IETF Logo Mail Archive

Re: [openpgp] crypto-refresh finished? (again;-)

Vincent Breitmoser <look@my.amazin.horse> Wed, 21 June 2023 22:26 UTC

Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64360C14CE42 for <openpgp@ietfa.amsl.com>; Wed, 21 Jun 2023 15:26:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.998
X-Spam-Level:
X-Spam-Status: No, score=-6.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=my.amazin.horse
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EmLej_7hcV7Z for <openpgp@ietfa.amsl.com>; Wed, 21 Jun 2023 15:26:54 -0700 (PDT)
Received: from my.amazin.horse (my.amazin.horse [IPv6:2a03:4000:3f:29c::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B446C14CF1D for <openpgp@ietf.org>; Wed, 21 Jun 2023 15:26:54 -0700 (PDT)
Received: from [IPV6:2003:d2:1f4d:ee00:ae5d:7bd0:7f5d:92b1] (p200300d21f4dee00ae5d7bd07f5d92b1.dip0.t-ipconnect.de [IPv6:2003:d2:1f4d:ee00:ae5d:7bd0:7f5d:92b1]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by my.amazin.horse (Postfix) with ESMTPSA id 778CD6A392 for <openpgp@ietf.org>; Thu, 22 Jun 2023 00:26:51 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=my.amazin.horse; s=2020; t=1687386411; bh=2PxHsBVhByF691JZZgnbf6EHlN+NbbFLB3gwasZJCEk=; h=Date:Subject:To:References:From:In-Reply-To; b=Eb/ifz2FUQMVAXhjdmUNxPGujn8KuPcNan4sXwi0iEJKLLvaGcmWoXiV37HjhMErF yq48M2mXQYVbVSAjqiQDsLuSAmxvQYh7y2AzpZ8xiYpgTqQQgPJDZG38bG25rb3Yr1 hCzhIllXMA/XiWSJcWxip04LKmn883SL/nxDj3Ic=
Message-ID: <ec5a9e23-0eff-6e6d-0d2f-ccf031a8f3f9@my.amazin.horse>
Date: Thu, 22 Jun 2023 00:26:50 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1
Content-Language: en-US
To: openpgp@ietf.org
References: <7b9d62a6-8570-ca81-c0bd-0f31d6cd136c@cs.tcd.ie> <aea6b745-0e65-ac19-077e-8f389868b658@cs.tcd.ie> <87mt0sn3rz.fsf@wheatstone.g10code.de> <9d0b21de-f3b9-d2fe-2110-5386a27d0461@cs.tcd.ie>
From: Vincent Breitmoser <look@my.amazin.horse>
In-Reply-To: <9d0b21de-f3b9-d2fe-2110-5386a27d0461@cs.tcd.ie>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/0lLtJwIxLdLLapmsTJ8f-u-cjKw>
Subject: Re: [openpgp] crypto-refresh finished? (again;-)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jun 2023 22:26:58 -0000

Thanks, Stephen. From my perspective, you have said all there is to say 
here.

I would like to encourage everyone to focus on the way forward for the 
spec, and let this part of the conversation rest.

Cheers

  - V

On 22.06.23 00:12, Stephen Farrell wrote:
> 
> Hi Werner,
> 
> On 21/06/2023 18:06, Werner Koch wrote:
>> Hi!
>>
>> Given that question and suggestions from major implementors have not
>> been properly discussed and taken in account, I doubt that there is
>> sufficient consensus in the WG for a new RFC or even an IETF Last Call.
> 
> Process-wise, our AD has picked chairs and it's we who call
> consensus so it's not useful for WG participants to try to
> usurp that role as you've done above.
> 
>> In particular Kai Eggert's mail from 8 Oct 2022 "Re: [openpgp] a new
>> draft overlapping the WG draft" [1] had well thought out suggestions
>> which were never seriously discussed.  Ronald Tse's reply and questions
>> as a followup on the same day stated for example:
>>
>>    2. For those who have stayed long enough at the list, we remember that
>>    the current iteration of the "OpenPGP WG" resulted from some advocates
>>    trying to “shove out” the original 4880-bis. And 4880-bis did get
>>    thrown out. This was not appreciated. The original intent of
>>    reestablishing the WG was to “build on” 4880-bis, not throw it out.
>>
>> and thus challenged whether the new I-D is covered by charter of this
>> WG.
> 
> We had that discussion and called rough consensus back in
> Oct/Nov 2022 and the WG were good with that. I'm sorry that
> you're not part of that consensus but there is no need, and
> no onus on us, to revisit that topic again now.
> 
>> The multiple roles of dkg as 1) WG chair, 2) contributor and Debian
>> maintainer of Sequoia-PGP, (3) main force behind reformatting the
>> original markup of rfc4880bis, (4) actual author of large parts of the
>> crypto refresh draft was probably not helpful for a purposeful work on
>> an intended and chartered small OpenPGP update.
> 
> As co-chair I'm entirely happy that all that was done well
> and fairly. And I did explicitly consider that as we went.
> 
>> Since the OpenPGP WG was established more than 25 years ago, the group
>> has produced and maintained specifications to everyone's satisfaction
>> without throwing over actual use cases of OpenPGP.  We earned a well
>> repudiation with this solid consensus based work.  I wish we can keep
>> this and get back to a friendly and fair interaction; beating a
>> specification update in the current way is not the right way.
> 
> Frankly Werner, I consider that your unwillingness to accept
> that the WG consensus is not as you'd like has been the most
> recent pressing problem in that space. Again, I think that's
> a pity, but we did specifically discuss that situation and
> resolve the issue to the satisfaction of the WG. I hope that
> in time, you'll accept that you're in the rough (not an easy
> thing especially for someone who's invested such effort in
> this space over the years) and we can put that divergence
> behind us all. But if not, as the WG have worked to ensure as
> best we can that that divergence doesn't lead to interop
> problems that could be avoided, things will pan out as they
> will and the world won't end.
> 
> Cheers,
> S.
> 
>>
>>
>> Shalom-Salam,
>>
>>     Werner
>>
>>
>> [1] 
>> https://mailarchive.ietf.org/arch/msg/openpgp/AJEE9_pmfV2SH9dd3EM6v2jEQpI
>> [2] 
>> https://mailarchive.ietf.org/arch/msg/openpgp/EgILWBGqU_qvbRLLdbR3jxvMZyc
>>
>>
>>
>> _______________________________________________
>> openpgp mailing list
>> openpgp@ietf.org
>> https://www.ietf.org/mailman/listinfo/openpgp
> 
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

v2.37.1 | Report a Bug | By Email | System Status