Re: [openpgp] AEAD Chunk Size

[Jon Callas <joncallas@icloud.com>]

I wrote a point-by-point reply and decided that that’s not productive. I’m going to try to cut to the chase on this, so forgive me if I have dodged an important point. I’m happy to come back to it later.

Like some interim replies, particularly Bart Butler, I thought we had a rough consensus and that it was approximately:

* MUST support 16KB chunks.
* SHOULD support 256K chunks, as these are common (Protonmail).
* MAY support larger up to the present very large size.
* MAY reject or error out on chunks larger than 16KB, but repeating ourselves, SHOULD support 256K.

I think it’s also reasonable to just simplify it by making be MUST support up to 256K. I don’t like getting rid of the SHOULD clause, thus making it be either 16K or off in squishy land, but I wouldn’t wring my wrists, I’d merely be a bit unhappy.

I could also get behind a hard limit of 2^30 on the grounds that that’s what we had for partial body lengths, but I understand the comment that there are things like multi-terabyte S3 buckets and out and out forbidding those to be single-chunk is a bit churlish, but only a bit.

If we really want to tie a bow around everything, then define some notation or other marker so that an implementation can mark in a key what the max chunk size is.

How’s that?

Now with some other points, I found myself going especially Socratic because the missives that you and Justus wrote weren’t *actionable*. When I was editor, a thing I would say from time to time is at about 90% of the time someone would say, “Please change X to Y for reason Z” it would be a no-brainer to do so. Most of the remaining 10% would end up with some reasonable debate than then an answer. But if someone said, “I think X is wrong” then 90% of the time nothing would happen because there’s nothing actionable there, meaning that there’s no clear point for the editor to be doing. All of these standards are at some level compromises and there’s an old aphorism that the best compromise is one where everyone is equally unhappy.

In my particular case, I thought I mostly agreed with where you wanted to go, but I completely disagreed with some of your premises, and disagreed with some of the reasoning that got us to the conclusion I agreed with. That’s why I was being so Socratic. I thought before the missives today that we had a rough consensus and that I agreed with y’all at some basic level. Then I thought we really disagreed, and I gradually realized that we agree on the destination, but not on the path of how to get there.

If I may give some advice, it is better to make sure that your requests are actionable. If they’re not, then you’re less likely to get what you want, if for no other reason than the rest of us don’t know what you want, we’re having to guess. The basic argument that you were making — that implementations such as yours need tight constraints — is one we all can get behind. The other side here — they want to do something kinda wacky (like terabyte chunks) — can be pushed off into the land of MAYs. 

Okay, anyway.

How’s that proposal I wrote above? Does it work for you? Does it need tweaks? 

	Jon