. > > * Werner Koch would be the document editor, but the decisions about=20 >the > draft would be made by the working group. I want to thank Werner=20 >for > his willingness to put in his time as the document editor. > > * Since our charter (https://datatracker.ietf.org/wg/openpgp/charter/) > is aimed primarily at making a revision to RFC 4880, we would > hopefully focus our efforts on contributing review and amendments to > this draft, with a goal of driving it to IETF Last Call within the > year. > >Please give feedback on draft adoption! > > --dkg --------=_MB0A533B71-B876-497F-8197-358EE1C42313 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable