Re: [openpgp] additional 1 week last call on diffs from -10 to -12 of crypto-refresh

Roman Danyliw <rdd@cert.org> Sun, 29 October 2023 01:03 UTC

Return-Path: <rdd@cert.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24FF5C14CEF9 for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2023 18:03:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r78CLKnD2ztB for <openpgp@ietfa.amsl.com>; Sat, 28 Oct 2023 18:03:51 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0122.outbound.protection.office365.us [23.103.209.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5097C14F747 for <openpgp@ietf.org>; Sat, 28 Oct 2023 18:03:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=kVjBQotAG+ZTyl2b9gH7/RBCPHznftuc57rhU0XzFlEOj/8mAcyG4iG7SFls8fGBBxnh5pOgWZAxd++DoQkXkrKsqCWHBvX/j2scZgNPI8KvaMNsxg3S+ZjSUtfdCK5DBTvz+x2Zx1Uld5BDdOly4e08GiOjMhHdjyDpSfG8ntnMXKwUCwDL70ofGIYAFkTsp0xoCQC/YuDb+tq+9zwHizUnXg1OF/KE+YtTYnWGPj1Ar4Epo1LhPN3ZddJRAO+2D/BJMmu/BZzkBsdnYml3hiLqJmFwO2yShBOqyKhOLiMpT5ys24fp0GU8ABGUZGGjie43KcJJZBo7D1FAKSvoDg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=S1pUJGUiBvIjl2toml9vl3njVjtrYKo+mq9M/soM+ZE=; b=KJkgJz0E7+BNMTpfpiJx9d9ojX0nECjOVCBn/8xsJYwByVUr1c4AvvNAGIEpLidZmk4NtC/6ghEoucQlo9eF+uFb7SbqkHtqfQnwmKlOcMwvKdJjS2fB3DH+fYp4n4W65SZqlJil0fka7Wt1FJMlSI0IND25jMEUrEWw0MBD8QbSf6uoteANMwp1+caYjlTs5wT7ieTkp0IuduD7skcrjEs+pntWkmlNmHNKlQuSP/hJKk3fcf38dYR2R0J1VSRmuk5psTwpHR2ilg2+wumnv9XLM7042RmwcUvSrj5eTPhK38AyHq31M830Q/20PwDwSyD19mrnj5c+pfIWNN+j+Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S1pUJGUiBvIjl2toml9vl3njVjtrYKo+mq9M/soM+ZE=; b=oS8A9ltjFjWq4HDqv+2xeOzUCYzBVh2aUh35oc3dNWqIA2+aF36wjtJLtHPh0nc6R0JA88/KvXD6iOsc94cDW9DRVP5JGCKyR0Z05+R2sH+F9X011ATXTLXN+ehak/lWSy0gYeIDJmXtwIJ/BUQ/zyfKkRqE4bGFWpiWrm1/epM=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1158.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.51; Sun, 29 Oct 2023 01:03:47 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::44ae:335c:4fd2:ea74]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::44ae:335c:4fd2:ea74%6]) with mapi id 15.20.6863.051; Sun, 29 Oct 2023 01:03:47 +0000
From: Roman Danyliw <rdd@cert.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] additional 1 week last call on diffs from -10 to -12 of crypto-refresh
Thread-Index: AQHaAV9DQxJrolgT9E6qBcoIcdVRlrBcNxKAgAPNuUA=
Date: Sun, 29 Oct 2023 01:03:47 +0000
Message-ID: <BN2P110MB11075E6948338EB923D616FBDCA2A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <0a95a4f1-2708-45ac-bd43-fa885e3a5ac5@cs.tcd.ie> <47bcc03f-e3b1-4bfa-92fd-7ecee72d8526@cs.tcd.ie>
In-Reply-To: <47bcc03f-e3b1-4bfa-92fd-7ecee72d8526@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1158:EE_
x-ms-office365-filtering-correlation-id: 056f5109-8031-492e-fba8-08dbd81ae828
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: GEryzvoiR5hBS5VeQFxqWW0XRfSCWXMSmoj03NEH1VCGK5yErQQAmf4rrEcoBVqzNnQjI9KgwwEKcVC2pyOM7yhDuaEvFyWJLBgaM+BWa3PNAek8IXmBuaoYFpDYwMbTK4mRRPQDXQe76d11QsWVBsVTbnACruokSVWLQY1ktFTVBQYPMvql6QtuomKgijpaMiZlo34W/QpGMjLir1P/8I2XTcEtb1QbYL6GRvSCWlfwtbbg3ei4PSTl5H4SCYxYa6lwkHNWaWm912ZxfeUY0oEXcrNwtwXVca13uFns4xLr56v9jxO5RhG3/9K35MnrxqMVMd/i76OOzXSTo0TcjviEq4SX/vufpSUMe9jQQQ/CiQoF3Tj+v1l0ERz0MnCyWseH5r4A7kw+d1ovxEz5xbXwrQM4IIGsEoP2x6GE47xfY6N1v/qnRlzvp499Ou9Da0ZtHh50NTdXHW1zBin+pFiMTRJhkbsB5C+IivHWcdh2B5PRZWmgYB9HNcm5Gwqi1zcjV+LdUi9I4eR/khP0Sk4lymHjrHthxVaf85te4UZvXTUChwjrOMPlPmxVdu8OQvAQM/3vuq+XMQzXsXJwGweYWBImUBUtD3uJUi/3uKU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(396003)(366004)(136003)(39830400003)(230922051799003)(64100799003)(451199024)(1800799009)(186009)(26005)(41320700001)(38070700009)(66899024)(6506007)(2906002)(38100700002)(55016003)(86362001)(5660300002)(33656002)(52536014)(8676002)(8936002)(296002)(41300700001)(508600001)(7696005)(66476007)(110136005)(66446008)(71200400001)(64756008)(122000001)(82960400001)(66946007)(66556008)(83380400001)(966005)(76116006)(9686003)(53546011); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: GP4kpk20aGd1R35W/xA6Yvksnv3bTpfe8RnZN3U4WZo69rdwec/Uq3DkvJzzi5CO6pB8SdRDPFcPgiWH+zTvKi5GPLUCSIMzQFR5PRNdmiiOJzc0K1DU/ItfU9+P0pKMKkamHQRYoMRbmf4pcxOaLf3i8i/gC4BXcyVHYOL+cFrW9G6g4Rw+9wzCRXHRImSWJzq4OiiM5+wVCrx61uLF404MT/idwWkySk2JwgLc/D7qHs3U+ThCs6OIhiM/NGR6sDQzfEjqGU5rA0+p6x1lCfELqf4ddAf8dv2HN0ioG657TqAnq1FnXEN0orCbr8XyvcqsQOIbAm9fR3Yc7h4tqkPaT68XYH/Yvf+zIpt9IwM3hMy5LmxntPuthE6h45nxGo9LRG2My5/q7bjgFz1Hv/J96NkQdRqizR7qCIR7BhY=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 056f5109-8031-492e-fba8-08dbd81ae828
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2023 01:03:47.8261 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1158
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/FyONvjPnQ2_G_dhmsXw0aiMNrSY>
Subject: Re: [openpgp] additional 1 week last call on diffs from -10 to -12 of crypto-refresh
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Oct 2023 01:03:56 -0000

Hi!

A huge thanks for merging all of these changes in -12 in response to my AD Review.  

Chairs: Thanks for the double check with the WG.

I'm going to advance the document to IETF LC.  I found these residual minor comments from my earlier review that you can consider with IETF LC feedback.

** Section 5.5.3
   However, this checksum is deprecated; an implementation SHOULD NOT use it, but should rather use    
   the SHA-1 hash denoted with a usage octet of 254.

Since this guidance on the checksum is “SHOULD NOT”, under what circumstances would it still be used despite the security concerns?

** Section 5.14.

   Its contents SHOULD be random octets to make the length obfuscation
   it provides more robust even when compressed.

What would be the case for non-random octets?  That is, why is it not mandatory to use random octets?

** Section 13.6

   When a human is actively involved, the result of such a verification
   is dubious.  There is little evidence that most humans are good at
   precise comparison of high-entropy data, particularly when that data
   is represented in compact textual form like a hexadecimal
   fingerprint.

Is there a usability claim (citation) which backs this claim?

Thanks,
Roman

> -----Original Message-----
> From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
> Sent: Thursday, October 26, 2023 10:59 AM
> To: openpgp@ietf.org
> Cc: Roman Danyliw <rdd@cert.org>
> Subject: Re: [openpgp] additional 1 week last call on diffs from -10 to -12 of
> crypto-refresh
> 
> 
> Hi all,
> 
> We had one response to this that didn't address the actual diff between -10
> and -12, so I think it's fair to conclude that the WG are ok with those changes.
> 
> With that, I think the ball's back in your court Roman and if you're happy to
> start IETF LC with -12, that'd be great.
> 
> Thanks,
> S,
> 
> On 18/10/2023 02:05, Stephen Farrell wrote:
> >
> > Hi all,
> >
> > First, thanks to Roman, Paul and all who engaged with dealing with
> > Roman's fine AD review of crypto-refresh.
> >
> > Given the text changes are not small, it seems worthwhile to have
> > another one week period where the WG have a chance to check those
> > changes. To the end please reply here if you see any gotchas in those
> > changes from draft -10 to -12. [1]
> >
> > Notes:
> >
> > - This WGLC relates only to the -10 to -12 diff [1], please don't
> > (re-)raise other issues.
> >
> > - We are very far along in the long long process of getting this work
> > done and are on the cusp of starting new work that people seem keen to
> > see done, so please, please don't suggest changes that might improve
> > things a little - the overall process here is, as always with such a
> > long-lived and complex document, quite vulnerable to such suggestions
> > de-railing the goal of getting a new RFC out the door.
> >
> > This WGLC ends on October 25. I really hope Roman is fine with hitting
> > the button to start IETF last call then. The WG will still have at
> > least a couple of chances in future for making any needed changes (at
> > the end of IETF last call, and most likely, when we get IESG review
> > comments).
> >
> > So, basically, we're looking for "gotcha's" here and are not looking
> > for "wouldn't it be a little better if..." style comments.
> >
> > Your hoped-for silence will be taken as being ok with the diff [1].
> > (Apologies for hammering all that home 3 times:-)
> >
> > Thanks,
> > S.
> >
> > [1]
> > https://author-tools.ietf.org/iddiff?url1=draft-ietf-openpgp-crypto-re
> > fresh-10&url2=draft-ietf-openpgp-crypto-refresh-12&difftype=--html
> >
> > _______________________________________________
> > openpgp mailing list
> > openpgp@ietf.org
> > https://www.ietf.org/mailman/listinfo/openpgp