[From nobody Tue Feb 7 13:12:11 2023 Return-path: <uucp@wheatstone.g10code.de> Envelope-to: wk@wheatstone.g10code.de Delivery-date: Tue, 07 Feb 2023 11:02:05 +0100 Received: from uucp by wheatstone.g10code.de with local-rmail (Exim 4.92 #5 (Debian)) id 1pPKnd-0005JE-FN for <wk@wheatstone.g10code.de>; Tue, 07 Feb 2023 11:02:05 +0100 Received: from mail.ietf.org ([50.223.129.194]) by kerckhoffs.g10code.com with esmtps (Exim 4.89 #1 (Debian)) id 1pPKmG-0000j2-Mi; Tue, 07 Feb 2023 11:00:41 +0100 Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6ECB1C15155E; Tue, 7 Feb 2023 02:00:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1675764018; bh=EmZfJblJrqQsrjqAUuDZGtORoIlwlo+RtNgUhKsbCMo=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=p7kClJIaDcimXTBVt9Gm68UXibcLQa8YMy4DUi6Xup0TIxk5MR9vjB/wM75sUZ3PR Y1vLNXJL5pM0XY8Ts3b2U/uThiZRgMdtRySv1Vwo0YU4dkWdgjmWuKFPucLn9Gotet mfXIwHEwYAK7mEmniMGFLXK828Oyek70tQn6MVow= X-Mailbox-Line: From openpgp-bounces@ietf.org Tue Feb 7 02:00:16 2023 Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 225CAC1516F8; Tue, 7 Feb 2023 02:00:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1675764016; bh=EmZfJblJrqQsrjqAUuDZGtORoIlwlo+RtNgUhKsbCMo=; h=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=Kwz4ZSBDPeoehYaWxjXPiZdy8savSSHaSiTH4M0vIGTH4xHOUfvb1Y08gwz9MAXHn 3G1Wn1RoSkAzYnMDvskmSftl46cdCLfhdBFZLLI3yzC3QAJku+jws32VBix+2RTXLj poKMlE4VtrrX+c/eMbtjmfRNFo6vay1EbwV6damk= X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B176C1516F3 for <openpgp@ietfa.amsl.com>; Tue, 7 Feb 2023 02:00:15 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -7.096 X-Spam-Level: X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oE14bgu-r6I6 for <openpgp@ietfa.amsl.com>; Tue, 7 Feb 2023 02:00:10 -0800 (PST) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFDA5C1516E0 for <openpgp@ietf.org>; Tue, 7 Feb 2023 02:00:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Y0L3QHvDB23UuMmg2eVyHP+g6j/19gtTuuq4xwj+00w=; b=KXuEKe8/og5TGBkgByph8sNZyf Zxf6UcQc88KwQe7WNOP+6NFILK5oZISGxB1cPF55uWfNgAszJwC/s8l5t1DPLW3IK3AWQqWFtty0W WQrFPz9bdU/Na5PF+A69lTJZibauD0FuTy58/olPmSEp5Ds0yhoNofUylJFD6vD1+7j8=; Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1pPKlm-0000iR-Uk for <openpgp@ietf.org>; Tue, 07 Feb 2023 11:00:11 +0100 Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1pPKle-0005HG-M6 for <openpgp@ietf.org>; Tue, 07 Feb 2023 11:00:02 +0100 From: Werner Koch <wk@gnupg.org> To: openpgp@ietf.org X-message-flag: Mails containing HTML will not be read! Please send only plain text. Jabber-ID: wk@jabber.gnupg.org Mail-Followup-To: openpgp@ietf.org Date: Tue, 07 Feb 2023 10:59:53 +0100 Message-ID: <87ilgdyew6.fsf@wheatstone.g10code.de> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/9WvO9ETZKpXXWdZSd1q-TXRF-7g> Subject: [openpgp] draft-koch-openpgp-2015-rfc4880bis-01 X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.39 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org> List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe> List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/> List-Post: <mailto:openpgp@ietf.org> List-Help: <mailto:openpgp-request@ietf.org?subject=help> List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe> Content-Type: multipart/mixed; boundary="===============7705742330109023449==" Errors-To: openpgp-bounces@ietf.org Sender: "openpgp" <openpgp-bounces@ietf.org> X-Sender-Host: mail.ietf.org --===============7705742330109023449== Content-Type: multipart/signed; boundary="=World_Trade_Center_Putin_FINCEN_Stego_distributed_denial_of_service="; micalg=pgp-sha256; protocol="application/pgp-signature" --=World_Trade_Center_Putin_FINCEN_Stego_distributed_denial_of_service= Content-Type: text/plain Hi, I did some minor updates to draft-koch-openpgp-2015-rfc4880bis. Here is the list of relevant changes: * Remove EAX samples EAX should not anymore be used thus samples are superfluous. * Rename AEAD Encrypted Data Packet to OCB Encrypted Data Packet. The mix of the terms AEAD and OCB is hard to understand; thus we now use nearly always OCB. We also rename "AEAD algorithm" to "encryption mode" because that is the more common term. The "Preferred AEAD Algorithm" subpacket has been renamed and deprecated. EAX mode has been deprecated. * Add OIDs for X448 The OID was missing. * Reserve packet type 26 GnuPG may eventually implement the use of X.509 certificates along with OpenPGP certificates. The idea is to allow sending of just one encrypted file despite that the recipients use different PKIs. * Move ECDH parameters to a separate paragraph Also deleted outdated or obvious security notes and added a missing Brainpool parameter. * Remove the Suite B profile stuff. I see no need to advertise legacy curves. * Make Brainpool also SHOULD curves The reason is that in Europe Brainpool are required curves in many domains and thus it is important to declare that support for Brainpool is useful. Note that for backward compatibility NIST curves are still MUST implement. * Fix composition of public key blocks. In the course of the reformatting actions of the draft a regression against 4880 was not fixed (Zero User ID packets). The reason for introducing zero User ID packets might have been the idea to express that an Attribute packet may be used instead of a User ID. However, that should either be clarified in the comments or left to the implementation. The second fix is to require at least one Signature packet after a User ID and Attribute packet. This was wrong in 2440 and 4880 but is cryptographically required. For the actual commits see: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=people/wk/rfc4880bis.git Formatted diff between -00 and -01: https://author-tools.ietf.org/iddiff?url1=draft-koch-openpgp-2015-rfc4880bis-00&url2=draft-koch-openpgp-2015-rfc4880bis-01&difftype=--html Draft URL: https://www.ietf.org/archive/id/draft-koch-openpgp-2015-rfc4880bis-01.txt Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein --=World_Trade_Center_Putin_FINCEN_Stego_distributed_denial_of_service= Content-Type: application/pgp-signature; name="openpgp-digital-signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQSHd0YfKgdOvEgNNZQZzByeCFsQegUCY+IhGQAKCRAZzByeCFsQ eg8hAQDju+hU+6uWJPc4gD7jN/HqV4Je7EwMfWuNZ4vHFING+gEA/DlSLofb5v89 2kuoGjgtxjBFIhiMoI/Kew03KrDpVgU= =7D/D -----END PGP SIGNATURE----- --=World_Trade_Center_Putin_FINCEN_Stego_distributed_denial_of_service=-- --===============7705742330109023449== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ openpgp mailing list openpgp@ietf.org https://www.ietf.org/mailman/listinfo/openpgp --===============7705742330109023449==-- ]