[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: Standards: IETF WG proposing incompatible despite implementations and objections
From: Andrew Gallagher via Gnupg-devel <gnupg-devel () gnupg ! org>
Date: 2023-04-27 17:04:02
Message-ID: 22323288-A99B-4644-8CE6-FA2DC8965A6A () andrewg ! com
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On 27 Apr 2023, at 16:16, Bernhard Reiter <bernhard@intevation.de> wrote:
>
> What would someone, e.g. Bruce,
> need to do to remove EAX from the current draft?
> I mean a simpler specification is better, so if an optional thing
> is not needed, it SHOULD be taken out.
Join the IETF openpgp mailing list and say "I propose to remove EAX from the current \
draft".
Bruce has been an active participant on the list and has expressed skepticism about \
AEAD modes in general but IIRC did not object to EAX in particular. Werner and Daniel \
Huigens (and perhaps others, I didn't search thoroughly) did indicate that they \
regard EAX as redundant but did not specifically propose that it be removed from the \
crypto-refresh draft, although Werner did later remove it from draft-koch. Daniel \
drew up a list of the differences between draft-koch and crypto-refresh, in which EAX \
was a line item, but it was never properly followed up on afterwards (that I can \
see).
AFAICT it's just an oversight. I suspect there isn't a good understanding of exactly \
how many real-world messages exist that use EAX. Daniel and Werner seem to think \
there are few enough.
> > If there were some way to reconcile the competing proposals
> > even at this late stage, there would be great rejoicing.
>
> What would need to be done to do this?
> With Werner's emails and new draft since Februrary, there seems to be
> something to work on and put forward arguments. Do you know if they have been
> discussed in the working group since then?
Without some resolution to the fundamental technical sticking point (whether GCM \
should be tolerated) I don't see a viable landing zone at this time.
The relevant thread starts here: \
https://mailarchive.ietf.org/arch/msg/openpgp/_SjXfSOOtdy20nhVv79NBsDBJTc/ , it \
covers pretty much all the bases.
A
["signature.asc" (signature.asc)]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEKR55odxVrielLu+DXB7EBNWQZikFAmRKqwIACgkQXB7EBNWQ
ZinqZhAAkqoFMs2VVTOfHagMPz8mri2VvZd/RO4WvNQnEK4cmbQSuKyRpKZ+Ut1S
uaD/VtoUBtN/B37Q5Yh+6PMODQfK7fzbx1+5XZ2z96EbWEYven+Mb6zy/wJ64Ht2
iUJ6K7z6Z16Q4swwxAOTEttEPndKASYa1guPXsYfD5DY1DWD3GS0S4dZQgCggr+P
QIkZP7PRa4NpGNQEZxiuV9C4dxH3/OeDH3w4K9dCeIJnyqe83WFR3sCAhfy80e2d
O84/uMIIN8FxF/sHi/Ev3e/LLiWDDrxebI9cqF1TQx0eoP3rsKZBHqMzQikuMxiz
jf0+fM1fh5TNQW3Jdm9APx4uuTYRYg+L/65GsQrr6ewlMy8Bvkmy+cD8lcEol2fr
MBMT+wmFL4GEhqL7Pz9hgkwdfJWooVzQA9y+IUviiGx2OC/KcHjAnKJuvoAUmFgi
hkBsS++s5GhTSAItOTb7uR/zyNFuhXaus9yBL9C26dwTyQxx/zdNBi77wgJ3597s
rm3BpmE01rwZMULnMScN7rZ6QRIuwEa2Y+R0vsbXtSUTzzCklaGXmQQsFk+u4Zlr
2SBHcEp6vV4izW0Hsyjw8SBpMsqc4CLAyd4p5ilxpyQpjjv2gO3cqsH4A9UvOXjq
CdxF3FnhBJJtLWYcJpAdzxG9wv6tqgkErWkAKuG4lzOYOiqfbn8=
=/hco
-----END PGP SIGNATURE-----
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic