[openpgp] Re: Fwd: I-D list for Open Specification for Pretty Good Privacy notification: Changes to draft-gallagher-openpgp-code-point-exhaustion
Daniel Huigens <d.huigens@protonmail.com> Wed, 19 March 2025 04:15 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id C9B74E5648B for <openpgp@mail2.ietf.org>; Tue, 18 Mar 2025 21:15:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zl8H0bm9wg2i for <openpgp@mail2.ietf.org>; Tue, 18 Mar 2025 21:15:57 -0700 (PDT)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id ECAADE56478 for <openpgp@ietf.org>; Tue, 18 Mar 2025 21:15:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1742357754; x=1742616954; bh=NzVALSShS9tolXpPcaeCYM/J0BPhefmP31NB9TmBCdo=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post; b=IB/hTsxrEjmy2eDtMRTABHMOLpHQmbiB+4KKfYBbG482G+Ta6WvWJnEUYop10HwCj 2YvnuzKih+rTHB1lHwXvfZIfy3TVXynXFXXlADBQOrUCN/xXck/Suv1/7dccvKp7ZS 3rJL0dvmL7wa33rL+ULQXznB37/nuiiwxKWNxlpaUnemEI4l6dqrAuChQo421THMjP 8vvgorY6kBDcW9P9VSb9XfI+citPP3b8WAGm/fpha+GKtoIPIBbL16a00gJ46RU3MZ YubSEfJvv6p3hwaYL8qOiIzT+V4rarpaSZO6kGqe6w3TyF6Gc2yPwtqXv73ej1E61u 5fvuNfmdRSztw==
Date: Wed, 19 Mar 2025 04:15:50 +0000
To: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>
From: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <XU29-lKEZD2yCjkCldPMDd1nEwqA9Qps5F1ctajuA_DiZtvYu9zQ3LKTRwCBTUKdA8XDPXMFTWbQCtnmHuYUZnr6NXBT04G-AfI-0AR34pA=@protonmail.com>
In-Reply-To: <B321DC63-56E0-44C2-96AA-D60205C148B2@andrewg.com>
References: <174231559348.277.2581535826712330509@dt-celery-57d64c6895-fcmg2> <B321DC63-56E0-44C2-96AA-D60205C148B2@andrewg.com>
Feedback-ID: 2934448:user:proton
X-Pm-Message-ID: ba1a017ff2eb11b581ed2a7ff5d7745ea8893649
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="b1=_Xd0Nh9Ka98SrHBeF88kkyqyaYjVSGWhOiTIjF2owkN8"
Message-ID-Hash: I4UC3PEFEJZOAANPZBL4ILYLDN3XPOP5
X-Message-ID-Hash: I4UC3PEFEJZOAANPZBL4ILYLDN3XPOP5
X-MailFrom: d.huigens@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF OpenPGP <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: Fwd: I-D list for Open Specification for Pretty Good Privacy notification: Changes to draft-gallagher-openpgp-code-point-exhaustion
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/EvbpcrjZ3zoDZkx06zhpCMPt1Yw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hi Andrew, Thanks for writing this up and raising this. I was planning to mint a last-minute new revision of the persistent symmetric keys draft but will hold off on it now. In our original implementation we actually used 64&65 instead of 128&129 so I'm happy to revert back to that if needed. However, to be perfectly honest I'm a bit worried by the additional complexity proposed here and I'm not sure it's fully necessary in general. Especially in the preferred algorithm subpackets, needing to parse a list of variable-length algIDs turns a simple copy into a loop, with error cases that need to be handled, and so on. It's not rocket science of course, but especially for the algorithm registries that are covered by preferred algorithm subpackets, I'm not sure it's needed - the highest ID we have in there is 14 for SHA3-512; do we really think we're gonna get 241 more hash algorithms, or symmetric algorithms? The most (potentially) constrained algorithm registry seems to be the public key algorithms (especially if folks want to add a lot more hybrid combinations and so on), but even there we have a lot of space. And it's not covered by a preferred algorithm subpacket so the self-synchronizing property is not needed, I think. So, we could do something much simpler, like saying 255 = see next two octets, or something like that. And similarly, for the packet types and subpacket types we could do something simpler as well (and we'd basically need to do something specific anyway as you've written). For packet types specifically, we might also want both a (currently already defined as) critical and non-critical surrogate ID, e.g. 39 and 59. But again we can define that when needed as long as we make sure not to fully exhaust the registry. So, I would personally be tempted to say: let's figure this stuff out if we actually get anywhere close to running out of algorithms; I'm not sure we gain all that much from doing the work to support variable-length algorithm IDs for all registries before it's needed anywhere, and there might be many registries where it's never needed. In the worst case scenario where we're in 2050 and we need/want 250 new hash algorithms, perhaps to celebrate the joyous year, we could always define a "Preferred Hash Algorithms V2" subpacket which e.g. uses two octets per algorithm ID instead of one, so that parsing is still super simple (at the cost of a few extra bytes) and then in all other contexts we can also just use 255 = see next two octets. Best, Daniel On Tuesday, March 18th, 2025 at 23:44, Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org> wrote: > Hi, all. > > Apologies for uploading this so close to the meeting date, but it’s been sitting in my draft documents for some time now and I want to bring it to the list before we make a final decision about code point allocation for PQC and persistent symmetric algorithms. > > tl;dr: please keep code points >=128 free, because if at some point in the future we needed to extend the algorithm registry to more than a single octet, having these code points available would let us define a UTF8-like self-synchronising encoding that would be fully backwards compatible with all existing wire formats. > > Yes, I said “all”. Please read the document, and feel free to ask questions! ;-) > > Thanks, > A > >> Begin forwarded message: >> >> From: IETF Secretariat <ietf-secretariat-reply@ietf.org> >> Subject: I-D list for Open Specification for Pretty Good Privacy notification: Changes to draft-gallagher-openpgp-code-point-exhaustion >> >> Date: 18 March 2025 at 16:33:13 GMT >> To: <andrewg@andrewg.com> >> >> Hello, >> >> This is a notification from the I-D list for Open Specification for Pretty Good Privacy. >> >> Document: draft-gallagher-openpgp-code-point-exhaustion, >> https://datatracker.ietf.org/doc/draft-gallagher-openpgp-code-point-exhaustion/ >> >> Change by Andrew Gallagher on 2025-03-18 09:33 PDT: >> >> Changed document external resources from: None to: >> >> gitlab_repo https://gitlab.com/andrewgdotcom/openpgp-code-point-exhaustion >> mailing_list https://www.ietf.org/mailman/listinfo/openpgp >> >> Best regards, >> >> The Datatracker Internet-Draft tracking service >> (for the IETF Secretariat)
- [openpgp] Fwd: I-D list for Open Specification fo… Andrew Gallagher
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Daniel Huigens
- [openpgp] Re: I-D list for Open Specification for… Andrew Gallagher
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Justus Winter
- [openpgp] Re: I-D list for Open Specification for… Andrew Gallagher
- [openpgp] Re: I-D list for Open Specification for… Justus Winter
- [openpgp] Re: I-D list for Open Specification for… Andrew Gallagher
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Heiko Schäfer
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Justus Winter
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Heiko Schäfer
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Justus Winter
- [openpgp] Re: Fwd: I-D list for Open Specificatio… Daniel Huigens
- [openpgp] Re: I-D list for Open Specification for… Andrew Gallagher
- [openpgp] Re: I-D list for Open Specification for… Daniel Huigens