Re: [openpgp] "OpenPGP Simple"
Christoph Anton Mitterer <calestyo@scientia.net> Tue, 17 March 2015 04:08 UTC
Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2583B1A0018 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 21:08:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Aea-WuQm2Mfe for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 21:08:44 -0700 (PDT)
Received: from mailgw02.dd24.net (mailgw-02.dd24.net [193.46.215.43]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 802941A000E for <openpgp@ietf.org>; Mon, 16 Mar 2015 21:08:44 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-01.live.igb.homer.key-systems.net [192.168.1.26]) by mailgw02.dd24.net (Postfix) with ESMTP id 5E3F25FB8B for <openpgp@ietf.org>; Tue, 17 Mar 2015 04:08:43 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-01.live.igb.homer.key-systems.net
Received: from mailgw02.dd24.net ([192.168.1.36]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-01.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10236) with ESMTP id Y00oxLthRiKC for <openpgp@ietf.org>; Tue, 17 Mar 2015 04:08:41 +0000 (UTC)
Received: from heisenberg.fritz.box (ppp-93-104-121-105.dynamic.mnet-online.de [93.104.121.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw02.dd24.net (Postfix) with ESMTPSA for <openpgp@ietf.org>; Tue, 17 Mar 2015 04:08:41 +0000 (UTC)
Message-ID: <1426565320.18487.45.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: openpgp@ietf.org
Date: Tue, 17 Mar 2015 05:08:40 +0100
In-Reply-To: <20150315175744.GG2978@singpolyma-liberty>
References: <20150315175744.GG2978@singpolyma-liberty>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-heDZ34uL9OPGp1+QOS2k"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/Bgq1CUMe3uadEU5QZDn8z2Dta18>
Subject: Re: [openpgp] "OpenPGP Simple"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 04:08:46 -0000
On Sun, 2015-03-15 at 12:57 -0500, Stephen Paul Weber wrote: > One of the big obstacles to OpenPGP deployments that I've faced over time is > the perception that it's "too complicated", mostly based on the sheer size > of the current RFC. Uhm? Compared to other standards it seems to be rather simple. Apart from that, not everyone needs to (neither should one) re-invent the wheel. I don't say that there should be no more than one implementation of OpenPGP, but having too many is just bad for security. That being said - we already have a number of implementations which cover the standard quite well - what's wrong with [contributing to| using] them? > 1) Sections of the RFC define what you might call "extras", such as the > ASCII Armor (including a checksum unused elsewhere in the spec) As some others already said, using e.g. MIME would be better - but ASCII armors aren't just used when sending mail (people use it e.g. to post their raw key on a website or things like that). So if ASCII Armors are dropped, the standard should refer to something else that is used instead - just to prevent that people are using all different froms of base64 encoding, uuencode, etc. > 2) There are a lot of backwards-compatibility things (old-style lengths, > lots of different algorithms) Agree with that. > Is there any prior art on IETF specs having a "full" and "simple" form where > full implementations can read any output of simple ones, but not always > vice-versa? I'd say that this is rather a bad idea. For many standards where this was done it caused more troubles than good. It's also security-wise a problem: Who decides what's not critical enough for the base standard? Is it guaranteed that implementations that don't implement the "full" standard are still secure? And often it just means that simply no one ever implements the extensions to the base standard (think of the dozens of JPEG2000 profiles). If something is so special that it wouldn't be needed in the base standard, one should perhaps question whether it's needed at all. Cheers, Chris.
- [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Tim Bray
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Nicholas Cole
- Re: [openpgp] "OpenPGP Simple" Phill
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Stephan Somogyi
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber