Re: bis-16 comments

David Shaw <dshaw@jabberwocky.com> Tue, 09 May 2006 16:04 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FdUhG-0003r2-E7 for openpgp-archive@lists.ietf.org; Tue, 09 May 2006 12:04:26 -0400
Received: from stsc1260-eth-s1-s1p1-vip.va.neustar.com ([156.154.16.129] helo=chiedprmail1.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FdTdv-000522-79 for openpgp-archive@lists.ietf.org; Tue, 09 May 2006 10:56:55 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1FdTMo-00085Q-Bp for openpgp-archive@lists.ietf.org; Tue, 09 May 2006 10:39:18 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k49E5thS005048; Tue, 9 May 2006 07:05:55 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k49E5tcs005047; Tue, 9 May 2006 07:05:55 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from foobar.cs.jhu.edu (foobar.cs.jhu.edu [128.220.13.173]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k49E5sUE005041 for <ietf-openpgp@imc.org>; Tue, 9 May 2006 07:05:54 -0700 (MST) (envelope-from dshaw@jabberwocky.com)
Received: from walrus.hsd1.ma.comcast.net (walrus.hsd1.ma.comcast.net [24.60.132.70]) by foobar.cs.jhu.edu (8.11.6/8.11.6) with ESMTP id k49E5ik24386; Tue, 9 May 2006 10:05:44 -0400
Received: from grover.jabberwocky.com (grover.jabberwocky.com [172.24.84.28]) by walrus.hsd1.ma.comcast.net (8.13.6/8.13.5) with ESMTP id k49E8Uh8006395; Tue, 9 May 2006 10:08:30 -0400
Received: from grover.jabberwocky.com (grover.jabberwocky.com [127.0.0.1]) by grover.jabberwocky.com (8.13.1/8.13.1) with ESMTP id k49E5cur024332; Tue, 9 May 2006 10:05:38 -0400
Received: (from dshaw@localhost) by grover.jabberwocky.com (8.13.1/8.13.1/Submit) id k49E5cDq024331; Tue, 9 May 2006 10:05:38 -0400
Date: Tue, 9 May 2006 10:05:38 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: Jon Callas <jon@callas.org>
Cc: ietf-openpgp@imc.org
Subject: Re: bis-16 comments
Message-ID: <20060509140538.GB24267@jabberwocky.com>
Mail-Followup-To: Jon Callas <jon@callas.org>, ietf-openpgp@imc.org
References: <20060426031250.GA11005@jabberwocky.com> <5E8B7F7D-6CE1-4F5F-98DE-31E61B13D2D4@callas.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5E8B7F7D-6CE1-4F5F-98DE-31E61B13D2D4@callas.org>
OpenPGP: id=99242560; url=http://www.jabberwocky.com/david/keys.asc
User-Agent: Mutt/1.5.11
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: -2.6 (--)
X-Scan-Signature: ea4ac80f790299f943f0a53be7e1a21a

On Mon, May 08, 2006 at 02:52:30PM -0700, Jon Callas wrote:

> >In section 9.3. Compression Algorithms, suggest adding:
> >
> >    Algorithm 0, "uncompressed," may only be used to denote a
> >    preference for uncompressed data in the preferred compression
> >    algorithms subpacket (section 5.2.3.9). Implementations MUST NOT
> >    use uncompressed in Compressed Data Packets.
> >
> >(We had the same problem with using cipher algorithm 0 in encrypted
> >data packets, and made that MUST NOT as well)
> >
> 
> I want to quibble over this one.
> 
> The reason we don't allow 0 in encrypted packets is because we don't  
> want to have "encrypted" data. It's a security reason. There's no  
> security reason here. While it's perhaps stupid to make a compressed  
> packet that has no compression (you could just have a literal  
> packet), there is no *security* reason to object to it.
> 
> Also, there's no particular code reason to object to it, either; you  
> have to handle the case, and rather than error out, why not just  
> proceed?

You're right.  It's better left out.

David