IETF Logo Mail Archive

Re: [openpgp] AS2+OpenPGP protocol extension review request

Ben McGinnes <ben@adversary.org> Thu, 14 February 2019 06:50 UTC

Return-Path: <ben@adversary.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77C75130FFC for <openpgp@ietfa.amsl.com>; Wed, 13 Feb 2019 22:50:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.918
X-Spam-Level:
X-Spam-Status: No, score=-0.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_DYNAMIC=0.982, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KFRveatWxJEc for <openpgp@ietfa.amsl.com>; Wed, 13 Feb 2019 22:50:15 -0800 (PST)
Received: from devious.adversary.org (ec2-52-29-175-128.eu-central-1.compute.amazonaws.com [52.29.175.128]) by ietfa.amsl.com (Postfix) with ESMTP id AFC0C130F30 for <openpgp@ietf.org>; Wed, 13 Feb 2019 22:50:15 -0800 (PST)
Received: from adversary.org (localhost [127.0.0.1]) by devious.adversary.org (Postfix) with ESMTP id C866048346; Thu, 14 Feb 2019 06:50:10 +0000 (UTC)
Date: Thu, 14 Feb 2019 17:49:43 +1100
From: Ben McGinnes <ben@adversary.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: cryptography@metzdowd.com, openpgp@ietf.org
Message-ID: <20190214064943.ebb34zchzc5ddhke@adversary.org>
References: <20190212040914.23kkncp2fptccwp6@adversary.org> <79420544-da84-6c1b-5c3a-f2d2e3a10184@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="u4c3vpes73ea5rzg"
Content-Disposition: inline
In-Reply-To: <79420544-da84-6c1b-5c3a-f2d2e3a10184@cs.tcd.ie>
OpenPGP: "id=DB4724E6FA4286C92B4E55C4321E4E2373590E5D; url=http://www.adversary.org/ben-key.asc; preference=signencrypt"
Codes-of-Conduct-policy: "url=https://gitlab.com/Hasimir/project-participation-policy"
User-Agent: NeoMutt/20180716
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/o6fnLMts1-TULcdMhdzAiA3O9Gk>
Subject: Re: [openpgp] AS2+OpenPGP protocol extension review request
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 06:50:18 -0000

On Tue, Feb 12, 2019 at 11:52:05AM +0000, Stephen Farrell wrote:
> 
> Hiya,
> 
> I just had a quick peek (will try read more later) but wondered
> why PGP is a better primitive here than MLS? [1] (Or one of the
> IM security schemes that motivated MLS, if dealing with a work-
> in-progress like MLS is problematic.)

I was about to say MLS is *way* overkill, but then realised you were
referring to the more recent MLS[1] and not this MLS.[2]

Anyway, there were several reasons; including, but not limited to,
these:

 1. Responding to frequent requests of users of Mastodon and Pleroma
    servers who have been requesting specific software solutions of those
    platform (most commonly citing Mailvelope or Keybase).
    
    I wanted to get the thing out of the realm of vendor or language
    lock-in.
    
 2. ActivityStreams 2.0, in spite of the name, does not actually use
    live streamed data in the same way as various IM protocols do, it
    really is a transport protocol only.
    
 3. OpenPGP provides an existing and proven means of meeting all the
    cryptographic shortfalls of ActivityStreams and the fediverse.
    
 4. I've deliberately designed this extension in a way which would
    enable an alternative cryptosystem to be designed for it or adapted
    to it in the future.  So no protocol lock-in either.
    
 5. None of the IM cryptosystems I thought of would meet all the needs
    of various people whose requests I read and most of them are solely
    dependent on either SSL or libsodium to the exclusion of all else.
    The former tends towards mis-implementation and various exploits, the
    latter tends towards trying to make the one thing it does do fit
    everything.
    
    It could be argued that that latter criticism is also true of
    OpenPGP, but on the other hand OpenPGP and, particularly GnuPG,
    can do an awful lot more too.
    
 6. I've spent far more time delving into GnuPG's innards than most of
    the other systems, so there was a little bias there.  Still, that's
    another reason for defining the spec in such a way that an
    alternative cryptographic protocol could be used instead.
 

Regards,
Ben

1: https://tools.ietf.org/wg/mls/
2: https://en.wikipedia.org/wiki/Multilevel_security

v2.23.0 | Report a Bug | By Email