Re: New Encrypted Data Packet?
Edwin Woudt <edwin@woudt.nl> Mon, 04 April 2005 16:25 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA24281 for <openpgp-archive@lists.ietf.org>; Mon, 4 Apr 2005 12:25:05 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j34G96RW041468; Mon, 4 Apr 2005 09:09:06 -0700 (PDT) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j34G96rJ041467; Mon, 4 Apr 2005 09:09:06 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from smtpq1.home.nl (smtpq1.home.nl [213.51.128.196]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j34G95Ho041459 for <ietf-openpgp@imc.org>; Mon, 4 Apr 2005 09:09:06 -0700 (PDT) (envelope-from edwin@woudt.nl)
Received: from [213.51.128.135] (port=44697 helo=smtp4.home.nl) by smtpq1.home.nl with esmtp (Exim 4.30) id 1DIU8N-00059C-Qk; Mon, 04 Apr 2005 18:09:03 +0200
Received: from cc718542-a.ensch1.ov.home.nl ([82.75.235.211]:2952 helo=[10.24.64.4]) by smtp4.home.nl with esmtp (Exim 4.30) id 1DIU8M-0007Ta-Di; Mon, 04 Apr 2005 18:09:02 +0200
Date: Mon, 04 Apr 2005 18:09:02 +0200
From: Edwin Woudt <edwin@woudt.nl>
To: Jon Callas <jon@callas.org>, OpenPGP <ietf-openpgp@imc.org>
Subject: Re: New Encrypted Data Packet?
Message-ID: <657710228390B0569A1FC1D1@[10.24.64.4]>
In-Reply-To: <b0e772ada05344816ca90abd2331a3f9@callas.org>
References: <b0e772ada05344816ca90abd2331a3f9@callas.org>
X-Mailer: Mulberry/4.0.0a7 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-AtHome-MailScanner-Information: Neem contact op met support@home.nl voor meer informatie
X-AtHome-MailScanner: Found to be clean
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
Content-Transfer-Encoding: 7bit
--On 4-4-2005 8:27 -0700 Jon Callas <jon@callas.org> wrote: > > When the Mister-Zuccherato attack came out at the beginning of the year, > one of the suggestions that we had was to re-do the encrypted data packet > and MDC. It seems that there's not really a lot of consensus to fix it, > that merely working around the problem seems to be adequate? Am I right > in that perception? Do we want to upgrade it? > > I still think it's a good idea, myself, particularly since if you want > wide deployment of such a thing for the future getting on it now is a > good idea. But I would also like to really close out 2440bis, too. > (However, the two are not mutually exclusive. We could close out 2440bis > and put the upgrades into a followon RFC.) I agree it is a good idea, but not for 2440bis. As there is a workaround, I would say: add a note about the attack and the workaround to 2440bis and get it finished. Redoing the encrypted data packet can then be implemented together with v5 keys and any other hash related changes. This also solves the problem of deciding which implementations support such a new encrypted data packet: just use the new packet for v5 keys, and the old ones for v4 and below. -- Edwin
- New Encrypted Data Packet? Jon Callas
- Re: New Encrypted Data Packet? Edwin Woudt
- Re: New Encrypted Data Packet? Ian G
- Re: New Encrypted Data Packet? Jon Callas
- Re: New Encrypted Data Packet? Ben Laurie