Re: [openpgp] Alternative to Base64

"brian m. carlson" <sandals@crustytoothpaste.net> Mon, 18 July 2016 23:21 UTC

Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5CAC12DB2D for <openpgp@ietfa.amsl.com>; Mon, 18 Jul 2016 16:21:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.287
X-Spam-Level:
X-Spam-Status: No, score=-3.287 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_SORBS_DUL=0.001, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zFVtel9D5SR9 for <openpgp@ietfa.amsl.com>; Mon, 18 Jul 2016 16:21:39 -0700 (PDT)
Received: from castro.crustytoothpaste.net (castro.crustytoothpaste.net [75.10.60.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B20B812B044 for <openpgp@ietf.org>; Mon, 18 Jul 2016 16:21:39 -0700 (PDT)
Received: from vauxhall.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:395:747d:98e1:fc48]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id 337D2282AF for <openpgp@ietf.org>; Mon, 18 Jul 2016 23:21:38 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1468884098; bh=ia3nUkXnv4BbCXANE3Pdyv6a9R/bXx7kBySS396lXZs=; h=Date:From:To:Subject:References:In-Reply-To:From; b=ALpfAPgksdkYrAlV0eItrih6rzF04IkJn6sc7sTR3NL34+R/V8KP1wYlHBUWuwYmv gjz8IiIWGTj/thqJqq1iIEwd1ow9OD5kYFOhBJvU/8sr7Uf/9euPTOPKeaPiZ2PC7M Rv96cy5lDSm0LFcu1pNpjeXlqr3FroEzWa1jrvjlmANCctAhAq4drKl41l0Q43XOf1 1XU3/ULXjvFz+9PQsa1kLl5ctzADqpT/xbUsCokbc8FQTLOtkg0FsjZa13pJJfHKSS 7vSMK+Tx/WMDjiIxnSUkgduv2/05gDUi0eDWWSSPNhPCRM1KL830E60v8yEQFBiUUz 8YKIvzbb1GVOjcL5Poh2KoXVVqCrIKLVKFRbWjIgEbkyPGMKXKM6lA8qVTXve8Ctxn iB7yba1Q2SJOHMYXhFu2byoWqYdbTgt7LIF/z6pyoXhBz5+M3a3L+icpgkvR2jqCH+ jLcCa1H7ul/ghroalXfvl2keYm9P3zHSnUQJMhXhdaCi5D0Pfn7
Date: Mon, 18 Jul 2016 23:21:35 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20160718232134.GH6644@vauxhall.crustytoothpaste.net>
References: <CAMm+LwgPRSnPrL_AKwwyOsfYRsJ-n6j6gUQ7aCU-=GqAW7D41w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="pfTAc8Cvt8L6I27a"
Content-Disposition: inline
In-Reply-To: <CAMm+LwgPRSnPrL_AKwwyOsfYRsJ-n6j6gUQ7aCU-=GqAW7D41w@mail.gmail.com>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.7.0-rc4-amd64)
User-Agent: Mutt/1.6.0 (2016-04-01)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/rJMzYjMKb72Opm7bI_8-OaypqPU>
Subject: Re: [openpgp] Alternative to Base64
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jul 2016 23:21:42 -0000

On Mon, Jul 18, 2016 at 08:49:03PM +0200, Phillip Hallam-Baker wrote:
> As we discussed after the meeting,
> 
> * Yes Base64 sucks
> 
> * Yes alleged 'binary' transport SMTP also sucketh because dimwits insert
> CRLFs to wrap lines.
> 
> There is an alternative that could be used, yenc is widely implemented on
> USENET.
> 
> http://www.yenc.org/yenc-draft.1.3.txt :
> 
>  1. Fetch a character from the input stream.
>  2. Increment the character's ASCII value by 42, modulo 256
>  3. If the result is a critical character (as defined in the previous
>     section), write the escape character to the output stream and increment
>     character's ASCII value by 64, modulo 256.
>  4. Output the character to the output stream.
>  5. Repeat from start.
> 
> Critical characters include the following:
> 
> ASCII 00h (NULL)
> ASCII 0Ah (LF)
> ASCII 0Dh (CR)
> ASCII 3Dh (=)
> 
> 
> It ain't perfect but it is about 98% efficient and we need not
> necessarily do that exact scheme.

I would like to point out a use case we may not have considered:
clearsigned hash files.  It's very common for people to create files
that are the output of sha256sum or sha512sum and clearsign them, so
that everything's in one file.  This requires something that is
text-friendly and won't send escape sequences to the terminal.  yEnc
isn't that.

People also copy and paste ASCII-armored detached signatures and
clearsigned messages.  I work in an industry where my sole access to fix
customer machines is via an SSH terminal session; no SFTP or SCP is
allowed.  Anything that isn't text-friendly has to be base64 encoded.

I agree, Base64 sucks in a lot of ways, but people already are going to
have to implement the Radix-64 format for backwards compatibility.  Even
if we exclude it from the spec, people are still going to use it because
it meets their needs.  We might as well accept that and move on.
-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204