Re: [openpgp] v5 in the crypto-refresh draft

Justus Winter <justus@sequoia-pgp.org> Tue, 08 June 2021 07:17 UTC

Return-Path: <justus@sequoia-pgp.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F1113A2596 for <openpgp@ietfa.amsl.com>; Tue, 8 Jun 2021 00:17:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KtO5-wicVo0L for <openpgp@ietfa.amsl.com>; Tue, 8 Jun 2021 00:17:25 -0700 (PDT)
Received: from harrington.uberspace.de (harrington.uberspace.de [185.26.156.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6691F3A2580 for <openpgp@ietf.org>; Tue, 8 Jun 2021 00:17:24 -0700 (PDT)
Received: (qmail 5426 invoked from network); 8 Jun 2021 07:17:15 -0000
Received: from localhost (HELO localhost) (127.0.0.1) by harrington.uberspace.de with SMTP; 8 Jun 2021 07:17:15 -0000
From: Justus Winter <justus@sequoia-pgp.org>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: openpgp@ietf.org
In-Reply-To: <87lf7q6sh0.fsf@fifthhorseman.net>
References: <87lf7q6sh0.fsf@fifthhorseman.net>
Date: Tue, 08 Jun 2021 09:17:14 +0200
Message-ID: <874ke8x1tx.fsf@europ.lan>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/LWshDegDS9DwTQwhv8r0jkFLZ2A>
Subject: Re: [openpgp] v5 in the crypto-refresh draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2021 07:17:31 -0000

Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:

> Possible Outcomes
> -----------------
>
>  a) WG consensus that all of these are appropriate: keep them as-is
>
>  b) WG consensus that some of them are misfeatures, or otherwise
>     inappropriate for the crypto-refresh: drop the unwanted parts from
>     the specification of v5.
>
>  c) WG consensus that some of them are misfeatures but due to
>     pre-standardization deployment that produced existing artifacts, we
>     can't claw them back: call the new OpenPGP version "v6" and just
>     skip over v5 (like IP!)
>
> Note that for both (b) and (c) it's possible that the new version is
> basically just "v4 but with a SHA256 fingerprint instead of SHA1".  I
> don't think that's necessarily a bad outcome!

My preferred outcome is b, but c may be more practical.

We (Sequoia) have partially implemented proposed changes from
RFC4880bis, but starting with our first stable release we decided not to
emit any artifacts that use new packet versions.

Justus