[openpgp] Summary of WG status
"brian m. carlson" <sandals@crustytoothpaste.net> Wed, 12 July 2017 22:39 UTC
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7374D1317D7 for <openpgp@ietfa.amsl.com>; Wed, 12 Jul 2017 15:39:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31aLEUvyU1Oi for <openpgp@ietfa.amsl.com>; Wed, 12 Jul 2017 15:39:04 -0700 (PDT)
Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABA0612EB8C for <openpgp@ietf.org>; Wed, 12 Jul 2017 15:38:57 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 6CDC4280AD for <openpgp@ietf.org>; Wed, 12 Jul 2017 22:38:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1499899136; bh=RVKgsfBulSxYwQ5nWuRnMWLNwqpDqB0gjOO2c9ayM6o=; h=Date:From:To:Subject:From; b=PKx90SZSzbZ2n7xyCAAbiC+uoSVu0OVHMC3Uhs7W9p9G855whyHULPYnxJOfMqB6t hsvFf/70YfMe6mezIPfaLtuIXZFzMoIlo1bTl/8HaHNR0F0UIXKJn6E+I8SZMa1zqJ d3WvgD2xN6v3bykeUlQDFg7uxqaYX6qTQgu8Io5ziQDWC2weLWvLSLtce6Ah5uyu6J g3GOVB7x0+3+AOyOaEHy+K7CZ6jRqfBnQ3ePgIrylMZLPxn6WvKXT0I61uthM9AmbH 1XMD3F0VyGL1mE7u7RUrPfPgRebhi7cew3Ge0BA7+tTWmtMqnoX6dO3IL9JIB9TCJ5 7QA6AFh+Jtb12g1NnL/yf+kLefXNeUIHi6QdCQ/7Q4ATkkGqIiIjMUQaoJnQxdeLDF gQCO0GMN5fn3NUmypiPgLnN3cEgteE35HZ8TmqKRq9WqHAQV/9I07kx/M5Ki/NkS3t PoVfQZKbuu+BnetFsfKe9xE7jdGkbGdG16U+sC5n9uq2iA1Mz8w
Date: Wed, 12 Jul 2017 22:38:52 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20170712223852.zmnvw4iwvziqsynq@genre.crustytoothpaste.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="aw5jby5nfdmzersy"
Content-Disposition: inline
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.9.0-3-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/j4ceBkVpKBOnWs-UW8owHDn38fw>
Subject: [openpgp] Summary of WG status
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jul 2017 22:39:06 -0000
Our charter includes several goals that we should accomplish. I'm going to summarize where we are with each of them so we can see where we need to make progress. If you're going to respond to one or more of these, please respond to each one in a separate thread so that we can have a logical set of discussions. CFRG Curves ----------- We've included EdDSA with Curve25519. I'd suggest including Curve448 as an additional option for EdDSA. That might necessitate including SHAKE256 limited to this purpose only. Curve25519 is defined for ECDH. We probably also want to consider Curve448. The work needed for this purpose is probably limited to including OIDs for the curve. AEAD Algorithms --------------- I've submitted a proposal to use EAX for data packets, and I'll be sending out a new draft incorporating Werner's suggestions soon. I'd like additional feedback on if participants think this is a useful direction. We probably also want to consider SKESK and secret key packets. Must-Implement Algorithms ------------------------- We've specified SHA2-256 as the MTI hash algorithm. This seems uncontroversial. 3DES is still the must-implement encryption algorithm. AES128 seems like the logical choice here, since it's already MTI because of ECDH. I suggest that we make the AEAD mode, whatever we pick, mandatory as well. Remember here that these are the obligatory options. Most implementations will (and already do) implement far more algorithms, so this is just a baseline for interoperability. Fingerprint Mechanism --------------------- This seems to be the most controversial. Werner has a proposal which garnered a lot of discussion. While it's not everything I want, I'm happy enough with it to accept it and move forward as a goal of getting us to done. If there are concrete counterproposals, I suggest including sufficient wording that can be discussed and potentially included into the document. -- brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204
- [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Werner Koch
- [openpgp] Must-Implement Algorithms (was:Summary … Werner Koch
- Re: [openpgp] Must-Implement Algorithms (was:Summ… brian m. carlson
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status vedaal
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status brian m. carlson
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Derek Atkins
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Vincent Breitmoser
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Stephen Paul Weber
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Robert J. Hansen
- Re: [openpgp] Summary of WG status Salz, Rich
- Re: [openpgp] Summary of WG status Vincent Breitmoser
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Kristian Fiskerstrand
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Daniel Kahn Gillmor
- Re: [openpgp] Summary of WG status Werner Koch