Paul -- don't throw out the baby with the bathwater.
Just because the change didn't make it into this version of the fraft
doesn't mean it wont change. The conversation is, IMHO, far from over on
the topic, but Werner needed to get an update published so it didn't
expire.
So by all means, please continue the conversation.
Personally, I believe that a 2^56 block size is WAYYY to big. Or even a
56-bit encoded block size. I think blocks should be limited to 32 bits,
and recomended to be smaller. On the other hand, a 1K block is IMHO way
too small for the default. I think we need a happy medium.
Considering the size is upfront, a small device can know a priori whether
or not it can cache the block, so it should be able to fail early if it
gets a block too big to process. And I think that's okay.
-derek
On Fri, July 27, 2018 3:09 pm, Paul Wouters wrote:
Sad to see the size issue people discussed here to have been dismissed by
this update.
It will lead to people ignoring the requirement or to people looking for
an alternative solution for IoT things.
Paul
Sent from my phone
On Jul 26, 2018, at 12:15, internet-drafts(_at_)ietf(_dot_)org wrote:
A new version of I-D, draft-ietf-openpgp-rfc4880bis-05.txt
has been successfully submitted by Werner Koch and posted to the
IETF repository.
Name: draft-ietf-openpgp-rfc4880bis
Revision: 05
Title: OpenPGP Message Format
Document date: 2018-07-26
Group: Individual Submission
Pages: 123
URL:
https://www.ietf.org/internet-drafts/draft-ietf-openpgp-rfc4880bis-05.txt
Status:
https://datatracker.ietf.org/doc/draft-ietf-openpgp-rfc4880bis/
Htmlized:
https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-05
Htmlized:
https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis
Diff:
https://www.ietf.org/rfcdiff?url2=draft-ietf-openpgp-rfc4880bis-05
Abstract:
{ Work in progress to update the OpenPGP specification from RFC4880 }
This document is maintained in order to publish all necessary
information needed to develop interoperable applications based on the
OpenPGP format. It is not a step-by-step cookbook for writing an
application. It describes only the format and methods needed to
read, check, generate, and write conforming packets crossing any
network. It does not deal with storage and implementation questions.
It does, however, discuss implementation issues necessary to avoid
security flaws.
OpenPGP software uses a combination of strong public-key and
symmetric cryptography to provide security services for electronic
communications and data storage. These services include
confidentiality, key management, authentication, and digital
signatures. This document specifies the message formats used in
OpenPGP.
Please note that it may take a couple of minutes from the time of
submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
--
Derek Atkins 617-623-3745
derek(_at_)ihtfp(_dot_)com www.ihtfp.com
Computer and Internet Security Consultant
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp