ietf-openpgp
[Top] [All Lists]

Re: [openpgp] [internet-drafts(_at_)ietf(_dot_)org] New Version Notification for draft-ietf-openpgp-rfc4880bis-10.txt

2020-09-03 10:06:11
On Thu, 03 Sep 2020 15:01:05 +0200,
Paul Wouters wrote:
On Sep 3, 2020, at 08:37, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:

On Wed,  2 Sep 2020 17:53, Paul Wouters said:

That is why I was asking this. I'd like to know if this an update from
Werner or an update from a consensus on this list - WG or no WG at the

It is part of the deployed GnuPG anyway and thus I feel it makes sense
to have this in the I-D.  Feel free to start a discussion again and if
there is no consensus we need to set the used flag to "reserved" as we
did in the past for features from PGP.

If the change is an optional feature that people don’t need to build support 
for, and causes no security issues for those not implementing it, I have no 
objection.

Note that I asked my original question in the hopes that people are still 
trying to reach consensus - I have no personal interest in any of the 
specific changes from the last draft. I was trying to get an email 
confirmation about the changes to prevent a further discussion far in the 
future about these changes.

So perhaps for clarity I should ask if there is anyone objecting to the 
changes in the latest -10 draft ? So far I got the impression that is 
actually resolved a previous unresolved issue and no one objects? Please 
correct me if I am wrong.


  b5c48cf Clarify the use of the 2 hash octets in Signature Packets.

I have an issue with the first change here:

    -    included in the Signature packet to provide a quick test to reject
    -    some invalid signatures.
    +    included in the Signature packet to provide a way to reject
    +    invalid signatures without performing a signature verification.

I think we should leave the "some" as just checking the hash prefix is
not equivalent to "performing a signature verification", which the new
text seem to suggest.

I don't object to the rest.

  750b19f Fix signature packet description for EdDSA

I don't understand this enough to judge.

  6c0bd58 Add existing value to list of User Attribute Types.

Assuming that we add support for the User ID Attribute Subpacket, I'm
fine with this change.

  76177bb Use consistent capitalization for User ID and User Attribute.

No objection.

  722ed9e Typo fix

No objection.

  30d8397 Introduce the Key Block subpacket to align OpenPGP with CMS.

I think the idea is okay, but the execution (what should and should
not be included) could use some work.

  669f73f Typo fix

No objection.

  6fd718d Revert to the RFC4880 requirement of having a User ID.

I disagree.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>