[openpgp] One last AEAD nit
Jon Callas <joncallas@icloud.com> Tue, 02 April 2019 21:07 UTC
Return-Path: <joncallas@icloud.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1932A120077 for <openpgp@ietfa.amsl.com>; Tue, 2 Apr 2019 14:07:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, KHOP_DYNAMIC=0.85, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x2VTZmXyZ_BP for <openpgp@ietfa.amsl.com>; Tue, 2 Apr 2019 14:07:29 -0700 (PDT)
Received: from mr85p00im-zteg06012001.me.com (mr85p00im-zteg06012001.me.com [17.58.23.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 445271202ED for <openpgp@ietf.org>; Tue, 2 Apr 2019 14:07:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=04042017; t=1554239245; bh=325pI9f78TTZKGIUbb3owzKFtBkzykWYCVO0z1mIy30=; h=From:Content-Type:Mime-Version:Subject:Message-Id:Date:To; b=eXqFMe6Ns0eksrSdbXlWI7jRuhC9v8pDebIg1q0c97wfUuX3TJ4VrKHXrerasOePN wx+xw+pVXoJJfcakIgFPc/9SVJsaenMD4AIhBYOYcz5FBNnddDgj5J9Xk0Mq7Xwmnp 2cmsCX0fnsMkDrIOaZlfYyQanoZIE9xAzR/cEyw8qWDCu6QlPVcyVbqIblu4NG5WEE rZ7UvgUYklJSihaP0cWZmGdiMfOri9BtaC5YU5vruLIdEss9BdzpdM7Bbj/nlK8THL /Buq2NMAryroJI4C2C6A2jibinvgL9HwmtNCYM/YaKxPVBZWjZWu2/FdPT1WZ7HUBt n33kQYISEC3qw==
Received: from [10.125.12.102] (67-207-120-150.static.wiline.com [67.207.120.150]) by mr85p00im-zteg06012001.me.com (Postfix) with ESMTPSA id 89AF1A000FA; Tue, 2 Apr 2019 21:07:25 +0000 (UTC)
From: Jon Callas <joncallas@icloud.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Message-Id: <575B7FAD-C8D6-48CF-AF6A-AC975EF3BF5F@icloud.com>
Date: Tue, 02 Apr 2019 14:07:24 -0700
Cc: Jon Callas <joncallas@icloud.com>
To: "openpgp@ietf.org" <openpgp@ietf.org>
X-Mailer: Apple Mail (2.3445.102.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-04-02_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 mlxscore=0 mlxlogscore=786 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1812120000 definitions=main-1904020141
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0a1j6j5sknQewy3ENV6Lw13sw0A>
Subject: [openpgp] One last AEAD nit
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 21:07:31 -0000
This is another issue about the different semantics of communications security and storage security. Consider the case of someone who archives files and encrypts them with OpenPGP. Handwaving a bit, let’s just say it’s a .tar.gz.pgp of some source tree. Now consider that there’s a media failure and that failure affects one byte. If that was encrypted using the new AEAD encrypted data, we have nominally discussed that there should not be a release of the data. Yet I need it; there’s no other copy (or there *are* copies, but the copies are of the same damaged file. The owner of that file needs to get as much of it back as possible. Thus, there needs to be an option to ignore the AEAD error and just give the plaintext. If the specification says MUST NOT, then this an issue. We need an escape hatch. I can think of a number of ways to do it, for example it could say something like “MUST NOT by default..." Nonetheless, we need one so that people can pry open a damaged file. Jon
- [openpgp] One last AEAD nit Jon Callas
- Re: [openpgp] One last AEAD nit Neal H. Walfield