Re: [openpgp] padding packet as first packet in a packet sequence
Ángel <angel@16bits.net> Sun, 08 January 2023 18:35 UTC
Return-Path: <angel@16bits.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13FBAC14F607 for <openpgp@ietfa.amsl.com>; Sun, 8 Jan 2023 10:35:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=16bits.net header.b=C5CvP+Be; dkim=pass (2048-bit key) header.d=16bits.net header.b=SjRvPdbr
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7BNsYbS-Wan4 for <openpgp@ietfa.amsl.com>; Sun, 8 Jan 2023 10:35:54 -0800 (PST)
Received: from mail.direccionemail.com (mail.direccionemail.com [199.195.249.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6712BC14E513 for <openpgp@ietf.org>; Sun, 8 Jan 2023 10:35:53 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=16bits.net; s=ec2208; t=1673202952; bh=2WsWtjEIaanFfES4D2cJg57HB9FZquIkd3hxnkxyA1M=; h=Subject:From:To:Date:In-Reply-To:References:Content-Type: Content-Transfer-Encoding:MIME-Version; b=C5CvP+BeIn9q5ZzqnBaIcCHCJ/m4pNwBPeORhtu0CXYOECwKzU/wTkyNaCH0fiFP3 17/1Jb9Bw6A4OOw7bbpAg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=16bits.net; s=rsa2208; t=1673202952; bh=2WsWtjEIaanFfES4D2cJg57HB9FZquIkd3hxnkxyA1M=; h=Subject:From:To:Date:In-Reply-To:References:Content-Type: Content-Transfer-Encoding:MIME-Version; b=SjRvPdbr9lReKVWr7XuuRFLmO2sjRiyDvtzmhovMI/IwpgNZ8Flaf3H8eqgHkd9I+ E7Iys6pjACgVYpd0/QhavKvqIscO0THUJBom/Sg5mGBLSkkhDlnBJqXXw0M6grukth sd4vxe/FPIhUrbvzqUrCJHX2zNE6s4O+RTDMpD2pAb6uiAp7hy6V93GJYoH0aRLxwF 79LAj1TLquF5gXGudGyW5kLhYM8cI9NSN86lV9N5kOFP3Jn6d+CY1DPXNozRnLsAdp Xxhr2CglNNjCeNjiNELSlTNbBo4zEj6GFGKs26CzgM8hGIVia7r6xyaUe7vWNVRwWR MdlIwxbgf0gMw==
Message-ID: <dd05beadca50792d72dc7f8438ef2f553d6312ad.camel@16bits.net>
From: Ángel <angel@16bits.net>
To: openpgp@ietf.org
Date: Sun, 08 Jan 2023 19:35:51 +0100
In-Reply-To: <87sfhz4e3u.wl-neal@walfield.org>
References: <87sfhz4e3u.wl-neal@walfield.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/5ulWtF1y0ohRXwNdNkhtPQOksTc>
Subject: Re: [openpgp] padding packet as first packet in a packet sequence
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Jan 2023 18:35:59 -0000
On 2022-12-01 at 11:23 +0100, Neal H. Walfield wrote: > I think the draft should be changed to forbid the padding packet from > being the first packet in a packet sequence. Something like: > > the padding packet MUST NOT occur as the first packet in a packet > sequence. Just no. What if the point where it makes sense to have the padding is *precisely* at the beginning? For example, a keyserver that encrypted the connection with RC4 might want to add a random padding at the beginning of the content to counter the cipher bias. (Had this packet existed then) As we don't know what will be needed in the future, I think the current text («An implementation MUST be able to process padding packets anywhere else in an OpenPGP stream, so that future revisions of this document may specify further locations for padding.») is the right one. > Alternative, I propose fixing the first few (4? 8?) bytes of the > padding packet to some value specified by the standard. However, I am fine with the goal of keeping the files libmgic-friendly. I think the best aproach would be to say that if the padding packet is going to be added at the beginning it SHOULD be prepended by a Marker packet. The Marker packet clearly points out to the type of content, it is already defined (thus old libmagic versions should understand it) and it doesn't require adding extra bytes to the padding packet unneeded in other locations.
- [openpgp] padding packet as first packet in a pac… Neal H. Walfield
- Re: [openpgp] padding packet as first packet in a… Daniel Kahn Gillmor
- Re: [openpgp] padding packet as first packet in a… Ángel