Re: [openpgp] Summary of WG status

"Robert J. Hansen" <rjh@sixdemonbag.org> Sat, 12 August 2017 15:03 UTC

Return-Path: <rjh@sixdemonbag.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33985131CA2 for <openpgp@ietfa.amsl.com>; Sat, 12 Aug 2017 08:03:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FRHnEgvAMr45 for <openpgp@ietfa.amsl.com>; Sat, 12 Aug 2017 08:03:39 -0700 (PDT)
Received: from shards.monkeyblade.net (shards.monkeyblade.net [184.105.139.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABC78120724 for <openpgp@ietf.org>; Sat, 12 Aug 2017 08:03:37 -0700 (PDT)
Received: from quorra.local (ip72-219-200-232.dc.dc.cox.net [72.219.200.232]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) (Authenticated sender: rjh-sixdemonbag) by shards.monkeyblade.net (Postfix) with ESMTPSA id 29D891212D9AF for <openpgp@ietf.org>; Sat, 12 Aug 2017 08:03:37 -0700 (PDT)
To: openpgp@ietf.org
References: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net> <20170810014751.erufvruh2lm5cdpe@genre.crustytoothpaste.net> <1b68dbbb-38ac-6370-fe20-76be795b2634@sixdemonbag.org> <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net>
From: "Robert J. Hansen" <rjh@sixdemonbag.org>
Message-ID: <a2f2973f-2b34-5e07-2651-a1910d992c6a@sixdemonbag.org>
Date: Sat, 12 Aug 2017 11:03:34 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <20170811202924.yiwzjom3tag3ivkk@genre.crustytoothpaste.net>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="WTb5A5viwEJMXrL7BOh9NdTFdq29K4BPI"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Sat, 12 Aug 2017 08:03:37 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/VT-jMkb9qf8CzVg5v-Wa1f9CTI8>
Subject: Re: [openpgp] Summary of WG status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Aug 2017 15:03:41 -0000

> Okay.  Let me offer a fingerprint proposal, then: SHA-256.  Basically,
> identical to Werner's proposal, except with the full SHA-256.  That
> resolves all the issues over truncation.  SHA-256 is mandatory to
> implement.
> 
> Opinions or counterproposals?

It's simple, easy to implement, and can be done right now.  I'm in favor.

Months upon months have gone by with us largely twiddling our thumbs
while we talk about the perfect fingerprint format.  Full SHA256 isn't
perfect but it'll do, and we're now at the point where a good it'll-do
solution is the magic bullet we need.