Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization

Bart Butler <bartbutler@protonmail.com> Thu, 16 April 2020 16:12 UTC

Return-Path: <bartbutler@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC36C3A0D61 for <openpgp@ietfa.amsl.com>; Thu, 16 Apr 2020 09:12:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eBVLGtKQckrt for <openpgp@ietfa.amsl.com>; Thu, 16 Apr 2020 09:12:10 -0700 (PDT)
Received: from mail-40131.protonmail.ch (mail-40131.protonmail.ch [185.70.40.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA8043A0D4B for <openpgp@ietf.org>; Thu, 16 Apr 2020 09:12:10 -0700 (PDT)
Date: Thu, 16 Apr 2020 16:12:03 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=default; t=1587053528; bh=wbI1Suzs3X7O0AuFPC7PJKIcsRiV9oGWU4DU1bP9TKM=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=FW9idav8TpOA38F84Rk4BRrhpbGxvV6gJZojMwILbe34MenyQhcZTBZqUDeI6/Pts kOLlkGYv6rmIGsTjqR0uW9jhhrBhp5h5HPH8nv5AA+xn8TK+XW/Zuc15bB0URoEmVR HAf++cq8D6Bc+8xUE+RBJCr94CR+VgMLEp6Nx6e4=
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
From: Bart Butler <bartbutler@protonmail.com>
Cc: =?UTF-8?Q?Hanno_B=C3=B6ck?= <hanno@hboeck.de>, openpgp@ietf.org, "Tanveer.Salim" <Tanveer.Salim@protonmail.com>
Reply-To: Bart Butler <bartbutler@protonmail.com>
Message-ID: <K79VRkDuaIDmDsYIT5e-ZJeZkKQinpKF97mPYl023j6obul8184bJYO7MqyazALcx2cb24oYmHdqy0E7Ik0NXRoJ0qQUrOUNbGZ0gdHARxE=@protonmail.com>
In-Reply-To: <0cd3b3b4-f510-6884-7dec-07202f1c504a@cs.tcd.ie>
References: <j9dQb5ZX4J72RggcAWKiafQOwaDebpEJnA2j3Yks5ahI9kNECdscL9nGmyP-wzXN7UY5Gtc4w_HjsaJHX3IUf8xBbCJv38JtOYQgr0GNGX0=@protonmail.com> <20200416171911.0100023c@computer> <0cd3b3b4-f510-6884-7dec-07202f1c504a@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="---------------------f391900160f005010c2fc7faeb141354"; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/afFk_5JCoKyPV60a6QAodALu0L8>
Subject: Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 16:12:13 -0000

I think we are all in agreement on this, with the only multiple options (OCB and EAX) being present largely to address patent concerns, as Werner said earlier.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, April 16, 2020 8:30 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> 

> 

> On 16/04/2020 16:19, Hanno Böck wrote:
> 

> > FWIW I believe the pros and cons of the different AEAD ciphers are of
> > very minor relevance, yet the algorithm zoo is a big downside. From what
> > I know openpgp has still not published a standardized AEAD. My proposal
> > would be to choose one and only one AEAD and declare all other
> > algorithms as deprecated. And which one almost doesn't matter. And I'm
> > pretty sure Jason would agree with me on that, but feel free to ask him.
> 

> +1 to that. Even though the semantics of deprecated for
> mail and pgp applications in general is tricky, I think
> this'd make sense.
> 

> S.
> 

> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp