Re: [openpgp] Expiration impending: <draft-ietf-openpgp-rfc4880bis-01.txt>

Kristian Fiskerstrand <> Tue, 04 July 2017 07:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BAF69131A2A for <>; Tue, 4 Jul 2017 00:29:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.935
X-Spam-Status: No, score=-1.935 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id KDYMIRmjtiEi for <>; Tue, 4 Jul 2017 00:29:42 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4010:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8FCAE131A18 for <>; Tue, 4 Jul 2017 00:29:20 -0700 (PDT)
Received: by with SMTP id h22so113786161lfk.3 for <>; Tue, 04 Jul 2017 00:29:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to; bh=uu9E8TXdyQnrPEkr7mY100n+X9nMZ7gbmP6V8nLv9iE=; b=W4/L7dkdx1dXrLmW5BUnYHvCRT+lh6X47klknfKb3rX7wfFFkZAQNxeFdleqtdVDkS GH9SJVBQf4rSXu/8fyu0H1m2myzvyF3H94JE813a+q3KTn/4SxExNmQ720enqumEU8Dq 7AThIrI+ktq+EFCROGJJuDemTYxt6svuL18mOBkjLz+YHDuE28v7vzXuT7Ecynxq6g3T efPpwns5xJwIrnJlJGy+Q948uZPn9+DjVjZy4e9RVww28hhLk6DRGeGobatw/BAvAERo i5QCKOake/LcNm6ez1VpHWdJ++/jkfjCCUoswF7tEcYnEcmUU4HV0iLgJYlRkTfnXqBc V+nA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to; bh=uu9E8TXdyQnrPEkr7mY100n+X9nMZ7gbmP6V8nLv9iE=; b=HARjYHAIq65KAb04qc7AXnNni1VI3We15bLTfPNxUfZ8j4lOp5DOVdSB141R8f3RCh CdGBQaqNNaWUvt2uCrQRdPZknuJHpgB8HcSWpOVN9+eI07paNphUEGiAEl1OVIjXEN3C ao82KuqAcoggvj4EDC+8KulVtOBY25NVEjkeGU9/+yPc9nfybA8ts3cKRudyuZuh0IlE bIPgLdgaZo9lbDmqlkV82XaeEVTk/8cNxiS9QcGJQhvazdt9/uYciRFVnHtmEwjWgXqC T1VnEEht9XimXgu/FXAwYpj63mr7SVRSEXg25KMTS2sBdPEQ0M6xmAe6cW7Q3jwDO0Ww vpLw==
X-Gm-Message-State: AKS2vOwJfX9yNw7XQxAHTzTiLxjqGMC7rR1ob5o4eVNRwInoT0BUYXEt Hgo0prgTN0tXYhYQFQ+fRQ==
X-Received: by with SMTP id l16mr12324638ljb.100.1499153358331; Tue, 04 Jul 2017 00:29:18 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id g4sm3144968ljb.14.2017. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 04 Jul 2017 00:29:17 -0700 (PDT)
To: Peter Gutmann <>
References: <> <> <> <> <> <> <> <> <> <>
Cc: "" <>
From: Kristian Fiskerstrand <>
Message-ID: <>
Date: Tue, 4 Jul 2017 09:29:10 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7M1PFtdPTwEslpJCu4WbHENJ4S5R27Sqm"
Archived-At: <>
Subject: Re: [openpgp] Expiration impending: <draft-ietf-openpgp-rfc4880bis-01.txt>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 04 Jul 2017 07:29:49 -0000

On 07/04/2017 06:01 AM, Peter Gutmann wrote:
> OpenPGP is still too good enough, there's
> lots of things there that you can nitpick but nothing really fatal, or even
> close to fatal. 

This sentiment seems similar to my own considerations with regards for
need to change. If we are to change, lets do it right, not just some
small nitpick, in particular with regards to removing some complexity
since it is breaking backwards compatibility anyways (I'd propose e.g
getting rid of trust signatures for V5). The most common complaint I'm
hearing about OpenPGP is that it is too complex, as such I'm beginning
to change my mind as to whether protocol agility is only a good thing,
maybe we should work more on getting to consensus and reduce
implementation complexity in order to make it possible for better
auditing of implementations etc.

Kristian Fiskerstrand
Twitter: @krifisk
Public OpenPGP keyblock at hkp://
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
Nil satis nisi optimum
Nothing but the best is good enough