Agenda IETF116: openpgp
agenda-116-openpgp-02
The information below is for an old version of the document.
Meeting Agenda | Open Specification for Pretty Good Privacy (openpgp) WG Snapshot | |
---|---|---|
Date and time | 2023-03-29 06:30 | |
Title | Agenda IETF116: openpgp | |
State | Active | |
Other versions | markdown | |
Last updated | 2023-03-21 |
agenda-116-openpgp-02
IETF-116 OpenPGP WG Meeting
When: Wed, March 29, 1530-1700 local (Asia/Tokyo), 0600-0800 UTC
Where:
- On-site: room G316
- Online: via meetecho
DRAFT Agenda:
- Agenda Bash (chairs, 5)
- Crypto-refresh issues (lead by dkg, 20, but as long as it takes)
- dkg: summarize changes from draft -07 to -08
- Falko Strenzke: guidance on session key reuse
- Daniel Huigens and Johannes Roth: v3 PKESK structure for X448 and X25519
- https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/257 (already merged to -08)
- https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/266 (alternative)
- Interoperability
--profile
arguments tosop
(dkg, 5)- Interop test suite update (Justus Winter, 10)
- Re-chartering topics (timings: TBD)
- PQC (Falko Strenzke)
- Automatic Forwarding (Aron Wussler)
- Key Superseded (Aron Wussler)
- Various (Daniel Huigens)
- Long-term symmetric keys (which I presented on at IETF 114)
- Forward secrecy (possibly mostly covered by short-term keys + re-encryption using long-term symmetric keys, but might still be worth discussing separately, to see if we want a more "proper" solution like double ratcheting)
- Domain separation
- Key verification, e.g. a better alternative to manually verifying fingerprints. This topic could include using QR codes or similar, or even something like Key Transparency to automatically verify keys (which Aron presented on at IETF 113).
- Replacement for Designated Revoker (dkg)
- User ID clarifications (dkg)
- Attestation Signatures, a.k.a. "1PA3PC" (dkg)
- WoT: Trust Signatures, Regex subpackets, Validation constraints, Certification capable subkeys (dkg)
- Stateless OpenPGP Interface ("SOP") (dkg)
- Reusing session keys in a specific application layer: E-mail Messages
- PGP/MIME guidance for v6 signatures