Re: [openpgp] The checksum may appear
Ángel <angel@16bits.net> Thu, 25 March 2021 00:07 UTC
Return-Path: <angel@16bits.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBA663A13AD for <openpgp@ietfa.amsl.com>; Wed, 24 Mar 2021 17:07:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IuSkKQHcNnTT for <openpgp@ietfa.amsl.com>; Wed, 24 Mar 2021 17:07:25 -0700 (PDT)
Received: from mail.direccionemail.com (mail.direccionemail.com [199.195.249.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 774BD3A1411 for <openpgp@ietf.org>; Wed, 24 Mar 2021 17:07:06 -0700 (PDT)
Message-ID: <9cf9ae77e21fa330918df0754707e9304a41fd36.camel@16bits.net>
From: Ángel <angel@16bits.net>
To: openpgp@ietf.org
Date: Thu, 25 Mar 2021 01:07:06 +0100
In-Reply-To: <87blbfpr9b.fsf@wheatstone.g10code.de>
References: <20210317145508.136021-1-dkg@fifthhorseman.net> <5a927ffed96b38efa08c58b6a29e565dff87a535.camel@16bits.net> <87blbfpr9b.fsf@wheatstone.g10code.de>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/PqVu8m9KWCHeLXrD-axy7lA16r4>
Subject: Re: [openpgp] The checksum may appear
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 00:07:35 -0000
On 2021-03-19 at 07:54 +0100, Werner Koch wrote: > > -The checksum with its leading equal sign MAY appear on the first line > > after the base64 encoded data. > > +If present, the checksum with its leading equal sign SHALL appear on > > the next line after the base64 encoded data. > > Adding "optional" and making the CRC a SHOULD create indeed clarifies > the intention of the RFC. Thus I am in favor of this change. Note I wasn't placing the later. I only stated that you can only place the checksum at the end. I was planning to treat this as a feature request and add a phrase with such SHOULD, since I agree it's a good idea, but turns out I can't come out with a better rationale than “it's cheap enough it makes sense to do it even if not giving much value”. What is the goal of the armor CRC? The only good use case I can think of is when a human has been involved, such as when restoring a key from paper. On other scenarios, the CRC would either be too weak (e.g. in presence of an active attacker) or protecting from an error that would already have been handled at lower layers. [1] and [2] suggest it was added to avoid modem line noise altering the messages (which nowadays should be discarded at e.g. TCP). Without a compelling use case, I don't think it should be a SHOULD. And finally, we should at least mention why it was once considered useful. The original change is available in git mode at https://gitlab.com/Angel-Gonzalez/rfc4880bis/-/tree/checksum-may-appear Best regards 1- https://mailarchive.ietf.org/arch/msg/openpgp/3K6tSdebEjQw8K1z1pZkXxyvu-k/ 2- https://mailarchive.ietf.org/arch/msg/openpgp/2FmAqP-nJkV08E1qQ4YNO2xR2Pc/
- [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C exa… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Ángel
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Werner Koch
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… brian m. carlson
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Ángel
- Re: [openpgp] The checksum may appear Ángel
- Re: [openpgp] The checksum may appear Werner Koch
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Daniel Kahn Gillmor
- Re: [openpgp] The checksum may appear Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Ángel
- Re: [openpgp] The checksum may appear Ángel
- Re: [openpgp] The checksum may appear Paul Wouters
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Paul Wouters
- Re: [openpgp] [RFC4880bis PATCH] Clarify CRC-24 C… Daniel Kahn Gillmor
- Re: [openpgp] The checksum may appear Ángel