Re: [openpgp] First 4880bis drafts

Aaron Zauner <azet@azet.org> Thu, 05 November 2015 18:14 UTC

Return-Path: <azet@azet.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58FA81A1A57 for <openpgp@ietfa.amsl.com>; Thu, 5 Nov 2015 10:14:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K32Dsn4gmA4x for <openpgp@ietfa.amsl.com>; Thu, 5 Nov 2015 10:14:53 -0800 (PST)
Received: from mail-wi0-x22b.google.com (mail-wi0-x22b.google.com [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FE651A1A4A for <openpgp@ietf.org>; Thu, 5 Nov 2015 10:14:53 -0800 (PST)
Received: by wicll6 with SMTP id ll6so15615878wic.0 for <openpgp@ietf.org>; Thu, 05 Nov 2015 10:14:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=azet.org; s=gmail; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type; bh=YX3hXT++8QqhhxSvJydtM53JTwH40FZDBT8j+2VlTuo=; b=Jjpywk1j806dsxpEiJbzvbm2wp8x7q34Xwb8qN/iw/FAO0Tu6h2UErCII7G9g0t4oS 0tFOLYKXlWvMnfvFCSRbFl4Lf9suyxlg7b3TSMvOevYTk9s+LbhfojAeFEe4Ec7XxSeu ts/CsPt8Ej1FvZ3MEv1wFnjjoWLbiiFRDlYrs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=YX3hXT++8QqhhxSvJydtM53JTwH40FZDBT8j+2VlTuo=; b=IU+6z3xsHxc0xrPQ69UTAkJZj+/h39I4VTIiDp5E9Q7sJ8V/uutIuDMGcNJv+0hmff gei3yyx2NiZkGz/Cm6HP1ziap4cXNP6x51vbvdCXJLjQGNIBG1n2wl3J96nwGIgGQHfC qX8/y9HhxqIDiphuibw0bDnK4BQZy6zLZnIxIXWv7qqlGTxsnzACtJCYfbailBVKYq61 MIMJGLBFcZ42rZUrw0dk78xQ/ve5vfA2lav9wxODwrNa9n9ptg4LbYhee4JSCZWCQxjb VNq7AYkQWFtzM6OyOlw8Z6hjgFCTcjFsAgvTvEE4etqDXCUuhSmXFWSk/NyCuFbMGPDb zWgw==
X-Gm-Message-State: ALoCoQnSXVcg55uS+lD2s5RzAezS6WxXG/lblxRZaNAhzD4+Xco9XBCWK7u7KmfHL+LELeFBxHyf
X-Received: by 10.194.78.109 with SMTP id a13mr10284055wjx.20.1446747292047; Thu, 05 Nov 2015 10:14:52 -0800 (PST)
Received: from [10.0.1.189] ([86.59.96.182]) by smtp.gmail.com with ESMTPSA id q204sm35352087wmg.4.2015.11.05.10.14.50 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 05 Nov 2015 10:14:51 -0800 (PST)
Message-ID: <563B9C9C.7070106@azet.org>
Date: Thu, 05 Nov 2015 19:14:52 +0100
From: Aaron Zauner <azet@azet.org>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <87lhaet2cq.fsf@vigenere.g10code.de> <20151104182705.86af2e43c8@baae13974eb4556> <87bnb9tw5b.fsf@vigenere.g10code.de> <87611hnwxu.fsf@alice.fifthhorseman.net>
In-Reply-To: <87611hnwxu.fsf@alice.fifthhorseman.net>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigA877232984054D01C6672A4D"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/iZOZNkB2oBb14ARhEvAcwfqr_h8>
Cc: Werner Koch <wk@gnupg.org>, openpgp@ietf.org
Subject: Re: [openpgp] First 4880bis drafts
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2015 18:14:55 -0000

Hi,

Apparently my message came of the wrong way (and I'm to blame for that,
because of my wording):

Daniel Kahn Gillmor wrote:
> On Thu 2015-11-05 04:14:08 +0900, Werner Koch <wk@gnupg.org> wrote:
>> On Wed,  4 Nov 2015 18:34, azet@azet.org said:
>>
>>> Hrm. I'm against this. CAMELLIA is going to be deprecated in e.g.
>> You may be against it but it is a matter of fact that CAMELLIA is an
>> officially assigned OpenPGP cipher algorithm for 6 years.
> 
> As discussed in the meeting tuesday, deprecation is a tricky subject for
> formats with stored data (as distinguished from on-the-wire network
> traffic).  people have archives of encrypted data that may still use
> this cipher.

Totally agree there. And PGP implementations will support these ciphers
for years because of stored data that might have been encrypted with one
of these ciphers.

> 
>> We may latter decide to deprecate certain algorithms but that is not a
>> question right now.
> 
> The sense of the room in Yokohama was to deprecate as much as possible,
> and encourage a limited, sensible set of algorithms for message creation
> and signing.  But sensible implementations will likely continue to allow
> decryption of these ciphers for years to come.
> 

Yes. But we should discourage further use. I'm not sure if the right
place is the updated RFC or another document entirely. My concern is
that we'll end up with a unmanageable 'cipher-zoo'. I'm happy to help
with such a document and am _not_ trying to get in the way of updating
the current OpenPGP spec.

Hope that clears things up a bit,
Aaron