[openpgp] Re: SEIPDv1 algorithm obfuscation when using persistent symmetric keys
Andrew Gallagher <andrewg@andrewg.com> Tue, 10 February 2026 22:56 UTC
Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 68ED8B50850B for <openpgp@mail2.ietf.org>; Tue, 10 Feb 2026 14:56:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXXhrY2ERaIW for <openpgp@mail2.ietf.org>; Tue, 10 Feb 2026 14:56:27 -0800 (PST)
Received: from fum.andrewg.com (fum.andrewg.com [IPv6:2a01:4f9:c011:23ad::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E306FB5084D9 for <openpgp@ietf.org>; Tue, 10 Feb 2026 14:56:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1770764177; bh=nxS/HPvi+MU6OHWjdW0Jovxq0dhKOfe8BY3BBYo4ZJc=; h=Date:Subject:To:References:From:In-Reply-To:From; b=hlDJ1XF1xT//kj64oDu5dhw+EgNRJ5YJ1BKbUlhzvbs01jL7FJcrqg+3V6aHiVQrs 9kBuwxvXrYiZCFEAthoBxT7WzAvoGNfhdyE+g8HIK7iBqJiV5vUVED5Kc2Q64/vN5g olBCh46K6fprjLd6F8Eh9xSZmL0adSebFySsrx4m44KdNctFxdAKtkhL2uPAQxAL2v 9W9OXr5+o7wpSQ8RxrG4iLSrskbyukVLP9nFRx9ofi+d2RLmzDHf227yqufB2cqatw wCdLtRYI2qU73qAdQM3+1doYb5rx9C9rv0s+DLaIMep+xOt07PYABLei2JfG6xJlAB 0X20xiDzyyPIw==
Received: from [192.168.1.140] (unknown [176.61.115.103]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by fum.andrewg.com (Postfix) with ESMTPSA id 3C8015E2CD for <openpgp@ietf.org>; Tue, 10 Feb 2026 22:56:17 +0000 (UTC)
Message-ID: <76069e69-dec7-4e11-ba38-f894df26f610@andrewg.com>
Date: Tue, 10 Feb 2026 22:56:16 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird Beta
To: openpgp@ietf.org
References: <bjPZ8UJ_FSaCQGBoQyNY9UKBPeAGYvjKXNgnAAS3o2tH3EDfJ72huCjlRApuD2DYG3C3HC_dunAAIQupQ6tYYPKlvwyKY8rzD2MlK2D3ZNM=@protonmail.com> <1-WHKToLVe62A-6conl4dv9QRdQJFEBQiK6K7KmGylWSlgjlUevQz8xvEdTr7__mCDJKo4UzxQpFuV7ScYnQEwefp5CZZjLCr4QocDAj5fw=@protonmail.com>
Content-Language: en-US
From: Andrew Gallagher <andrewg@andrewg.com>
Autocrypt: addr=andrewg@andrewg.com; keydata= xsFNBFHTCDIBEADiJmuYBVn/Sbk6vlPiqC4Wmi23F3Fl9NECeR8FZy98lOVrblJReueegL4Z HfOG2lN0+0Vt6SWjqqg2rZD6E2Ib8V0BST1AB7R2QoMM5wv8hmvadVKj3WO2inLM1ps8j1cB 27Rt+x8BoRCGTG+lkSLzBfk7uaTkbbk5TWys7PxRdCPYSYlznkGL9p8WK8uuN5mQwUM5MDTh 8jBpWHzUVw2HOf7yUnXR3qQzJXJpza2g2LA7eK6+DDvVPWbPmqRf5RdenborWSZjIqsFx8N5 d/DA4SmDO4CUYl8NDxFWa5ijukaPrzuuyTla5lnYJAixI7JjbJ4EUK72pcEQfA2sOnHgIbC/ M6sbU7d46xYkkVXzogoVBVVWLfP8E+ZP+ZszlWm9zjNI92wEJYKsJr0/weRDMtnS1p4qBxrb zVOIkVI5XvNINKOkreek5Mj79J4CMGX92x9sv0KMRqe+CKcz6yF90xvn7+IiZv9KjmilwZYJ diHdjDErdn/JjNp7uvXNWshxe+pqQykKNRW+/BAV2tzibLjI0KOiMxW5AIsXnfqBEaOsh0zl KoUtVDpFD2UbyVHnD1xdIpg59SpOWxWmkHF7PlM/gfQPO8HLEbYZsGeVIUat71l4y0Z17DuT vLKghNNlTpzdlUgmfQJYrIC2is+Xy6toaJCf85UqIZZ8gh3QqQARAQABzSZBbmRyZXcgR2Fs bGFnaGVyIDxhbmRyZXdnQGFuZHJld2cuY29tPsLBlwQTAQoAQQIbIwIeAQIXgAIZAQULCQgH AwUVCgkICwUWAgMBABYhBADMVMagxgFpGvSTH/tz4hrxFjk3BQJm+EVVBQkY56QjAAoJEPtz 4hrxFjk37/EQAN32eSqJXjACE4ElxqCK1xgRTnj60qVz3ptp/0xhOMWnvz0Gd9WQRmka/Lua VbVuKBcIqduB08u2SSmOAddp9PynB3AGbtvOkEUGFT0sNcTrVEBnDop2jlqyFh1Oop1PAzvk 9m5+Pku+pRdD1Kj893k5aY/qCUdSSB8tokutM+Zle9T9ZlXNkypOLMB2e+JCh+hAXsFh67JG WOOfz6TGW+Ehu915E3WnGX52xvIIkLytlibgi5LT5omJjZ9p6Aj2i394+dfEUXARXK84XRiX 2q/cPHhTNaoFEf3kJMaJFBkFHoos8DawnEvdX12/var0TuiDLaUiUDS+PxVQ+Oa9ZlGzFdx7 a8az+YzyBTGdH/m/uS8w7RVVxpgiepU5pCzy8kzwUpPCDrQEyOgdT+lx6jk4bmTceg0yqs5F 80PvgRKel3ZhmaR7DjZJ+tFQmO/XdV0Yw5qy1qKRf0j5d3YQi8tSFL9/aWCqbmXHqh+bLHQo hHOHusxQMEhWubYNQMFZgP0oXV2h6cYCZGS2AmmYZPBKgkPxW1GELwyKTM3NKH3dJQwUXFe8 RPVvHCKFrrbUh5aEUuu60LNlcUujGGJqpPQaRk1/6uFzb7Dr7rHPegAMmKCRay1CfdbE6lCe aumi2cL2Z+u7PPBQZGmU6e22w9JVGybozGFr12uJt+CVMyKUzsFNBFHTCDIBEADWeAAZf/ks uqUjurko99tCUAztZznqUATZ6nZ7YTv1AQktoHrK7B4K7Wdt+Mwp+P0Ytqv+CuU+lLLJhkkd M2I7J5kk8M3V7mFySgSS7kaS3m2wbawxM+hQqS4W3LFLApVKQyNr46vhBvN6meYcSMcvh2X8 j5jxCkt3V9AgeKfokD1ZEZx0mFQVvMugAKFGwrBur5jPSDnvkq8LUgyRq+XPYHTkKNmlU3fz R5EiVrSSWlmdUFnJlG0giprX0rV/uGsukqZYp3JzgwpyfxAjGkpA9lRDp2kyjXTV5mCXEbwg 53sFxHJOcmt2fXXal/XWRNS4MDVd1TDYhesdEUmKWO4nwzw6CjqcrfJV5ky81k6wZNPvbY9I /RyKnEiZS8wC1igNPCoMf4IlVfzGcmspDju77EeEPAopmEyuHSxgUJwAjb/RoS5YsROJ+NET jlAHv0wyiNw9RJtgb8P16FrQ07z8oT8C3EWnGU4BcUdDULdeX2Sifannhj3yFWf1ximOXTmG D/qlmb5IDUQHaTi5eV3AxHgNynDr9IFzRbiAui1WC8iO0oi895Vibgp7xeg8KCW0CNH/g9pE /cTf/g7xU6Aj3UTyyvUILjh3ayuIPWtITDxR9tTQNIEbzqg+u5qbJbaoYmDOEVgWVrUudhkT 8xHWg9CQkOg91FMZc93A3Gj0NwARAQABwsF8BBgBCgAmAhsMFiEEAMxUxqDGAWka9JMf+3Pi GvEWOTcFAmb4RW8FCRjnpD0ACgkQ+3PiGvEWOTdjABAA1IOV32mulVAcjv4cWXkV+SUG0O3h ZNIqY2X+vVmbOmmLk35+pwUphz2qwwMbv/J7sseBSijgw4/H1o6I4fHCChmSUd/6pr1hPD3k aG8RlE9DFL1JgpG1hdM088bt0fZmTLg/3//fF855u9MlTt2A7KtQTbBnDA6yOWKdU256eYeN W6vvT/VtOw5y/E0Bs1aL5TuvRGYbf5wrh7c//oCevGgLqiPjNos2REsjH5+IHWtHcCdkp5sj 2k+tnXma3pHHV7jClrlZgrWF5k3SLGCPxqn9cLwqG210OaXdnvQNgiAJKtt0ei7KqAv468vR wmkkAKABxGe2dKrdLGlGGjoXDIskIkC8FHcnD5lDYkFu060wASuWn0EfPgNPfqxnTbMFAT6R LzmmHIidjGor+QbSDk5/lTtrBo9LcLwUte7d/CIMAkBcBKS00S72eAOqRchOKFdSz4x0I4z1 jqI07C2uy93nqcVvj8hkUSdpu0PQco/4Pd9KhgbEPNZwxQTtYzuTG62PTyJAjgDVA4AOlD+G yxOa4T8remUp2mv+0OTagw5h7nIJO9Ldjv6Ois+0Unf++l2kpee2YpyVyDjXNOBGkchsFt9z z9hh+GgJ4YYGBk3wst+f4mFM3qePKQtoIqH8tpO8y9e9lBoOmgtDWEniXoYRB5I5YHDuYNz/ DuWw/Q8=
In-Reply-To: <1-WHKToLVe62A-6conl4dv9QRdQJFEBQiK6K7KmGylWSlgjlUevQz8xvEdTr7__mCDJKo4UzxQpFuV7ScYnQEwefp5CZZjLCr4QocDAj5fw=@protonmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Message-ID-Hash: C7N7EXCTOSKTQCQSMK5B677LSG7OU6IK
X-Message-ID-Hash: C7N7EXCTOSKTQCQSMK5B677LSG7OU6IK
X-MailFrom: andrewg@andrewg.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: SEIPDv1 algorithm obfuscation when using persistent symmetric keys
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0XZ1shq9HyBXL356fuAy-B3vDtY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hi, Daniel. On 10/02/2026 14:02, Daniel Huigens wrote: > Due to the cacaphony of opinions on the list, I went with the option > that seemed most reasonable to me: I've added the SEIPDv1 algorithm ID > inside the encrypted session key, like ECDH and RSA do, but I've not > added the option of padding (unlike ECDH), as I don't think it's widely > used anyway. Let me know if there are any objections to this. Apologies for not chiming in earlier. I didn't have a particularly strong opinion, but your proposal seems reasonable to me. :-) A
- [openpgp] SEIPDv1 algorithm obfuscation when usin… Daniel Huigens
- [openpgp] Re: SEIPDv1 algorithm obfuscation when … Daniel Huigens
- [openpgp] Re: SEIPDv1 algorithm obfuscation when … Andrew Gallagher