Hi,
On Thu, 2019-03-07 at 17:11 +0100, Neal H. Walfield wrote:
Let me repeat it again: The chunking was introduced for just one
purpose: To be able to detect rare transmission errors earlier than
at
the end of the message.
I agree that AEAD helps detect transmission errors earlier. But, AEAD
does so much more than that. In particular, it prevents attacks like
EFAIL. It seems to me that it's worth adapting to this new threat.
I have the feeling that this is the spot where we are close to hitting
the underlying misunderstanding.
AFAICS, Werner is talking about chunking. You are talking about AEAD. I
have the feeling that it's helpful for the discussion to carefully
distinguish those.
You seem to imply that any chunked scheme is proper AEAD. But that's not
true. It's not difficult to make a scheme with chunks, and the spec
probably has already done so, but it's not trivial.
Cheers,
Tobi
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp