Discussion style differences between OpenPGP design groups (Re: Post-quantum defaults)

[Bernhard Reiter]

Hi Andrew,

Am Montag 27 April 2026 17:21:03 schrieb Andrew Gallagher via Gnupg-users:
> On 27/04/2026 11:26, Werner Koch wrote:
>  > The MTG and BSI folks eventually came up
>  > with a draft and - according to personal communication - on suggestion
>  > from certain attendees at an IETF meeting
>
> Which particular attendees? You keep blaming things on unnamed people.
> Maybe you think it's impolite to name names, but it reads like a
> conspiracy theory. I've been at most of the meetings you mention, and
> they're not as sinister as you make out.

a simple explanation for the above and some other references by Werner could 
be that personal communication is confidential and some internal meetings are 
confidential as well. It may just not possible to give some of those details
in public. 

> The IETF WG is mostly a bunch of goofy nerds. I count many of them as
> personal friends. They're trying to do the right thing, in the face of
> the inevitable disagreements and technical challenges and
> backwards-compatibility nightmares. We don't get everything right, and
> that's OK. That's why we rely on each other to point out blatant
> mistakes and missed opportunities, and the ways we can all do better
> next time. It's difficult, but it's healthy. Nobody can be expected to
> do critical infosec work by themselves. We need each other, and mostly
> we enjoy it.
>
> (It might not seem that way on the mailing list sometimes, but family
> arguments aren't the end of the world!)

I've seen some aggression and unfairness in communication coming 
from that group. Which hurt me personally, but probably Werner much more
(No, I do not want to go into details, I do not want to blame someone 
specific, it is more a description of how I have perceived the communication. 
I've also seen bad communication from Werner and others and probably have 
issued some myself.) Mainly it damaged the process and working relationships.

Just "a bunch of goofy nerds" is not a complete description, there are some 
business values and personal convictions on stake as well. Which is okay in 
principle of course, but it also explains why some extensions are more 
valuable to others in the group. (GCM mode for example.) I think it is better 
to talk about different interests.

> Most implementers agree that the new convention is cleaner. However,
> this point is obviously not crucial for any security properties. It's
> surely not necessary for GnuPG to diverge from how the rest of the
> OpenPGP ecosystem represents PQC keys on the wire, which is largely a
> minor matter of taste.
>
> Is this the hill that you're willing to die on? A numbering convention?
> *Really*?

<sarcasm>
  It seems the WG also wants to "die" on this hill...
</sarcasm>
What strikes me as odd is that a number of accusations made against LibrePG, 
GnuPG and Werner, could also be turned around and be made (with some 
plausibility) against RFC9580, sequoia and the IETF WG as well.
This statement of yours just an example, I want to point out how aggressive
and imbalanced I perceive the communication here. I do not understand this as
as real question with genuine interested in what can be done together,
good (the group of personal friends trying to do the good thing) and bad
(missing meetings, throwing shades) are already decided. In this style I do 
not see an openess for improvements on side of the "good" group.

So I conclude:
Who is right seems to have become a matter of principle for many participants.

An we all know: Just because a number of people have proposed a document that 
is a "standard" by some organisation, does not make it one in the wild or 
even a good one. Some of those "standards" never get picked up. There is some 
merit in a group getting a consensus together, but they still could be wrong 
on some technical parts.

> We need to foster a more inviting community, or it will die with us.

Then please help with it.
Try to find a description and a language that would be agreeable to Werner to  
describe situations and arguments, before you disagree. Ask questions and 
listen in order to really understand. In this post it is different:
If Werner tries to give some details about how and why LibrePGP and GnuPG are 
how they are now, his statements are to "a conspiracy theory" and a stance to 
a "hill [..] to die on".
This is a communication style that makes it hard for me to respond in a 
helpful way. I mainly interpret it as born out of frustration. That I could
understand very well, but I do not see how it will fostering a more inviting
community.

> You don't engage with other implementers, you miss meetings, you rely on
> second-hand information, you implement and ship outdated specs, and then
> you throw shade at everyone else for making decisions that you don't
> agree with. Decisions that, when viewed from outside this little bubble,
> *don't matter*.

With that attitude and the harshness of these accusation, why should Werner or 
anyone assume that he would be treated fairly on these meetings or occuasions?
Personally I wouldn't want to interact with a group in an atmosphere like 
this. Even if I had a reasonable explanation and defense for all these things
I do not think anyone would really listen.

> But this tinpot disagreement is escalating to the point 
> where end users are abandoning the PGP ecosystem entirely. Is that the
> outcome we want?

If changing course here, on a point that you say does not matter, why doesn't 
the WG just turn into Werner's way here and saves the ecosystem? 
Probably because it is not that easy...
(As you see again, sarcasm is all that I can muster here. What I am trying
to express is that I cannot understand that one-sided blame at all.)

> Please, for the love of all that is good and beautiful in the world, can
> we work together to implement algorithm 35 from draft-ietf-openpgp-pqc
> in GnuPG, so that we can at least have one point of commonality between
> PQC implementations? *I will help you*. I will work for free. I just
> want this to be over.

I believe this is what you honestly want - that is why I've took the time to 
reply and give you my personal view on your email. My humble suggestion and 
its reasoning is above. Hope it helps at least a little bit.

Best Regards,
Bernhard

-- 
https://intevation.de/~bernhard         +49 541 33 508 3-3
Intevation GmbH, Osnabrück, Germany; Amtsgericht Osnabrück, HRB 18998
Managing Directors: Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20260429/3c6ea1dc/attachment-0001.sig>