IETF Logo Mail Archive

Re: [openpgp] v5 interoperability

Andrew Gallagher <andrewg@andrewg.com> Mon, 15 April 2024 08:06 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E38AC14F71B for <openpgp@ietfa.amsl.com>; Mon, 15 Apr 2024 01:06:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LlcV8l-iMfAw for <openpgp@ietfa.amsl.com>; Mon, 15 Apr 2024 01:06:54 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [135.181.198.78]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84D52C14F73F for <openpgp@ietf.org>; Mon, 15 Apr 2024 01:06:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1713168401; bh=hwQZjIhoeEknI1kCJlDyxiSjJl+GLUltSKY7rDai8es=; h=From:Subject:Date:References:Cc:In-Reply-To:To:From; b=JbpDgbeCFr4qG8N6ol0Z6GM59yTeJ/gLbRMi5AjdYVc7DeYESvQFwIsFkI80Tq9T8 jOBqyvPZd+gPKvPA5jtEcpujOWOUyWDooJaZwezrTeLHbJItfkZkMRYCVaUuoZROun Z5UzxNSOpJOKeyw5Szhybp5o/Kx/ol3aK1rtjt+58T0dDnmk7TFie0k3CFRk17idTT mtVZnhjNCWLlYSNFoOhmFOKqWPH55kOL4CAs19w2ERShW8n0TfL9OR12QHzdZqSj2Z 3HQl1n95kM7bK5bO18q0LKtmRYCBsOAxOAO9t0AaMRbu4geBbzic6hW60vQlj7W1RR dASQbWm5DyyIQ==
Received: from smtpclient.apple (unknown [176.61.115.103]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id 3DE465DE70; Mon, 15 Apr 2024 08:06:41 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Andrew Gallagher <andrewg@andrewg.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 15 Apr 2024 09:06:29 +0100
Message-Id: <653C4C54-3025-4A08-8518-D08E3246D80B@andrewg.com>
References: <87y19fkuwd.fsf@jacob.g10code.de>
Cc: Kai Engert <kaie@kuix.de>, IETF OpenPGP WG <openpgp@ietf.org>
In-Reply-To: <87y19fkuwd.fsf@jacob.g10code.de>
To: Werner Koch <wk@gnupg.org>
X-Mailer: iPhone Mail (21E236)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/KT0LD3z_TMyGxwuMRwzF9tuwqMk>
Subject: Re: [openpgp] v5 interoperability
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 08:06:59 -0000

On 15 Apr 2024, at 07:23, Werner Koch <wk@gnupg.org> wrote:
> 
> On Sun, 14 Apr 2024 10:57, Andrew Gallagher said:
> 
>> Werner, do you plan to allow v4 PQC keys in librepgp? Both encryption
> 
> That does not make sense. Like X448 we will allow creation of Kyber
> (ML-KEM+ECC) only with v5 key packets.

OK, so graceful upgrade is done by adding a v5 Kyber subkey to an existing v4 primary?

>> and/or signing? Or do you see PQC as a v5-only thing, like X448?
> 
> Signing is for now not an important topic.  The primary goal is to secure data at rest 

Understood. Thanks!

A

v2.23.0 | Report a Bug | By Email