Re: [openpgp] AEAD Chunk Size

Bart Butler <bartbutler@protonmail.com> Thu, 18 April 2019 17:28 UTC

Return-Path: <bartbutler@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D36712015E for <openpgp@ietfa.amsl.com>; Thu, 18 Apr 2019 10:28:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.201
X-Spam-Level:
X-Spam-Status: No, score=-0.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, TO_EQ_FM_DIRECT_MX=2.499] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Yt4RwT3i3KHb for <openpgp@ietfa.amsl.com>; Thu, 18 Apr 2019 10:28:40 -0700 (PDT)
Received: from mail1.protonmail.ch (mail1.protonmail.ch [185.70.40.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12DEA1201BB for <openpgp@ietf.org>; Thu, 18 Apr 2019 10:28:40 -0700 (PDT)
Date: Thu, 18 Apr 2019 17:28:31 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=default; t=1555608517; bh=gl1uk/9KZtF/ZJlmi4fyNJuZMtZF2N6pLTsGFR5sYvg=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References: Feedback-ID:From; b=fH33YHIYitbhCX8iuDKY2Iiufg/0Hle0hLTUFU/5G/atelZkqhPP9TWgSIVtzk0hp TtgIi+dlJ0oSwBRKiE0o89TUkOtupCuGblRRvaowP+cD9pNgS6A2fUFR8NCJ/kHAT1 BrTJWg9kdx0+tawV0tVg58uPH0pxBj7MbuOgYZNI=
To: Bart Butler <bartbutler@protonmail.com>
From: Bart Butler <bartbutler@protonmail.com>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
Reply-To: Bart Butler <bartbutler@protonmail.com>
Message-ID: <uIkPmRBGfmyVi5QPuVeXkm02_Y_zfPUWPWCsZtDHyjFaFbNOY8mJyUK42pm80AJ-_-jf-ut1xPK_SMkjGDgrL4cT4BcAbeaBQvSYhqFoD7U=@protonmail.com>
In-Reply-To: <YMBMgZGGCSQb4Bnp9xRFkBfOn-I97FrycqHK4NvuHUkgtmL6_UaumtHJwJc-4nbmACSHrA4CWqEeLMDUuoVFMq0Vc6M0fwO8G40Mq1heEgI=@protonmail.com>
References: <87mumh33nc.wl-neal@walfield.org> <878swzp4fb.fsf@europa.jade-hamburg.de> <E65F6E9D-8B0B-466D-936B-E8852F26E1FF@icloud.com> <87d0m9hl62.wl-neal@walfield.org> <FEE9711C-3C64-493C-8125-89696B882E0A@icloud.com> <2di2bK8m-7HtDeoUEH9oPqs-bL-IKSE0CjkgFShPMLOlUyeDBVkVGApdjnIpS6YRAeKU3ibGCZCtwLden-N6zK5W4fqIghRGDa5dU720nEs=@protonmail.com> <73739F8A-5E9F-4277-B053-FDD2E8D81B17@icloud.com> <cc75QwJwTIffqLK7fzZ3A2Pw1Vb3_lkhSHfYRPyASZcxceG2c0Cpbld529WsXosP7X9x4agikpGD4dVTXK8iaRkblS9Jokv1tD2TceQBbyE=@protonmail.com> <18FF6D9C-B285-406E-A344-E6362646DE68@icloud.com> <YMBMgZGGCSQb4Bnp9xRFkBfOn-I97FrycqHK4NvuHUkgtmL6_UaumtHJwJc-4nbmACSHrA4CWqEeLMDUuoVFMq0Vc6M0fwO8G40Mq1heEgI=@protonmail.com>
Feedback-ID: XShtE-_o2KLy9dSshc6ANALRnvTQ9U24aqXW2ympbGschdpHbU6GYCTUCtfmGhY9HmOyP1Uweyandwh1AVDFrQ==:Ext:ProtonMail
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="---------------------ed2ecb7f806cab1b589486d3d2a10432"; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/kxEIUHIZO8NJyZE30Pnf2t3uBaQ>
Subject: Re: [openpgp] AEAD Chunk Size
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 17:28:43 -0000

Hi all,

Jon and I got on the phone today and discussed the AEAD chunk situation a little more. The compromise we reached is:

(1) MUST support chunks up to and including 8KiB.
(2) SHOULD NOT emit chunks larger than 8KiB.
(3) SHOULD reject chunks larger than 8KiB.

Jon likes this because it doesn't fully shut the door on experimentation. I like this because it strengthens the norm and puts the burden of justification for violating the norm on the person asking for huge chunks rather than the implementer. I expect (though please correct me if not) that Derek, Neil, and others working on embedded or otherwise constrained system will like this because the normative limit is low enough for most embedded/constrained systems to do streaming when incremental no-release semantics are desired. And I hope Werner likes this because GnuPG is already doing 8KiB chunks, so the work involved in changing GnuPG's implementation should be minimal :)

Does anyone have any objections to or comments regarding this language?

Thanks,

Bart