IETF Logo Mail Archive

Re: [openpgp] a new draft overlapping the WG draft

Tom <tom@flowcrypt.com> Fri, 07 October 2022 12:33 UTC

Return-Path: <tom@flowcrypt.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32007C1522B0 for <openpgp@ietfa.amsl.com>; Fri, 7 Oct 2022 05:33:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=flowcrypt.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QQMUNR1XGu2d for <openpgp@ietfa.amsl.com>; Fri, 7 Oct 2022 05:33:36 -0700 (PDT)
Received: from mail-yb1-xb36.google.com (mail-yb1-xb36.google.com [IPv6:2607:f8b0:4864:20::b36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26C76C14CE45 for <openpgp@ietf.org>; Fri, 7 Oct 2022 05:33:36 -0700 (PDT)
Received: by mail-yb1-xb36.google.com with SMTP id e20so5601947ybh.2 for <openpgp@ietf.org>; Fri, 07 Oct 2022 05:33:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=flowcrypt.com; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=h17qMcmlZB7onbE5iIdiHwSXyY9r6RYsIprK0EaG5vQ=; b=hhOuFefi6TAVUgpmLZypFc7f9O8/K7W8cItYl7F4ULJYvbQyvYMu06YY+SZ/zg6qQ3 bsxNpqEnnS1jeHQUXxXhbEocAwlT7OG3bn6Etlbs7d6zFbXxrwilPN0nsgHIKmXGV3fG 8HXFaaD6xPSnw9CbTN18G3gArz5n87sm3KCWY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=h17qMcmlZB7onbE5iIdiHwSXyY9r6RYsIprK0EaG5vQ=; b=ukiin/UmLjCIVJ0BjVanUnBO9mjpkoxmb8T6OopuTxnWA+2yYa2RG+xrI4Ja7n3K3W Xi3Pg+ClGaqXVYa+nKVPn81K76ljodbuUbwyYTW+e8YSgS3EgN16vUiyv8cwSAwZBkbe Hw6Gi+xDeS62tBjde8t8e3FZZ7amsDx0rV3ovP/LQVf8Qk5mUb+t2Ehq22+HSYgbJ+48 penwoYnOpjBv5TuS9yepqS/K7kbIHiQkgcrjmKbt4MaL1AQQrr0NW8nL0G7mV0y63n0P cagOrdP2py5lZ6x90b4WeKa6fXl11xAWoc6naUE1HjEWKN9BEZ80Wx2jlpxuYTUd6xZ2 bNoA==
X-Gm-Message-State: ACrzQf1kRMzY1pL+WKf0unNyqxDywiswU1gidH+X0syQ1TJ0gkbe5Nn5 KTpMmBuiLLmliJHm3OWGNK4fqLCZOWRvjL+lku9XaHeOr7SshMBP
X-Google-Smtp-Source: AMsMyM4UGBHX1a/R6rhvUWZeE0Rs5JamLMsvoFGS9bz9vfkJjm1dWF1a5u9OiYBT7rIXT52UlkB4jBvLexsnliPQWC8=
X-Received: by 2002:a25:2d4a:0:b0:6be:bf20:27cb with SMTP id s10-20020a252d4a000000b006bebf2027cbmr4788022ybe.331.1665146014946; Fri, 07 Oct 2022 05:33:34 -0700 (PDT)
MIME-Version: 1.0
References: <086DCEE6-1AB7-4453-9EEA-AFCDFD1715F4@mit.edu> <8414860D-5CE6-407E-A78A-E21A03CDCC52@andrewg.com>
In-Reply-To: <8414860D-5CE6-407E-A78A-E21A03CDCC52@andrewg.com>
From: Tom <tom@flowcrypt.com>
Date: Fri, 07 Oct 2022 12:33:22 +0000
Message-ID: <CABpKr=2PMracr8yV6jkfDxVAeOH1uBLS9jPW8ik59jXTvxoATA@mail.gmail.com>
To: Andrew Gallagher <andrewg@andrewg.com>
Cc: openpgp@ietf.org
Content-Type: multipart/alternative; boundary="000000000000b874ce05ea7104b5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/i_c-2o7hc07voTOFKkMbmQBtMi8>
Subject: Re: [openpgp] a new draft overlapping the WG draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2022 12:33:40 -0000

Andrew,

I do praise this sentiment, but, you'll note from the conversation above,
if the standard is to be "whatever GnuPG wants since they made unilateral
decision to deploy un-standardized algorithm in the past", then exactly
what do we have a working group for? Why have a standard? We could just all
work backwards from GnuPG implementation. GnuPG codebase would be the spec..

I do hope there would be a better way out. Currently, one side goes "here's
what you must do because I did it" and the other side goes "you don't get
to make unilateral decisions, but you're welcome to be involved in group
discussions", and here we are.

I do suppose that proceeding with crypto-refresh without GnuPG blessing is
the *riskier appearing* option. On the other hand, making steps backwards
while breaking community spirit for the selfish benefit one community
member seems like an actual suicide OpenPGP community-wise. While appearing
to be the safer bet, it may be the riskier option long term, IMO. Nothing
will ever *really* improve.

What Neal proposed mitigates some of these issues though, and makes the
functionality non-conflicting, at least, which is desirable, given lack of
other decent options.

I do wonder what developers of applications that rely on GnuPG (say, other
than Gpg4win. Projects like Enigmail for Thunderbird used to be when it
still relied on GnuPG.. I believe there are quire a few others still) have
to say about the matter. Maybe they already voiced their opinions above and
I missed them, would be good to hear from them explicitly.

Cheers,
Tom


On Fri, Oct 7, 2022 at 11:42 AM Andrew Gallagher <andrewg@andrewg.com>
wrote:

> I am becoming increasingly concerned that this list is flirting with the
> prospect of a fork in the standard, and that a significant driver of this
> appears to be a long-running, personalised dispute between particular
> implementers. If such a fork were to happen, I fear this would effectively
> kill OpenPGP.
>
> Such an outcome would benefit *nobody*.
>
> Please can we confine our discussions to technical matters? If we
> absolutely must defer some decisions in order to get agreement now then so
> be it, and maybe it will allow tempers to cool in the meantime. However I
> would strongly encourage the group to avoid threats (implied or otherwise)
> of unilateral action or retribution, and agree that we are all here in
> order to better serve *our users*, not ourselves.
>
> If we cannot place the end user’s interests at the centre of our
> decision-making process, we might as well all go home.
>
> A
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
>


-- 
Tom at FlowCrypt

v2.29.0 | Report a Bug | By Email | System Status