IETF Logo Mail Archive

Re: [openpgp] "OpenPGP Simple"

Jon Callas <jon@callas.org> Tue, 17 March 2015 07:00 UTC

Return-Path: <jon@callas.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFD7A1A00D8 for <openpgp@ietfa.amsl.com>; Tue, 17 Mar 2015 00:00:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mg9dXG0u_m5z for <openpgp@ietfa.amsl.com>; Tue, 17 Mar 2015 00:00:38 -0700 (PDT)
Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id 2822A1A00D0 for <openpgp@ietf.org>; Tue, 17 Mar 2015 00:00:38 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id 9380B6CA6042; Tue, 17 Mar 2015 00:00:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at merrymeet.com
Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QUM4XwcoCB8k; Tue, 17 Mar 2015 00:00:01 -0700 (PDT)
Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id D9D836CA602D; Tue, 17 Mar 2015 00:00:00 -0700 (PDT)
Received: from [10.0.23.34] ([173.164.244.98]) by keys.merrymeet.com (PGP Universal service); Tue, 17 Mar 2015 00:00:00 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Tue, 17 Mar 2015 00:00:00 -0700
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Jon Callas <jon@callas.org>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73AAFB3823@uxcn10-5.UoA.auckland.ac.nz>
Date: Mon, 16 Mar 2015 23:59:59 -0700
Message-Id: <73CB47A4-B158-4EDB-9884-9F92B1AAF6F5@callas.org>
References: <9A043F3CF02CD34C8E74AC1594475C73AAFB3823@uxcn10-5.UoA.auckland.ac.nz>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
X-Mailer: Apple Mail (2.2070.6)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/9Bo65qAqPRwdRKIXhi6G_VFszW8>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>, Jon Callas <jon@callas.org>
Subject: Re: [openpgp] "OpenPGP Simple"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 07:00:42 -0000

> On Mar 16, 2015, at 7:10 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> 
> The whole bizarro sort-of-fixed-point encoding of lengths is a pain (this is a
> cue for Jon to do his "every bit is sacred" dance).  If the format is revised,
> there should be only two lengths, a 16-bit one for almost everything (keyring
> data, signatures, etc), and a 32-bit one for payloads and partial lengths that
> are going to exceed 16-bit lengths.  

Okay... NOOOOOOOOO!!!!! For the love of God, Montressor, only *one* type of length. You’re spending more space in the parsing code and sooner or later, someone’s going to screw it up and there will be a stupid ass security problem that could have been solved by just spending the two damned extra bytes.

> While I'm venting, shall I get started on the MDC kludge?

Sure. Go right ahead.

But when you do, take into account that MDC pre-dates HMAC and at the time, one of the major objections was a "why would you want to have symmetric crypto protection when you could just sign it" whine, and the other was excessive worry about single-pass processing that got so irrational we couldn’t work through it.

Standards are compromises, and a good compromise leaves everyone a bit grumpy. Since those days, I’ve developed an affection for MDC because it sits in a nether world where related concepts like deniable encryption that also sound good until you think about them for long enough. And it doesn’t hurt anything, because if you really want it protected, just sign the darned thing.

But please, please, go right ahead.

	Jon

v2.23.0 | Report a Bug | By Email