On 9/04/2015 4:36 am, Christoph Anton Mitterer wrote:
On Wed, 2015-04-08 at 15:32 +0000, David Leon Gil wrote:
Brief update on plans for deprecation: The tracking issue is at
https://github.com/yahoo/end-to-end/issues/31
Please feel free to open another issue if you have specific
objections. I will either be convinced by your arguments, and change
the plan, or explain why I don't.
Look, as I've pointed out previously, I personally think that crypto,
done as a web app is inherently untrustworthy.
Maybe I just got something wrong, but AFAIU the idea of "e2e" projects
like your's is to add e2e crypto into your webapps, e.g. via javascript.
Thus the software doing crypto is each time downloaded again from the
server by the client, right?
So ultimately control is again fully at the vendor (at any time he could
send other code and no one would notice), and fully dependent on a
working https (which is as we should all know by now inherently insecure
due to the issues of the CA system).
Yes, that's precisely the case and in the OpenPGP world we've already
seen precisely this situation occur with Hushmail. IIRC it was at the
insistence of the FBI that they replaced bits of their code in order
to harvest passphrases and access messages.
Even with private keys on the user's system it still wouldn't take too
much more to compromise the system given enough pressure from a third
party (i.e. government) source.
And even more important, none of the big companies which add that IMHO
at best questionable web-based e2e crypto to their services, should
expect that this would make them represent the majority of OpenPGP users
and thus would give them a strong voice in decisions.
Just because e.g. google would automatically enable questionable e2e
crypto for millions of their gmail users, doesn't mean that one as a
real "legitimate" OpenPGP user base there.
Damn straight. I note, for example, that my key would be arbitrarily
not supported by the proposed model simply for including an ELG-E
subkey with the RSA master key for no apparent reason. Well,
presumably the reason is Yahoo! doesn't want to pay people to write a
solid enough implementation that they can actually use without
breaking some kind of license. I suspect the same is true with
regards to TWOFISH since, even though THREEFISH exists, there's been
no indication that it is broken or ought to be deprecated.
For all the above reasons, I personally feel, that it's not appropriate
here at the OpenPGP WG list, to discuss single unilateral decisions made
by an OpenPGP implementation[1].
If one says "hey, let's discuss whether we should deprecate twofish in
OpenPGP" that's totally fine,... but informing the standardisation body
"hey we drop now support for x, y and z" with an implicit "and since we
represent n users, you better follow our decision" is not appropriate.
Absolutely.
Regards,
Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp