IETF Logo Mail Archive

Re: [openpgp] New S2K specifiers?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 April 2019 16:34 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88AC6120094 for <openpgp@ietfa.amsl.com>; Wed, 3 Apr 2019 09:34:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=8STQghtF; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=0SDdQGe+
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VDX2GDTubsDt for <openpgp@ietfa.amsl.com>; Wed, 3 Apr 2019 09:34:46 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [162.247.75.118]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEB1D1200B6 for <openpgp@ietf.org>; Wed, 3 Apr 2019 09:34:45 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1554309285; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=KXEKUserf0yzRXik3nEWBu2iyGulX2IC28RVmrAQbtY=; b=8STQghtFTBAa8aU3t6lrTmh6wwdy1l8vNxLD5FFpRR3519qqxiMPJtD9 tepjwZ7m7FH0tzTTDv67NcL1p1ICCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1554309285; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=KXEKUserf0yzRXik3nEWBu2iyGulX2IC28RVmrAQbtY=; b=0SDdQGe+mnyqBYMqZGi6aPEXb8tskIbuYOdbuocUjFUDU3Zrfw6NM48c vl//ejL3b1WWWHreXkxzN3OacOF/tj1MiP49fP1VIXEzH18ZYKcj08Cf0x eFEnPemdyR7Q5zKCNaZ2PfO1oThuwR7fn6879bK73erlO+ZiCRVdGo1hoH wFoCiskzAgxfR2FHZHN59iPw0T3wizm9Sf4u3VhW7xIXBw7msupiIJOm8h M2PIZpr/jMA337P7k+YaoOeNMYmYC8r3dCR4loVrPGRxSEuIgQ4LzVRB0m T03Xv4vT+VAKdre2aH8uIoyNsZ7JhTTNaT2WDGatWYemTlK/QXMOIQ==
Received: from fifthhorseman.net (unknown [38.109.115.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id ABCD6F99D; Wed, 3 Apr 2019 12:34:44 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 9814D203C8; Wed, 3 Apr 2019 12:34:39 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Jon Callas <joncallas=40icloud.com@dmarc.ietf.org>, Damien Goutte-Gattat <dgouttegattat=40incenp.org@dmarc.ietf.org>
Cc: openpgp@ietf.org, Jon Callas <joncallas@icloud.com>
In-Reply-To: <B855F074-0696-407C-8542-809456CF3B1D@icloud.com>
References: <20190331121024.cgta3emx6vefex6x@aurora.local.incenp.org> <B855F074-0696-407C-8542-809456CF3B1D@icloud.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Wed, 03 Apr 2019 12:34:39 -0400
Message-ID: <87pnq33v4w.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/oP1YdMZS425SMzo5Je5wlzutQtg>
Subject: Re: [openpgp] New S2K specifiers?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 16:34:48 -0000

On Mon 2019-04-01 20:32:04 -0700, Jon Callas wrote:
> I view this as primarily an implementation issue.
>
> If I were to write that section, I’d put both Argon2i and Argon2d
> in. There are reasons to go with either, and I’d leave that to the
> implementation.
>
> Interoperability matters only when you transfer keys from one
> implementation to another, and as time goes on that is less and less
> of a problem. (And the grumpy part of me says that if you’re going to
> transfer to some new implementation, maybe you want a new key, anyway
> even as I know that’s not friendly.)

It's not quite this simple, as S2K is also used in SK-ESK's (as Neal
points out elsewhere in this thread).  So that means
"password-protected" OpenPGP messages, which are very often exchanged
between parties, so interoperability is important.

having both specs in the standard makes interop more challenging, so it
would be better to just have one if possible.

        --dkg

v2.23.0 | Report a Bug | By Email