Re: [openpgp] Context Parameters for Signing and Encryption
Steffen Nurpmeso <steffen@sdaoden.eu> Wed, 15 February 2023 22:55 UTC
Return-Path: <steffen@sdaoden.eu>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB83DC17CE88 for <openpgp@ietfa.amsl.com>; Wed, 15 Feb 2023 14:55:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2z18scGR9zIQ for <openpgp@ietfa.amsl.com>; Wed, 15 Feb 2023 14:55:10 -0800 (PST)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEC75C17CE8F for <openpgp@ietf.org>; Wed, 15 Feb 2023 14:55:08 -0800 (PST)
Date: Wed, 15 Feb 2023 23:55:04 +0100
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: Bruce Walzer <bwalzer@59.ca>
Cc: openpgp@ietf.org
Message-ID: <20230215225504.BsMHE%steffen@sdaoden.eu>
In-Reply-To: <Y+1R4NSAW9asPWrE@watt.59.ca>
References: <87y1pcm3go.fsf@fifthhorseman.net> <87cz6ilr7w.fsf@fifthhorseman.net> <8B86FBCD-F723-4518-BE00-AE74FB2D47B2@andrewg.com> <k13jlbmfeU3h8dS-wAVK6aWpX_ZB2UW8AQDQpDU96H6_2zdtUNC9XXCrlq0oAL07Usueyn_TkPu_fA-V6V-UTtfFIVT43sDs7C-vh3aDDZ4=@protonmail.com> <467AF37A-34BE-4D10-99F5-E4421B7E6EF4@andrewg.com> <Y+1R4NSAW9asPWrE@watt.59.ca>
Mail-Followup-To: Bruce Walzer <bwalzer@59.ca>, openpgp@ietf.org
User-Agent: s-nail v14.9.24-411-g8db62d75cb
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD; url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in the world can make no bugs.
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/nwA0XCLzC8HEQm56S5Q0DJ_7udU>
Subject: Re: [openpgp] Context Parameters for Signing and Encryption
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Feb 2023 22:55:14 -0000
Bruce Walzer wrote in <Y+1R4NSAW9asPWrE@watt.59.ca>: |On Fri, Feb 10, 2023 at 02:49:32PM +0000, Andrew Gallagher wrote: |> On 10 Feb 2023, at 12:36, Daniel Huigens <d.huigens=40protonmail.com@dma\ |> rc.ietf.org> wrote: ... |Another interesting question here is: how should we explain things to |the user when this check fails? Delegating the response to the This is a great question. |application is fine only if the application is going to be able to |respond in a clear and understandable way. For example, encrypted |email borrows the idea of the envelope used in paper mail as the |concept for the encryption. How would this error condition be related But .. Ach!, if only it would have been like this. Isn't it one of the long standing problems that exactly that was not done. Still of today most signed emails come in MIMEified, but without having at least a duplicate of the headers being part of the signed range. Let alone a sign-covered version of the key. I like the PGP MIME multipart variant more than the S/MIME one, but still it does not "simply" enwrap the original mail in another envelope. Even moreover, in fact people continue stuffing the headers of the outermost "envelope" with myriads of ..peep.. (americans on the list), some even put entire public (unverifiable, unsigned) PGP keys there just to ship it. If it would have been me with the new German passport >=20 years ago, you know. And just _do it_ like our forefathers and foremothers had done it, just enwrap the mess and plaster your own seal upon it! Then again many US-ASCII based old hands / people (in OSS space at least) still dislike and even actively counteract MIME as such. (At least in BSD and maybe even nmh land, .. where i mostly live.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
- [openpgp] Context Parameters for Signing and Encr… Daniel Kahn Gillmor
- Re: [openpgp] Context Parameters for Signing and … Falko Strenzke
- Re: [openpgp] Context Parameters for Signing and … Marcus Brinkmann
- Re: [openpgp] Context Parameters for Signing and … Daniel Huigens
- Re: [openpgp] Context Parameters for Signing and … Daniel Kahn Gillmor
- Re: [openpgp] Context Parameters for Signing and … Daniel Huigens
- Re: [openpgp] Context Parameters for Signing and … Daniel Kahn Gillmor
- Re: [openpgp] Context Parameters for Signing and … Andrew Gallagher
- Re: [openpgp] Context Parameters for Signing and … Daniel Huigens
- Re: [openpgp] Context Parameters for Signing and … Marcus Brinkmann
- Re: [openpgp] Context Parameters for Signing and … Andrew Gallagher
- Re: [openpgp] Context Parameters for Signing and … Bruce Walzer
- Re: [openpgp] Context Parameters for Signing and … Steffen Nurpmeso