[openpgp] Forward-compatibility of existing implementations
Justus Winter <justus@sequoia-pgp.org> Tue, 06 June 2023 17:04 UTC
Return-Path: <justus@sequoia-pgp.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A77EC1519B1 for <openpgp@ietfa.amsl.com>; Tue, 6 Jun 2023 10:04:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.693
X-Spam-Level:
X-Spam-Status: No, score=-1.693 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=sequoia-pgp.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iV1rwP4hp5Cp for <openpgp@ietfa.amsl.com>; Tue, 6 Jun 2023 10:04:41 -0700 (PDT)
Received: from harrington.uberspace.de (harrington.uberspace.de [185.26.156.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18866C151984 for <openpgp@ietf.org>; Tue, 6 Jun 2023 10:04:40 -0700 (PDT)
Received: (qmail 32385 invoked by uid 500); 6 Jun 2023 17:04:38 -0000
Authentication-Results: harrington.uberspace.de; auth=pass (plain)
From: Justus Winter <justus@sequoia-pgp.org>
To: openpgp@ietf.org
Date: Tue, 06 Jun 2023 19:04:36 +0200
Message-ID: <87v8g05xp7.fsf@europ.lan>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
X-Rspamd-Bar: ----
X-Rspamd-Report: MIME_GOOD(-0.2) SIGNED_PGP(-2) BAYES_HAM(-1.858182)
X-Rspamd-Score: -4.058182
Received: from unknown (HELO unkown) (::1) by harrington.uberspace.de (Haraka/3.0.1) with ESMTPSA; Tue, 06 Jun 2023 19:04:38 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sequoia-pgp.org; s=uberspace; h=from; bh=+M7dQhEPGUvsEVSuN/6ZLq7N7E6n4MIfOv/GJ0lmgFM=; b=Ku4Z7KRg4pgYpxWRVJ1JL0ItXdxUMVZLYulDgbNbsRLnRFKSipaABHR5+UEA5iuxb3z/YUC+vn 2ifgHjoE0awYV81yqfArd3ALnQQD3PQB+jTQYlk3gGihwuFuCOVxm/e5qhCHGseYF8ynfAiRR9k9 n7Y3jPgWxvgtETlXzaCya++yQQXj530VbLoumCTbHk8uOoLvHEPuIeEgyKjDPfLWtVl13XzLAU77 uOHQ6jEGMK3cOCv7WIpZ8kbuSZWDibNF0sZs5yoGEgg9oTHuUSMKGKo5juAjuT2PBvv/QfmaMUx5 C6Rojot1vSeUt6+sUBLg6lLNUtDTczPmn6BXWcZwNQtwzrA9T4pN2im/k5+NXtYzc+f+T+1v9oMH BhXKUvzddfAKCs9OEN94yWL1lr16xR9WVMW3JcaIdaSoHFzP07ZMO+jbnONggF01H81IgE34+iGC MNSnrd5Gqu+cUpHs5415rp/7sRk4z2d792EVGyMbaPAT8fS+KMVhuvzO/9ERpLPC3iD9591h4sFD SSODkTnFfrK5Z3hveW378StOaAayosmisBSNMmYDL0NNL6eTUlvWS5UKce79+y2TxzBf7LKzl7YG MzeWmHeBgRYTyXVXVQNi57FXy7nzz0SxiraxGQ/+do8T1WWyMDbqoic8CM3pFL2OWSACxXFTMROa 8=
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/QUiEKx3PQeJOXnkcvvnuHpv739M>
Subject: [openpgp] Forward-compatibility of existing implementations
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2023 17:04:45 -0000
Moin :) as existing implementations are about to encounter post-RFC4880 artifacts, it is important to make them gracefully ignore those artifacts. For example, a message may be encrypted to both an RFC4880 recipient and a post-RFC4880 recipient, and it may be signed with a signature packet version >4. Similarly, known packet versions may use unknown public key and hash algorithms. The test suite contains a number of tests that look for such problems. I have tagged them "forward-compat": https://tests.sequoia-pgp.org/?q=forward-compat The following implementations have at least one issue: - GnuPG - GopenPGP - OpenPGP.js - PGPainless - PGPy - RNP Now is the time to fix them before they encounter post-RFC4880 artifacts in the wild and cause problems for users! Best, Justus
- [openpgp] Forward-compatibility of existing impleā¦ Justus Winter