ietf-openpgp
[Top] [All Lists]

Re: [openpgp] The checksum may appear

2021-03-24 19:08:16
On 2021-03-19 at 07:54 +0100, Werner Koch wrote:
-The checksum with its leading equal sign MAY appear on the first line
after the base64 encoded data.
+If present, the checksum with its leading equal sign SHALL appear on
the next line after the base64 encoded data.

Adding "optional" and making the CRC a SHOULD create indeed clarifies
the intention of the RFC.  Thus I am in favor of this change.

Note I wasn't placing the later. I only stated that you can only place
the checksum at the end.
I was planning to treat this as a feature request and add a phrase with
such SHOULD, since I agree it's a good idea, but turns out I can't come
out with a better rationale than “it's cheap enough it makes sense to
do it even if not giving much value”.

What is the goal of the armor CRC?
The only good use case I can think of is when a human has been
involved, such as when restoring a key from paper.

On other scenarios, the CRC would either be too weak (e.g. in presence
of an active attacker) or protecting from an error that would already
have been handled at lower layers.
[1] and [2] suggest it was added to avoid modem line noise altering the
messages (which nowadays should be discarded at e.g. TCP).

Without a compelling use case, I don't think it should be a SHOULD.
And finally, we should at least mention why it was once considered
useful.


The original change is available in git mode at
https://gitlab.com/Angel-Gonzalez/rfc4880bis/-/tree/checksum-may-appear


Best regards

1- https://mailarchive.ietf.org/arch/msg/openpgp/3K6tSdebEjQw8K1z1pZkXxyvu-k/
2- https://mailarchive.ietf.org/arch/msg/openpgp/2FmAqP-nJkV08E1qQ4YNO2xR2Pc/


_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp