[openpgp] Re: Small correction for draft-ietf-openpgp-pqc
Aron Wussler <aron@wussler.it> Tue, 27 January 2026 18:10 UTC
Return-Path: <aron@wussler.it>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 471A0ADDDC0B for <openpgp@mail2.ietf.org>; Tue, 27 Jan 2026 10:10:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7W7QmJNcro4Y for <openpgp@mail2.ietf.org>; Tue, 27 Jan 2026 10:10:06 -0800 (PST)
Received: from mail-10627.protonmail.ch (mail-10627.protonmail.ch [79.135.106.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E2713ADDDBF6 for <openpgp@ietf.org>; Tue, 27 Jan 2026 10:10:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail; t=1769537398; x=1769796598; bh=Uwn2MXy9wCU8SrezJCj50Egae92KoQH3JPmI3HfgQTY=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=C/u5uqlV1IEsXWBlt/QWAWDBSDl10CEDAaKdhm9kjqhlIbFFY40vX/Ja8kzFjHsS1 xn8WZpl3AEczh19w/KXhyKCnFuvwH97oAib9ZEVG42PhjQRRrg3/kRet2/cCbGUtjR CPwTnhirwJVYCzkoAB0vEV2xlBVNuILdkvWElDM8iqRoCVHyT5dvBiXlPNSwHvd0FR eKnGQxdHbWp+B5LS4s6wIXkpqoPpoCmvL4btQgqAw4BhkPMFyMoSnLXT5L/W/b4SjA sXqX6+X/4si7wtzQLBeaF0S9E98d0Gtau/Ih6rKKEp7als3dtbEyqZsZfz1JcOwWsJ aX423mfWKLyyg==
Date: Tue, 27 Jan 2026 18:09:52 +0000
To: Paul Wouters <paul=40nohats.ca@dmarc.ietf.org>
From: Aron Wussler <aron@wussler.it>
Message-ID: <uLItWhgCyWQ0eoIRDKO3fihOZKzqDlyiQ215SwKPYwCg1kT-gU4HSxPwJslaE3Vc3BBMrdINAhwpoJbui_Gr3h07fPhbfYtjkNwPMrKwaas=@wussler.it>
In-Reply-To: <f6d95cbb-c754-2076-d46c-f5e20478c996@nohats.ca>
References: <KkQYkRhj-jf9WzOzUPCANDTYaYYGgWDJY27bnZl2GOe19_mgrFIO9-TmYwX_kYVE3KDP7OagceEdDhVgRBYG55fbsKmFGFKDIhhjm9QNGYg=@protonmail.com> <87wm14msr7.fsf@fifthhorseman.net> <60fa82b0-b043-4763-a0c0-90620764aea1@mtg.de> <f6d95cbb-c754-2076-d46c-f5e20478c996@nohats.ca>
Feedback-ID: 10883271:user:proton
X-Pm-Message-ID: f5a91cd33871736d595b43a2d39054e4028c1bed
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------4ad5514c9e40f1ade046d65ada0159c090124c022bb45f5cc839fc59a6f72f60"; charset="utf-8"
Message-ID-Hash: 225TXHD5O4R7FXYWFMIAEUHYLCXK63US
X-Message-ID-Hash: 225TXHD5O4R7FXYWFMIAEUHYLCXK63US
X-MailFrom: aron@wussler.it
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Johannes Roth <johannes.roth@mtg.de>, openpgp@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: Small correction for draft-ietf-openpgp-pqc
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/cVtNq61-LDaOHM_VZsKXbYE0jr4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>
Hey Paul, Section 4.3.1. Public Key Encrypted Session Key Packets (Packet Type ID 1) Original Text ------------- Instead, it is placed in plaintext after the `mlkemCipherText` and before the length octet preceding the wrapped session key. Corrected Text -------------- Instead, it is prepended to the wrapped session key in plaintext and its length is included in the preceding length field. -------------- I've also attached the git diff for the change we propose. How do we get this to the editor? Cheers, Aron -- Aron Wussler Sent with ProtonMail, OpenPGP key 0x7E6761563EFE3930 On Tuesday, 27 January 2026 at 16:11, Paul Wouters <paul=40nohats.ca@dmarc.ietf.org> wrote: > On Tue, 27 Jan 2026, Johannes Roth wrote: > > > I have created a PR [1] to fix the description in the PQC draft and we will > > release a new version soon. > > > As the document is now with the RFC Editor, I would recommend not > releasing a new version, as they will have to go back and do extra > work. It is best to have a textual fixup eg with CURRENT and NEW > markers that we can send to the RFC Editor. > > Paul > > > Thanks for catching the error! > > > > Best, > > Johannes > > > > [1] https://github.com/openpgp-pqc/draft-openpgp-pqc/pull/266 > > > > On 26.01.2026 14:02, Daniel Kahn Gillmor wrote: > > > > > On Mon 2026-01-26 09:54:05 +0000, Daniel Huigens wrote: > > > > > > > Apologies for the last minute (last second?) comment, but there's a > > > > small error in Section 4.3.1 of draft-ietf-openpgp-pqc, which states: > > > > > > > > > Note that like in the case of the algorithms X25519 and X448 specified > > > > > in [RFC9580], for the ML-KEM composite schemes, in the case of a v3 > > > > > PKESK packet, the symmetric algorithm identifier is not encrypted. > > > > > Instead, it is placed in plaintext after the mlkemCipherText and > > > > > before the length octet preceding the wrapped session key. > > > > > > > > However, according to the preceding list and the test vectors, and more > > > > in line with X25519 and X448, the symmetric algorithm ID is placed > > > > after the length octet (and included in that length). > > > > > > > > The proposed additions to the IANA registry also place the octet > > > > correctly, which actually is not true for RFC9580, which failed to > > > > include it in the table (mea culpa for that one, I'll file an erratum). > > > > > > Thanks for catching this! Please propose concrete text to be > > > incorporated during the RFC Editor's phase, and file that erratum. > > > We'll get it sorted. > > > > > > --dkg > > > > > > _______________________________________________ > > > openpgp mailing list -- openpgp@ietf.org > > > To unsubscribe send an email to openpgp-leave@ietf.org > > > _______________________________________________ > openpgp mailing list -- openpgp@ietf.org > To unsubscribe send an email to openpgp-leave@ietf.org
- [openpgp] Small correction for draft-ietf-openpgp… Daniel Huigens
- [openpgp] Re: Small correction for draft-ietf-ope… Daniel Kahn Gillmor
- [openpgp] Re: Small correction for draft-ietf-ope… Johannes Roth
- [openpgp] Re: Small correction for draft-ietf-ope… Paul Wouters
- [openpgp] Re: Small correction for draft-ietf-ope… Aron Wussler