Re: [openpgp] First remarks on the last I-D
Paul Wouters <paul@nohats.ca> Fri, 10 June 2022 13:54 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4056AC15B249 for <openpgp@ietfa.amsl.com>; Fri, 10 Jun 2022 06:54:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id odXm41x2iQAV for <openpgp@ietfa.amsl.com>; Fri, 10 Jun 2022 06:54:36 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 198E0C159497 for <openpgp@ietf.org>; Fri, 10 Jun 2022 06:54:35 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4LKMs61lLWzDZR; Fri, 10 Jun 2022 15:54:34 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1654869274; bh=ebgMtEQyPAFgZqmV6GF92tG/1vLuOVkXGutVyFAIU8k=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=UWxJzbweTbFq4ddHrrMJ18qgr4jM0+xYHe8tlJ16ghmJzVNMoB0ySZz4+ESgQkgtC nXK0wqZfbaiWdV5Zv5H2xLabDo19fzDvWtqQ42k4QhUE3E4MCPckTXc8heHntLR1m8 iO+bsAgkhLV/pJ658Jw1QdopmVoR8kKfRrnrdUvM=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id e0X6nLpoHrTI; Fri, 10 Jun 2022 15:54:33 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Fri, 10 Jun 2022 15:54:33 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 6ED3738B13B; Fri, 10 Jun 2022 09:54:32 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 697EB38B13A; Fri, 10 Jun 2022 09:54:32 -0400 (EDT)
Date: Fri, 10 Jun 2022 09:54:32 -0400
From: Paul Wouters <paul@nohats.ca>
To: Jon Callas <joncallas@icloud.com>
cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Ronald Tse <tse=40ribose.com@dmarc.ietf.org>, openpgp@ietf.org
In-Reply-To: <5100C338-C6DC-4BB1-86A4-DAC353AA82CC@icloud.com>
Message-ID: <7547a547-bb71-2bdd-f85e-91d46476bc6@nohats.ca>
References: <BB9D0AB9-CC8C-420E-8082-E9F64B09BF46@ribose.com> <790E2D75-3B92-4322-A72A-DC8ABED899BF@nohats.ca> <87czfji7w1.fsf@wheatstone.g10code.de> <18396bf2-5319-87c3-095e-f804632618f2@cs.tcd.ie> <5100C338-C6DC-4BB1-86A4-DAC353AA82CC@icloud.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/3qa8yEfgAkTRPTyp-yj47pgzQeI>
Subject: Re: [openpgp] First remarks on the last I-D
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jun 2022 13:54:40 -0000
On Wed, 8 Jun 2022, Jon Callas wrote: > However, GCM mode is not required for FIPS. It is neither necessary nor sufficient. PGP was the very first software-only FIPS 140 module, over twenty years ago. If someone is claiming that they need GCM mode for FIPS, they're mistaken. Well, if that FIPS compliance was achieved with 3DES, at this point that would be a problem as 3DES has been sunset. What non-GCM encryption algorithm is FIPS approved and supported by OpenPGP ? > And for what it's worth, I'm also against using GCM mode for storage encryption in particular, and thus in OpenPGP. Noted. This is good to know. Paul
- [openpgp] I-D Action: draft-ietf-openpgp-crypto-r… internet-drafts
- Re: [openpgp] I-D Action: draft-ietf-openpgp-cryp… Paul Wouters
- [openpgp] First remarks on the last I-D (Was: I-D… Werner Koch
- Re: [openpgp] First remarks on the last I-D (Was:… Paul Wouters
- Re: [openpgp] First remarks on the last I-D (Was:… Justus Winter
- Re: [openpgp] First remarks on the last I-D (Was:… Stephen Farrell
- Re: [openpgp] First remarks on the last I-D (Was:… Daniel Huigens
- Re: [openpgp] First remarks on the last I-D Werner Koch
- Re: [openpgp] First remarks on the last I-D Werner Koch
- Re: [openpgp] First remarks on the last I-D Werner Koch
- Re: [openpgp] First remarks on the last I-D Robert J. Hansen
- Re: [openpgp] First remarks on the last I-D Peter Gutmann
- Re: [openpgp] First remarks on the last I-D Ronald Tse
- Re: [openpgp] First remarks on the last I-D Paul Wouters
- Re: [openpgp] First remarks on the last I-D (Was:… brian m. carlson
- Re: [openpgp] First remarks on the last I-D Werner Koch
- Re: [openpgp] First remarks on the last I-D Werner Koch
- Re: [openpgp] First remarks on the last I-D Stephen Farrell
- Re: [openpgp] First remarks on the last I-D Jon Callas
- Re: [openpgp] First remarks on the last I-D Paul Wouters
- Re: [openpgp] First remarks on the last I-D Jon Callas
- Re: [openpgp] First remarks on the last I-D brian m. carlson
- Re: [openpgp] First remarks on the last I-D Stephen Farrell
- Re: [openpgp] First remarks on the last I-D Peter Gutmann
- Re: [openpgp] First remarks on the last I-D Stephen Farrell
- Re: [openpgp] First remarks on the last I-D Paul Schaub
- Re: [openpgp] First remarks on the last I-D Jon Callas
- Re: [openpgp] First remarks on the last I-D Robert J. Hansen
- Re: [openpgp] First remarks on the last I-D Daniel Huigens
- [openpgp] AEAD and Rome (was: First remarks on th… Werner Koch
- Re: [openpgp] AEAD and Rome (was: First remarks o… Daniel Huigens
- [openpgp] Choices for AEAD modes [was: AEAD and R… Daniel Kahn Gillmor
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Werner Koch
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Justus Winter
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Paul Wouters
- Re: [openpgp] Choices for AEAD modes Werner Koch
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… brian m. carlson
- Re: [openpgp] Choices for AEAD modes Ronald Tse
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Stephen Farrell
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Werner Koch
- Re: [openpgp] Choices for AEAD modes [was: AEAD a… Stephen Farrell
- Re: [openpgp] Choices for AEAD modes Werner Koch
- Re: [openpgp] Choices for AEAD modes Stephen Farrell