IETF
openpgp
openpgp@jabber.ietf.org
Monday, July 18, 2016< ^ >
werner has set the subject to: Please go to the dprive room for the OpenPGP WG session.
IETF 94 OpenPGP WG session.  --  MeetEcho: http://www.meetecho.com/ietf94/openpgp  --  Overview slides: https://www.ietf.org/proceedings/94/slides/slides-94-openpgp-1.pdf  --  listen: http://ietf94streaming.dnsalias.net/ietf/ietf945.m3u
Room Configuration
Room Occupants

GMT+0
[08:53:58] Pieter Lexis (PowerDNS) joins the room
[09:43:56] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
[09:48:18] Pieter Lexis (PowerDNS) joins the room
[10:53:55] Pieter Lexis (PowerDNS) leaves the room
[11:52:22] Sean Turner joins the room
[11:53:12] dkg joins the room
[11:54:09] Meetecho joins the room
[11:54:21] Pieter Lexis (PowerDNS) joins the room
[11:54:44] Sean Turner has set the subject to: IETF 96 OpenPGP WG
[11:54:53] Melinda joins the room
[11:55:39] Yoshiro Yoneya joins the room
[11:56:22] Tobias Fiebig (TU Berlin) joins the room
[11:56:32] Barry Leiba joins the room
[11:56:37] (the real) Sean Turner joins the room
[11:57:59] (the real) Sean Turner leaves the room
[11:59:18] <Barry Leiba> Sean, you remote?
[11:59:29] <Melinda> Hi, there.  I'll be Jabber scribing for this session.  Is there anybody on who's not in the meeting room?
[12:00:19] <Sean Turner> yes
[12:00:28] <Sean Turner> having some issues with meetecho :(
[12:00:38] <Meetecho> Sean Turner: what's wrong?
[12:00:40] Tobia Castaldi joins the room
[12:00:56] <Melinda> Meeting started, note well
[12:01:14] <Melinda> Agenda
[12:01:42] Sean Turner_goddamnit joins the room
[12:02:07] <Melinda> Document review
[12:02:20] <Melinda> Formally adopted 4880bis
[12:02:45] <Melinda> URL for document: https://gitlab.com/openpgp-wg/rfc4880bis
[12:03:07] sftcd joins the room
[12:03:20] <Barry Leiba> Remote folks: Can you hear us OK?
[12:03:23] <Sean Turner_goddamnit> it keeps saying that my name (Sean Turner) is already in use and then crashes if I just use "Sean Turner"  I used a different name and it seems to work
[12:03:40] <Sean Turner_goddamnit> I can hear just fine
[12:03:47] <Melinda> Okay
[12:03:48] <Meetecho> that's because you're using "Sean Turner" already in your other XMPP client
[12:03:52] <Barry Leiba> Sean, I love your alternative name.
[12:03:53] sftcd wonders does that draft bundle in the errata for 4880? (no need to answer right now)
[12:03:56] <Meetecho> you can't be in the room with the same name twice
[12:04:04] <Sean Turner_goddamnit> ah!!!!
[12:04:23] <Melinda> If you'd like a question relayed to the mic, please prefix "mic:"
[12:04:24] <Sean Turner_goddamnit> let me change my name :)
[12:05:16] Sean Turner_goddamnit leaves the room
[12:05:26] Sean Turner (meetecho) joins the room
[12:05:51] Sean Turner leaves the room
[12:06:14] <Melinda> Phill Hallam-Baker at the mic
[12:06:52] Sean Turner (meetecho) leaves the room
[12:06:54] Sean Turner joins the room
[12:08:47] <Melinda> Request for discussion of Phill's alternative OID proposal
[12:08:51] <Sean Turner> mic: We've done this a bunch of times: ipsec and tls are two examples
[12:09:28] <sftcd> @sean: when's the TLS draft for that coming? :-)
[12:09:32] <Sean Turner> thanks melinda
[12:09:46] <Sean Turner> @sftcd: getting on it ;)
[12:09:50] <sftcd> goodman
[12:09:55] S S joins the room
[12:10:05] Tobias Fiebig (TU Berlin) leaves the room: Replaced by new connection
[12:10:05] tobias joins the room
[12:10:16] <Melinda> Paul Wouters at mike
[12:10:31] <Melinda> Phill again
[12:10:44] <Melinda> "this would avoid the need to have yet another registry"
[12:11:39] <Melinda> DKG: the original proposal would not create new registry
[12:12:08] <Sean Turner> mic: I should have been clearer - the registries are now IETF Consensus - we've had examples of ipsec and tls that went less strict we should follow these examples
[12:12:42] <Melinda> DKG: will post this proposal to mailing list
[12:12:55] <sftcd> @sean: ietf consensus ? even for the new crappy ciphersuites?
[12:13:12] <Sean Turner> what can I say it ends up being busy work for us and we end up spending hous on it (case in point) when that's really what's important ;)
[12:13:30] <Sean Turner> now all of the registries in openpgp are IETF consensus: https://www.iana.org/protocols
[12:13:37] <sftcd> ah sorry I misinterpreted what you said
[12:13:43] <Melinda> Werner Koch up
[12:14:02] <Melinda> Slides: https://www.ietf.org/proceedings/96/slides/slides-96-openpgp-0.pdf
[12:14:07] <Barry Leiba> Is Werner's audio OK?
[12:14:20] <Sean Turner> he's a little distant
[12:14:21] <Melinda> Slide 2
[12:15:05] <Meetecho> is the speaker mic turned off? we cant hear him remotely
[12:15:12] <Meetecho> *can't
[12:15:18] <Sean Turner> he's definitely distant
[12:15:33] <sftcd> mic engineering happens
[12:15:46] <Sean Turner> way better! and much appreciated
[12:15:46] <sftcd> new mic now, ok?
[12:15:50] <Meetecho> I don't think it's a matter of how close he is to the mic, he's being captured by other mics in the room (chair, mic line, etc.)
[12:15:58] <Meetecho> ok, we can hear him with the new mic (y)
[12:17:51] <Melinda> slide 3
[12:18:01] <Melinda> slide 4
[12:19:16] <Melinda> Barry asked question as participant
[12:21:27] <Melinda> no volunteers to write this up, will go to mailing list
[12:21:30] <Melinda> slide 5
[12:22:38] S S leaves the room
[12:22:55] S S joins the room
[12:24:21] <Melinda> Hanno Birk(?) asked if this is gated on cfrg publishing argon2i specification
[12:24:21] Andre Franke joins the room
[12:24:28] <Melinda> Hanno Böck
[12:25:31] <Melinda> Stephen Farrell: talking to the cfrg folks is a fine thing to do, "please don't sit on this for years."
[12:25:47] <Melinda> slide 6
[12:26:01] <Sean Turner> clap, clap, clap!
[12:26:16] geb joins the room
[12:26:16] <Barry Leiba> "And there was much rejoicing."
[12:26:19] <Sean Turner> get rid of the cr@p algs
[12:26:25] <sftcd> the cfrg argon doc btw https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/
[12:26:25] <Melinda> mike?
[12:26:35] <Sean Turner> @melinda: nah
[12:26:46] <sftcd> @melinda: sean's said that about 1000 times at mics:-)
[12:27:42] <Sean Turner> one major difference in being remote is the lack of a hangover - Alexis suggested last night that I should maybe simulate this remotely :)
[12:28:19] <Barry Leiba> Simulate a hangover?
[12:29:05] <sftcd> I can share mine if you want
[12:29:26] <Melinda> slide 7
[12:29:29] <Sean Turner> haha
[12:32:38] <Melinda> slide 8
[12:32:59] derek joins the room
[12:34:16] <derek> Uh oh --- what did I miss??
[12:34:22] <Melinda> DKG: both, or choose one?
[12:34:29] <Melinda> Werner: choose one
[12:34:41] <dkg> derek: we're on slid 8 of https://www.ietf.org/proceedings/96/slides/slides-96-openpgp-0.pdf
[12:35:23] <Melinda> Barry: should the MTI be compatible or forward-looking?
[12:35:35] <Melinda> ??? Should these be quantum-safe?
[12:36:02] <Melinda> Mark Orzechowsky
[12:36:28] <Melinda> Stephen Farrell: premature to specify quantum-safe
[12:36:58] <Melinda> Hanno Böck: strong proposal provides reasonable post-quantum security
[12:37:29] <derek> Except for the Ed25519 I agree with Hanno.
[12:37:45] <Melinda> Stephen: question - if the wg chooses the strong proposal, how many people will not implement the compatible stuff anyway?
[12:37:47] <derek> (RSA has better quantum resistance that ECC)
[12:38:24] <Melinda> Barry: new clients may generate stuff that older clients cannot decrypt.
[12:38:42] <Melinda> DKG: by that logic we may never be able to move to new algorithms
[12:39:23] <Melinda> slide 9
[12:40:21] <Barry Leiba> FWIW, my comment about generating stuff that older clients can't decrypt… was an observation, not a warning.  I prefer going in the STRONG direction (but I think Stephen has it right).
[12:41:01] <Melinda> DKG: we've been bikeshedding on this issue, not sure how to move forward
[12:42:29] <Melinda> PHB: would prefer same format for bunch fo applications (ssh, s/mime, etc.)
[12:47:35] <Melinda> DKG: "That would be PGP v6.  We're not specifying PGP v6 right now"
[12:48:49] <derek> mic: I still believe that the creation time and expiration time should be included in the fingerprint computation in order to prevent an attacker from taking my public key and creating a new certificate around it and causing confusion.  (Granted, an attacker could copy the two times as well, but then they cannot modify the expiration time and maintain the fingerprint)
[12:48:49] <Melinda> Stephen: to clarify, you're looking for text for -bis rather than a new draft?
[12:48:52] <Melinda> Werner: yes
[12:50:39] <Melinda> DKG: currently the expiration time is not included in the fingerprint, so I'm not sure it's a change from the current situation
[12:51:01] <derek> Yes, I know it's not included currently.  I consider that a bug.
[12:51:12] <Melinda> DKG: send text
[12:51:22] <Melinda> slide 10
[12:53:14] <Melinda> sled 11
[12:53:19] <Melinda> slide 11
[12:54:57] <Melinda> There appear to be patent problems around AES-OCB
[12:55:54] <Melinda> slide 12
[12:57:04] John Ng joins the room
[12:57:06] <Melinda> proposal for a new signature class ("literal data packet")
[12:57:42] <Melinda> Rather, looking for a proposal
[12:58:31] <Melinda> DKG: any volunteers?  No response, will take to mailing list
[12:58:59] <Melinda> DKG: one thing that hasn't been brought up here is ED 448
[12:59:32] <Melinda> Werner: we haven't looked at this, but we should definitely assign code points
[13:00:00] <Melinda> No we don't need a code point for this because we use OIDs for elliptic curve
[13:00:30] S S leaves the room
[13:00:48] S S joins the room
[13:01:04] <Melinda> no more questions
[13:01:13] <Melinda> PGP/MIME vs S/MIME
[13:01:25] <Melinda> DKG, I want to explain why that is not appropriate in this working group
[13:01:32] <Melinda> (this is slide 8 of the agenda slides)
[13:02:01] <Sean Turner> chairing par excellence !!!
[13:03:27] <Melinda> PHB - I thought that discussion was about rechartering?
[13:03:55] <Melinda> DKG: we are overdue on existing work, rechartering would be a distraction
[13:04:17] <Sean Turner> btw - excellent jabbering melinda!
[13:04:56] <Melinda> thank you!
[13:06:18] <dkg> thank you, Melinda!
[13:06:19] Melinda leaves the room
[13:06:26] <Barry Leiba> Ite, meeting est.
[13:07:30] Matthew Sargent joins the room
[13:08:50] <Meetecho> meeting over, wrapping up!
[13:09:00] Matthew Sargent leaves the room
[13:09:02] Meetecho leaves the room
[13:09:34] derek leaves the room
[13:12:40] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
[13:14:43] Barry Leiba leaves the room
[13:19:00] sftcd leaves the room
[13:19:37] Yoshiro Yoneya leaves the room
[13:26:08] geb leaves the room: Disconnected: closed
[13:28:00] dkg leaves the room
[13:28:18] tobias leaves the room
[13:34:17] Pieter Lexis (PowerDNS) joins the room
[13:39:48] Melinda joins the room
[13:41:02] Barry Leiba joins the room
[13:44:12] Barry Leiba leaves the room
[13:46:33] sftcd joins the room
[13:46:47] sftcd leaves the room
[15:42:30] Melinda leaves the room
[15:45:41] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
[15:59:42] Pieter Lexis (PowerDNS) joins the room
[16:03:35] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
[16:04:38] Pieter Lexis (PowerDNS) joins the room
[16:07:20] Melinda joins the room
[16:07:28] Melinda leaves the room
[16:08:25] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
[16:21:36] Pieter Lexis (PowerDNS) joins the room
[17:23:12] Pieter Lexis (PowerDNS) leaves the room: Machine going to sleep
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!