Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01

Ronald Tse <> Fri, 05 January 2018 21:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 022B612D87D for <>; Fri, 5 Jan 2018 13:11:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id WtDeqT2pXZjz for <>; Fri, 5 Jan 2018 13:11:55 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 709B712D890 for <>; Fri, 5 Jan 2018 13:11:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-ribose-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=bUZsVpJBOfkSvavGFu7zCZn/jUfDdTvljdB7wiBJSAU=; b=tqCaddd4wP+gR2BfDXJ4qIBuyEodrcqpM7Yte51z/HTt/6KkVRoz1NKTNHrXhgpu4Pi/bo3jm5/Jv8pZ2pR/BnqYXGvtshbCK2pp+IM3g2Yi67utPnITS99gh2uiqRkXCTqTIiqfhQU5DBxzuCO+AtGrSbn70aZg8bBkTB6OjqE=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.386.5; Fri, 5 Jan 2018 21:11:43 +0000
Received: from ([fe80::b8eb:ed00:f921:128b]) by ([fe80::b8eb:ed00:f921:128b%13]) with mapi id 15.20.0386.006; Fri, 5 Jan 2018 21:11:43 +0000
From: Ronald Tse <>
To: Bjoern Tackmann <>
CC: Alexey Melnikov <>, "" <>, Nancy Cam-Winget <>, "" <>, Tim Polk <>
Thread-Topic: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01
Date: Fri, 5 Jan 2018 21:11:43 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; PS1PR01MB1049; 7:u3SFZasJF2NyP8MGDfV6/mU3uH+e3yvDeBin7V8prRFcD0fF7AgJ1s8OgqCYOdVC6iIc2cbYpHlE6ryQiXaN5C6s0eXrhR3xPa2YfGwjL8NTOXhjMczXwHhIliIRuOY753WdG06uMgWOJd9qotJu9d0M4pYwss/BAdDoD3xG4dImDyDdxMHfecB3Ldoqcvjg2FPNBideiHjagaBJR7ouQBWJ88Z3/NqE1MSCabN2ju7Fkgw0ZckeMObcWum+Sbbi
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 639ac3e4-de68-4798-977e-08d55480ec36
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4603075)(4627115)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060); SRVR:PS1PR01MB1049;
x-ms-traffictypediagnostic: PS1PR01MB1049:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(8121501046)(5005006)(3231023)(944501075)(3002001)(10201501046)(93006095)(93001095)(6041268)(2016111802025)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(6043046)(6072148)(201708071742011); SRVR:PS1PR01MB1049; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:PS1PR01MB1049;
x-forefront-prvs: 05437568AA
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(39380400002)(376002)(39830400003)(396003)(346002)(189003)(24454002)(199004)(83716003)(53936002)(82746002)(6512007)(86362001)(3660700001)(6486002)(66066001)(99286004)(8936002)(606006)(5250100002)(33656002)(3846002)(36756003)(6246003)(93886005)(230783001)(236005)(6116002)(81156014)(25786009)(4326008)(81166006)(68736007)(8676002)(54906003)(316002)(6306002)(54896002)(6506007)(59450400001)(7736002)(2906002)(102836004)(2950100002)(6916009)(53546011)(3280700002)(2900100001)(97736004)(345774005)(413944005)(966005)(8656006)(229853002)(105586002)(5660300001)(76176011)(14454004)(478600001)(106356001)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR01MB1049;; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 9RbbTV1FRAx8v2cYvtisM6t/21XcY3xj4GYjeenLloP23P3fFNpaAEx0TatOY+zHnbeyzFd9Qf1eq/KvwbU7YQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_6DA15E371AA64E179114626990AB21C2ribosecom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 639ac3e4-de68-4798-977e-08d55480ec36
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2018 21:11:43.6153 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d98a04ff-ef98-489b-b33c-13c23a2e091a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR01MB1049
Archived-At: <>
Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 05 Jan 2018 21:11:57 -0000

Dear Björn,

Agree with having the documents ready for the full specification.

And you are absolutely correct that the Key Exchange section is unnecessary. Originally we thought the section would better explain why the OpenPGP implementation specifically excludes that particular part of SM2, but the section turns out to be a distraction to the reader. We shall reduce that section into a sentence indeed.

Thank you for the review again and the great suggestions!



Ronald Tse
Ribose Inc.

On Jan 4, 2018, at 9:41 PM, Bjoern Tackmann <<>> wrote:

Dear Ronald,

On Wed, Jan 3, 2018 at 4:18 PM, Ronald Tse <<>> wrote:

If I may clarify, the SM3 and SM4 Internet-Drafts already provide detailed descriptions of the algorithms and also include reference implementations, and are ready for CFRG review. The SM2 draft is currently being updated (apologize for the delay…), and should provide a similar level of detail to those two when the update is complete.

yes, I am aware of that. The SM3 and SM4 drafts were helpful and seemed to be in good shape already, and you had told me that you were working on the SM2 draft. This was not at all meant to be negative, I just think it would be advantageous to have these documents as RFCs together with the one I reviewed, so that one can have a full specification available.

Some idiosyncrasies, as you have rightly pointed out, come from the definition of the SM2 scheme itself and the OpenPGP standard, so there’s not much we can do about. SM2 is a set of three algorithms that include digital signatures, public key encryption and also key exchange. That’s why the SM2 draft included a section on key exchange — it was not included in the OpenPGP draft because it is not suitable for usage in the OpenPGP context. The SM2/SM3/SM4 documents exist independently from the OpenPGP document that is being reviewed.

The draft I reviewed [1] had a Section 4.2 called "SM2 Key Exchange Protocol", and I did understand why it was there. It did not seem to be necessary to follow the subsequent parts.