Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis

Rick van Rein <> Mon, 30 October 2017 15:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3D9E613FA93 for <>; Mon, 30 Oct 2017 08:36:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.221
X-Spam-Status: No, score=-1.221 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id w3S294LMYISg for <>; Mon, 30 Oct 2017 08:36:13 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 12F8A1394E4 for <>; Mon, 30 Oct 2017 08:29:20 -0700 (PDT)
Received: from ([IPv6:2001:980:93a5:1::7]) by with ESMTP id 9C04eMfw6VNbY9C05euuYw; Mon, 30 Oct 2017 16:29:18 +0100
Received: by (Postfix, from userid 1006) id 2A62125DAC; Mon, 30 Oct 2017 15:29:16 +0000 (UTC)
Received: from airhead.local ( []) by (Postfix) with ESMTPA id 0F51B25DA9; Mon, 30 Oct 2017 15:29:13 +0000 (UTC)
Message-ID: <>
Date: Mon, 30 Oct 2017 16:29:06 +0100
From: Rick van Rein <>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Derek Atkins <>
CC: "" <>
References: <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.2.3
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Bogosity: Unsure, tests=bogofilter, spamicity=0.520000, version=1.2.4
X-CMAE-Envelope: MS4wfFxD0z3LgvpsOCpte2ae2Io61apYjNcYvaYwAH5FUdfG35jWibNSOvZfsarXfYbwbIyiw75IbA3JkZ/lOB4uElqlmUPuAUNYshqlxksqrzL/ab2ZLJph KOSUknhMqOXsFxM+4fViUD+dCAvxSL0f4qZWxaTOhbnAZ/PNyniQ4TCzAvpq1s0QfaoEKTcA1xpEfGQsbVa137fEQ01kccecC2w=
Archived-At: <>
Subject: Re: [openpgp] Proposal to include AEAD OCB mode to 4880bis
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 30 Oct 2017 15:36:15 -0000

Hi Derek,

>> Along the same lines I'm also surprised that no effort has been made to
>> deprecate 2.x PGP packet formats and public key formats, for instance.
>> We all know that such old keys don't have a reason to exist anymore,
>> but we're all still coding the old and new in order to be compliant to
>> the standards.  Such a waste of time...
> I have files encrypted 20+ years ago (to a 20+ year old key) sitting
> around in storage.  Are you saying that those encrypted files should not
> be readable anymore?

I was thinking about signing, which was indeed an oversight.

One might question if current-day crypto software should continue to
support old encrypted files though, or that a fork would be wiser.  The
added complexity of the software is far from helpful in keeping software
clear and bug free.  Also, this old material may end up being treated by
hardly-tested code, which is another undesirable part.

Anyhow, I brought this up to agree that we should be careful what is
being added, and your response is in fact confirming that.