Re: [openpgp] Éric Vyncke's No Objection on charter-ietf-openpgp-03-00: (with COMMENT)

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 November 2023 21:39 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21B86C1519B1; Wed, 29 Nov 2023 13:39:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="VoUQchI4"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="PWmXXCn9"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id slCgvPobfWcy; Wed, 29 Nov 2023 13:39:14 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 513ADC15154F; Wed, 29 Nov 2023 13:39:13 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1701293950; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=/C86x9W7aZLZeHmef6xhFvCRauzzWJD4fqxpLpTuxg8=; b=VoUQchI41MxDbPCRBy2dyLqJ+TpSRk8Junn3va9cjU5CjFi+RYoca/zLw3shS9SskTihS kexEplsqjfz2BjJCg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1701293950; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=/C86x9W7aZLZeHmef6xhFvCRauzzWJD4fqxpLpTuxg8=; b=PWmXXCn9SwDWyLAF8Hm6L8xabP4I7ION6n6agB04/bnSKwrZSzAEuXN16c/uBNt5N2fTj oBuxzC1vqO+rGbEnEQc4xBQAFP06Wnh9GVNzVC8wJ2beTQIf2DPhQbo29Oq1HVdTxwAJuIB mjHAmo16ygMIddsirUDNesihXprVrlGbXct6AQrqQnzVpyo/G+J8sTxTZwZGMixicowjfxR RKX6/ZBmEpNi9+49lHsZ9/dp8n4/FnI1O5010ppljXuKW04G0QsdZIXx5iFJndK8QOlYz9b MH2Gxtso9LpA+Ev9JnzbPz5huATNrIonTrpkUA1GmCE3xjjp49RBBIqJ6h5g==
Received: from fifthhorseman.net (AMERICAN-CI.ear2.NewYork6.Level3.net [4.59.214.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 4E706F9E6; Wed, 29 Nov 2023 16:39:10 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 08D7A20479; Wed, 29 Nov 2023 15:46:35 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Éric Vyncke <evyncke@cisco.com>, The IESG <iesg@ietf.org>
Cc: openpgp-chairs@ietf.org, openpgp@ietf.org
In-Reply-To: <170093208887.42668.17199835457206426339@ietfa.amsl.com>
References: <170093208887.42668.17199835457206426339@ietfa.amsl.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Wed, 29 Nov 2023 15:46:33 -0500
Message-ID: <871qc8xp7a.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/_V93cVASf2DcLX_A6HYbmX5SUK4>
Subject: Re: [openpgp] Éric Vyncke's No Objection on charter-ietf-openpgp-03-00: (with COMMENT)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Nov 2023 21:39:19 -0000

On Sat 2023-11-25 09:08:08 -0800, Éric Vyncke via Datatracker wrote:
> Please expand PQC, unsure whether "domain separation" is well understood (at
> least not to me), HKP/WKD: suggest to use the acronyms *after* their
> expansions, I like the use of "e.g., use ... as initial input" (except perhaps
> I would have used "perhaps" rather than "e.g."

Thanks for these suggestions.  In the git repository that contains this
proposed charter text, I've expanded acronyms before they're used and
used "perhaps" instead of "e.g." .

I've also updated the context binding/domain separation to explain it a
little bit more:

- **Context binding**: facilitate [domain separation for signing and/or encryption](https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/145).  This is intended to prevent abuses where an attacker tries to repurpose existing cryptographically protected data for (mis)use in a novel domain or context.

We don't need to make these changes to the formal charter text, if they
cause any objections, but they seem simple and unobjectionable to me,
and make the new charter a bit more understandable.

      --dkg