Re: [openpgp] I-D Action: draft-ietf-openpgp-crypto-refresh-02.txt (fwd)

"Robert J. Hansen" <rjh@sixdemonbag.org> Tue, 23 February 2021 16:10 UTC

Return-Path: <rjh@sixdemonbag.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8D1D3A2D26 for <openpgp@ietfa.amsl.com>; Tue, 23 Feb 2021 08:10:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id glnSveCJ1X8p for <openpgp@ietfa.amsl.com>; Tue, 23 Feb 2021 08:10:41 -0800 (PST)
Received: from mail.monkeyblade.net (shards.monkeyblade.net [23.128.96.9]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 333C03A1D5B for <openpgp@ietf.org>; Tue, 23 Feb 2021 08:10:38 -0800 (PST)
Received: from [IPv6:2600:8806:404:9100::9baa] (unknown [IPv6:2600:8806:404:9100::9baa]) by mail.monkeyblade.net (Postfix) with ESMTPSA id 3644C4D0C5DC0 for <openpgp@ietf.org>; Tue, 23 Feb 2021 08:10:37 -0800 (PST)
To: openpgp@ietf.org
References: <7d8bdda1-4e5c-6c10-f3cd-1d191fad595c@nohats.ca> <4f3d66b74b46b5b8bf27b5e1589bf80e.squirrel@mail2.ihtfp.org>
From: "Robert J. Hansen" <rjh@sixdemonbag.org>
Message-ID: <bafa30da-345c-be5d-76ad-dfab733ba4de@sixdemonbag.org>
Date: Tue, 23 Feb 2021 11:10:35 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0
MIME-Version: 1.0
In-Reply-To: <4f3d66b74b46b5b8bf27b5e1589bf80e.squirrel@mail2.ihtfp.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (mail.monkeyblade.net [0.0.0.0]); Tue, 23 Feb 2021 08:10:37 -0800 (PST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/tndy86khxqMTU7Mqs7rqsqlhymY>
Subject: Re: [openpgp] I-D Action: draft-ietf-openpgp-crypto-refresh-02.txt (fwd)
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 16:10:44 -0000

> I'm confused by this text.  If an implementation chooses to process 
> this packet type (e.g. I have 20-year-old PGP-encrypted messages
> that I'd still like to be able to read without re-encrypting them),
> why are you saying that it should return an error and stop
> processing? So it MAY process but SHOULD stop processing?  I'm
> confused.

"MAY process but SHOULD stop" is the way I'd read that guidance:
although a conforming implementation technically may process the packet,
it should not do so absent a compelling reason.

Perhaps this text instead?

"This packet is obsolete.  An implementation MUST NOT create this
packet.  An implementation MAY process such a packet but it MUST
return a clear diagnostic that a non-integrity protected packet has
been processed.  Unless the user explicitly directs otherwise, the
implementation SHOULD also return an error in this case and stop
processing."