ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

OpenPGP minutes

1999-07-27 09:53:38
from [John W. Noerenberg] [Permanent Link] 



                        OpenPGP - 45th IETF

14-July-1999

John Noerenberg opened the meeting at 9:05 AM. Started attendance list, etc.

Agenda:
  Agenda Bashing
  Key Server Synchronization protocols
  RFC2440 Revisions
  Advance to Draft, Collect $200
  RFC2015 Revisions
  Summary


Agenda Bashing

Key Server Synchronization protocols

  2 Proposals
    Bill Geiger - Hash table exchange
    Marcel Waldvogel - Push-pull flooding
  Marcel Waldvogel thesis:
  <http://www.tik.ee.ethz.ch/tik/education/sadas/SASS1998-33/thesis.ps.gz>
  Bill Geiger: proposal introduction published in
  <http://www.imc.org/ietf-open-pgp/mail-archive/>
  in a messaged dated: Fri, 18 Jun 1999 09:43:36 -0500

  JN: Key Server sync protocols are important. However, they are not
  in our charter. We need to decide whether to change the charter or
  create a new WG.

  JN recommended WG report to SAAG that a new working group should be explored
for Key Server Synchronization protocols. After some discussion, there were no 
  objections to this recommendation.

RFC2440 Revisions

  JC: Need to decide what should be done to 2440 to get it ready for draft.
      Discussed some of the below.

  V5 Signatures

    Need to have larger signatures to accommodate the equivalent of
    certificates. Possible solution is to add up a 4 byte length. Only
    reason to hold off is to think about if anything else needs to
    change other than the length field format.

  [ Side conversation about closing off the group and leaving the
  fixes to a future group. JN: OpenPGP will exist until 2440 goes to
  Draft so we can go and fix this. In the interest of going to draft,
  the changes should be short at this time. MDC is clearly the most
  important.]

  MDC Data packet - Need a way to detect packet damage. Currently, a
    packet may be maliciously damaged by re-arranging blocks. Easiest
    way to fix this is to append a hash, preferably sha-1.

    Encryption Mode Normalization

  Features subpackets - This will provide a way for different PGPs to
    know what each other supports and what they do not.

    Gestalt for non-mandatory features

  Large Block ciphers clarifications

  Suggestions?

Advance to Draft, Collect $200
  6 months have passed
  Requirements
    2 implementations
    No IPR problems
    6 months of experience

  JN: We have the experience but we do not have the interoperability
  fully checked. Suggest: Enumerating all the musts and publishing a
  document so implementors can easily see requirements for
  compliance. Finally, we can get implementors into a room for
  testing.

  Implementors' survey & results are at:
    noc.rutgers.edu/~mione/ietf/ietfopgp.html
IMC (Internet Mail Consortium) maintains the OpenPGP <http://www.imc.org/ietf-open-pgp/mail-archive/>mailing list archive. 
  To subscribe and unsubscribe:
    List-subscribe: 
<mailto:ietf-open-pgp-request(_at_)imc(_dot_)org?body=subscribe>
    List-Unsubscribe: 
<mailto:ietf-open-pgp-request(_at_)imc(_dot_)org?body=unsubscribe>



RFC2015 Revisions

  Dave Del Torto
    1 outstanding item: 'Openpgp signed data'. 2 variations were
      presented.
    Variation 1 is from Tom Rossler. Variation 2 is the original
      written by Dave Del Torto. The main difference is that variation
    1 leaves out md5 as a required hash for the MICALG.

    The consensus seemed to be we should remove MUST for md5 hash in
    the MICALG.

    Discussion of parallel signatures. This is a way of dividing a
    message into multiparts and sign each individually. Allows you to
    verify signatures independently. (This text is in section 8 of the
    new draft to be submitted today.)

    The aim at this time is that parallel signatures will be OPTIONAL
    in the revision to 2015.

Summary

    Misc question from audience. Will feature packets be a MUST
    implement. JC: No.

    Action items
      Jon Callas - New draft to replace 2440.

      Tony Mione - enumerate MUSTs in 2440.

      Dave, Thomas, Mike - New draft of 2015.

      WG as a whole - WG last call on Son of 2440.
                                      Son of 2015.
                        before Nov.
      Tony tentatively volunteered to write a charter and call a bof
                                      for the PGP keysync work.

John closed the meeting at 9:55 AM.

Minutes submitted by Tony Mione

john noerenberg
jwn2(_at_)qualcomm(_dot_)com
  ----------------------------------------------------------------------
  The man that can most truly be accounted brave is he who best
  knows the meaning of what is sweet in life and what is terrible,
  and then goes out undeterred to meet what is to come.
  -- Pericles, "Funeral Oration", 479 B.C.
  ----------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • OpenPGP minutes, John W. Noerenberg <=
Previous by Date:  Re: Oslo minutes?, Tony Mione
Next by Date:  Re: Oslo minutes?, John W. Noerenberg
Previous by Thread:  Oslo minutes?, Werner Koch
Next by Thread:  newsgroups - privacy-HELP!!!!!!!, pianoman36
Indexes:  [Date] [Thread] [Top] [All Lists]