IETF Logo Mail Archive

Re: [openpgp] Backwards compatibility vs streaming verification of v6 clearsigned messages

Vincent Breitmoser <look@my.amazin.horse> Sat, 27 May 2023 10:58 UTC

Return-Path: <look@my.amazin.horse>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C1FBC151080 for <openpgp@ietfa.amsl.com>; Sat, 27 May 2023 03:58:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=my.amazin.horse
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4F7_3cqEcO1A for <openpgp@ietfa.amsl.com>; Sat, 27 May 2023 03:58:54 -0700 (PDT)
Received: from my.amazin.horse (my.amazin.horse [IPv6:2a03:4000:3f:29c::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31B84C151065 for <openpgp@ietf.org>; Sat, 27 May 2023 03:58:54 -0700 (PDT)
Received: from [IPV6:2003:d2:1f1f:1500:388:75b4:452a:83d6] (p200300d21f1f1500038875b4452a83d6.dip0.t-ipconnect.de [IPv6:2003:d2:1f1f:1500:388:75b4:452a:83d6]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) by my.amazin.horse (Postfix) with ESMTPSA id EA15A6220E for <openpgp@ietf.org>; Sat, 27 May 2023 12:58:51 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=my.amazin.horse; s=2020; t=1685185131; bh=TnTUa+oPRFDrAPcUSDQc3pHlztb5wswc2Bl/ZVFl8QY=; h=Date:To:References:From:Subject:In-Reply-To; b=uYS32HJ1kTy7L2p2W1qDogtpqUJv7moo6amKfKw7vz9kvVfU9neT7MIS2SgxPxArt yFgiQqdH5dtFcBpeeygGHtJi+MhcH13L8jgylnObYHD9Qj3sxG1d4ryA3RG6nY109j zf0ih7A+QRd0TZzBn5GMVCVJ2fs+e91pkYO3JonU=
Message-ID: <4fcd9579-7002-8a1a-25bc-153b9406348e@my.amazin.horse>
Date: Sat, 27 May 2023 12:58:51 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0
To: openpgp@ietf.org
References: <LaSdaOASqnixctT3XuZHNIeldK2IPqJvHbqo_qkFjdrMBOQ4SKhiWl_76xq2P6l2Wts9rJ6MTTRLfpj9sqyG4_F4etjNcgEt6pmmtuyfsBY=@protonmail.com> <87h6s2hezc.fsf@fifthhorseman.net> <7c9f97df-f06b-6f87-3776-8f351289cb31@my.amazin.horse> <87bki66zb5.fsf@thinkbox>
Content-Language: en-US
From: Vincent Breitmoser <look@my.amazin.horse>
In-Reply-To: <87bki66zb5.fsf@thinkbox>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Srv-qHinRMbHBchpHpaCpCExreg>
Subject: Re: [openpgp] Backwards compatibility vs streaming verification of v6 clearsigned messages
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 May 2023 10:58:58 -0000

Hey list,

> We talked about this at the OpenPGP email summit, and we agreed that
> this is a good solution.  I have created a merge request where we can
> fine-tune the change:
> 
> https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/313

Cool. I didn't think that suggestion would find much agreement actually, 
but I'm glad it did :)

Relatedly: For this and other topics discussed over the summit, it would 
be good practice to have individual opinions voiced on this list as 
well, rather than just the outcome of the discussion. No need for 
everyone to repeat each other of course, just short notes of agreement 
or disagreement here and there. That would be great to allow folks who 
aren't attending to attach names and supporters to opinions and 
decisions that will influence the spec.

With the current state of the community especially, it's important to 
make the decision making process as transparent as possible.

Cheers

  - V

v2.23.0 | Report a Bug | By Email