Discussion style differences between OpenPGP design groups (Re: Post-quantum defaults)

Vincent Breitmoser look at my.amazin.horse
Wed Apr 29 11:21:24 CEST 2026 

For those following along who weren't part of the process, I'd like to 
leave this link here:

https://mailarchive.ietf.org/arch/msg/openpgp/5Xujhn0SxC-P1cWKxwBptDi2dAY/

This email from 2022, and the ones leading up to it, give a lot of 
context about what Andrew is referring to.

  - V

On 4/29/26 10:57, Andrew Gallagher via Gnupg-users wrote:
> Hi, Bernhard.
> 
> Thanks for replying. I'm going to avoid getting into a point-by-point 
> rebuttal here because I fear it would drag us into the weeds and obscure 
> my central message.
> 
> The IETF WG is not made up of saints. There are some strong (some might 
> say difficult!) personalities. The style of argumentation is not always 
> constructive. But when I call it a "family argument" I mean it - we are 
> a family with both common interests and divergent ones. Managing these 
> divergences is the entire point of a WG. And for the most part so far we 
> have succeeded.
> 
> I would classify this thread also as a "family argument". And the root 
> cause of this argument is whether or not Werner has a *personal veto* 
> over the specification. There is a well-documented pattern of behaviour 
> going back years, where Werner simply ignores criticism he doesn't like 
> and makes executive decisions on behalf of everyone else. Many of the 
> criticisms that he has faced over the long history of PGP and GnuPG have 
> been unwarranted and unfair. I have defended him on many of those 
> occasions, and I will continue to do so. Many of the decisions that he 
> has made on behalf of the community have been the correct ones, or at 
> least arguably correct. And he deserves our gratitude for that.
> 
> But there have also been well-founded criticisms of his decisions, 
> particularly since he became editor of the rfc4880bis draft. And it is 
> how he has responded to those criticisms that has led to the schism. On 
> many occasions he has lost an argument on technical merits, or otherwise 
> been the lone dissenting voice on a non-technical matter, and he has 
> attempted to wield a personal veto in order to get his way. When it 
> became clear that nobody else was willing to grant him the power of 
> veto, he walked out and attempted to set up an alternative "standard" 
> with him as the sole decision-maker.
> 
> This is not how a healthy community should work.
> 
> I commend you for your attempts to broker peace, and to see the good in 
> all sides. I too want to believe in the good of all sides and find a 
> compromise position that can resolve this mess. I have attempted on 
> numerous occasions to find some clever technical wheeze that would 
> bridge the gap between factions, but this is not a technical 
> disagreement. Even using the words "factions" or "sides" obscures the 
> stark reality that one of the sides consists of a single person.
> 
> When Werner's negotiating position is "I will make peace but only if you 
> allow me to veto anything I dislike" there is no prospect of compromise. 
> And when you ask me "why doesn't the WG just turn into Werner's way here 
> and saves the ecosystem?" you are asking me "why don't you just accept 
> Werner as your dictator for the sake of peace?". That's a deeply unfair 
> thing to ask of any collaborative community.
> 
> I don't believe you intend your question that way, but that is the way 
> it comes across to most people I know. There is a fundamental difference 
> between unfair behaviour and complaining about unfair behaviour. By 
> arguing endlessly about the tone and incivility of the complaints, or by 
> drawing equivalence between the complaints and the initial unfairness, 
> we let the root cause - the unfair behaviour itself - off the hook. 
> Constantly bothsidesing a single-issue argument only serves to prolong 
> the argument. At some point a decision has to be made.
> 
> Do we grant Werner a veto, or not?
> 
> Thanks,
> Andrew.
> 
> On 29/04/2026 08:37, Bernhard Reiter wrote:
>> Hi Andrew,
>>
>> Am Montag 27 April 2026 17:21:03 schrieb Andrew Gallagher via Gnupg- 
>> users:
>>> On 27/04/2026 11:26, Werner Koch wrote:
>>>   > The MTG and BSI folks eventually came up
>>>   > with a draft and - according to personal communication - on 
>>> suggestion
>>>   > from certain attendees at an IETF meeting
>>>
>>> Which particular attendees? You keep blaming things on unnamed people.
>>> Maybe you think it's impolite to name names, but it reads like a
>>> conspiracy theory. I've been at most of the meetings you mention, and
>>> they're not as sinister as you make out.
>>
>> a simple explanation for the above and some other references by Werner 
>> could
>> be that personal communication is confidential and some internal 
>> meetings are
>> confidential as well. It may just not possible to give some of those 
>> details
>> in public.
>>
>>> The IETF WG is mostly a bunch of goofy nerds. I count many of them as
>>> personal friends. They're trying to do the right thing, in the face of
>>> the inevitable disagreements and technical challenges and
>>> backwards-compatibility nightmares. We don't get everything right, and
>>> that's OK. That's why we rely on each other to point out blatant
>>> mistakes and missed opportunities, and the ways we can all do better
>>> next time. It's difficult, but it's healthy. Nobody can be expected to
>>> do critical infosec work by themselves. We need each other, and mostly
>>> we enjoy it.
>>>
>>> (It might not seem that way on the mailing list sometimes, but family
>>> arguments aren't the end of the world!)
>>
>> I've seen some aggression and unfairness in communication coming
>> from that group. Which hurt me personally, but probably Werner much more
>> (No, I do not want to go into details, I do not want to blame someone
>> specific, it is more a description of how I have perceived the 
>> communication.
>> I've also seen bad communication from Werner and others and probably have
>> issued some myself.) Mainly it damaged the process and working 
>> relationships.
>>
>> Just "a bunch of goofy nerds" is not a complete description, there are 
>> some
>> business values and personal convictions on stake as well. Which is 
>> okay in
>> principle of course, but it also explains why some extensions are more
>> valuable to others in the group. (GCM mode for example.) I think it is 
>> better
>> to talk about different interests.
>>
>>> Most implementers agree that the new convention is cleaner. However,
>>> this point is obviously not crucial for any security properties. It's
>>> surely not necessary for GnuPG to diverge from how the rest of the
>>> OpenPGP ecosystem represents PQC keys on the wire, which is largely a
>>> minor matter of taste.
>>>
>>> Is this the hill that you're willing to die on? A numbering convention?
>>> *Really*?
>>
>> <sarcasm>
>>    It seems the WG also wants to "die" on this hill...
>> </sarcasm>
>> What strikes me as odd is that a number of accusations made against 
>> LibrePG,
>> GnuPG and Werner, could also be turned around and be made (with some
>> plausibility) against RFC9580, sequoia and the IETF WG as well.
>> This statement of yours just an example, I want to point out how 
>> aggressive
>> and imbalanced I perceive the communication here. I do not understand 
>> this as
>> as real question with genuine interested in what can be done together,
>> good (the group of personal friends trying to do the good thing) and bad
>> (missing meetings, throwing shades) are already decided. In this style 
>> I do
>> not see an openess for improvements on side of the "good" group.
>>
>> So I conclude:
>> Who is right seems to have become a matter of principle for many 
>> participants.
>>
>> An we all know: Just because a number of people have proposed a 
>> document that
>> is a "standard" by some organisation, does not make it one in the wild or
>> even a good one. Some of those "standards" never get picked up. There 
>> is some
>> merit in a group getting a consensus together, but they still could be 
>> wrong
>> on some technical parts.
>>
>>> We need to foster a more inviting community, or it will die with us.
>>
>> Then please help with it.
>> Try to find a description and a language that would be agreeable to 
>> Werner to
>> describe situations and arguments, before you disagree. Ask questions and
>> listen in order to really understand. In this post it is different:
>> If Werner tries to give some details about how and why LibrePGP and 
>> GnuPG are
>> how they are now, his statements are to "a conspiracy theory" and a 
>> stance to
>> a "hill [..] to die on".
>> This is a communication style that makes it hard for me to respond in a
>> helpful way. I mainly interpret it as born out of frustration. That I 
>> could
>> understand very well, but I do not see how it will fostering a more 
>> inviting
>> community.
>>
>>> You don't engage with other implementers, you miss meetings, you rely on
>>> second-hand information, you implement and ship outdated specs, and then
>>> you throw shade at everyone else for making decisions that you don't
>>> agree with. Decisions that, when viewed from outside this little bubble,
>>> *don't matter*.
>>
>> With that attitude and the harshness of these accusation, why should 
>> Werner or
>> anyone assume that he would be treated fairly on these meetings or 
>> occuasions?
>> Personally I wouldn't want to interact with a group in an atmosphere like
>> this. Even if I had a reasonable explanation and defense for all these 
>> things
>> I do not think anyone would really listen.
>>
>>> But this tinpot disagreement is escalating to the point
>>> where end users are abandoning the PGP ecosystem entirely. Is that the
>>> outcome we want?
>>
>> If changing course here, on a point that you say does not matter, why 
>> doesn't
>> the WG just turn into Werner's way here and saves the ecosystem?
>> Probably because it is not that easy...
>> (As you see again, sarcasm is all that I can muster here. What I am 
>> trying
>> to express is that I cannot understand that one-sided blame at all.)
>>
>>> Please, for the love of all that is good and beautiful in the world, can
>>> we work together to implement algorithm 35 from draft-ietf-openpgp-pqc
>>> in GnuPG, so that we can at least have one point of commonality between
>>> PQC implementations? *I will help you*. I will work for free. I just
>>> want this to be over.
>>
>> I believe this is what you honestly want - that is why I've took the 
>> time to
>> reply and give you my personal view on your email. My humble 
>> suggestion and
>> its reasoning is above. Hope it helps at least a little bit.
>>
>> Best Regards,
>> Bernhard
>>
> 
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list