Re: [openpgp] v5 in the crypto-refresh draft

Peter Gutmann <pgut001@cs.auckland.ac.nz> Mon, 07 June 2021 13:42 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B59C73A16AD for <openpgp@ietfa.amsl.com>; Mon, 7 Jun 2021 06:42:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qB-JmZ2j52d for <openpgp@ietfa.amsl.com>; Mon, 7 Jun 2021 06:41:56 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19BBA3A16E0 for <openpgp@ietf.org>; Mon, 7 Jun 2021 06:41:55 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2177.outbound.protection.outlook.com [104.47.71.177]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-74-cOZklx7IPdaElRy0TDuwTw-1; Mon, 07 Jun 2021 23:41:47 +1000
X-MC-Unique: cOZklx7IPdaElRy0TDuwTw-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SY4PR01MB6315.ausprd01.prod.outlook.com (2603:10c6:10:10f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.22; Mon, 7 Jun 2021 13:41:41 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7%6]) with mapi id 15.20.4195.030; Mon, 7 Jun 2021 13:41:41 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Paul Wouters <paul@nohats.ca>
CC: "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] v5 in the crypto-refresh draft
Thread-Index: AQHXWqjxZgm3Nb8iZ0mMkTayPQSTdKsHHHeAgAFzsxU=
Date: Mon, 7 Jun 2021 13:41:41 +0000
Message-ID: <SY4PR01MB6251D1BBE714F9A161E5AE2AEE389@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <SY4PR01MB625176F5D00B0F5F5DE6474DEE399@SY4PR01MB6251.ausprd01.prod.outlook.com>, <d8b9cd22-ded3-4ef3-94c1-7d3ac162b06a@nohats.ca>
In-Reply-To: <d8b9cd22-ded3-4ef3-94c1-7d3ac162b06a@nohats.ca>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [14.1.76.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 07275bf4-7b1e-483c-e882-08d929b9fb62
x-ms-traffictypediagnostic: SY4PR01MB6315:
x-microsoft-antispam-prvs: <SY4PR01MB6315E57F3E73690D5B608128EE389@SY4PR01MB6315.ausprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: BbWi4d82NiO46MaH0Y7Y3ArshS+SvyNVRDEkdye/8NcuOt+BlUiEt/DHy3gcLrnEpSMW9vuoVkC/976obj6faAXqS8/7zEYDUpLWuDFgPTbf3RTh+x2AMSGJ64tOLXEkfWaVjtkV2TVcRHvuSr40iiHuVIvr6tMnOtwHoGWCVyfchN4GSfNyscIegr45g4yX+hXgiOmt1BBzclmpf4IVa8f9AiHUOnSjOrXvpYUA1BsuGJS0KW7kMOcuW2d7AUlFs9CrfmaYsj88jLtilnwUeYXv/d6dx8kcjbXYgwNqS9774xSoAWk1tDHSCjNgpFtok53XPtXAbBxDymfNFH8a+tW8GPVLMCCZyb/FGi3t7qWo9tdaqKFx4UP91Fy1V7LKDaSytY1U6P31k0By3ioR1DmXGnB8miydEkt1ulD6cJXxzSthuFrK68I5y8ejDMyft2FhTNSaFZKzzIOaZSHODdIgcX4OZ1i75sVAChb8UlCecBaU4ZH3jMsvYouaqRnVChu5sYUlPvrhf1mfkBaRCnjDi6aZprXsuf7qsCWZPL+680GOOLH5xaf/1ZYVP+mlzM0tiwDSyn+HeT7p72MnLofWFUO6J5oP38coaFt2w0g=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(9686003)(33656002)(4326008)(52536014)(55016002)(498600001)(2906002)(86362001)(186003)(7696005)(8936002)(26005)(71200400001)(6506007)(8676002)(5660300002)(66476007)(66946007)(66556008)(64756008)(122000001)(38100700002)(66446008)(4744005)(76116006)(6916009); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata: =?iso-8859-1?Q?HG++cp584ZsbBTwSOwy0VJFRJNYyNgEhDkIsl5iDzCKkY/WPW84VB6ncXd?= =?iso-8859-1?Q?wUGNXeVc4D2DFTgCXctRxsLkMwnH6BvDFgCxUngIHai6yS4E387ELns3Cj?= =?iso-8859-1?Q?ZWnWXCResQY0CWMUhOV3kePM7qchWCuJcdpCQDfHk+tQ8PjJ8zSmxZTyBf?= =?iso-8859-1?Q?XMkvu8jUd3wHgL+1xPC498IXhr+dwma/CKBH3hjH3arnRAMKKcG2Scjyey?= =?iso-8859-1?Q?GJvnN5TWLzDe83YNiaJmm1ZbHddcvgv9+hnw+FpzpkQlU+xzA2RL/7BQfO?= =?iso-8859-1?Q?rdKqb0hCttKhQCg2gnx2ExEsrOYpDSR66UekEPOItIxsUL233+WVSM1bPY?= =?iso-8859-1?Q?7GuBJY6IJ9p/qX7Idp/a+EiUuADqtTfQVABkXV7NehSnb6vBmd3/4XCPQw?= =?iso-8859-1?Q?QNZ5DXxduICFl8PGgR1iQpsVyiC4fwBxR663NvB8cDEm9HA0hyWTBNO7m1?= =?iso-8859-1?Q?61yKJWUTXovJi1+2FYqcugLANftXM1SV0J95RHLOD5L24qfr0utQACU6C8?= =?iso-8859-1?Q?NcTp206lbZwOEvDEJBH+tDrFRWv8ngeic/lE0s4T9zY50o4DAioQZ2e7Qx?= =?iso-8859-1?Q?xY2ZU4GObqLvU21prXgbpnyVDBJFWZqtRytVHDdrIC8NjyL+GufVbkATIH?= =?iso-8859-1?Q?hqzGxo4EG5mcAHOj73xn7i6cNL0gYvb/LPwsZyJantN8I9EfDwAxrSZltY?= =?iso-8859-1?Q?JnTEHHpvbCKibUC2UQYdk86h624cFx87i1vwR/bPAf6C1UzCxi2GhWqRNw?= =?iso-8859-1?Q?pzUY02TU0gfofFuiiftVNI8Ds/QU0L7KOgDmbvPkbozmedpt5p7XsvFOoW?= =?iso-8859-1?Q?PFUImcs0WpRRRZg9DFMjnhI1JMHAPJXqCn4g4sQ64W8h8R2I2hrAB5L4Kd?= =?iso-8859-1?Q?IFyYTQK/S7BAk5x5aqA1H/9W1JBqB9p6KhZKYdFHtO0DbDFMzAzJubQKgl?= =?iso-8859-1?Q?xFtw3MLWqC9ceyNwL73fZIeb6sIqG7VfnrN6Aber0BZxJmdpuON9eHNsIT?= =?iso-8859-1?Q?CrTv9zlSePOA8ZVNktUcvCNBXsQ+FOtOWm0BisWMDIciFsDM4U0oGHf+B4?= =?iso-8859-1?Q?mY6AtWRtjfWZoSpC0aQSvsacIPt8VX/V2wm9mEieHIInrhvQ+cAdF4wV+4?= =?iso-8859-1?Q?8tHJ/R7U8GTZxvnqZMjufRlTOikL5NU+ARyp261pxYeeT/Bol5pAX6Jk2a?= =?iso-8859-1?Q?lSuuLmF9G2t6bfZJg9BaX02FVFSGQUMbSrMno/St8AjMhjoaSShwnNnDy/?= =?iso-8859-1?Q?i5SicRgdFZmov8sZKn3JBrPeEEh6663Gpq9+IYauGd0z24Tiil3hzb/jBi?= =?iso-8859-1?Q?CqGKeaoXOfMn4BsHvkrDyGL8sxsDzKgE4upBDdm1FWVI8ck=3D?=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 07275bf4-7b1e-483c-e882-08d929b9fb62
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jun 2021 13:41:41.0319 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 2jE4LvKQh6yku+K9PB8JW3fljlUzsWbuSdBalwsweYUEpr1LSIv0GoD8PB49UT9pEyD/1iFyXBMQPiSpxVTYaxw210HAz11rVe9wI9oFt6k=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4PR01MB6315
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CAU17A13 smtp.mailfrom=pgut001@cs.auckland.ac.nz
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/poTuL49MejKBk2pUf4FafwyrOEY>
Subject: Re: [openpgp] v5 in the crypto-refresh draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 13:42:11 -0000

Paul Wouters <paul@nohats.ca> writes:

>We are happy to accept such proposed text, please send it to the list :)

Well, if I write it people may be less happy with the text :-).  OK, how
about, after the paragraph "Note that it is possible for there to be
collisions of Key IDs", add:

-- Snip --

There are no cryptographic issues introduced by this since the fingerprint is
merely a fixed-length opaque value used to identify the variable-length
structured data that makes up a public key.  In particular the move to SHA-256
for V5 fingerprints was made not to address any cryptographic vulnerability
but to avoid the perception that something insecure might be happening due to
the use of SHA-1.

-- Snip --

Peter.