Re: [openpgp] v5 in the crypto-refresh draft
Michael Richardson <mcr+ietf@sandelman.ca> Sat, 05 June 2021 20:29 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C96E3A2F0E for <openpgp@ietfa.amsl.com>; Sat, 5 Jun 2021 13:29:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T4RNE5LL8osU for <openpgp@ietfa.amsl.com>; Sat, 5 Jun 2021 13:29:09 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 302E63A2F0D for <openpgp@ietf.org>; Sat, 5 Jun 2021 13:29:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 77C5138AE4; Sat, 5 Jun 2021 16:29:41 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id bnvtCnkhjckK; Sat, 5 Jun 2021 16:29:41 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 00B4038AE3; Sat, 5 Jun 2021 16:29:41 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 1551967E; Sat, 5 Jun 2021 16:29:07 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, openpgp@ietf.org
In-Reply-To: <87v96sqke0.fsf@fifthhorseman.net>
References: <87lf7q6sh0.fsf@fifthhorseman.net> <376548.1622830236@dooku> <87v96sqke0.fsf@fifthhorseman.net>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 05 Jun 2021 16:29:07 -0400
Message-ID: <14974.1622924947@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Op54GZZpXmtih49r9HwTg-Tyfww>
Subject: Re: [openpgp] v5 in the crypto-refresh draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Jun 2021 20:29:14 -0000
Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On Fri 2021-06-04 14:10:36 -0400, Michael Richardson wrote: >> > (2) appears to prepare for keys larger than 65536 octets. This looks >> > like post-quantum planning to me, but we are not including any PQ >> > schemes in the specification, and it's not clear that this change on >> > its own would be sufficient to support such a new scheme (especially >> > because there doesn't seem to be any CFRG consensus on what PQ scheme >> > to endorse yet). >> >> Sure, but wouldn't it help a v5 implementation to more intelligently skip >> such a thing? I don't know if we can support multiple signatures with >> different algorithms. > Would it? In what context? The change for (2) has to do with how to > structure data fed into a hash algorithm for a certification ("key > signature") but isn't anything on the wire. Assume in the future that we have keys larger than 64K octets. We are doing that, not because there has been a quantum event, but because we are preparing for it. We may still not even be sure which PQ scheme is the right one. (There are multiple keys present, and possibly multiple signatures over both end-user-data, and over keys) A v5-capable tool, which does not speak these new formats can still process the packets. It could also verify that these large keys are signed by our legacy algorithms. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Huigens
- Re: [openpgp] v5 in the crypto-refresh draft Michael Richardson
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Paul Wouters
- Re: [openpgp] v5 in the crypto-refresh draft Michael Richardson
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Paul Wouters
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Nickolay Olshevsky
- Re: [openpgp] v5 in the crypto-refresh draft Peter Pentchev
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Peter Pentchev
- Re: [openpgp] v5 in the crypto-refresh draft Michael Richardson
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Paul Wouters
- Re: [openpgp] v5 in the crypto-refresh draft Justus Winter
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor
- Re: [openpgp] v5 in the crypto-refresh draft Peter Gutmann
- Re: [openpgp] v5 in the crypto-refresh draft Daniel Kahn Gillmor