Re: [openpgp] Bug#931238: hot armor: please drop "Version: " header
Peter Gutmann <pgut001@cs.auckland.ac.nz> Mon, 08 July 2019 01:42 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 313561202FC for <openpgp@ietfa.amsl.com>; Sun, 7 Jul 2019 18:42:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Level:
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R4YEdhyFO-1Y for <openpgp@ietfa.amsl.com>; Sun, 7 Jul 2019 18:42:12 -0700 (PDT)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE3BB1200B7 for <openpgp@ietf.org>; Sun, 7 Jul 2019 18:42:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1562550132; x=1594086132; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=pu5kdB2zKJci8g26DFFXl53leev+JJyxFOUEvUNFGmI=; b=f3BUtEk/0XUpwYfla/UVmIwTrAd94uEwe5lyyTUE/NYfoUIAh4YAwPta HdYV43old3OVpGzlTdCpQZS+ERlWZRmZd5lA43RmZ4iDc+9RxBbfsZS2g L+BT2bnSqXKCHI1/MBXqnn/PYYr9afXahfT2VnjLVr83TB/xY59oFx+BL 8ML7wbftDC3eAOaXHkcHRfRdOonU2tcKwzR4iNL9v/UhaSzwdCMYA7Tm9 1AHFo1VluMLp6R5a3O+Iq1Kfz/pDmOfhwrYPNs3i3eK9QCLGbIA0uZgVy 96sp9qT5w8nHcsTmjsJn2UQqYgD/TKmOrYRcyCDatvEa9IVNlTlPPbWof Q==;
X-IronPort-AV: E=Sophos;i="5.63,464,1557144000"; d="scan'208";a="69730030"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.5 - Outgoing - Outgoing
Received: from uxcn13-tdc-d.uoa.auckland.ac.nz ([10.6.3.5]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 08 Jul 2019 13:42:06 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-d.UoA.auckland.ac.nz (10.6.3.5) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 8 Jul 2019 13:42:06 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1395.000; Mon, 8 Jul 2019 13:42:06 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Marcus Brinkmann <marcus.brinkmann=40rub.de@dmarc.ietf.org>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] Bug#931238: hot armor: please drop "Version: " header
Thread-Index: AQHVNABf9gFVsbkKWUCVNeGRYih4Bqa806oAgACn+oCAAnjnvQ==
Date: Mon, 08 Jul 2019 01:42:05 +0000
Message-ID: <1562550125588.27272@cs.auckland.ac.nz>
References: <87zhm1o0f7.fsf@fifthhorseman.net> <20190706133941.tw3znn74q4iseiyo@scru.org> <54525144-b7bf-fa79-c497-ca8fbf77f89d@gmx.net>, <8d960bb1-0fe8-c2e3-fcf4-4d00ed4adfce@rub.de>
In-Reply-To: <8d960bb1-0fe8-c2e3-fcf4-4d00ed4adfce@rub.de>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/HtHI2e1o7wtOVhAYYQa_3OnnXac>
Subject: Re: [openpgp] Bug#931238: hot armor: please drop "Version: " header
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 01:42:18 -0000
Marcus Brinkmann <marcus.brinkmann=40rub.de@dmarc.ietf.org> writes: >That seems almost like a bottomless pit. Some thoughts (not meant to be >exhaustive): Thanks, saved me typing all that. If it's going to be done as an RFC, it needs to come with a warning that at best any countermeasures are going to stop simple-minded fingerprinting, but not anything very advanced. Also if it's going to be done as an RFC then it should state what threat all this will be defending against. "An attacker knowing that you're running out- of-date software" barely qualifies as a threat - they can just try and attack you anyway - and I can't see what other purpose it serves. Peter.
- Re: [openpgp] Bug#931238: hot armor: please drop … Clint Adams
- Re: [openpgp] Bug#931238: hot armor: please drop … Heiko Stamer
- Re: [openpgp] Bug#931238: hot armor: please drop … Marcus Brinkmann
- Re: [openpgp] Bug#931238: hot armor: please drop … Daniel Kahn Gillmor
- Re: [openpgp] Bug#931238: hot armor: please drop … Daniel Kahn Gillmor
- Re: [openpgp] Bug#931238: hot armor: please drop … Peter Gutmann
- Re: [openpgp] Bug#931238: hot armor: please drop … ilf
- Re: [openpgp] Bug#931238: hot armor: please drop … Marcus Brinkmann
- Re: [openpgp] Bug#931238: hot armor: please drop … ilf
- Re: [openpgp] Bug#931238: hot armor: please drop … Heiko Stamer
- Re: [openpgp] Bug#931238: hot armor: please drop … Daniel Kahn Gillmor