[openpgp] Modernizing the OpenPGP Format draft

Bryan Ford <brynosaurus@gmail.com> Sat, 31 October 2015 08:50 UTC

Return-Path: <brynosaurus@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DE981B2CCA for <openpgp@ietfa.amsl.com>; Sat, 31 Oct 2015 01:50:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pODxfjWMbk_b for <openpgp@ietfa.amsl.com>; Sat, 31 Oct 2015 01:50:52 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE86B1B2CC8 for <openpgp@ietf.org>; Sat, 31 Oct 2015 01:50:51 -0700 (PDT)
Received: by lfbn126 with SMTP id n126so44254846lfb.2 for <openpgp@ietf.org>; Sat, 31 Oct 2015 01:50:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=if9dYy9tcA/+X9o+pEkwdPrX0ASqMA+OjTD38g8khG8=; b=jO+wqpzrKKYg4bv3wRGP/yguo9RYQB/tjdxg0iv0054+PcRQL9YOc5dJM348j+UZjl ddTROpm8n3ihMovJOyHTr9E0pppoJV8BQ5+Wk+wX6mRB3oaBThWNXKlFSUZ6gV3+5/6c MBWFyeO4+nvioQQRbyL0/REfIP/hTJE1e+N4jFOFz7kTo4DLs2hzsFu4350lr9o4naJQ Y9ojUwSA8skOnNvAuWHT96Z/dgpfUHbbSlDaWrIKQ+PPqR7/TqF3BJrvCRnpTKfRNG3N LJMQCev9LwRLf/7KPy7Sf90xSlnOCBQFGY/Vwl+jqKTa4KGAfuqRkYdfLgqFr4rwNyso fbiQ==
MIME-Version: 1.0
X-Received: by 10.25.23.69 with SMTP id n66mr3993721lfi.52.1446281450125; Sat, 31 Oct 2015 01:50:50 -0700 (PDT)
Received: by 10.112.184.77 with HTTP; Sat, 31 Oct 2015 01:50:50 -0700 (PDT)
Date: Sat, 31 Oct 2015 09:50:50 +0100
Message-ID: <CALq76CJiL6r1RFvcW3P5UE2buH181bCMsTR4MCbQNVDuJotTfg@mail.gmail.com>
From: Bryan Ford <brynosaurus@gmail.com>
To: openpgp@ietf.org
Content-Type: multipart/alternative; boundary=001a1140560c14826e052362a435
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/I_VkSUqssKZoMpOVTPPMh9ie_rY>
Cc: Linus Gasser <linus.gasser@epfl.ch>
Subject: [openpgp] Modernizing the OpenPGP Format draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Oct 2015 08:50:54 -0000

Hi folks,

At the last IETF meeting I had promised to draft some preliminary text on
improving/modernizing the OpenPGP encrypted message format, in particular
to support AEAD ciphers and improve the integrity-check.  I wrote up and
submitted a (very preliminary) Internet-Draft on this topic shortly before
the I-D cutoff deadline, but because of an insane sequence of other duties
keeping me occupied for the past couple weeks, I managed to forget to
announce it properly on the E-mail list.  So here it is at any rate:

Title: Modernizing the OpenPGP Message Format
URL: https://datatracker.ietf.org/doc/draft-ford-openpgp-format/
Abstract:
   This draft proposes and solicits discussion on methods of modernizing
   OpenPGP's encrypted message format to support more state-of-the-art
   authenticated encryption schemes, and optionally to protect format
   metadata as well as data via metadata encryption and judicious
   padding.

It covers two topics, the first being the AEAD evolution, the second being
a somewhat more ambitious idea to provide better metadata protection and
anonymization properties at the "outer-wrapper" level; see the draft for
(some more, still sketchy) details.

I noticed an earlier E-mail on this list polling for interest in an
in-person openpgp meeting at IETF94, but didn't see any response, so I
assumed there wouldn't be one - but now on catching up I notice that
there's indeed an openpgp session scheduled after all, which is great.  If
a few minutes can be squeezed in for me to present/discuss this draft, that
would be wonderful (and sorry for the late request due to my confusion
about whether there would be an openpgp session at all).

Thanks
Bryan