Re: [openpgp] Version 1 image header bits that MUST be 0
Derek Atkins <derek@ihtfp.com> Mon, 29 May 2023 13:20 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FC59C1516F3 for <openpgp@ietfa.amsl.com>; Mon, 29 May 2023 06:20:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T5FV9XA4zIlw for <openpgp@ietfa.amsl.com>; Mon, 29 May 2023 06:20:28 -0700 (PDT)
Received: from mail.ihtfp.org (MAIL.IHTFP.ORG [204.107.200.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3941AC15109E for <openpgp@ietf.org>; Mon, 29 May 2023 06:20:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.ihtfp.org (Postfix) with ESMTP id D2B0E806BFE8; Mon, 29 May 2023 09:20:26 -0400 (EDT)
Received: from mail.ihtfp.org ([127.0.0.1]) by localhost (mail.ihtfp.org [127.0.0.1]) (maiad, port 10024) with LMTP id 2481538-10; Mon, 29 May 2023 09:20:26 -0400 (EDT)
Received: by mail.ihtfp.org (Postfix, from userid 48) id A4FAC806C248; Mon, 29 May 2023 09:20:26 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ihtfp.org A4FAC806C248
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1685366426; bh=iT//r3yow8Qfn2Yihamo1XZPvaXk4a0jaNQe1g7C8B0=; h=In-Reply-To:References:Date:Subject:From:To:Cc:From; b=ncb6SURXqqcS2YTyCwHwYYoVxFFApDXgDyZWpzLGZId5P1VDELjsaAIS6h7Rw0qfP oD0hB3HL0TkeN9sErvQTQb7Sw8WQzTsTK1ZxZ0BkfVtf/oTDOOaKsqHYmS45sE8Wd9 mXArTcXdtQ1sjQAFtMjD7MMyqa8/moAC+1ltc3vc=
Received: from 192.168.248.239 (SquirrelMail authenticated user warlord) by mail.ihtfp.org with HTTP; Mon, 29 May 2023 09:20:26 -0400
Message-ID: <d5338f8dc23ba9043d87a334e96aff3a.squirrel@mail.ihtfp.org>
In-Reply-To: <85dbb8e2-3bda-1ff4-e721-ea87d1f4d07b@nohats.ca>
References: <8211a864-3ce5-bb60-2aa8-6e73e82213ef@nohats.ca> <87lehy95ba.fsf@fifthhorseman.net> <6D291C82-0F6F-4905-88DF-60A49674C76B@andrewg.com> <85dbb8e2-3bda-1ff4-e721-ea87d1f4d07b@nohats.ca>
Date: Mon, 29 May 2023 09:20:26 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Paul Wouters <paul@nohats.ca>
Cc: Andrew Gallagher <andrewg=40andrewg.com@dmarc.ietf.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "openpgp@ietf.org" <openpgp@ietf.org>
User-Agent: SquirrelMail/1.4.23 [SVN]-6.fc34.20190710
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/vUVeRldI9Vh7ebNnLjr-3sq9i0g>
Subject: Re: [openpgp] Version 1 image header bits that MUST be 0
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 May 2023 13:20:33 -0000
Paul, On Mon, May 29, 2023 9:11 am, Paul Wouters wrote: > On Mon, 29 May 2023, Andrew Gallagher wrote: > >> On 8 May 2023, at 17:05, Daniel Kahn Gillmor <dkg@fifthhorseman.net> >> wrote: >>> >>> As an alternate approach, i expect it would be more straightforward to >>> deprecate these bits (and much of this flexibility) entirely. The root >>> of the issue is that there is too much unused extensibility here. A >>> simplifying approach might be: >>> >>> - drop the Image Attribute Version registry >>> >>> - drop the Image Attribute Encoding Format registry >> >> - drop Image Attribute types >> >> - deprecate User Attribute packets >> >> I see no concrete use for them other than to bloat keys, frustrate >> distribution, and abuse keyservers for anonymous file sharing. Anything >> else can be achieved in a more straightforward manner by signing a >> document. > > This got logged as an unchartered issue at > https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/167 > so it can be picked up for discussion after the crypto refresh and > rechartering is done. I do not have a gitlab account and do not plan to create one just to reply to Andrew's comment. I have no problem with fixing the Image type at JPEG. However, dropping the rest of the attributes I absolutely have an issue with, and stated in my email from a few minutes ago. Thanks! > Thanks! > > Paul -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [openpgp] Version 1 image header bits that MUST b… Paul Wouters
- Re: [openpgp] Version 1 image header bits that MU… Daniel Kahn Gillmor
- Re: [openpgp] Version 1 image header bits that MU… Andrew Gallagher
- Re: [openpgp] Version 1 image header bits that MU… Paul Wouters
- Re: [openpgp] Version 1 image header bits that MU… Derek Atkins
- Re: [openpgp] Version 1 image header bits that MU… Derek Atkins
- Re: [openpgp] Version 1 image header bits that MU… Paul Wouters