Re: [openpgp] "OpenPGP Simple"
Phillip Hallam-Baker <hallam@gmail.com> Wed, 18 March 2015 23:33 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5C031A914B for <openpgp@ietfa.amsl.com>; Wed, 18 Mar 2015 16:33:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cMfOdz5itEeG for <openpgp@ietfa.amsl.com>; Wed, 18 Mar 2015 16:33:41 -0700 (PDT)
Received: from mail-lb0-x22e.google.com (mail-lb0-x22e.google.com [IPv6:2a00:1450:4010:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64A191A9163 for <openpgp@ietf.org>; Wed, 18 Mar 2015 16:33:33 -0700 (PDT)
Received: by lbnq5 with SMTP id q5so13021910lbn.0 for <openpgp@ietf.org>; Wed, 18 Mar 2015 16:33:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=/nh7NK4rHdwXfYBWhKYHShKzddri/+Gn4mF9WqpWy6Q=; b=lMLX8LJvXkRxO9WPbdKxyRZm6xdERg43Qs8qeKI1AocPFupOi06Z0ePlste29hDUFC QYrBuBWRtLqZItHZsiPdpc+PUFhOazk3vMGzYknELpw52i1/8gR8xztx4cB57aJLrUtj uSOIs67CovUPYMjY7oBcAhvITzBn7N4QK3cVktc1ENd/w7HNVK/tdQ6BHdezO4KTQtGa XEDJjwezJ3CTP6iWdmRENYDDoihfQnKePXToVvKz2MSSxzqli1mOyBEnJA5lmCkWeITG PansOsZnfO4CQvnda+kgDaFV0RTTB3cAGKQW0zifVEVuWsD28lStfra70mvkz/wkztAh 4lmQ==
MIME-Version: 1.0
X-Received: by 10.152.191.135 with SMTP id gy7mr65004087lac.91.1426721611885; Wed, 18 Mar 2015 16:33:31 -0700 (PDT)
Received: by 10.112.45.203 with HTTP; Wed, 18 Mar 2015 16:33:31 -0700 (PDT)
In-Reply-To: <088CD5E6-CDB9-44E3-8762-DA51E3D7A294@jabberwocky.com>
References: <9A043F3CF02CD34C8E74AC1594475C73AAFB3823@uxcn10-5.UoA.auckland.ac.nz> <088CD5E6-CDB9-44E3-8762-DA51E3D7A294@jabberwocky.com>
Date: Wed, 18 Mar 2015 19:33:31 -0400
Message-ID: <CAMm+Lwij1dGVmfXpBNhkwj4AxKs48RGZDuG=LPD7PWRkWCrp0w@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: David Shaw <dshaw@jabberwocky.com>
Content-Type: multipart/alternative; boundary="001a1134303adeb57b051198821a"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/_g3eqKwqquPogh4qUGDAFKfRYck>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
Subject: Re: [openpgp] "OpenPGP Simple"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2015 23:33:42 -0000
On Mar 16, 2015, at 11:05 PM, David Shaw <dshaw@jabberwocky.com> wrote: On Mar 16, 2015, at 10:10 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: David Shaw <dshaw@jabberwocky.com> writes: On Mar 16, 2015, at 5:15 PM, David Leon Gil <coruus@gmail.com> wrote: Partial lengths are really a nuisance to parse. No argument there... The whole bizarro sort-of-fixed-point encoding of lengths is a pain (this is a cue for Jon to do his "every bit is sacred" dance). If the format is revised, there should be only two lengths, a 16-bit one for almost everything (keyring data, signatures, etc), and a 32-bit one for payloads and partial lengths that are going to exceed 16-bit lengths. Length-decoding shouldn't be any more complicated than: read tag; if( tag & length_32_flag ) length = read32(); else length = read16(); I'm fine with that, but I do want to keep the concept of partial lengths, as you did above. People do encrypt things without knowing how large they are ahead of time. I'm fine with a restriction (which already exists today) that only payloads can use partial lengths. +1 But that 32 bit length really worries me. Just because people can’t send 4GB messages today does not mean that they can’t or won’t in the future. Do not build OpenPGP around assumptions based on SMTP continuing forever. Use today is not limited to mail in any case. If I have a 1TB archive file I am not going to want to break it into chunks just to encrypt it. I am not convinced a complete overhaul of the messaging format is desirable. But if people were going to completely revise the message format, the field is moving towards JSON for almost everything. The only thing JSON does not do that is essential for crypto is length prefixed binary encoding of binary blobs. Base64 encoding is not so bad if you do it only once. But a 33% penalty for each time a file is wrapped starts to add up. When folk were suggesting yet another data encoding, several of us who only want one data model suggested just adding code points for binary blobs to JSON. It does get the job done. Again, I am not sure that a complete overhaul is desirable. Just pruning back the unnecessary features is probably sufficient. But if a change is made, best to pick something that looks as much like the standard the rest of the protocol stack above layer 5 is converging on as possible.
- [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" David Leon Gil
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Jon Callas
- Re: [openpgp] "OpenPGP Simple" Tim Bray
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Nicholas Cole
- Re: [openpgp] "OpenPGP Simple" Phill
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" David Shaw
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Wyllys Ingersoll
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Werner Koch
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Derek Atkins
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Stephan Somogyi
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Peter Gutmann
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Gregory Maxwell
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" Christoph Anton Mitterer
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Phillip Hallam-Baker
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" ianG
- Re: [openpgp] "OpenPGP Simple" Stephen Paul Weber