IETF Logo Mail Archive

Re: [openpgp] Remarks on Brainpool missing in -06

Daniel Huigens <d.huigens@protonmail.com> Fri, 15 July 2022 11:32 UTC

Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28C64C159489 for <openpgp@ietfa.amsl.com>; Fri, 15 Jul 2022 04:32:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o_cug8bmL-Vb for <openpgp@ietfa.amsl.com>; Fri, 15 Jul 2022 04:32:36 -0700 (PDT)
Received: from mail-40131.protonmail.ch (mail-40131.protonmail.ch [185.70.40.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98FE7C14F745 for <openpgp@ietf.org>; Fri, 15 Jul 2022 04:32:36 -0700 (PDT)
Date: Fri, 15 Jul 2022 11:32:30 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1657884752; x=1658143952; bh=5O41G2UdNgdl1AVDD0YuEjEzamlghapYNjvTraV3OMo=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:Feedback-ID:From:To:Cc:Date:Subject:Reply-To: Feedback-ID:Message-ID; b=gg4SPyrSZ5w/OQhNkn239skMvrhHtdEIkEXDf9cOvuyjmKCMRqxXIFE52/THdF78z eBRsxabSObM5fJdQ0n9zdWaxFj4GY1AhpE3b+vt44AYPr8JS4/G0OVNzqZH9n7pahk DAjomjDTWeaH9YIF++eYKfPYb550Y1/bD7+TBwhPuFRQgN2R3mnjf1SfIeIl5Ml6ml 9O4MvrL0NZvQpMcM09NUVU3nSOPIagTdM5q+rHkLm+F01RDXnjAeX7+30UxNgvwlsJ /MzduFLD4iuwzoC5X2Gy4eF7VBrSzzItwshj2UmL717cJNPtS/28Es57t7seG89eJH yXLJvYm2vmZ9Q==
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
From: Daniel Huigens <d.huigens@protonmail.com>
Cc: openpgp@ietf.org, Stavros Kousidis <stavros.kousidis@bsi.bund.de>
Reply-To: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <wfTvdTZxTxoIDkJb-gD6_awC4RJO8wE1A-0Rlvp0MON5NR9seNHBBtzkRDla3ypK6XGV09iZgsSL5qVOUp852L_ORTRbhzdnxFI1o-lzYC4=@protonmail.com>
In-Reply-To: <29c6b9bc-de68-2969-c83a-e7a238bac75e@cs.tcd.ie>
References: <874k0wjva7.fsf@wheatstone.g10code.de> <99c82bc9-267a-c749-ec70-a9633b8a2f04@cs.tcd.ie> <29c6b9bc-de68-2969-c83a-e7a238bac75e@cs.tcd.ie>
Feedback-ID: 2934448:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/TAkBHk9m-aL-ILDgYZTD0f_uR5A>
Subject: Re: [openpgp] Remarks on Brainpool missing in -06
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jul 2022 11:32:41 -0000

Hi,

I'll give a "grumbling non-objection", if you will. The MR text is
correct and matches implementations. I personally still think that it's
unclear whether the charter calls for this, though. Having more public-
key algorithms or curves also increases binary size, implementation
effort, attack surface, etc (since one can't really choose not to
implement them, once public keys are out there, since there's no
negotiation mechanism). But, since the implementations are already
there (including the ones I now maintain :')), I guess it's better to
document it than not.

Finally, the state of cryptographic library support for Brainpool is not
great, imo. In OpenPGP.js, we use an implementation from "elliptic.js",
but it's slow and not constant-time [1]. I've looked for other JS
implementations or non-JS implementations that we could compile to
WebAssembly, but didn't find any. In my opinion, it would be great if
the BSI could contribute or invest in some open source, high-quality
implementation(s) of Brainpool, to improve the situation here.

Best,
Daniel

[1]: https://github.com/openpgpjs/openpgpjs/issues/720


------- Original Message -------
On Friday, July 15th, 2022 at 12:33, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> Hiya,
>
> On 08/07/2022 13:51, Stephen Farrell wrote:
>
> > Hi all,
> >
> > We seem to perhaps be nearing rough consensus
> > here, so to check that...:
> >
> > Would anyone object if the chairs asked the
> > editors to merge [1]? (And for the editors to
> > come back to the list if there are issues in
> > doing that merge.)
> >
> > If so, please say so and why before July 15th.
>
>
> It's now then, so unless someone yells we'll plan
> to ask the editors to merge [1] or report back if
> trickiness is found in attempting that.
>
> Cheers,
> S.
>
> > Thanks,
> > S.
> >
> > [1] https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/202
> >
> > _______________________________________________
> > openpgp mailing list
> > openpgp@ietf.org
> > https://www.ietf.org/mailman/listinfo/openpgp
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp

v2.23.0 | Report a Bug | By Email