Re: [openpgp] How to re-launch the OpenPGP WG

ianG <iang@iang.org> Wed, 25 March 2015 23:27 UTC

Return-Path: <iang@iang.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD9991AC3B0 for <openpgp@ietfa.amsl.com>; Wed, 25 Mar 2015 16:27:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a1aLuDy9bohb for <openpgp@ietfa.amsl.com>; Wed, 25 Mar 2015 16:27:19 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE45F1ACC87 for <openpgp@ietf.org>; Wed, 25 Mar 2015 16:27:18 -0700 (PDT)
Received: from tormenta.local (iang.org [209.197.106.187]) by virulha.pair.com (Postfix) with ESMTPSA id 88FA26D737; Wed, 25 Mar 2015 19:27:17 -0400 (EDT)
Message-ID: <55134455.2070606@iang.org>
Date: Wed, 25 Mar 2015 23:27:17 +0000
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <878uf2iehi.fsf@vigenere.g10code.de> <5510C26E.7070409@iang.org> <87mw32omzs.fsf@vigenere.g10code.de>
In-Reply-To: <87mw32omzs.fsf@vigenere.g10code.de>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/zylcCYpgygb11Gd4da7D5FihaCs>
Subject: Re: [openpgp] How to re-launch the OpenPGP WG
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2015 23:27:20 -0000

On 24/03/2015 07:47 am, Werner Koch wrote:
> On Tue, 24 Mar 2015 02:48, iang@iang.org said:
>
>>>    - The use of SHA-1 needs to be replaced.
>>
>> SHA3.
>
> That was the original plan.  However it turned out that the still not
> finalized SHA-3 is meanwhile considered a fallback option in case of new
> developments.  SHA-2 has wide support and is already in wide use.  We
> only need a new fingerprint style and use that for some designated
> revokers etc.


SHA3 because it has sponge, it can do MACs, it can do stream ciphers, it 
can do authenticated stream ciphers, it can brew the morning tea if you 
plug it in the right way.

(Yeah, I know NIST said it's in fallback mode, but when the thing 
actually comes out, I think it will be a game changer.  Sponge changes 
everything.)


>>>    - A new encryption mode to replace our aging CFB+SHA1 method with a
>>>      fast and standard mode.
>>
>>
>> Wait for CAESAR, 2017.  It'll take that long anyway.
>
> I am more thinking of OCB; there is a free patent grant for all relevant
> parties and the patent will anyway expire by the time a new encryption
> format will get in widespread use.


See, this is where the cryptographers and the cryptoplumbers have sort 
of moved on.  Instead of us arguing about what mode to use, we've thrown 
it back over the wall, and shouted out to them lot on the other side 
(cryptographers) stop with the silly modes!  Give us one stream cipher 
that does *the lot* and let us get back to real coding...

That's CAESAR.  It will replace all the modes, all the algs, all the 
everything in the entire symmetric space.  And make your tea ;)  Hence I 
think waiting until it comes out and picking up its good work is worthwhile.



(and, ps; Keccak has been submitted, it'll make your tea and your coffee 
too!)


>> 4880 took a decade.  Too long, the OODA loop was bigger than the
>
> Nope.  4880 is a minor update of 2440 which barely took a year to be
> released with code ready 6 months earlier.  The major new features in
> 4880 have been enabled since fall 2000 (MDC packets)
>
>>> How can we get the WG out of the concluded state?
>>
>> As long as they don't turn off the list, do we care? ;-)
>
> May I read this and your other remarks that you see no more value in the
> IETF process?


I'm an acknowledged skeptic of the IETF process... maybe need to send 
that memo out again?

Here's my big criticism of the IETF process:  like all processes it 
eventually ends up becoming a place for people to create silos of 
knowledge and careers, and eventually divorces itself from what's 
happening out there in the real world.  But it holds the keys to some 
powerful Internet protocol components, and while it's not bringing in 
the new, outside knowledge, the IETF WG becomes the blockage, the inner 
sanctum, the guilds that the IETF swore to bring down.

So what do we do?  Leave?  Stay?  Fight?



iang