Re: [openpgp] New S2K specifiers?
vedaal@nym.hush.com Tue, 02 April 2019 01:46 UTC
Return-Path: <vedaal@nym.hush.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0546412006E for <openpgp@ietfa.amsl.com>; Mon, 1 Apr 2019 18:46:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.59
X-Spam-Level:
X-Spam-Status: No, score=-2.59 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, L_8BIT_MISMATCH=0.01, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hush.ai
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rya7mFgzmlow for <openpgp@ietfa.amsl.com>; Mon, 1 Apr 2019 18:46:45 -0700 (PDT)
Received: from smtp5.hushmail.com (smtp5.hushmail.com [65.39.178.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 639C4120021 for <openpgp@ietf.org>; Mon, 1 Apr 2019 18:46:45 -0700 (PDT)
Received: from smtp5.hushmail.com (localhost [127.0.0.1]) by smtp5.hushmail.com (Postfix) with SMTP id 492FD20E40 for <openpgp@ietf.org>; Tue, 2 Apr 2019 01:46:44 +0000 (UTC)
X-hush-tls-connected: 1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=hush.ai; h=date:to:subject:from; s=hush; bh=IZjlIxowoeVgyS+eRafKXVSQ7kgJMl1ygp80FBaJVTw=; b=W1OmvM4dhmic/yLl7yap/JVtV5aZ3xLvCSAfIHmVbI9mAxTwJCO6ng0zW1vCd/WXQXlZRlse9aua+XZdlL4BPG+ESCSeWW9A6WmqU3Hx0cNCMofG8jhgWM2Wi4CfVEqws8GQ9CK3mJkqRbTtj80geeYKSRXk+oNioHwAe8MKDRhRcB3fKn7pzRJEdC/3+RGb978i/0geQALmcVAlfS5v6IIuKvp8dkBJeF132bH74dHnDC9XiwjgR3pMA9+blSj35P09LaId3f307jq5ibs9J4quJKzzTwrw/SCLhVtnGRqkdglpmTYbeSrWDmbibofIkZoeT7RDfCvOrwkSKaIWAw==
Received: from smtp.hushmail.com (w7.hushmail.com [65.39.178.32]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp5.hushmail.com (Postfix) with ESMTPS; Tue, 2 Apr 2019 01:46:43 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99) id 96606406B6; Tue, 2 Apr 2019 01:46:43 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 01 Apr 2019 21:46:43 -0400
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, openpgp <openpgp@ietf.org>
From: vedaal@nym.hush.com
In-Reply-To: <87k1gebu9o.fsf@fifthhorseman.net>
References: <20190331121024.cgta3emx6vefex6x@aurora.local.incenp.org> <87k1gebu9o.fsf@fifthhorseman.net>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20190402014643.96606406B6@smtp.hushmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/F2y8Co1eaW1bGgh5jkjW6IEa3wc>
Subject: Re: [openpgp] New S2K specifiers?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2019 01:46:47 -0000
On 4/1/2019 at 12:03 AM, "Daniel Kahn Gillmor" <dkg@fifthhorseman.net> wrote: > >On Sun 2019-03-31 13:10:24 +0100, Damien Goutte-Gattat wrote: >> * Is there any interest for a “more modern” S2K, or is the >> Iterated+Salted S2K still considered fine enough for >RFC4880bis? > >I think having argon2i included in rfc4880bis would be concretely >useful; iterated+salted hasn't been the best practice for S2K for >well >over a decade. > >The main argument i can imagine against it is if no OpenPGP >implementation has any plans or desire to implement it, or if >there are >specific objections related to IPR. ===== Will the new S2K be only for the V5 key format? Or will it also be used for Conventionally Encrypted messages? If it will be used for Conventionally Encrypted messages too, then there can be backward incompatibility issues, as well as intercompatibility issues with different implementations. (I still think it's a good idea, but may be a really lot of extra work, so maybe only for V5 keys now). vedaal
- [openpgp] New S2K specifiers? Damien Goutte-Gattat
- Re: [openpgp] New S2K specifiers? Nils Durner
- Re: [openpgp] New S2K specifiers? Daniel Kahn Gillmor
- Re: [openpgp] New S2K specifiers? vedaal
- Re: [openpgp] New S2K specifiers? Jon Callas
- Re: [openpgp] New S2K specifiers? Jon Callas
- Re: [openpgp] New S2K specifiers? Neal H. Walfield
- Re: [openpgp] New S2K specifiers? vedaal
- Re: [openpgp] New S2K specifiers? Daniel Kahn Gillmor