Specification for Kyber in GnuPG

Werner Koch wk at gnupg.org
Mon May 6 17:09:24 CEST 2024


On Mon,  6 May 2024 12:37, Heiko Schäfer said:

> to spend very many person years in the IETF process, just to make the
> OpenPGP standard worse? That does not sound like a very plausible

It took only a few month to destroy all work done in the 6 years before.
See our timeline over at http://librepgp.org/#timeline .

In short: I started the update of OpenPGP in 2015, the WG agreed 2018 on
everything in 4880bis, a few people started some bike shedding which
required another 3 years to solve.  Right after that in fall 2021, a
small group started to entirely rework everything.  In fact, Proton (who
don't really do E2E) introduced GCM as an additional encryption mode and
thus large changes to the protocol were required.  Nobody except them
needs or wants that brittle GCM anyway.  All comments from the major
implementers (GnuPG and RNP) were either ignored or as insubstantial
rejected.

Pretty please: Stop discussing this here.  We spent way to much time
with that IETF group's behaviour.  That group does not consider working
and deployed code as important but prefers a dev-ops strategy.


Shalom-Salam,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20240506/d76537f6/attachment.sig>


More information about the Gnupg-devel mailing list