OpenPGP at IETF 124

Agenda

Administrivia — Chairs, 5 min
Interim Followup
PQC NIST/BP – Falko Strenzke, 5 min
Replacement Key – Andrew Gallagher, 5 min
Persistent Symmetric Keys – Daniel Huigens, 5 min
Possible Next Steps?
- HKP – Andrew Gallagher, 20 min
- External Secrets – Daniel Kahn Gillmor, 15 min
- Other OpenPGP – Andrew Gallagher, 25 min
AOB

defined algorithm combinations. Steve wondered if we need all 8
codepoints; Falko replied that it was up to the working group.
Sophie wondered if anyone used P521, and that supporting XWing would
be nice.
Stavros: XWing equivalent (but not identical) is already there in
base draft. He has seen brainpool 384 and 512 in use, but 512 is
rare.
Sophie believes that 512 ECs are not warrented - they scale cubicly
(slow).
Empty context parameter in the PQ component, not concerned about
cross protocol attacks.
Plan: update draft, wait a bit, then all going well, think about
WGLC

Blocked on interop tests and dependency on SOP draft
Authors of those need to chat and come back to the list with a
resolution, then we can proceed

replace HMAC with AEAD with an empty message
only one persistent symmetric key algo with ID=0
proposed packet: ID=40 for "Persistent symmetric key"
Plan: if no one objects, will implement and make test vectors, and
mint a new version of the draft

Four drafts, three are relatively small
Plan: (Media Types proposal) look for someone who's an expert in
media types
Plan: (Grease proposal) ask the list if people are ok with
registering code points
Plan: (User attributes) no action items given
Plan: (Semantic Cleanup) no specific action plan given; possibly
have people look at it before deciding, or possibly adopting it as a
WG item