On Thu, 18 Apr 2019 17:28,
bartbutler=40protonmail(_dot_)com(_at_)dmarc(_dot_)ietf(_dot_)org
said:
hope Werner likes this because GnuPG is already doing 8KiB chunks, so
I am not sure about the context. Are you talking about the partial
length encoding or about the AEAD chunk size, a modification of AEAD to
allow detection of transmission errors before the end of the data?
GnuPG 2.3 creates AEAD chunks not larger than 128 MiB. This can be
changed with an option down to 64 bytes. However such a values is only
useful for regression testing as it slows down the performance. I may
consider to change the default to 1 MiB but not lower.
Let me repeat that the whole discussion on the size of the AEAD chunks
is mostly off topic because the chunks are _only_ here to allow
detection of transmission errors before Gigabytes of data have been
processes. This was the reason why I suggested to Brian the addition of
a chunking mode for AEAD.
Whether the received data is authentic can only be asserted by checking
the signature and that can obviously only be done after all AEAD chunks
have been decrypted.
Those implementations wanting to show a preview can do so regardless of
any AEAD validation etc. They should just make clear to the user that
this is an unauthenticated and possible corrupted preview of the data.
For all other purposes I propose to use a different protocol on top of
OpenPGP a (e.g MIME) and not to overload OpenPGP with unneeded stuff.
Or well, start from scratch and use a different name for it.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp