IETF Logo Mail Archive

Re: [openpgp] crypto-refresh finished? (again;-)

Werner Koch <wk@gnupg.org> Wed, 21 June 2023 17:08 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 189FCC15108D for <openpgp@ietfa.amsl.com>; Wed, 21 Jun 2023 10:08:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gc-qPlMLccTo for <openpgp@ietfa.amsl.com>; Wed, 21 Jun 2023 10:08:13 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEBE6C15107E for <openpgp@ietf.org>; Wed, 21 Jun 2023 10:08:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ODlbHtQaSwD5LygHMZ9yoqGn/LlfA5f1itI/n8/cjdM=; b=eroKTqsqtE5CUlnY5vgvdJ1AAv c5E23WtV3FqSqc2kOxx22w9U2zCIzN9W/8FcW07KCNGcm8ZgvWTkJfsc7BGKATa0duhXzerz57qSj 7nGeUNEkGtWC/q0YVpnJDM8nqoxUCwfyGf36nvH/AXHEh+FBcuFFKlx0Ksm5wQKibHa4=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1qC1JW-0004sZ-Bh for <openpgp@ietf.org>; Wed, 21 Jun 2023 19:08:14 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1qC1I6-0004ie-L2 for <openpgp@ietf.org>; Wed, 21 Jun 2023 19:06:46 +0200
From: Werner Koch <wk@gnupg.org>
To: "openpgp@ietf.org" <openpgp@ietf.org>
References: <7b9d62a6-8570-ca81-c0bd-0f31d6cd136c@cs.tcd.ie> <aea6b745-0e65-ac19-077e-8f389868b658@cs.tcd.ie>
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Jabber-ID: wk@jabber.gnupg.org
Mail-Followup-To: "openpgp\@ietf.org" <openpgp@ietf.org>
Date: Wed, 21 Jun 2023 19:06:40 +0200
In-Reply-To: <aea6b745-0e65-ac19-077e-8f389868b658@cs.tcd.ie> (Stephen Farrell's message of "Wed, 21 Jun 2023 14:22:49 +0100")
Message-ID: <87mt0sn3rz.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=North_Korea_ASIS_NSA_Stego_Connections_Vaccine_Blowfish_COS_GSS=Belt"; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/QmkmbKVy-2e_Mpl1ygDGp0mlAR8>
Subject: Re: [openpgp] crypto-refresh finished? (again;-)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jun 2023 17:08:17 -0000

Hi!

Given that question and suggestions from major implementors have not
been properly discussed and taken in account, I doubt that there is
sufficient consensus in the WG for a new RFC or even an IETF Last Call.

In particular Kai Eggert's mail from 8 Oct 2022 "Re: [openpgp] a new
draft overlapping the WG draft" [1] had well thought out suggestions
which were never seriously discussed.  Ronald Tse's reply and questions
as a followup on the same day stated for example:

  2. For those who have stayed long enough at the list, we remember that
  the current iteration of the "OpenPGP WG" resulted from some advocates
  trying to “shove out” the original 4880-bis. And 4880-bis did get
  thrown out. This was not appreciated. The original intent of
  reestablishing the WG was to “build on” 4880-bis, not throw it out.

and thus challenged whether the new I-D is covered by charter of this
WG.

The multiple roles of dkg as 1) WG chair, 2) contributor and Debian
maintainer of Sequoia-PGP, (3) main force behind reformatting the
original markup of rfc4880bis, (4) actual author of large parts of the
crypto refresh draft was probably not helpful for a purposeful work on
an intended and chartered small OpenPGP update.

Since the OpenPGP WG was established more than 25 years ago, the group
has produced and maintained specifications to everyone's satisfaction
without throwing over actual use cases of OpenPGP.  We earned a well
repudiation with this solid consensus based work.  I wish we can keep
this and get back to a friendly and fair interaction; beating a
specification update in the current way is not the right way.


Shalom-Salam,

   Werner


[1] https://mailarchive.ietf.org/arch/msg/openpgp/AJEE9_pmfV2SH9dd3EM6v2jEQpI
[2] https://mailarchive.ietf.org/arch/msg/openpgp/EgILWBGqU_qvbRLLdbR3jxvMZyc


-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein

v2.37.1 | Report a Bug | By Email | System Status