IETF Logo Mail Archive

Re: [openpgp] To bind or not to bind

Andrew Gallagher <andrewg@andrewg.com> Fri, 22 March 2024 23:38 UTC

Return-Path: <andrewg@andrewg.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2555CC14F6AD for <openpgp@ietfa.amsl.com>; Fri, 22 Mar 2024 16:38:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewg.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ezpB8zhTl-1J for <openpgp@ietfa.amsl.com>; Fri, 22 Mar 2024 16:38:01 -0700 (PDT)
Received: from fum.andrewg.com (fum.andrewg.com [IPv6:2a01:4f9:c011:23ad::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8091C14F694 for <openpgp@ietf.org>; Fri, 22 Mar 2024 16:37:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andrewg.com; s=andrewg-com; t=1711150675; bh=7kNg8gX2KRA2LcQd6crD2ewCJPYPiSPINvyMOxuys68=; h=From:Subject:Date:References:Cc:In-Reply-To:To:From; b=FXp3R1OgNiPzKsEpnF5W5K2ipBWkHOF6T1i8sVV8IS2XzB4XaffiirNY9ERqhnHSv lW2cqFzmqS82W/y5S/pnhdAogwaCf5dWU9+KnmfEPZjAJRWKRI+a7+pXBgFTZYLlyt 4ZaykPv5usHjzjWOLeQKxr2AsC9uTrwK5BsEkYIXb/gFnoXSYwKCjnmQcOG1szOm3n uyLO358dKnVkKSiCTaPWkx1UPT1n/jvyz1C1nT9JfW97Qo7mljf9X0xP4TyKV5TpIg qEQPyWNIEIfpVoZ/u2mnrsgc6fLw+nuQvM0xEpLgsGbu9BpaKzxnie5alIBPQFBab4 z9OGsOfZ7efng==
Received: from smtpclient.apple (unknown [176.61.115.103]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by fum.andrewg.com (Postfix) with ESMTPSA id ABADF5DE45; Fri, 22 Mar 2024 23:37:55 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Andrew Gallagher <andrewg@andrewg.com>
Mime-Version: 1.0 (1.0)
Date: Fri, 22 Mar 2024 23:37:43 +0000
Message-Id: <697ED695-0A1C-4451-9930-1E577079990F@andrewg.com>
References: <cb6dfd95-bd48-4392-854a-ab8219f3108b@kuix.de>
Cc: Justus Winter <justus@sequoia-pgp.org>, Aron Wussler <aron@wussler.it>, openpgp@ietf.org
In-Reply-To: <cb6dfd95-bd48-4392-854a-ab8219f3108b@kuix.de>
To: Kai Engert <kaie@kuix.de>
X-Mailer: iPhone Mail (21D61)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/xo02KQBpDEB4uLtQlZhRX7wnUpY>
Subject: Re: [openpgp] To bind or not to bind
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2024 23:38:05 -0000

Hi, Kai. 

On 22 Mar 2024, at 21:21, Kai Engert <kaie@kuix.de> wrote:
> 
> We don't have data on what today's intolerant implementations would do when their users were commonly faced with users complaining about nonworking keys.
> 
> Given that we don't have that data, all we can do is speculate.

So let’s get some data. Make up some test keys and import them to a few implementations. We don’t have to decide whether to forbid v4 pqc encryption until we have the results. If implementations are fine (or are fixed quickly) then allowing v4 seems like a quick win. If not, then fair enough.

A

v2.23.0 | Report a Bug | By Email