Hi folks--
On Mon 2021-10-18 14:19:13 -0700, internet-drafts(_at_)ietf(_dot_)org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Open Specification for Pretty Good Privacy
WG of the IETF.
Title : OpenPGP Message Format
Authors : Werner Koch
Paul Wouters
Filename : draft-ietf-openpgp-crypto-refresh-04.txt
Pages : 136
Date : 2021-10-18
As you can see, the design team has pushed out the latest version of the
crypto refresh draft.
This incorporates variations on several of the features that were in the
older draft-ietf-openpgp-rfc4880bis-draft-10, and some new features
that haven't been incorporated in a previous draft:
Feature inclusions:
- AEAD packets are now defined (they differ from the older draft-10 in
a few subtle ways, most notably that the chunk size is more tightly
constrained, and that what was called the "nonce" is now explicitly
the IV)
- AEAD protection of secret key material (note that public key material
is now included in the encrypted form as additional data)
- Intended Recipients Subpacket (allows a defense against signature
replay in redirected encrypted messages)
- SKESKv5 (works only with AEAD)
- Argon2 as S2K
- Curve448: X448 for ECDH, Ed448 for signing
Deprecations:
- forbid creation of weaker S2K types, except when string is known to
be high-entropy.
- more strongly deprecate non-integrity-protected symmetric encryption
- drop (reserve) bit 0x04 from Features packet ("v5 keys"), due to not
being actionable and potentially causing interop issues.
Fixes/cleanup:
- Corrections to the OpenPGP message grammar
- Corrections to OpenPGP certificate structure
- Algorithm-specific details are now presented in tabular form, for
public keys and for specific elliptic curve choices
The design team is meeting regularly, and making good progress in
collaboration. We hope the larger WG will review the latest draft that
the DT has produced!
You can see (and contribute to) outstanding issues and merge requests at
https://gitlab.com/openpgp-wg/rfc4880bis if you're interested.
The design team has several issues in active discussion that did not
make it into draft-04, but will likely to come up soon:
- Mandatory-to-implement choices (aka "MTI"): see recent summaries of
design-team meetings on the openpgp-dt mailing list:
https://mailarchive.ietf.org/arch/msg/openpgp-dt/zGoNZx95Hh8K4myL3cVOoGc__Uw/
and
https://mailarchive.ietf.org/arch/msg/openpgp-dt/yTOXV5JgaoGq6CyhE0Y6yhaQL8c/
- v5 signatures: see active discussion at
https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/49
- v5 keys: see different possible proposed changes at
https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/77 and
https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/89
I'm hoping that after the next revision, we can start talking about what
"done" looks like ☺ -- we already have some interoperable tests
happening, which is a good sign.
Note, we also have an upcoming meeting at IETF 112, tentatively
scheduled for Wednesday, 10 November 2021, in Session I.
Happy Hacking,
--dkg
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp