Re: [openpgp] PQC signature algorithm selection
Falko Strenzke <falko.strenzke@mtg.de> Tue, 27 February 2024 14:45 UTC
Return-Path: <falko.strenzke@mtg.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC84EC14F71E for <openpgp@ietfa.amsl.com>; Tue, 27 Feb 2024 06:45:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtg.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B7826j18J9sF for <openpgp@ietfa.amsl.com>; Tue, 27 Feb 2024 06:45:27 -0800 (PST)
Received: from www.mtg.de (www.mtg.de [IPv6:2a02:b98:8:2::2]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D2A2C151065 for <openpgp@ietf.org>; Tue, 27 Feb 2024 06:45:26 -0800 (PST)
Received: from minka.mtg.de (minka [IPv6:2a02:b98:8:1:0:0:0:9]) by www.mtg.de (8.18.1/8.18.1) with ESMTPS id 41REjKYW010169 (version=TLSv1.3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256 verify=NOT); Tue, 27 Feb 2024 15:45:20 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mtg.de; s=mail201801; t=1709045120; bh=EeC9vOLZhyqr/rUHX0uiiBTyQm63/m+0ChKlhPwjt90=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=Z/tvUOAKZOFwbFpVDUL+LaSk+PI7EIXQ01xxVA3z8aAga0IxkZ5VgDEwazueSQRT7 8QY4CTMfekefLKxnoTIVTRlIgPtCOeYE9PSnh/wecBZYbLXwy4xk4mpPnIoLQIzf7b Oy9WnfwTyXnZ1nBthVzfy9X43WyiW2IoY4TvnsI3EQ+fny+Pm4fOGjBRlm5ATT1chj CmO49MAm/JuKRsibJlTBeglz/hhNk5gPtRmke4sBddnoalL1McmEJ+FDTCezoCGXE1 DBWhxsl3Grq2jqHavr9i+0UnUcOXxut96+kvkoAl/PWMHIOYcC6xSf+0+URw2Ff8Kw je7MS6naxbdsA==
Received: from [199.99.99.194] (dhcp194 [199.99.99.194]) by minka.mtg.de (8.18.1/8.18.1) with ESMTPS id 41REjJe3014170 (version=TLSv1.3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256 verify=NOT); Tue, 27 Feb 2024 15:45:20 +0100
Message-ID: <da6a61ba-7522-4fe2-8aed-48cac287744e@mtg.de>
Date: Tue, 27 Feb 2024 15:45:19 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Daniel Huigens <d.huigens@protonmail.com>
Cc: Derek Atkins <derek@ihtfp.com>, Aron Wussler <aron@wussler.it>, "openpgp@ietf.org" <openpgp@ietf.org>
References: <KoQWmWaeY2lKLiKIiFQelFQ49xHnFQV6SVrWGMjUtMcF237bLEyMEUuqHLgbJGk1mg9M6Aw7UCCgTYTVlWcRmviOEOzq1Gk1mB7UA6vlxTk=@wussler.it> <6f322608-198d-41bd-9396-c2fc3c523f0b@cs.tcd.ie> <87o7c737in.fsf@jacob.g10code.de> <D7DD9F61-F4D0-4049-8C56-455D412BA1BA@andrewg.com> <Xt3wTD57OI4vzZofvU5GUmyzWpwPbQCONggQQdhaH3YqBA0YiB5I5Up47pOLOz3RjTqwrYMzhc38f0eNHNPayw4vXbOUvaX57W4AhHDxF8A=@wussler.it> <e5fd4130-22bd-4612-a20d-30b2df4ddde4@cs.tcd.ie> <459d5e0430e899115c05587d9dd5b6e1.squirrel@mail.ihtfp.org> <88f33912-54db-41d9-9887-226892d897fa@cs.tcd.ie> <zcPLaEVzNo7WFjXliYxuh0Ti2n2X_gA-39IlijwGWkV8bZbjC26hWMu5mXmqVG5hhSRkTt4ZRtjcDznEOFvGbtie_5l4osG39Z75M6aps8U=@protonmail.com> <910501cb-c9bc-45a4-b518-368d4f1c664f@cs.tcd.ie>
From: Falko Strenzke <falko.strenzke@mtg.de>
In-Reply-To: <910501cb-c9bc-45a4-b518-368d4f1c664f@cs.tcd.ie>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms090803000608010601040706"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/M-7eqKzbGZ_t9kK5opg7EiQGvXw>
Subject: Re: [openpgp] PQC signature algorithm selection
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Feb 2024 14:45:32 -0000
Am 27.02.24 um 13:57 schrieb Stephen Farrell: > > Hiya, > > On 27/02/2024 12:43, Daniel Huigens wrote: >> Typically, implementations consider the message as properly signed when >> any one signature validates. > > Sorry, forgot to ask a question about that bit: is that true > if both signatures are checked and one fails the crypto check > needed to be verified? (As opposed to e.g. expiry.) If I understand correctly, you are asking about the case where two signatures can be understood, both are checked, and one of them fails cryptographically. I think the crypto-refresh leaves this open: Section 5.2.5 <https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh-13#name-malformed-and-unknown-signa> only covers the malformed / unknown signatures. > > I'd have thought that pretty odd. > > If OTOH, only one sig is checked and it verifies, then it'd > seem fine for the MUA to regard that as well-signed. > > Or, do we know if MUA behaviours for >1 sig are actually aligned > at all? From how I understand the crypto-refresh (see above), the behaviour in this case is only specified for malformed / unknown signatures. Thus I don't think there can ever be an alignment of clients be expected beyond that. - Falko > > Thanks, > S. > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp -- *MTG AG* Dr. Falko Strenzke Executive System Architect Phone: +49 6151 8000 24 E-Mail: falko.strenzke@mtg.de Web: mtg.de <https://www.mtg.de> <https://www.linkedin.com/search/results/all/?fetchDeterministicClustersOnly=true&heroEntityKey=urn%3Ali%3Aorganization%3A13983133&keywords=mtg%20ag&origin=RICH_QUERY_SUGGESTION&position=0&searchId=d5bc71c3-97f7-4cae-83e7-e9e16d497dc2&sid=3S5&spellCorrectionEnabled=false> Follow us ------------------------------------------------------------------------ <https://www.mtg.de/de/aktuelles/MTG-AG-erhaelt-Innovationspreis-des-Bundesverbands-IT-Sicherheit-e.V-00001.-TeleTrust/> <https://www.itsa365.de/de-de/companies/m/mtg-ag> MTG AG - Dolivostr. 11 - 64293 Darmstadt, Germany Commercial register: HRB 8901 Register Court: Amtsgericht Darmstadt Management Board: Jürgen Ruf (CEO), Tamer Kemeröz Chairman of the Supervisory Board: Dr. Thomas Milde This email may contain confidential and/or privileged information. If you are not the correct recipient or have received this email in error, please inform the sender immediately and delete this email.Unauthorised copying or distribution of this email is not permitted. Data protection information: Privacy policy <https://www.mtg.de/en/privacy-policy>
- [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Werner Koch
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simon Josefsson
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Orie Steele
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Derek Atkins
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Justus Winter
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simon Josefsson
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Justus Winter
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Justus Winter
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Justus Winter
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Bart Butler
- Re: [openpgp] PQC signature algorithm selection iang
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Daniel Kahn Gillmor
- Re: [openpgp] PQC signature algorithm selection Simon Josefsson
- Re: [openpgp] PQC signature algorithm selection Derek Atkins
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Daniel Kahn Gillmor
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Daniel Kahn Gillmor
- Re: [openpgp] PQC signature algorithm selection Daniel Huigens
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Falko Strenzke
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Bart Butler
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Michael Richardson
- Re: [openpgp] PQC signature algorithm selection Aron Wussler
- Re: [openpgp] PQC signature algorithm selection Derek Atkins
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simon Josefsson
- Re: [openpgp] PQC signature algorithm selection Andreas Hülsing
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Simon Josefsson
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Andreas Hülsing
- Re: [openpgp] PQC signature algorithm selection Justus Winter
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Stephen Farrell
- Re: [openpgp] PQC signature algorithm selection Steffen Nurpmeso
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Andrew Gallagher
- Re: [openpgp] PQC signature algorithm selection Simo Sorce
- Re: [openpgp] PQC signature algorithm selection Michael Richardson