Re: [openpgp] Regulation of algo deprecation

Aaron Zauner <azet@azet.org> Wed, 04 November 2015 00:00 UTC

Return-Path: <azet@azet.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6F831B3646 for <openpgp@ietfa.amsl.com>; Tue, 3 Nov 2015 16:00:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_52=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CjJqMCsMmMPf for <openpgp@ietfa.amsl.com>; Tue, 3 Nov 2015 16:00:16 -0800 (PST)
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BBF6D1B3645 for <openpgp@ietf.org>; Tue, 3 Nov 2015 16:00:15 -0800 (PST)
Received: by wijp11 with SMTP id p11so82178281wij.0 for <openpgp@ietf.org>; Tue, 03 Nov 2015 16:00:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type; bh=UKCBqv0JGKdYFHy2bECcTvDju/qnsS3XIVU0TInj/dE=; b=Vhrt2FH+bVJwL9Q2ujDzhRAzRAmIy2Me4LWsJO09EdWt7ZcRpBvuctB+FGnN98+f4x UDae77VYgOW6l/UMrC4+SlBCB7x/Zp1OdN8u7kgu2HPsOyNhu3WzH7xl3sC3hk9d9a1M wvADgzt3yXrZ2KkYkxU6+/vgxvjhjmtuyRQ7E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=UKCBqv0JGKdYFHy2bECcTvDju/qnsS3XIVU0TInj/dE=; b=fHYxC0m79+BSjlAt+iNXQnomQw4JqJR1sMoCm/21FJdLj4GEvY4tDS5mVMA40MhHtc Hbag5iMlSI/nNW8SDuMV2Hbd+KsY8PN1JORz3aFlT6qTwxTwBrkEFfRgjotCqtkbpQAL Gfs1OKK546zStf/uyLbIRtaogjPn4z5LJnBtkfZLxhHGudir8ms09oWfB5QdlSABkJtm 7A9+Xd7eh+pPSf4gDqww7xAKMn+efbq/T6alpZK14ECRKuFLqNqDVOLb2wpn9ysADkov 4tt2UvYWWW617PwVkSbU3/YPFaVUZVu4vx5reMwY0vmTJYoYB/A10lzHsnrUJ1Dnl7mF PqqQ==
X-Gm-Message-State: ALoCoQkgDku3oYwlYNR2esCfNdajA8bmDjknTcmPUiIC0lYNglVz93cmNbFuw4tNg4vJ98RJPSoy
X-Received: by 10.194.58.84 with SMTP id o20mr38091180wjq.73.1446595214348; Tue, 03 Nov 2015 16:00:14 -0800 (PST)
Received: from [10.0.0.112] (chello080108049181.14.11.vie.surfer.at. [80.108.49.181]) by smtp.gmail.com with ESMTPSA id ee5sm30018495wjd.17.2015.11.03.16.00.13 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 03 Nov 2015 16:00:13 -0800 (PST)
Message-ID: <56394A8A.5070904@azet.org>
Date: Wed, 04 Nov 2015 01:00:10 +0100
From: Aaron Zauner <azet@azet.org>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Nils Durner <ndurner@googlemail.com>
References: <563931B6.9050107@googlemail.com>
In-Reply-To: <563931B6.9050107@googlemail.com>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig3534421EC3CBF1288A06038A"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/hG2HXx0cGKe2s-_i70gNFNjKMpg>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
Subject: Re: [openpgp] Regulation of algo deprecation
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2015 00:00:17 -0000

Hi,

Sorry due to time constraints I wasn't able to remotely participate in
the OpenPGP session. I've read the minutes, not sure if I got everything
from that though.

So my impression is that GnuPG / OpenPGP current support far to many
possible algorithm choices. We should really limit that. For novice
users it's not easy to get this right and there're only a few places on
the internet that provide a solid default config (e.g. riseup - though
I've modified their settings for personal use). The real problem with
PGP is that not a lot of people use it and adding tons of curves or
algorithms doesn't seem the right way to go. Maybe this has already been
discussed previously and I didn't notice - if so, I'd be happy for a
pointer to the relevant thread.

CFRG recently recommended Curve25519 (or whatever nomenclature is
currently en vouge), so why bother with Brainpool at all?

Aaron