Re: [openpgp] Proposed WG charter
Simon Josefsson <simon@josefsson.org> Mon, 01 June 2015 14:25 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 186241ACE7B for <openpgp@ietfa.amsl.com>; Mon, 1 Jun 2015 07:25:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mIGI7UIwfzEZ for <openpgp@ietfa.amsl.com>; Mon, 1 Jun 2015 07:25:12 -0700 (PDT)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A181D1ACE7D for <openpgp@ietf.org>; Mon, 1 Jun 2015 07:25:11 -0700 (PDT)
Received: from latte.josefsson.org ([155.4.17.3]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id t51EP22j030129 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 1 Jun 2015 16:25:03 +0200
Date: Mon, 01 Jun 2015 16:25:01 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Message-ID: <20150601162501.73ec29d8@latte.josefsson.org>
In-Reply-To: <878uc3fsdp.fsf@alice.fifthhorseman.net>
References: <20150601141823.797394a1@latte.josefsson.org> <878uc3fsdp.fsf@alice.fifthhorseman.net>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/uFn1t5X5V/H9UxPKRgkWp25"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/KBHKetGSxysUCrSZuTrdHpipi60>
Cc: IETF OpenPGP <openpgp@ietf.org>, sec-ads@tools.ietf.org, Christopher LILJENSTOLPE <ietf@cdl.asgaard.org>
Subject: Re: [openpgp] Proposed WG charter
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 14:25:13 -0000
Den Mon, 01 Jun 2015 09:52:18 -0400 skrev Re: Proposed WG charter: > On Mon 2015-06-01 08:18:23 -0400, Simon Josefsson wrote: > > Good starting point. It looks rather open ended when it comes to > > the actual issues with RFC 4880 though. Can you mention at least > > five top-priority issues in RFC 4880 that needs to be adressed? > > This would tighten the scope a bit, without limiting ability to > > adress other issues. > > I think it would only tighten the scope if we *did* prohibit > addressing any un-mentioned issues, and i'd rather not commit to > something with that kind of wording. I agree. I suppose this is up to the ADs though. > OTOH, having some explicit targets listed here (without limiting the > work to those targets) would help the group to make sure that 4880bis > did cover the relevant ground. Yes. > Simon, if you had to list items that you thought were "must-haves", > which would they be? I don't know. That is the primary reason for asking the charter to include a list, to give me and others a sense of direction. The charter proposal is written in a broad way now, which can be counter-productive (it leads to meta-discussions). > Some highlights I'd go for (needs wordsmithing, just brainstorming > here, and not in any particular order): > > * inclusion of the CFRG elliptic curves Yes. I would mention Curve25519 and Ed25519 directly, or keep it general and say "new elliptic curve key agreement and digital signatures" instead. There appears to be interest in Curve25519/EdDSA algorithms from people on this list, and I haven't seen interest in any other algorithms. Referring to CFRG explicitly is problematic because of timeline and authority reasons. The CFRG hasn't published anything or made any decisions, so referring to CFRG seems unnecessarily limiting in when we can publish. Regarding authority: the CFRG can make general recommendations, and I'm sure reasonable arguments will be listened to, but I believe the decision on which algorithms are useful for OpenPGP is one that belongs here and not in the CFRG. > * proper AEAD symmetric crypto Sure. Is there any proposals on the table? > * updated mandatory-to-implement algorithms Makes sense. > * updated fingerprints No idea. > I'm not sure they need to be in the charter, but if there's a general > sense from the group that they should be, and a prompt proposal for > the language change, i have no objection to including them. I suggest to mention everything you can think of that there is no controversy over. I recall improvements to PGP/MIME was discussed? There is also my old OpenPGP mail/news header proposal [1], but I'm not sure there is energy for it. I have also started to think that it ended up being too complex for its own good. /Simon [1] https://tools.ietf.org/html/draft-josefsson-openpgp-mailnews-header-07
- [openpgp] Proposed WG charter Christopher LILJENSTOLPE
- Re: [openpgp] Proposed WG charter Simon Josefsson
- Re: [openpgp] Proposed WG charter Peter Pentchev
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Kristian Fiskerstrand
- Re: [openpgp] Proposed WG charter Stephen Farrell
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Simon Josefsson
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Derek Atkins
- Re: [openpgp] Proposed WG charter Simon Josefsson
- Re: [openpgp] Proposed WG charter Watson Ladd
- Re: [openpgp] Proposed WG charter Simon Josefsson
- Re: [openpgp] Proposed WG charter ianG
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Phillip Hallam-Baker
- Re: [openpgp] Proposed WG charter ianG
- Re: [openpgp] Proposed WG charter christopher liljenstolpe
- Re: [openpgp] Proposed WG charter Christopher LILJENSTOLPE
- Re: [openpgp] Proposed WG charter Christopher LILJENSTOLPE
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Proposed WG charter Werner Koch
- [openpgp] OpenPGP meeting in Prague? [Was: Re: Pr… Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter Derek Atkins
- [openpgp] Re-encryption feature (was Re: Proposed… Derek Atkins
- Re: [openpgp] Proposed WG charter Phillip Hallam-Baker
- Re: [openpgp] Re-encryption feature Werner Koch
- Re: [openpgp] Re-encryption feature Derek Atkins
- Re: [openpgp] Proposed WG charter ianG
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Re-encryption feature (was Re: Prop… ianG
- Re: [openpgp] Proposed WG charter Phillip Hallam-Baker
- Re: [openpgp] Proposed WG charter Werner Koch
- Re: [openpgp] Re-encryption feature Werner Koch
- Re: [openpgp] Proposed WG charter Stephen Farrell
- Re: [openpgp] [eX-bulk] : OpenPGP meeting in Prag… Christopher LILJENSTOLPE
- Re: [openpgp] Proposed WG charter Christopher LILJENSTOLPE
- Re: [openpgp] Proposed WG charter Simon Josefsson
- Re: [openpgp] Proposed WG charter Daniel Kahn Gillmor
- Re: [openpgp] Proposed WG charter vedaal
- [openpgp] content-length hiding [was: Re: Propose… Daniel Kahn Gillmor
- Re: [openpgp] content-length hiding Werner Koch
- Re: [openpgp] content-length hiding Daniel Kahn Gillmor
- Re: [openpgp] content-length hiding vedaal
- Re: [openpgp] content-length hiding Daniel Kahn Gillmor