Re: [openpgp] RSA-PSS and RSA-OAEP for v5
"brian m. carlson" <sandals@crustytoothpaste.net> Sun, 28 February 2021 20:06 UTC
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7052A3A1BAC for <openpgp@ietfa.amsl.com>; Sun, 28 Feb 2021 12:06:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Level:
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h6791yPamDqF for <openpgp@ietfa.amsl.com>; Sun, 28 Feb 2021 12:06:16 -0800 (PST)
Received: from injection.crustytoothpaste.net (injection.crustytoothpaste.net [192.241.140.119]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F092E3A1BAB for <openpgp@ietf.org>; Sun, 28 Feb 2021 12:06:15 -0800 (PST)
Received: from camp.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:7d4e:cde:7c41:71c2]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by injection.crustytoothpaste.net (Postfix) with ESMTPSA id 68CB160DF4 for <openpgp@ietf.org>; Sun, 28 Feb 2021 20:05:44 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crustytoothpaste.net; s=default; t=1614542744; bh=HUrj16U3kX9OOXpCi3yUvsHEn55EoDlfSPtGiZd6zHc=; h=Date:From:To:Subject:References:Content-Type:Content-Disposition: In-Reply-To:From:Reply-To:Subject:Date:To:CC:Resent-Date: Resent-From:Resent-To:Resent-Cc:In-Reply-To:References: Content-Type:Content-Disposition; b=aC+dHDG8b1AH/0H/DvCCvP89e2Ie0l/fTya4/p59SLPwP4bIlVv9PhYHIHusljzAu kDGInlMtkclVbWP2uaqYhZzKUV7NHh8+Zo06E9xYj6ErP71n0DRhTTMCRGOYHtRTEN Zk1OvFn/P4QIt0GQMWwsG4dDnHFdIXG3jD1T7KaXSRzD8XCOFAuKBBX2FsSYCVQZ/p /zrLt3ro4edQ1dMf9zSc7dhtKY1RMcurKlmeLGgxplAjIqxT7vXfUNnNBQ8/bq2DID 1WghM6qhxfWwf2gDiaIzCUkDtC42roFC7E7mCZcQNL6YdJjJCWdhZSQKZfbBs3y+wc +j5gBVTPUJiYZBYXoabtAvwegQmGXhBflogMaMeRF+5KEhNxPpY6U5NONFwNcZ7N3h WdXI3aMwN/ELlaX+SyHwLSFIyMgDYE7v0M59Gb/48cSBJK82GtSxGjm54rP//MmySg FHoBcSE3GZEc5JR7QyPw6rg7Ph9HXzyjMpew52VvPo0iSLlq4FM
Date: Sun, 28 Feb 2021 20:05:39 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <YDv3k8Oky7dmn2PG@camp.crustytoothpaste.net>
References: <YDrbaRiQ34MstP30@camp.crustytoothpaste.net> <87ft1g9goo.fsf@wheatstone.g10code.de> <YDvuaAXgwEDffYbt@camp.crustytoothpaste.net> <6a1649f1-1b64-0a44-7a7d-07dae7b0dc20@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="AEWwMHIsJdDHYyiM"
Content-Disposition: inline
In-Reply-To: <6a1649f1-1b64-0a44-7a7d-07dae7b0dc20@cs.tcd.ie>
User-Agent: Mutt/2.0.5 (2021-01-21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Ht1u5iaV6pabX5bBU4Q4kcijpdI>
Subject: Re: [openpgp] RSA-PSS and RSA-OAEP for v5
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Feb 2021 20:06:17 -0000
On 2021-02-28 at 19:47:15, Stephen Farrell wrote: > > Hiya, > > On 28/02/2021 19:26, brian m. carlson wrote: > > > > I think it's very clear, based on a history of CVEs, that as practically > > implemented, PKCS #1 padding is weak compared to PSS and OAEP. > > FWIW, my impression is that that is not clear. Quite a few > people do have that position for sure, but equally, the views > expressed by e.g. Werner and Peter Gutmann also seem fairly > commonly held afaics. > > (As chair) would it be worthwhile pushing this question off > for a while? It may become easier to handle later on - or > even if it's no easier later, it still might be better to > postpone the bun fight for a bit:-) Sure, I'm happy to defer this for the moment. We don't need to make a decision immediately, and considering that I just proposed this yesterday, we can definitely let folks think about it for a while before coming back to it. > If pushing this to later made sense, I guess creating an > issue in gitlab would be the thing to do so's we don't lose > track of it. (Apologies if someone did that already, I didn't > go check just now.) I've created one so we don't lose track of it: https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/22 -- brian m. carlson (he/him or they/them) Houston, Texas, US
- [openpgp] RSA-PSS and RSA-OAEP for v5 brian m. carlson
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Peter Gutmann
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 brian m. carlson
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Hanno Böck
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Werner Koch
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 brian m. carlson
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Stephen Farrell
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 brian m. carlson
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Stephen Farrell
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Santiago Torres-Arias
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Hanno Böck
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Werner Koch
- Re: [openpgp] RSA-PSS and RSA-OAEP for v5 Peter Gutmann