Adding a nonce before hashing as covert channel

Werner Koch wk at gnupg.org
Wed Dec 18 10:07:53 CET 2024 

Heiko,

I don't want that such OpenPGP WG FUD now continues on this mailing list
and thus I have only a few remarks just for the records.  Don't expect
any more replies on this topic from me.

On Tue, 17 Dec 2024 13:27, Heiko Schäfer said:

> The IETF process that led to RFC 9580 (working title "crypto refresh")
> had a clear and limited charter. Produce an update to RFC 4880 (which

Right, which we achieved in 2018.  It then got stuck by people who
wanted to completely overhaul the spec and do an OpenPGP 2.  Search the
WG ML for this (sometime around 2017/2018).  The end result of the WG is
an extensive rework of the specification and not the planned move to
newer algorithms (SHA-2, Modern AE) and integration of the ECC RFC.

> Your life's work - GnuPG - is based on Phil Zimmermann's PGP, which he
> decided to specify as an open format under the name OpenPGP, so that a
> diverse group of implementers could collaborate on the further

I started with GnuPG based on RFC1991 and not on the newly opened PGP 5
specification, which I became aware only late in November 1997 after I
had already put some work in g10 (the working title of GnuPG back then).

Right, PGP 5 was release with source code early this year but for
copyright reasons I had no way to look at the code.  That "diverse
group" back then was pretty small and consisted of the PGP.com folks,
other long term PGP 2 hackers, Tzeruch with his OPGP tool (which was
also printed as abook), and me.

> illegitimate, sinister, and that truly the only reasonable path

I didn't say "sinister" at least not with its meaning of "threatening or
foreshadowing evil or tragic developments" in mind.  What I do say is
that a few folks are bumping up their repudiation by trying to replace a
matured and important protocol using incompatible and not thought ought
replacement strategies.

> forward is for you to continue to evolve rfc4880bis (now under your
> new "LibrePGP" banner).

Not mine.  LibrePGP is a specification agred upon by the major real
world implementations.


Shalom-Salam,

   Werner

-- 
The pioneers of a warless world are the youth that
refuse military service.             - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20241218/848d4d5e/attachment-0001.sig>

More information about the Gnupg-devel mailing list