Re: [openpgp] Crypto on Rails

Ben McGinnes <ben@adversary.org> Thu, 13 August 2015 00:24 UTC

Return-Path: <ben@adversary.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81F881B2E6A for <openpgp@ietfa.amsl.com>; Wed, 12 Aug 2015 17:24:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-z-nQTqGU7R for <openpgp@ietfa.amsl.com>; Wed, 12 Aug 2015 17:24:15 -0700 (PDT)
Received: from seditious.adversary.org (seditious.adversary.org [59.167.194.34]) by ietfa.amsl.com (Postfix) with ESMTP id 7B0431B2E66 for <openpgp@ietf.org>; Wed, 12 Aug 2015 17:24:15 -0700 (PDT)
Received: from localhost (seditious.adversary.org [127.0.0.1]) by seditious.adversary.org (Postfix) with ESMTP id 6275011C16EE for <openpgp@ietf.org>; Thu, 13 Aug 2015 10:24:13 +1000 (EST)
X-Virus-Scanned: amavisd-new at adversary.org
Received: from seditious.adversary.org ([127.0.0.1]) by localhost (seditious.adversary.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 8uO64WNS75Pp for <openpgp@ietf.org>; Thu, 13 Aug 2015 10:23:32 +1000 (EST)
Received: from nefarious.adversary.org (seditious.adversary.org [127.0.0.1]) by seditious.adversary.org (Postfix) with ESMTP id 6696311C16EC for <openpgp@ietf.org>; Thu, 13 Aug 2015 10:23:04 +1000 (EST)
To: openpgp@ietf.org
References: <CAMm+LwjehQXW=S0jEFjRDCHS4z7X_AxuziA=F8GBo2U1SJ2Dkg@mail.gmail.com>
From: Ben McGinnes <ben@adversary.org>
Message-ID: <55CBE357.4010800@adversary.org>
Date: Thu, 13 Aug 2015 10:22:47 +1000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <CAMm+LwjehQXW=S0jEFjRDCHS4z7X_AxuziA=F8GBo2U1SJ2Dkg@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="vKCmdwfM1Dva3RQ7TAMi7SdD3v7kkcLm2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/LvZuHPsCK05QCPJ-BremKMdtwi0>
Subject: Re: [openpgp] Crypto on Rails
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2015 00:24:17 -0000

On 17/07/2015 1:59 am, Phillip Hallam-Baker wrote:
> 
> If we can introduce a fingerprint format that can be used on any type of
> input data without semantic substitution attacks, we can make interfacing
> OpenPGP to other types of cryptosystem a lot easier and simplify the
> implementation and deployment of all types of crypto system.

So, essentially applying the KISS principle to crypto instead of
treating it like voodoo.  Sounds good to me.


Regards,
Ben