IETF Logo Mail Archive

New Encrypted Data Packet?

Jon Callas <jon@callas.org> Mon, 04 April 2005 15:42 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA19778 for <openpgp-archive@lists.ietf.org>; Mon, 4 Apr 2005 11:42:47 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j34FQ8k8038227; Mon, 4 Apr 2005 08:26:08 -0700 (PDT) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j34FQ8ch038226; Mon, 4 Apr 2005 08:26:08 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j34FQ7YC038219 for <ietf-openpgp@imc.org>; Mon, 4 Apr 2005 08:26:07 -0700 (PDT) (envelope-from jon@callas.org)
Received: from keys.merrymeet.com (63.73.97.166) by merrymeet.com with ESMTP (Eudora Internet Mail Server X 3.2.6) for <ietf-openpgp@imc.org>; Mon, 4 Apr 2005 08:26:06 -0700
Received: from [172.16.1.2] ([12.111.6.59]) by keys.merrymeet.com (PGP Universal service); Mon, 04 Apr 2005 08:26:06 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 04 Apr 2005 08:26:06 -0700
Mime-Version: 1.0 (Apple Message framework v619.2)
Content-Transfer-Encoding: 7bit
Message-Id: <b0e772ada05344816ca90abd2331a3f9@callas.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
To: OpenPGP <ietf-openpgp@imc.org>
From: Jon Callas <jon@callas.org>
Subject: New Encrypted Data Packet?
Date: Mon, 04 Apr 2005 08:27:32 -0700
X-Mailer: Apple Mail (2.619.2)
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit

When the Mister-Zuccherato attack came out at the beginning of the 
year, one of the suggestions that we had was to re-do the encrypted 
data packet and MDC. It seems that there's not really a lot of 
consensus to fix it, that merely working around the problem seems to be 
adequate? Am I right in that perception? Do we want to upgrade it?

I still think it's a good idea, myself, particularly since if you want 
wide deployment of such a thing for the future getting on it now is a 
good idea. But I would also like to really close out 2440bis, too. 
(However, the two are not mutually exclusive. We could close out 
2440bis and put the upgrades into a followon RFC.)

	Jon

v2.23.0 | Report a Bug | By Email