Re: [openpgp] saltpack on OpenPGP message format problems

Werner Koch <wk@gnupg.org> Thu, 11 February 2016 09:02 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2F9F1ACD81 for <openpgp@ietfa.amsl.com>; Thu, 11 Feb 2016 01:02:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0BAIRttdX3Ef for <openpgp@ietfa.amsl.com>; Thu, 11 Feb 2016 01:02:16 -0800 (PST)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9B0E1ACD6D for <openpgp@ietf.org>; Thu, 11 Feb 2016 01:02:15 -0800 (PST)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1aTn8f-0001Zt-P7 for <openpgp@ietf.org>; Thu, 11 Feb 2016 10:02:13 +0100
Received: from wk by vigenere.g10code.de with local (Exim 4.84 #3 (Debian)) id 1aTn3k-0003fO-Sv; Thu, 11 Feb 2016 09:57:08 +0100
From: Werner Koch <wk@gnupg.org>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <56BB0308.8020504@iang.org> <20160210160641.GA3090@singpolyma-liberty> <9A043F3CF02CD34C8E74AC1594475C73F4BED18C@uxcn10-5.UoA.auckland.ac.nz>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: url=https://k.gnupg.net/80615870F5BAD690333686D0F2AD85AC1E42B367
Mail-Followup-To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Stephen Paul Weber <singpolyma@singpolyma.net>, ianG <iang@iang.org>, "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Thu, 11 Feb 2016 09:57:08 +0100
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4BED18C@uxcn10-5.UoA.auckland.ac.nz> (Peter Gutmann's message of "Thu, 11 Feb 2016 03:41:53 +0000")
Message-ID: <87lh6rbp5n.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/Ec3mmEHsUt20C1xIrXXsqeCOFbs>
Cc: Stephen Paul Weber <singpolyma@singpolyma.net>, "openpgp@ietf.org" <openpgp@ietf.org>, ianG <iang@iang.org>
Subject: Re: [openpgp] saltpack on OpenPGP message format problems
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Feb 2016 09:02:18 -0000

On Thu, 11 Feb 2016 04:41, pgut001@cs.auckland.ac.nz said:

> The "ASCII armoring" was written in order to, among other things, allow PGP
> to traverse Fidonet systems running on MSDOS with 2400bps modems.  That's 

Right.  And that, along with the slower boxes we had back then, was the reason
for the ASCII Armor's checksum.  I am all in favor of dropping the
requirement for that checksum.

> what it dates back to.  It should have died a long, long time ago, we can 
> send pretty much any other binary-only format over pretty much any
> medium in 

That is not true.  How do you want to paste binary data into a contact
web form or a Git commit message?  The OpenPGP Armor makes this really
easy and, fwiw, X.509 uses a similar armoring technique.

Of course you could argue that this should not be part of OpenPGP
proper, but given 25 years of existence it would be surprising to factor
this out to a different RFC.

Regarding PGP/MIME, it might be worth to consider dropping the need for
the ASCII armor in favor of standard MIME encoding.  This would also
help to sort out faulty PGP/MIME implementations.

Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.