Standards: IETF WG proposing incompatible despite implementations and objections

Andrew Gallagher andrewg at andrewg.com
Thu Apr 27 19:04:02 CEST 2023


On 27 Apr 2023, at 16:16, Bernhard Reiter <bernhard at intevation.de> wrote:
> 
> What would someone, e.g. Bruce,
> need to do to remove EAX from the current draft?
> I mean a simpler specification is better, so if an optional thing
> is not needed, it SHOULD be taken out.

Join the IETF openpgp mailing list and say “I propose to remove EAX from the current draft”.

Bruce has been an active participant on the list and has expressed skepticism about AEAD modes in general but IIRC did not object to EAX in particular. Werner and Daniel Huigens (and perhaps others, I didn’t search thoroughly) did indicate that they regard EAX as redundant but did not specifically propose that it be removed from the crypto-refresh draft, although Werner did later remove it from draft-koch. Daniel drew up a list of the differences between draft-koch and crypto-refresh, in which EAX was a line item, but it was never properly followed up on afterwards (that I can see).

AFAICT it’s just an oversight. I suspect there isn’t a good understanding of exactly how many real-world messages exist that use EAX. Daniel and Werner seem to think there are few enough.

>> If there were some way to reconcile the competing proposals
>> even at this late stage, there would be great rejoicing.
> 
> What would need to be done to do this?
> With Werner's emails and new draft since Februrary, there seems to be
> something to work on and put forward arguments. Do you know if they have been
> discussed in the working group since then?


Without some resolution to the fundamental technical sticking point (whether GCM should be tolerated) I don’t see a viable landing zone at this time.

The relevant thread starts here: https://mailarchive.ietf.org/arch/msg/openpgp/_SjXfSOOtdy20nhVv79NBsDBJTc/ , it covers pretty much all the bases.

A

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20230427/26d70c6a/attachment.sig>


More information about the Gnupg-devel mailing list