Re: [openpgp] Intent to deprecate: Insecure primitives
Christoph Anton Mitterer <calestyo@scientia.net> Mon, 23 March 2015 19:25 UTC
Return-Path: <calestyo@scientia.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA2131B29AE for <openpgp@ietfa.amsl.com>; Mon, 23 Mar 2015 12:25:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KqtDgxP8BivE for <openpgp@ietfa.amsl.com>; Mon, 23 Mar 2015 12:25:47 -0700 (PDT)
Received: from mailgw01.dd24.net (mailgw-01.dd24.net [193.46.215.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 252811AD34D for <openpgp@ietf.org>; Mon, 23 Mar 2015 12:25:47 -0700 (PDT)
Received: from mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.27]) by mailgw01.dd24.net (Postfix) with ESMTP id 020F05FBA8 for <openpgp@ietf.org>; Mon, 23 Mar 2015 19:25:46 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at mailpolicy-02.live.igb.homer.key-systems.net
Received: from mailgw01.dd24.net ([192.168.1.35]) by mailpolicy-01.live.igb.homer.key-systems.net (mailpolicy-02.live.igb.homer.key-systems.net [192.168.1.25]) (amavisd-new, port 10235) with ESMTP id Bz24KCg5S4Iu for <openpgp@ietf.org>; Mon, 23 Mar 2015 19:25:43 +0000 (UTC)
Received: from heisenberg.fritz.box (ppp-93-104-121-105.dynamic.mnet-online.de [93.104.121.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailgw01.dd24.net (Postfix) with ESMTPSA for <openpgp@ietf.org>; Mon, 23 Mar 2015 19:25:43 +0000 (UTC)
Message-ID: <1427138741.10191.48.camel@scientia.net>
From: Christoph Anton Mitterer <calestyo@scientia.net>
To: openpgp@ietf.org
Date: Mon, 23 Mar 2015 20:25:41 +0100
In-Reply-To: <sjmmw3bk6lt.fsf@securerf.ihtfp.org>
References: <r422Ps-1075i-0DF0A0ED5D364ECAABA63F541D9C6A16@Williams-MacBook-Pro.local> <sjmmw3bk6lt.fsf@securerf.ihtfp.org>
Content-Type: multipart/signed; micalg="sha-512"; protocol="application/x-pkcs7-signature"; boundary="=-3FWUw8vwBNNkfQE7vRQl"
X-Mailer: Evolution 3.12.9-1+b1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/ykMOEx36gU6X9t3YPCbxzfj-b6M>
Subject: Re: [openpgp] Intent to deprecate: Insecure primitives
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2015 19:25:49 -0000
On Tue, 2015-03-17 at 11:04 -0400, Derek Atkins wrote: > Show me an MUA that does this, please? None of the OpenPGP-aware MUAs > I've ever used have this feature, as far as I know. I suppose I could > go out of my way to replace the encrypted email with a > re-encrypted/plaintext email. > > But frankly I'd like my encryption software to just maintain the ability > to decrypt it later. While I don't think that implementations should throw away old algos (even if insecure) - the should just no longer use it for creating new content, and should only decrypt/verify signatures with appropriate warnings, I'd say that the question of long term storage of encrypted/signed content (e.g. mails) is (and should be) beyond the scope of OpenPGP. That being said, the WG shouldn't alter the decisions it makes based on that question, but rather only on security considerations. As for e.g. long term email storage: - if you just store them as received over the wire (i.e. encrypted/signed) they may very well become insecure over time, so the original purpose of confidentiality and authenticity is no longer guaranteed (by leaving them with the old encryption/signature). - constantly re-encrypting them seems to be not feasible, and you cannot re-sign mails from someone else. - IMHO the appropriate way would be for a MUA to record that the mail was sent encrypted to you and by whom of your contacts it was signed (if any of that was the case) - for later reference. And any further protection of the content should be handled by disk encryption. Cheers, Chris.
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Wyllys Ingersoll
- Re: [openpgp] Intent to deprecate: Insecure primi… Werner Koch
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Daniel Kahn Gillmor
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Farrell
- Re: [openpgp] Intent to deprecate: Insecure primi… Kristian Fiskerstrand
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Paul Weber
- Re: [openpgp] Intent to deprecate: Insecure primi… David Shaw
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… vedaal
- Re: [openpgp] Intent to deprecate: Insecure primi… Jon Callas
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Paul Weber
- Re: [openpgp] Intent to deprecate: Insecure primi… David Shaw
- [openpgp] Intent to deprecate: Insecure primitives David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Ryan Carboni
- Re: [openpgp] Intent to deprecate: Insecure primi… Jon Callas
- Re: [openpgp] Intent to deprecate: Insecure primi… Peter Gutmann
- Re: [openpgp] Intent to deprecate: Insecure primi… Werner Koch
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Daniel Kahn Gillmor
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Phillip Hallam-Baker
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Andrew Skretvedt
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… Christoph Anton Mitterer
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Christoph Anton Mitterer
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… Ben McGinnes
- Re: [openpgp] Intent to deprecate: Insecure primi… Tom Ritter
- [openpgp] Intent to deprecate: Insecure primitives David Leon Gil