Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization

Hanno Böck <> Thu, 16 April 2020 15:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1EB073A0BB2 for <>; Thu, 16 Apr 2020 08:19:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id CHynhWL7qq8E for <>; Thu, 16 Apr 2020 08:19:09 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 406563A0BAF for <>; Thu, 16 Apr 2020 08:19:08 -0700 (PDT)
Received: from computer ([2a02:8109:8380:7e7e:b886:8d52:6199:3925]) (AUTH: LOGIN, ) by with ESMTPSA id 000000000000005B.000000005E98776A.00006E91; Thu, 16 Apr 2020 17:19:06 +0200
Date: Thu, 16 Apr 2020 17:19:11 +0200
From: Hanno =?iso-8859-1?q?B=F6ck?= <>
Cc: "Tanveer.Salim" <>
Message-ID: <20200416171911.0100023c@computer>
In-Reply-To: <>
References: <>
X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 16 Apr 2020 15:19:11 -0000

Given that you quoted Jason Donenfeld quite a bit I propose that you
actually ask him for his design criteria.

Because what you seem to propose is adding more and more variations to
OpenPGP. I discussed this with Jason before and he's a strong advocate
of less choices and strongly against algorithm agility. And I agree.

FWIW I believe the pros and cons of the different AEAD ciphers are of
very minor relevance, yet the algorithm zoo is a big downside. From what
I know openpgp has still not published a standardized AEAD. My proposal
would be to choose one and only one AEAD and declare all other
algorithms as deprecated. And which one almost doesn't matter. And I'm
pretty sure Jason would agree with me on that, but feel free to ask him.

Hanno Böck