[openpgp] Summary of WG status

"brian m. carlson" <sandals@crustytoothpaste.net> Wed, 12 July 2017 22:39 UTC

Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7374D1317D7 for <openpgp@ietfa.amsl.com>; Wed, 12 Jul 2017 15:39:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31aLEUvyU1Oi for <openpgp@ietfa.amsl.com>; Wed, 12 Jul 2017 15:39:04 -0700 (PDT)
Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABA0612EB8C for <openpgp@ietf.org>; Wed, 12 Jul 2017 15:38:57 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 6CDC4280AD for <openpgp@ietf.org>; Wed, 12 Jul 2017 22:38:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1499899136; bh=RVKgsfBulSxYwQ5nWuRnMWLNwqpDqB0gjOO2c9ayM6o=; h=Date:From:To:Subject:From; b=PKx90SZSzbZ2n7xyCAAbiC+uoSVu0OVHMC3Uhs7W9p9G855whyHULPYnxJOfMqB6t hsvFf/70YfMe6mezIPfaLtuIXZFzMoIlo1bTl/8HaHNR0F0UIXKJn6E+I8SZMa1zqJ d3WvgD2xN6v3bykeUlQDFg7uxqaYX6qTQgu8Io5ziQDWC2weLWvLSLtce6Ah5uyu6J g3GOVB7x0+3+AOyOaEHy+K7CZ6jRqfBnQ3ePgIrylMZLPxn6WvKXT0I61uthM9AmbH 1XMD3F0VyGL1mE7u7RUrPfPgRebhi7cew3Ge0BA7+tTWmtMqnoX6dO3IL9JIB9TCJ5 7QA6AFh+Jtb12g1NnL/yf+kLefXNeUIHi6QdCQ/7Q4ATkkGqIiIjMUQaoJnQxdeLDF gQCO0GMN5fn3NUmypiPgLnN3cEgteE35HZ8TmqKRq9WqHAQV/9I07kx/M5Ki/NkS3t PoVfQZKbuu+BnetFsfKe9xE7jdGkbGdG16U+sC5n9uq2iA1Mz8w
Date: Wed, 12 Jul 2017 22:38:52 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="aw5jby5nfdmzersy"
Content-Disposition: inline
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.9.0-3-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/j4ceBkVpKBOnWs-UW8owHDn38fw>
Subject: [openpgp] Summary of WG status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2017 22:39:06 -0000

Our charter includes several goals that we should accomplish.  I'm going
to summarize where we are with each of them so we can see where we need
to make progress.

If you're going to respond to one or more of these, please respond to
each one in a separate thread so that we can have a logical set of
discussions.

CFRG Curves
-----------

We've included EdDSA with Curve25519.  I'd suggest including Curve448 as
an additional option for EdDSA.  That might necessitate including
SHAKE256 limited to this purpose only.

Curve25519 is defined for ECDH.  We probably also want to consider
Curve448.  The work needed for this purpose is probably limited to
including OIDs for the curve.

AEAD Algorithms
---------------

I've submitted a proposal to use EAX for data packets, and I'll be
sending out a new draft incorporating Werner's suggestions soon.  I'd
like additional feedback on if participants think this is a useful
direction.

We probably also want to consider SKESK and secret key packets.

Must-Implement Algorithms
-------------------------

We've specified SHA2-256 as the MTI hash algorithm.  This seems
uncontroversial.

3DES is still the must-implement encryption algorithm.  AES128 seems
like the logical choice here, since it's already MTI because of ECDH.

I suggest that we make the AEAD mode, whatever we pick, mandatory as
well.

Remember here that these are the obligatory options.  Most
implementations will (and already do) implement far more algorithms, so
this is just a baseline for interoperability.

Fingerprint Mechanism
---------------------

This seems to be the most controversial.  Werner has a proposal which
garnered a lot of discussion.  While it's not everything I want, I'm
happy enough with it to accept it and move forward as a goal of getting
us to done.

If there are concrete counterproposals, I suggest including sufficient
wording that can be discussed and potentially included into the
document.
-- 
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204