Re: [openpgp] Disabling compression in OpenPGP
ianG <iang@iang.org> Thu, 20 March 2014 13:51 UTC
Return-Path: <iang@iang.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BECE61A06CF for <openpgp@ietfa.amsl.com>; Thu, 20 Mar 2014 06:51:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gsbbtfowbnm3 for <openpgp@ietfa.amsl.com>; Thu, 20 Mar 2014 06:51:27 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) by ietfa.amsl.com (Postfix) with ESMTP id B24761A069C for <openpgp@ietf.org>; Thu, 20 Mar 2014 06:51:27 -0700 (PDT)
Received: from tormenta.local (www2.futureware.at [78.41.115.142]) by virulha.pair.com (Postfix) with ESMTPSA id 1424C6D4AD; Thu, 20 Mar 2014 09:51:14 -0400 (EDT)
Message-ID: <532AF250.3040506@iang.org>
Date: Thu, 20 Mar 2014 13:51:12 +0000
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <CALR0uiJG6GcngWMUkg6NrP7_4uwf8+QDn6aMF-qonOpRMLdo3w@mail.gmail.com> <95BD0817-D762-41DD-8444-A0C4F7AF1003@jabberwocky.com> <CALR0uiL0-Xp8E=F3idtzBkmRNLk7K_M_cqMt+i2HdNqaNkwn=w@mail.gmail.com> <849778F8-1C16-4FF8-A039-6363C158BD1F@callas.org> <20140319204047.GC30999@savin> <DE00E9BD-1D37-4750-B156-BBDC4B59DB7F@callas.org> <CAAS2fgQZPPrdehcs6TxmYikmyyfxOJqAdngaFk5=PcSGEGnejA@mail.gmail.com> <20140319214118.GA17419@savin> <CAAS2fgQotHyN=CFKoWO_aUdP8bhkSixEqSDQcALZ35mG+tk1tA@mail.gmail.com> <E1E355B9-0906-43DC-BACD-D4A1350C537F@callas.org> <87ior9ru1x.fsf@vigenere.g10code.de> <CALR0uiKbSv25oPm-bKMvZcF1XNT+pL7-Fjy+uYEFtzn4kWe5Vw@mail.gmail.com>
In-Reply-To: <CALR0uiKbSv25oPm-bKMvZcF1XNT+pL7-Fjy+uYEFtzn4kWe5Vw@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/R-cDrybEGBcO9-CU4a5LUQ3eC88
Subject: Re: [openpgp] Disabling compression in OpenPGP
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Mar 2014 13:51:31 -0000
On 20/03/2014 11:55 am, Alfredo Pironti wrote: > On Thu, Mar 20, 2014 at 12:25 PM, Werner Koch <wk@gnupg.org> wrote: > >> On Wed, 19 Mar 2014 23:58, jon@callas.org said: >> >>> I'm really sorry your ballots got spoiled. But you can fix that with >>> zero changes to software nor protocol. >> >> Yep. >> >> However, this a problem of the voting protocol. > > > It would be, if the voting protocol was prescribing compression, or was > using ballots of different lengths. > > Instead, here OpenPGP is to blame because it silently slips in compression. OpenPGP doesn't make any statement about whether it preserves the length, up or down. Typically crypto can enlarge a packet, or it can shrink the packet. It's complicated, we slap on some MACs and headers and padding and stuff, so the packet ends up growing. Then some of that might be clawed back by compression or ratcheting or packet slicing or whatever. So we don't typically promise much about packet lengths. This becomes a bit more germane with say disk encryption, where for some reason people insist on not losing much space, and it becomes convenient to encrypt block for block. It *also* becomes an analogous issue when emailing from one person to another, as the trackability of names and times is an issue. As soon as you start putting some attention on what the users are doing, a generic broad protocol such as OpenPGP and also SSH and TLS and Skype and etc start to show edge cases where they might not be quite perfect for the task. Which is why there is a continuous war going on between the folks who say "use TLS and you're secure" and the folks who have to protect real value. It seems general-meets-specific brittleness has become an issue when people have a single byte protocol such as the voting protocol in use. It could be that OpenPGP could be improved for that protocol failure case, at the expense of harming all the other people who love the compression. But actually, there is a wider question here. Is the voting protocol properly thought out, and is OpenPGP really the answer? I doubt. Voting is one of the really hard problems. Most of the old-timers I know here will be able to go in and rip the guts out of any simple slapped-together voting protocol. Most of the old-timers know that voting protocols are very hard, and they don't get involved because it's so darn depressing. So I'd say, no. OpenPGP isn't to blame at all, that I see. Voting is hard, and I expect the people who put it together didn't do nearly enough thinking, or perhaps they assumed to much. I for one would not use OpenPGP to do voting. Or if I did, and it f**ked up, I'd say darn, my fault, should have known better :) iang
- [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP Gregory Maxwell
- Re: [openpgp] Disabling compression in OpenPGP Simon Josefsson
- Re: [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP Jon Callas
- Re: [openpgp] Disabling compression in OpenPGP David Shaw
- Re: [openpgp] Disabling compression in OpenPGP Andrey Jivsov
- Re: [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP Jon Callas
- Re: [openpgp] Disabling compression in OpenPGP Florian Weimer
- Re: [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP Peter Todd
- Re: [openpgp] Disabling compression in OpenPGP Jon Callas
- Re: [openpgp] Disabling compression in OpenPGP Peter Todd
- Re: [openpgp] Disabling compression in OpenPGP Gregory Maxwell
- Re: [openpgp] Disabling compression in OpenPGP Jon Callas
- Re: [openpgp] Disabling compression in OpenPGP Peter Todd
- Re: [openpgp] Disabling compression in OpenPGP Gregory Maxwell
- Re: [openpgp] Disabling compression in OpenPGP Jon Callas
- Re: [openpgp] Disabling compression in OpenPGP ianG
- Re: [openpgp] Disabling compression in OpenPGP Peter Todd
- Re: [openpgp] Disabling compression in OpenPGP Gregory Maxwell
- Re: [openpgp] Disabling compression in OpenPGP Nicholas Cole
- Re: [openpgp] Disabling compression in OpenPGP Werner Koch
- Re: [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP Werner Koch
- Re: [openpgp] Disabling compression in OpenPGP ianG
- Re: [openpgp] Disabling compression in OpenPGP Alfredo Pironti
- Re: [openpgp] Disabling compression in OpenPGP ianG
- Re: [openpgp] Disabling compression in OpenPGP ianG
- Re: [openpgp] Disabling compression in OpenPGP Hauke Laging
- Re: [openpgp] Disabling compression in OpenPGP Gregory Maxwell