IETF Logo Mail Archive

Re: [openpgp] To bind or not to bind

Bart Butler <bart+ietf@pm.me> Tue, 26 March 2024 15:49 UTC

Return-Path: <bart+ietf@pm.me>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAC77C151535 for <openpgp@ietfa.amsl.com>; Tue, 26 Mar 2024 08:49:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pm.me
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KfZf-ZGcxAEr for <openpgp@ietfa.amsl.com>; Tue, 26 Mar 2024 08:49:15 -0700 (PDT)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4C34C15152C for <openpgp@ietf.org>; Tue, 26 Mar 2024 08:49:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pm.me; s=protonmail3; t=1711468153; x=1711727353; bh=weLWE3cyIp5DVJo5oVxf8LheNQ6jC7yzrLtPFUZAoTY=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=oc8fS10lrGaEDl/481TYKo7bT8ybT60P3c/oO9jyUNpcs8cWBa6kuWeaWunpSNzcX 2vULx4plgEgNAR5WmGuaC5Ylz/ftPbyCy62ieLqnkzmumhxJsZr2cokWRcxXd4/UMT xumIbosmLNp0IsB2VjiOO61qB9h7FIdKFBl6Ze78JcKZaD26QuwVbtJX6qs+of6RCu 3FHSZAh7HvqYe3KwqwWq8wf4ARKOG/CVABHGt/uF6jjqqO6CgcHfp2kB76sEHQNIzw sNRkTzpcugVifZQhlVa5LdlVbqNm8askFHXLQYvO0cYhp0tRt/AtSEsgIWVvyBeygK sTTI2RQ/zknoA==
Date: Tue, 26 Mar 2024 15:49:00 +0000
To: Werner Koch <wk@gnupg.org>
From: Bart Butler <bart+ietf@pm.me>
Cc: Bart Butler <bart=2Bietf=40pm.me@dmarc.ietf.org>, Nickolay Olshevsky <o.nickolay@gmail.com>, openpgp@ietf.org
Message-ID: <SElf0uAGGPhatOzY1Sl78NuMw_80SGbZm_Ag3ESEn0rDf20AUTxbbVLbBHbEUOBqIKbftFtwgmYktEssGaqLeH4gRRK4lrzMUtwTrBIpjPE=@pm.me>
In-Reply-To: <877chpggpe.fsf@jacob.g10code.de>
References: <EGivTgyfjNm_TAvhds1OPA2c0O6LP9lFnkwWHHKLJY8ReJOgtDh3tnYsCSR8yrrBLbpeehtUgIJEhynae8L3daRimNiGO7BAb3cVvC66q-4=@wussler.it> <mUg-9v4FTMUYeDGa3AimMKuJI7Zy5ycxfEpfHN64enr0BP85qK6-Pt3lcgD-VzUfNLBMy2DLha7k_cmP8YXu2c_yMj68sVsPecwOpsiRItA=@wussler.it> <874jcwikie.fsf@europ.lan> <82300a06-fd34-47f5-a3db-26b99d87794e@kuix.de> <4a7b954a-2e84-440f-9f3c-7fd1e4ebd697@gmail.com> <871q7zj35y.fsf@europ.lan> <29000b02-32a7-49df-bd10-511afba772ee@gmail.com> <5R4SO06l_M0vVtwGsq_H9tDnDhVkMzTKTh6Pj7zFCBuVhZQutu5WNmEGU1tqeA4SYMtq_b2baLO0Nq0i5aG0UUnQ9LJ_j5zD4aYyl3Ieb-Y=@pm.me> <877chpggpe.fsf@jacob.g10code.de>
Feedback-ID: 5683226:user:proton
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------5149d0cc0ac2d6582bf0d7352ca598b95de8bc08e2ee13d61a0dd68c4e133a9f"; charset="utf-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FmWrsj0RwVAoTpn-j9bAKj7lUx8>
Subject: Re: [openpgp] To bind or not to bind
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2024 15:49:19 -0000

I'm not getting on PGP's case specifically here, though if you want one example, the historical proliferation of algorithms probably was excessive. But it's as close to an iron law in software engineering as there is that complexity always has a cost. How much it costs and whether that cost is worth it is typically a judgement call. This particular option doesn't seem like a particularly valuable degree of freedom to me, but if some customer/user really needs it, OK. I think would make sense for the default to be flexible though regardless.

-Bart

On Tuesday, March 26th, 2024 at 4:23 PM, Werner Koch <wk@gnupg.org> wrote:

> 

> 

> On Tue, 26 Mar 2024 15:08, Bart Butler said:
> 

> > in flexibility. That said, excess flexibility has been in many instances
> > OpenPGP's Achilles heel historically.
> 

> 

> If you do such a statement you should put it into a context and compare
> what you name an Achilles heel with the flexibility and the track record
> of failures of other protocols. In particular to SSL/TLS and - even
> more relevant - to CMS.
> 

> PGP has shown a lot more of robustness over the last 30 years than the
> other protocols. The fact that it was not committee designed, as CMS
> and the crypto-refresh, for sure helped here.
> 

> 

> Shalom-Salam,
> 

> Werner
> 

> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

v2.23.0 | Report a Bug | By Email