Re: [openpgp] Manifesto - who is the new OpenPGP for?
Wyllys Ingersoll <wyllys@gmail.com> Wed, 25 March 2015 13:41 UTC
Return-Path: <wyllys@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D25761AD065 for <openpgp@ietfa.amsl.com>; Wed, 25 Mar 2015 06:41:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PMcFFIPEqy4H for <openpgp@ietfa.amsl.com>; Wed, 25 Mar 2015 06:41:32 -0700 (PDT)
Received: from mail-oi0-x22e.google.com (mail-oi0-x22e.google.com [IPv6:2607:f8b0:4003:c06::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93DF21AD05B for <openpgp@ietf.org>; Wed, 25 Mar 2015 06:41:32 -0700 (PDT)
Received: by oiag65 with SMTP id g65so21372312oia.2 for <openpgp@ietf.org>; Wed, 25 Mar 2015 06:41:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=BE4gcEkc9JdvN9BeurIoi1mjeSNfumjbTvdubI3YBrg=; b=lItytVJWRgNNzkw8Xx1Eg85J6Y2yXzPi6VOQorKgjXhdMXrgx0U1o8XRK+EFheAbzB 6tTR3NJAJv71ZZLy3G4DL4tYvnlIrbYqLnBwCJOS29E0R1Efra3673p9aLKySOTglUL7 ZX8TzDyuNUmQ8rMFgxUMYfFsWmfYLztQw6llCTQc35izWtlSFYo+K5Hh1W78Sz6SrLOg UZXyDHny/hZDZ79g72foMFDliZ6IEdywbPCegl7jLrQdyaShBnJoOBG7lAkiwwCONdZu F1UCXYPNhj3D+p02Qf4vOBNR8Z4FOuj2RDjGPPzV7lIifN3mwOBFFKJ2Uvemwk2HGiRg SUFQ==
X-Received: by 10.202.202.82 with SMTP id a79mr7099874oig.5.1427290892141; Wed, 25 Mar 2015 06:41:32 -0700 (PDT)
MIME-Version: 1.0
References: <CAA7UWsUz65C0GAQo8Yf7ZOeT9BYy+NLV5pbbPg+Ok0-72ca1eA@mail.gmail.com> <1426721882.4249.72.camel@scientia.net> <5510578A.80304@iang.org> <1427140788.10191.75.camel@scientia.net> <5510B7CF.8060308@iang.org> <1427168189.10191.241.camel@scientia.net> <5511FE82.6010807@iang.org> <87wq25iiv8.fsf@vigenere.g10code.de> <20150325130253.GC3160@singpolyma-liberty>
In-Reply-To: <20150325130253.GC3160@singpolyma-liberty>
From: Wyllys Ingersoll <wyllys@gmail.com>
Date: Wed, 25 Mar 2015 13:41:30 +0000
Message-ID: <CAHRa8=WzcwRuEGrd9ccKWfsPu--nY2z-gFsFy4Fh+hFVW4yLPw@mail.gmail.com>
To: Stephen Paul Weber <singpolyma@singpolyma.net>, Werner Koch <wk@gnupg.org>
Content-Type: multipart/alternative; boundary="001a1135293c9e0ba805121d0e3a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/VptzMMFRK1xI53ETMDSGv3JszjM>
Cc: openpgp@ietf.org, ianG <iang@iang.org>
Subject: Re: [openpgp] Manifesto - who is the new OpenPGP for?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2015 13:41:35 -0000
Compatibility with existing implementations should be a consideration when making any updates to the spec. Creating a "V5" key format is certainly within scope. Radically changing the packet structure or data encoding scheme in a way that breaks all existing implementations or forces the implementors to have 2 very different code bases to support old vs "new" formats should be strongly discouraged. One of the (many) problems with todays OpenPGP is that it is impossible to update older keys to a newer format, which leads to many users continuing to rely on old keys and implementors end up having to support the older formats. We could encourage users to "modernize" their keys if new formats were designed with some thought to having an upgrade path from V4. Revoking old keys and re-issuing your public key to your "circle of trust" is tedious and semi complicated and most people just give up and create new keys or stop using PGP altogether. Certainly, weak keys should be revoked and replaced, but "reasonable" keys that are just in an older format should be easily updated to newer formats if possible. IMO, the goals of an OpenPGP update should be: 1. Remove any outdated and/or insecure ciphers and hashes 2. Specify profiles for new ciphers, modes, and hashes with an eye towards simplification. Keep the "MUST" list short and the optional list brief but extensible. 3. Upgrade path from V4 keys to V5 and beyond. 4. Don't fix what ain't broke. ASCII Armor, for example. If whatever results from this effort requires a complete rewrite of existing OpenPGP parsing engines and reengineering existing apps from the ground up, then it will be a complete failure and should be renamed something else and taken to a new WG. -Wyllys @ipgmail On Wed, Mar 25, 2015 at 9:03 AM Stephen Paul Weber < singpolyma@singpolyma.net> wrote: > >FWIW: When I kicked of this thread I was not thinking of a "new OpenPGP" > >but of long planned extensions and updates to an existing protocol. > >Throwing everything over board and start from scratch should not be done > >under the label of OpenPGP; > > I very much agree. To be "OpenPGP" is to be at least *able* to be > backwards > compatible with the current OpenPGP. Otherwise you are something new and > other. > > -- > Stephen Paul Weber, @singpolyma > See <http://singpolyma.net> for how I prefer to be contacted > edition right joseph > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp >
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- Re: [openpgp] New encryption formats for messaging ianG
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- Re: [openpgp] New encryption formats for messaging ianG
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- [openpgp] Manifesto - who is the new OpenPGP for? ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Falcon Darkstar Momot
- Re: [openpgp] Manifesto - who is the new OpenPGP … Werner Koch
- Re: [openpgp] Manifesto - who is the new OpenPGP … Stephen Paul Weber
- Re: [openpgp] Manifesto - who is the new OpenPGP … Stephen Paul Weber
- Re: [openpgp] Manifesto - who is the new OpenPGP … Wyllys Ingersoll
- Re: [openpgp] Manifesto - who is the new OpenPGP … Clint Adams
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … Tim Bray
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … John Kreznar
- Re: [openpgp] Manifesto - who is the new OpenPGP … Werner Koch
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Brian Sniffen
- Re: [openpgp] Manifesto - who is the new OpenPGP … Bill Frantz
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- [openpgp] OpenPGP private certification [was: Re:… Daniel Kahn Gillmor
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification [was:… Daniel Kahn Gillmor
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- [openpgp] public logging of e-mail certificates [… Daniel Kahn Gillmor
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… Daniel Kahn Gillmor
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification [was:… Derek Atkins
- Re: [openpgp] public logging of e-mail certificat… Brian Sniffen
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification Derek Atkins
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification ianG
- Re: [openpgp] OpenPGP private certification [was:… ianG
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… ianG
- [openpgp] New encryption formats for messaging David Leon Gil
- Re: [openpgp] OpenPGP private certification Ben McGinnes