Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis

Paul Wouters <paul@nohats.ca> Fri, 27 October 2017 00:27 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 080D613F491 for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B0qCDLmiL70E for <openpgp@ietfa.amsl.com>; Thu, 26 Oct 2017 17:27:23 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 73EF013F417 for <openpgp@ietf.org>; Thu, 26 Oct 2017 17:27:23 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3yNPpF61qwz3Q1; Fri, 27 Oct 2017 02:27:17 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1509064037; bh=t2QHPcmn1Be3utDgk2mQQdhqxmPsPQ3SpvrZH6MghkA=; h=From:Subject:Date:References:Cc:In-Reply-To:To; b=pO2hcKnBXtJYFPWZCmQHwEzX2OuLdvNMMD439RPOaiFVm7BkykPCQ/tn1ywisNrFI XnvoqrPT8EpcXBwntnSlf/Mo7BfdGNre5k4ScOnAu84SpN/3Vz+iFgP2dKKT64kTRq 1iqxx25qfKbNv9DifnKVfiAvpJ/1AEmbgru7qhHg=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id 10BmBU0wD5Yc; Fri, 27 Oct 2017 02:27:15 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Fri, 27 Oct 2017 02:27:15 +0200 (CEST)
Received: from [25.112.168.255] (unknown [24.114.71.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 7674762D29; Thu, 26 Oct 2017 20:27:14 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 7674762D29
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Paul Wouters <paul@nohats.ca>
Mime-Version: 1.0 (1.0)
Date: Thu, 26 Oct 2017 20:26:19 -0400
Message-Id: <6AC83857-62D9-45DF-9DAE-928CF0E45A96@nohats.ca>
References: <D0505748-E376-4CF9-8906-9AD77838FB23@ribose.com> <1508981649515.71466@cs.auckland.ac.nz> <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <07C9EFDF-C8C2-4433-A9F9-DC3D7AFD5499@ribose.com>
To: Ronald Tse <tse@ribose.com>
X-Mailer: iPhone Mail (15A432)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/566O2DmOgfSec74BFZVA2uL-fo0>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 00:27:26 -0000


> On Oct 25, 2017, at 22:03, Ronald Tse <tse@ribose.com> wrote:
> 
> 
> I think we are slightly confusing an optional algorithm, which OCB is proposed to be, with a mandatory one.

For IETF standards, optional or mandatory to implement, it should be unencumbered and free to use.

> A user should be able to specify in their preferences that they don’t accept OCB. A .mil email address will probably specify they do not want OCB in this case.

This is not unencumbered or free to use and should disqualify this algorithm for IETF.

> For example, Chinese cryptography law strictly forbids AES usage in hardware. Does that mean Intel needs to drop AES-NI for chips sold in China? The answer is no. People simply don’t use it because of these regulations.

This example is wrong. IETF does not control other entities. It only controls itself and set rules for itself. And one of those rules is “free, gratis and unencumbered”.

> This is the same with OCB

It is not, as you explain above.

Paul