On Fri 2019-09-27 09:44:37 -0400, Derek Atkins wrote:
Neither is anything else you are currently proposing.
Are you certain about that?
It looks to me like Justus has proposed several different
implementations that meet the grammar specified in
https://tools.ietf.org/html/rfc4880#section-11.3, which is almost
exactly the same as the grammar from 19 years ago in
https://tools.ietf.org/html/rfc2440#section-10.2 (the only difference is
the introduction of the SEIPD in RFC 4880).
If you're going to extend the spec to add a new packet type you might
as well extend the spec to allow this, which is easier. And honestly
many parsers (at least the parser I wrote in 1995 which AFAIK is still
in use by at least one implementation) will actually parse this
structure properly.
We have a documented grammar that has held up for nearly two decades --
even if some parsers are more flexible/permissive than the grammar
itself, changing the grammar could invalidate any existing strict
parsers. In a security-sensitive context, we know that strict parsers
are safer than permissive parsers (see for example https://efail.de).
Let's not discourage strict parsers.
If we want a backward-compatible padding mechanism (i think we do,
though i'm not sure it's appropriate to document it in 4880bis), then
changing the grammar itself should probably be pretty low on the list of
options.
--dkg
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp