Re: [openpgp] To bind or not to bind
Daniel Huigens <d.huigens@protonmail.com> Fri, 22 March 2024 20:17 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78DECC15152E for <openpgp@ietfa.amsl.com>; Fri, 22 Mar 2024 13:17:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t1RiWmA28enp for <openpgp@ietfa.amsl.com>; Fri, 22 Mar 2024 13:17:52 -0700 (PDT)
Received: from mail-40131.protonmail.ch (mail-40131.protonmail.ch [185.70.40.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18880C15152C for <openpgp@ietf.org>; Fri, 22 Mar 2024 13:17:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1711138669; x=1711397869; bh=iTLJ+Ay9fm1gl8i2vHbx1woyGE+IlcPOV4hubkJFVFU=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=tm/jCEbUed10EvcmlrKol1ZsPIM54RjhQIeA/TFcaI9H5SfMKRVYgAukb4NSRCbEp RgUy49Ekr5r0OKSTihlLR2B7SXBJip4niCOzN9ExRagyUQi5yhPAPV5AJvzKmIsQb4 CnW8pIUY6hcPyspMdI3dkE9tEwBcq4NUPVf4ZrUcVnzy1aGH/7WQ3KSPQ1EG/WQs8E TFWzvouI/iAD5822Ikvk8jIu3KmgyDzsqukffIVdN1ixyFlemqYzbjQy5hoJNOvcFm Oe9jD45ZnpBik+wlhEkbJhZxdlBxG9KxrATxWfvFYBL1125Cr6JMB4iQ+7MkRYfaw0 jzdYwTyF8OLYQ==
Date: Fri, 22 Mar 2024 20:17:43 +0000
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>, Falko Strenzke <falko.strenzke@mtg.de>, Kai Engert <kaie@kuix.de>
From: Daniel Huigens <d.huigens@protonmail.com>
Cc: Justus Winter <justus@sequoia-pgp.org>, Aron Wussler <aron@wussler.it>, openpgp@ietf.org
Message-ID: <Oc3B14xagqpcToZdfQTIYHn_AolBg0i0_DTI4wPnXkFJntVv6A8hvmCMFUK9gjaK-gtfQLGnuQaTqqJzgz71IvhHutyn8Yd4UAErTOHXmzk=@protonmail.com>
In-Reply-To: <23B46D65-EAF7-43D0-A5F1-04D28B698559@andrewg.com>
References: <87a5mqi0xi.fsf@europ.lan> <23B46D65-EAF7-43D0-A5F1-04D28B698559@andrewg.com>
Feedback-ID: 2934448:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/7FgF5yQgaQJMQSW0Mq4WQrHhiio>
Subject: Re: [openpgp] To bind or not to bind
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2024 20:17:56 -0000
On Friday, March 22nd, 2024 at 19:51, Andrew Gallagher wrote: > Is it possible to update this test with the optional flag that Falko mentioned, to see if it improves RNP’s score on line 3? If it does, I’d argue that this is no longer fatal - gopenpgp v2 has been superseded already, and pgpy is fairly niche. Do applications using rnp (e.g. Thunderbird) use this flag, though? If not, I'd argue the test result is still relevant, but perhaps applications could be updated to use the flag (and/or rnp could be updated to change the default, of course). Btw, GopenPGP v3 is not released yet, but we'll do so soon(tm). FWIW, there is another potential interop problem, around PKESKs with unknown algorithms [1]. PGPainless and PGPy fail to parse those. Hopefully that can be fixed as well, but for the time being, it means that if you want 100% interoperability, you might have to send two separate messages anyway. However, if we allow using PQC with SEIPDv1, you could still encrypt once and then just split the PKESKs, and reuse the SEIPDv1 packet, so that's something at least. Best, Daniel [1]: https://tests.sequoia-pgp.org/#Messages_with_unknown_packets
- [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Johannes Roth
- Re: [openpgp] To bind or not to bind Kai Engert
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Kai Engert
- Re: [openpgp] To bind or not to bind Daniel Huigens
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Daniel Kahn Gillmor
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Daniel Kahn Gillmor
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Kai Engert
- Re: [openpgp] To bind or not to bind Bart Butler
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Daniel Kahn Gillmor
- Re: [openpgp] To bind or not to bind Daniel Kahn Gillmor
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Daniel Kahn Gillmor
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Kai Engert
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Falko Strenzke
- Re: [openpgp] To bind or not to bind Johannes Roth
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Nickolay Olshevsky
- Re: [openpgp] To bind or not to bind Nickolay Olshevsky
- Re: [openpgp] To bind or not to bind Falko Strenzke
- Re: [openpgp] To bind or not to bind Werner Koch
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Justus Winter
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Bart Butler
- Re: [openpgp] To bind or not to bind Michael Richardson
- Re: [openpgp] To bind or not to bind Falko Strenzke
- Re: [openpgp] To bind or not to bind Andrew Gallagher
- Re: [openpgp] To bind or not to bind Aron Wussler
- Re: [openpgp] To bind or not to bind Heiko Schäfer
- Re: [openpgp] To bind or not to bind Bart Butler