Re: [openpgp] changing v5 signature salt size from 16 to 32 octets? [was: Re: lack of agenda items...]
Steffen Nurpmeso <steffen@sdaoden.eu> Fri, 04 November 2022 18:20 UTC
Return-Path: <steffen@sdaoden.eu>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11F59C14CE38 for <openpgp@ietfa.amsl.com>; Fri, 4 Nov 2022 11:20:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.61
X-Spam-Level:
X-Spam-Status: No, score=-0.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_ILLEGAL_IP=1.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VjgvWHX6HMqu for <openpgp@ietfa.amsl.com>; Fri, 4 Nov 2022 11:20:29 -0700 (PDT)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8216C14CF15 for <openpgp@ietf.org>; Fri, 4 Nov 2022 11:20:28 -0700 (PDT)
Received: from kent.sdaoden.eu (kent.sdaoden.eu [192.0.2.2]) by sdaoden.eu (Postfix) with ESMTPS id B3F2816059; Fri, 4 Nov 2022 19:20:26 +0100 (CET)
Received: by kent.sdaoden.eu (Postfix, from userid 1000) id B30DEA775D; Fri, 4 Nov 2022 19:20:25 +0100 (CET)
Date: Fri, 04 Nov 2022 19:20:25 +0100
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: Aron Wussler <aron@wussler.it>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "openpgp@ietf.org" <openpgp@ietf.org>
Message-ID: <20221104182025.n96Da%steffen@sdaoden.eu>
In-Reply-To: <87h6zfh3gy.fsf@fifthhorseman.net>
References: <c859b8da-5fd6-297b-f30b-39805e3e3cad@cs.tcd.ie> <zPFgkVQD9vD3X99PVOEYp0NHQ1n8hl8mNdLgokPv_O1V7p8y4jgM6jKz0GFIix97At_foVxj-pWdKf3h-KWzEWqFhTGLiCUgrYKzJ7zM2HQ=@wussler.it> <87h6zfh3gy.fsf@fifthhorseman.net>
Mail-Followup-To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Aron Wussler <aron@wussler.it>, Stephen Farrell <stephen.farrell@cs.tcd.ie>, "openpgp@ietf.org" <openpgp@ietf.org>
User-Agent: s-nail v14.9.24-329-gce485e68d3
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs.
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/aLVa8AuCroacWr75hqhhkBdOxg8>
Subject: Re: [openpgp] changing v5 signature salt size from 16 to 32 octets? [was: Re: lack of agenda items...]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2022 18:20:31 -0000
Daniel Kahn Gillmor wrote in <87h6zfh3gy.fsf@fifthhorseman.net>: |On Thu 2022-11-03 08:32:00 +0000, Aron Wussler wrote: ... |> (1) it is possible to extend the field to 32 bytes to match other \ |> constructions, | |Are there any size concerns worth considering here? | |The salt needs to be represented in a few different contexts: | | - in the one-pass signature packet | - in the SaltedHash Armor header for a (LIT SIG)-style signed | message (non-one-pass), and probably | - in some sort of RFC 3156-style parameter to enable one-pass | validation of a signed e-mail message. | |base64-encoding the 32-byte value will bring this to 43 characters. | |That would make the SaltedHash: armor header 43+13+8 = 64 characters |long, like so: | |SaltedHash: SHA3-256:9haH8LirCmteTImei9GQtIHMgJ26zM/uPAoiZepB4cw As an outsider, but now that i see this. If this is subject to design i personally would use "Base 64 Encoding with URL and Filename Safe Alphabet" aka base64url as in RFC 4648, section 5. Maybe that would be of value some day. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
- [openpgp] lack of agenda items... Stephen Farrell
- Re: [openpgp] lack of agenda items... Daniel Huigens
- Re: [openpgp] lack of agenda items... Vincent Breitmoser
- Re: [openpgp] lack of agenda items... Stephen Farrell
- Re: [openpgp] lack of agenda items... Neal H. Walfield
- Re: [openpgp] lack of agenda items... Aron Wussler
- Re: [openpgp] lack of agenda items... Stephen Farrell
- [openpgp] changing v5 signature salt size from 16… Daniel Kahn Gillmor
- Re: [openpgp] lack of agenda items... Neal H. Walfield
- Re: [openpgp] changing v5 signature salt size fro… Aron Wussler
- Re: [openpgp] changing v5 signature salt size fro… Andreas Hülsing
- Re: [openpgp] changing v5 signature salt size fro… Steffen Nurpmeso