Re: [openpgp] SHA3 algorithm ids.

Werner Koch <wk@gnupg.org> Tue, 11 August 2015 16:05 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74E351AC3F2 for <openpgp@ietfa.amsl.com>; Tue, 11 Aug 2015 09:05:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d2g_JKHB9_WA for <openpgp@ietfa.amsl.com>; Tue, 11 Aug 2015 09:05:33 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 555DA1AC3EE for <openpgp@ietf.org>; Tue, 11 Aug 2015 09:05:33 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1ZPC3P-0001yB-IJ for <openpgp@ietf.org>; Tue, 11 Aug 2015 18:05:31 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.84 #3 (Debian)) id 1ZPC1R-0002C6-1L; Tue, 11 Aug 2015 18:03:29 +0200
From: Werner Koch <wk@gnupg.org>
To: Paul Wouters <paul@nohats.ca>
References: <87y4hmi19i.fsf@vigenere.g10code.de> <7540C7A9-2830-4A63-8310-B684796DA279@nohats.ca> <55C681FC.9010100@iang.org> <sjma8tztbgo.fsf@securerf.ihtfp.org> <CAMm+Lwj7SxXTn+KD-eQSeZHwJB36tCgD1t0bodVsp3ovOaZ8mw@mail.gmail.com> <87si7qf84a.fsf@vigenere.g10code.de> <alpine.LFD.2.11.1508110824480.26856@bofh.nohats.ca>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=F2AD85AC1E42B367; url=finger:wk@g10code.com
Mail-Followup-To: Paul Wouters <paul@nohats.ca>, openpgp@ietf.org, Phillip Hallam-Baker <phill@hallambaker.com>
Date: Tue, 11 Aug 2015 18:03:28 +0200
In-Reply-To: <alpine.LFD.2.11.1508110824480.26856@bofh.nohats.ca> (Paul Wouters's message of "Tue, 11 Aug 2015 08:30:42 -0400 (EDT)")
Message-ID: <871tf9g6cv.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/4eQ6u93WrNypO5v8ACzzRetPN9A>
Cc: openpgp@ietf.org, Phillip Hallam-Baker <phill@hallambaker.com>
Subject: Re: [openpgp] SHA3 algorithm ids.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 16:05:34 -0000

On Tue, 11 Aug 2015 14:30, paul@nohats.ca said:

> openpgp is unique in that there is a _very_ long validity time required
> for some algorithms, so one could verify a 20 year old message, even if
> that security 20 years later is questionable (eg breakable)

I think that it is not yet the time to discuss deprecation of algorithms
or new standard preferences; this can and should be delayed until we
have done the bulk of 4880bis work.

> Yes, but I don't see why we need to have 6 versions of SHA3 on standbye.

Only 4 can be used as direct replacements.  SHAKE would only make sense
if we adjust the used signature algorithms.

> openpgp validity / security is measured in years, and as such,
> performance don't really come to play when considering algorithms.

Having the ids allocated allows to switch to them without much
discussion.  If you really want, we could also say these numbers are re
severed for SHA3 so that it is clear that they should not be used.  But
that is bascially what RFC-7120 does after a year.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.