From owner-ietf-open-pgp@imc.org Mon Jan 4 16:33:50 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id QAA21986 for ; Mon, 4 Jan 1999 16:33:43 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA15042 for ietf-open-pgp-bks; Mon, 4 Jan 1999 09:30:38 -0800 (PST) Received: from relay.hq.tis.com (firewall-user@relay.hq.tis.com [192.94.214.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA15038 for ; Mon, 4 Jan 1999 09:30:37 -0800 (PST) Received: by relay.hq.tis.com; id MAA10486; Mon, 4 Jan 1999 12:38:38 -0500 (EST) Received: from clipper.hq.tis.com(10.33.1.2) by relay.hq.tis.com via smap (4.1) id xma010439; Mon, 4 Jan 99 12:37:41 -0500 Received: from balenson.hq.tis.com (balenson.hq.tis.com [10.33.80.11]) by clipper.hq.tis.com (8.9.1/8.9.1) with SMTP id MAA02513; Mon, 4 Jan 1999 12:26:04 -0500 (EST) Message-Id: X-Sender: balenson@pop.hq.tis.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Mon, 04 Jan 1999 12:27:09 -0500 To: ietf-open-pgp@imc.org From: "David M. Balenson" Subject: REMINDER: Jan 6th Early Bird Deadline for NDSS '99 Cc: balenson@tis.com Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=====================_915488829==_" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" S A V E $ 7 0 O F F R E G I S T R A T I O N F E E ! ! R E G I S T E R B Y J A N U A R Y 6 , 1 9 9 9 THE INTERNET SOCIETY'S 1999 NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS) SYMPOSIUM February 3-5, 1999 Catamaran Resort Hotel San Diego, California General Chair: Steve Welke, Trusted Computer Solutions Program Chairs: Steve Kent, BBN Technologies Gene Tsudik, USC/Information Sciences Institute ONLINE INFORMATION AND REGISTRATION: http://www.isoc.org/ndss99 KEYNOTE SPEAKER: Whitfield Diffie, Sun Microsystems. Co-author of "Privacy on the Line: The Politics of Wiretapping and Encryption." THIS YEAR'S TOPICS INCLUDE: - Secure Password-Based Protocol for Downloading a Private Key - A Real-World Analysis of Kerberos Password Security - Secure Remote Access to an Internal Web Server - Security and the User - Experimenting with Shared Generation of RSA Keys - Addressing the Problem of Undetected Signature Key Compromise - Practical Approach to Anonymity in Large Scale Electronic Voting Schemes - Securing the Internet's Exterior Routing Infrastructure - Distributed Policy Management for Java 1.2 - Distributed Execution with Remote Audit - An Algebra for Assessing Trust in Certification Chains - A Network Security Research Agenda - PGRIP: PNNI Global Routing Infrastructure Protection - A Cryptographic Countermeasure Against Connection Depletion Attacks - IPSec: Friend or Foe? EXPANDED PRE-CONFERENCE TECHNICAL TUTORIALS: - Principles of Network Security (Dr. Stephen T. Kent, BBN Technologies) - Optical Network Security (Jeff Ingle and Dr. Eric Harder, NSA) - Electronic Payment Systems (Dr. B. Clifford Neuman, USC/ISI) - Windows NT Security (Dominique Brezinski, Secure Computing Corp.) - Web Security and Beyond (Dr. B. Clifford Neuman, USC/ISI) - JAVA Security (Dr. Gary McGraw, Reliable Software Technologies) Full details and biographies at http://www.isoc.org/ndss99/technical.shtml --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" ---------------------------------------------------------------------- David M. Balenson, Publicity Chair, NDSS '99 TIS Labs at Network Associates, Inc. 3060 Washington Road, Suite 100, Glenwood, MD 21738 USA balenson@tis.com; 443-259-2358; fax 301-854-4731 --=====================_915488829==_-- From owner-ietf-open-pgp@imc.org Fri Jan 8 04:09:30 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id EAA09119 for ; Fri, 8 Jan 1999 04:09:30 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA24382 for ietf-open-pgp-bks; Fri, 8 Jan 1999 00:16:34 -0800 (PST) Received: from krdl.org.sg (rodin.krdl.org.sg [137.132.252.27]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA24378; Fri, 8 Jan 1999 00:16:28 -0800 (PST) Received: from mailhost.krdl.org.sg (mailbox.krdl.org.sg [137.132.247.30]) by krdl.org.sg (8.9.0/8.9.0) with ESMTP id QAA19629; Fri, 8 Jan 1999 16:20:41 +0800 (SGT) Received: from colorado (colorado [137.132.249.218]) by mailhost.krdl.org.sg (8.9.0/8.9.0) with SMTP id QAA10492; Fri, 8 Jan 1999 16:14:52 +0800 (SGT) Date: Fri, 8 Jan 1999 16:14:09 +0800 (SGT) From: Jianying Zhou X-Sender: jyzhou@colorado To: aft@socks.nec.com, ietf-cat-wg@lists.stanford.edu, cryptography@c2.net, dns-security@tis.com, Firewalls@lists.gnac.net, ids@uow.edu.au, ietf-open-pgp@imc.org, ietf-otp@bellcore.com, ietf-pkix@imc.org, ietf-radius@livingston.com, ietf-smime@imc.org, ietf-ssh@clinet.fi, ietf-tls@consensus.com, ietf@ietf.org, ipsec@tis.com, OGsecurity@opengroup.org, pem-dev@tis.com, risks@csl.sri.com, spki@c2.net, virus-l@lehigh.edu, www-buyinfo@allegra.att.com, www-security@ns2.rutgers.edu Subject: Re: ACM CCS'99 CFP In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I apology for sending a large attachment in an early message. Sorry. Jianying Zhou From owner-ietf-open-pgp@imc.org Tue Jan 12 16:26:49 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id QAA24823 for ; Tue, 12 Jan 1999 16:26:47 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA19303 for ietf-open-pgp-bks; Tue, 12 Jan 1999 12:24:40 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA19298 for ; Tue, 12 Jan 1999 12:24:30 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id MAA10111; Tue, 12 Jan 1999 12:24:13 -0800 (PST) Message-Id: <3.0.3.32.19990112122320.00b67780@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Tue, 12 Jan 1999 12:23:20 -0800 To: Werner Koch , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <19981223182340.B26633@isil.d.shuttle.de> References: <9812231432.AA49702@watpub1.watson.ibm.com> <9812231432.AA49702@watpub1.watson.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Both Werner Koch and his GNUPG team and the NAI PGP team are planning on putting Twofish (256-bit key) in versions of their respective OpenPGP programs. Consequently, we need to agree on a constant for it. I propose we use 8 (eight) as it's the next one in line. Comments? Discussion? Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) From owner-ietf-open-pgp@imc.org Tue Jan 12 19:36:17 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id TAA27362 for ; Tue, 12 Jan 1999 19:36:17 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA21052 for ietf-open-pgp-bks; Tue, 12 Jan 1999 15:59:41 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-18-8.oak.inreach.net [209.142.18.8]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA21048 for ; Tue, 12 Jan 1999 15:59:39 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.8.7/8.8.7) with ESMTP id QAA10528 for ; Tue, 12 Jan 1999 16:03:36 -0800 X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Tue, 12 Jan 1999 16:03:36 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <3.0.3.32.19990112122320.00b67780@mail.pgp.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Tue, 12 Jan 1999, Jon Callas wrote: >Both Werner Koch and his GNUPG team and the NAI PGP team are planning on >putting Twofish (256-bit key) in versions of their respective OpenPGP >programs. Consequently, we need to agree on a constant for it. I propose we >use 8 (eight) as it's the next one in line. > >Comments? Discussion? > > Jon I dont know about NAI, but from what Werner has said on the GPG list he intends to remove Blowfish, which makes sense, I dont know about anyone else but I have yet to see anyone use Blowfish, so why not just pretend it was not there and just go with twofish? after AES is done, it surely will have been proven. -MaxInux aka William Tiemann Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? From owner-ietf-open-pgp@imc.org Tue Jan 12 20:11:24 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id UAA27573 for ; Tue, 12 Jan 1999 20:11:22 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA21240 for ietf-open-pgp-bks; Tue, 12 Jan 1999 16:27:15 -0800 (PST) Received: from igw3.watson.ibm.com (igw3.watson.ibm.com [198.81.209.18]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA21236 for ; Tue, 12 Jan 1999 16:27:13 -0800 (PST) Received: from mailhub.watson.ibm.com (mailhub.watson.ibm.com [9.2.250.97]) by igw3.watson.ibm.com (8.8.7/07-11-97) with ESMTP id TAA07686; Tue, 12 Jan 1999 19:28:21 -0500 Received: from watpub1.watson.ibm.com (watpub1.watson.ibm.com [9.2.101.12]) by mailhub.watson.ibm.com (8.8.7/Feb-20-98) with SMTP id TAA08254; Tue, 12 Jan 1999 19:28:21 -0500 Received: by watpub1.watson.ibm.com (AIX 4.1/UCB 5.64/6/25/96) id AA35114; Tue, 12 Jan 1999 19:28:17 -0500 From: uri Message-Id: <9901130028.AA35114@watpub1.watson.ibm.com> Subject: Re: Twofish To: maxinux@bigfoot.com (Max Inux) Date: Tue, 12 Jan 1999 19:28:17 -0500 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: from "Max Inux" at Jan 12, 99 04:03:36 pm Reply-To: uri@watson.ibm.com X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Max Inux says: > >Both Werner Koch and his GNUPG team and the NAI PGP team are planning on > >putting Twofish (256-bit key) in versions of their respective OpenPGP > >programs.............. Comments? Discussion? > > I dont know about NAI, but from what Werner has said on the GPG list he > intends to remove Blowfish, which makes sense, I dont know about anyone > else but I have yet to see anyone use Blowfish, so why not just pretend it > was not there and just go with twofish? after AES is done, it surely will > have been proven. I second this. How many ciphers do we need, after all? We aren't in the contest "who can support more", right? So, Twofish is a logical successor for Blowfish - and let's treat it like that. If people have Blowfish-encrypted stuff already (which I doubt, but you never know) - they can do a one-time move. Better than to carry unnecessary baggage. -- Regards, Uri uri@watson.ibm.com -=-=-=-=-=-=- From owner-ietf-open-pgp@imc.org Tue Jan 12 20:31:16 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id UAA27758 for ; Tue, 12 Jan 1999 20:31:15 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA21488 for ietf-open-pgp-bks; Tue, 12 Jan 1999 16:49:32 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA21484 for ; Tue, 12 Jan 1999 16:49:32 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id QAA11553 for ; Tue, 12 Jan 1999 16:50:21 -0800 (PST) Message-Id: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Tue, 12 Jan 1999 16:49:27 -0800 To: ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <9901130028.AA35114@watpub1.watson.ibm.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 07:28 PM 1/12/99 -0500, uri wrote: So, Twofish is a logical successor for Blowfish - and let's treat it like that. If people have Blowfish-encrypted stuff already (which I doubt, but you never know) - they can do a one-time move. Better than to carry unnecessary baggage. I'm uncomfortable with re-declaring an identifier. It's just not good engineering practice to my mind. I think it is much better use another identifier. This would only put us up to 10, and that includes four identifiers that are presently only reserved. If 2440 were not out, I'd have no problem. But it is out there, and it just bugs me to redeclare an identifier if it inconveniences even a single user. By the bye, an inconvenient page break in 2440 made me say something stupid in my last message. The identifier should be 10, not 8. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) From owner-ietf-open-pgp@imc.org Tue Jan 12 20:44:35 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id UAA27904 for ; Tue, 12 Jan 1999 20:44:34 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA21576 for ietf-open-pgp-bks; Tue, 12 Jan 1999 17:06:32 -0800 (PST) Received: from ignem.omnigroup.com (root@omnigroup.com [198.151.161.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA21571 for ; Tue, 12 Jan 1999 17:06:31 -0800 (PST) Received: from reason.omnigroup.com (reason [198.151.161.25]) by ignem.omnigroup.com (8.8.5/8.8.5) with SMTP id RAA22111 for ; Tue, 12 Jan 1999 17:07:55 -0800 (PST) Message-Id: <199901130107.RAA22111@ignem.omnigroup.com> Received: by reason.omnigroup.com (NX5.67g/NX3.0X) id AA02064; Tue, 12 Jan 99 17:08:03 -0800 Content-Type: text/plain Mime-Version: 1.0 (NeXT Mail 4.2mach v148) In-Reply-To: X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.1) Received: by NeXT.Mailer (1.148) From: William Lewis Date: Tue, 12 Jan 99 17:08:02 -0800 To: ietf-open-pgp@imc.org Subject: Re: Twofish References: X-Pgp-Id: 0x27F772C1 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Max Inux wrote: > I dont know about NAI, but from what Werner has said on the GPG list he > intends to remove Blowfish, which makes sense, I dont know about anyone > else but I have yet to see anyone use Blowfish, so why not just pretend it > was not there and just go with twofish? after AES is done, it surely will > have been proven. It's asking for trouble to have an ambiguous assigned number. If there were a shortage of available numbers, reusing Blowfish's might make sense; but there isn't, and if someday there is, Blowfish's number can be reused then. The argument that Twofish is Blowfish's successor doesn't hold water, IMHO. Twofish won't decrypt a message encrypted with Blowfish, so they're different algorithms, despite sharing authorship or structure. From owner-ietf-open-pgp@imc.org Tue Jan 12 21:00:48 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id VAA28033 for ; Tue, 12 Jan 1999 21:00:45 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA21643 for ietf-open-pgp-bks; Tue, 12 Jan 1999 17:15:33 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA21639 for ; Tue, 12 Jan 1999 17:15:31 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id RAA05228 for ; Tue, 12 Jan 1999 17:16:49 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id RAA04405 for ietf-open-pgp@imc.org; Tue, 12 Jan 1999 17:10:13 -0800 Date: Tue, 12 Jan 1999 17:10:13 -0800 From: hal@rain.org Message-Id: <199901130110.RAA04405@hal.sb.rain.org> To: ietf-open-pgp@imc.org Subject: Re: Twofish Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: One question is key size. PGP key algorithm values have defined key sizes. Twofish, like the other AES candidates, can be used with key sizes of 128, 192, or 256 bits. (Actually the cipher allows use of any smaller size key as well.) In some contexts where symmetric key algorithm values are used, the key size can be determined from the message format. For example, Public-Key Encrypted Session Key Packets use PKCS-1 encoding for the encrypted session key, and that encoding implicitly determines the key size (at least to a multiple of eight bytes). However, this is not always the case. Symmetric-Key ESK packets encrypt one key with another, and the two keys' lengths are allowed to be different. Only the encrypted key has its length determined by context, not the encrypting key. Symmetric key algorithm values are also used in secret key packets, and there, too, the key lengths cannot be determined from context. To deal with this, we have always defined symmetric key algorithm values to represent both a cipher and a key length. Blowfish was a variable-key-length algorithm, but the Blowfish cipher algorithm byte was defined to represent a 128-bit key version. In adding Twofish, we should probably either add three values, for 128-, 192-, and 256-bit versions, or we should settle on a single size. If we choose a single size, it would probably make sense to have the Twofish key size be bigger than the 128 bits used by most of our current keys. Unlike the other ciphers, Twofish has a 128 bit block size. (Keep in mind that the block size bears no necessary relation to the key size, except that bigger is better in both cases.) All our other ciphers use a 64 bit block size. Given this increase in size, we should probably consider 192 or 256 bits as the Twofish key size. Either one of these would probably be OK. Personally, I feel that 256 bits is awfully big for a key. There is some speculation that the AES required such a large key to protect against exotic advances in quantum computing which nobody really expects to happen. 192 bits is more than enough strength for any reasonable cryptographic attack. 128 bits is really very strong still, but if we do want to go up, 192 seems more reasonable to me than 256. That would be my recommendation. Hal From owner-ietf-open-pgp@imc.org Wed Jan 13 06:12:58 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id GAA09308 for ; Wed, 13 Jan 1999 06:12:58 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id CAA15929 for ietf-open-pgp-bks; Wed, 13 Jan 1999 02:19:59 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id CAA15924 for ; Wed, 13 Jan 1999 02:19:55 -0800 (PST) Received: by koeln.shuttle.de (8.9.0/8.9.0) id LAA17429 for ietf-open-pgp@imc.org; Wed, 13 Jan 1999 11:20:58 +0100 (MET) Received: (qmail 24814 invoked from network); 13 Jan 1999 10:16:38 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 13 Jan 1999 10:16:38 -0000 Received: (qmail 5759 invoked by uid 501); 13 Jan 1999 10:16:30 -0000 Message-ID: <19990113111630.P5519@isil.d.shuttle.de> Date: Wed, 13 Jan 1999 11:16:30 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Twofish Mail-Followup-To: ietf-open-pgp@imc.org References: <199901130110.RAA04405@hal.sb.rain.org> Mime-Version: 1.0 X-Mailer: Mutt 0.93i In-Reply-To: <199901130110.RAA04405@hal.sb.rain.org>; from hal@rain.org on Tue, Jan 12, 1999 at 05:10:13PM -0800 X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: hal@rain.org writes: > To deal with this, we have always defined symmetric key algorithm > values to represent both a cipher and a key length. Blowfish was a Another way to handle this is to specify a new version for these packets (5) which carry more information than just the algorithm. A standard key length (192 for Twofish?) should then be used with v4 packets. I know that this is not covered by rfc2440 but we might consider it for a new release. Werner From owner-ietf-open-pgp@imc.org Wed Jan 13 09:31:21 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id JAA10425 for ; Wed, 13 Jan 1999 09:31:21 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA19346 for ietf-open-pgp-bks; Wed, 13 Jan 1999 05:40:32 -0800 (PST) Received: from boeing.rutgers.edu (boeing.rutgers.edu [165.230.8.73]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA19342 for ; Wed, 13 Jan 1999 05:40:31 -0800 (PST) Received: from localhost (mione@localhost) by boeing.rutgers.edu (8.8.8/8.8.8) with SMTP id IAA06886; Wed, 13 Jan 1999 08:41:45 -0500 (EST) Date: Wed, 13 Jan 1999 08:41:44 -0500 (EST) From: Tony Mione To: hal@rain.org cc: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901130110.RAA04405@hal.sb.rain.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- On Tue, 12 Jan 1999 hal@rain.org wrote: > One question is key size. PGP key algorithm values have defined key > sizes. Twofish, like the other AES candidates, can be used with key > sizes of 128, 192, or 256 bits. (Actually the cipher allows use of any > smaller size key as well.) > In some contexts where symmetric key algorithm values are used, the > key size can be determined from the message format. For example, > Public-Key Encrypted Session Key Packets use PKCS-1 encoding for the > encrypted session key, and that encoding implicitly determines the > key size (at least to a multiple of eight bytes). > However, this is not always the case. Symmetric-Key ESK packets > encrypt one key with another, and the two keys' lengths are allowed > to be different. Only the encrypted key has its length determined by > context, not the encrypting key. Symmetric key algorithm values are > also used in secret key packets, and there, too, the key lengths cannot > be determined from context. I think we should deal with this issue reasonably soon. We probably cannot deal with it until the v1.1 spec. However, with the number of symmetric key algorithms that are being designed with variable key lengths and other parameters, it will become prohibitive to assign identifiers for each. Picking a specific key length may be too limiting (a user may WANT 256 bit keys) and this does not handle other variables of the algorithm. Take, for instance rc6 (another AES candidate) which allows variable rounds and blocksizes as well. rc6 as specified for the AES the way I read it will be RC6-32/20/{16,24,32}. The first number is the number of bits in a block. The second is the number of rounds. The third is the key size in bytes (it will handle 128,192,and 256 bit keys). Just because this is the definition for AES does not mean that we should not allow it to be run with alternate word sizes or rounds. I would like to (if it is agreeable) add the concept of parameters for symmetric algorithms to my v1.1 laundry list. It should probably be handled in a similar fashion to the public-key parameters (for DSA, etc). This would probably mean specifying an 'Enhanced symmetric-key encrypted session-key packet' to replace the existing one but I will leave that up to the group to hash out. Does this sound reasonable to people? > To deal with this, we have always defined symmetric key algorithm > values to represent both a cipher and a key length. Blowfish was a > variable-key-length algorithm, but the Blowfish cipher algorithm byte > was defined to represent a 128-bit key version. >... > computing which nobody really expects to happen. 192 bits is more > than enough strength for any reasonable cryptographic attack. 128 bits > is really very strong still, but if we do want to go up, 192 seems more > reasonable to me than 256. That would be my recommendation. We should probably choose a single size for the time being. Later, if the above recommendation gets implemented in the v1.1 OpenPGP spec, we would define newer algorithm identifiers with variable parameters. > Hal Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650 mione@nbcs-ns.rutgers.edu W3: http://www-ns.rutgers.edu/~mione/ PGPFP:E2252CCD28733C5B 0B918A4E22BAFA9F ***** Important: Rom 10:9-11 ***** Author of 'CDE and Motif : A Practical Primer', Prentice-Hall PTR -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBNpyijfMKRuSgNA5pAQGkcgMAjrA/l/4Ad4bVQ4KSYmUO6ZSrVliecq/w xjycZ6PYc/BAk1dSKXjrwJe5t81KZCvYeDDUISyp4gsHp/R+fqmIXuQCpm0Rmf3g fE/+yqKyH43TpghTgEH2Pp215EIeDHIR =pc/J -----END PGP SIGNATURE----- From owner-ietf-open-pgp@imc.org Wed Jan 13 11:18:47 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id LAA11489 for ; Wed, 13 Jan 1999 11:18:45 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA20195 for ietf-open-pgp-bks; Wed, 13 Jan 1999 07:30:09 -0800 (PST) Received: from sirius.infonex.com (sirius.infonex.com [209.75.197.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA20190 for ; Wed, 13 Jan 1999 07:30:08 -0800 (PST) Received: (from nobody@localhost) by sirius.infonex.com (8.8.8/8.8.8) id HAA23126; Wed, 13 Jan 1999 07:31:24 -0800 (PST) Date: Wed, 13 Jan 1999 07:31:24 -0800 (PST) From: mark@unicorn.com To: ietf-open-pgp@imc.org Message-Id: <916241483.23125.193.133.230.33@unicorn.com> Subject: Re: Twofish Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: hal@rain.org wrote: >128 bits >is really very strong still, but if we do want to go up, 192 seems more >reasonable to me than 256. That would be my recommendation. What would be the *disadvantage* of choosing 256 bits? I can see the potential advantage if quantum computing does become feasible in the next decade or so, but I can't see any real disadvantage; as far as I'm aware we'd just have a slightly larger data size and a slightly longer key setup time. If that's the case and we only have one key size, I'd say go for 256 bits because it has potential advantages which could significantly outweigh the minor disadvantages. Mark From owner-ietf-open-pgp@imc.org Wed Jan 13 13:42:14 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id NAA14882 for ; Wed, 13 Jan 1999 13:42:09 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA21582 for ietf-open-pgp-bks; Wed, 13 Jan 1999 09:51:10 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA21578 for ; Wed, 13 Jan 1999 09:51:09 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id JAA17877; Wed, 13 Jan 1999 09:52:24 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id JAA00997; Wed, 13 Jan 1999 09:45:46 -0800 Date: Wed, 13 Jan 1999 09:45:46 -0800 From: hal@rain.org Message-Id: <199901131745.JAA00997@hal.sb.rain.org> To: hal@rain.org, mione@boeing.rutgers.edu Subject: Re: Twofish Cc: ietf-open-pgp@imc.org Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Tony Mione, , writes: > I would like to (if it is agreeable) add the concept of parameters for > symmetric algorithms to my v1.1 laundry list. It should probably be handled > in a similar fashion to the public-key parameters (for DSA, etc). This > would probably mean specifying an 'Enhanced symmetric-key encrypted > session-key packet' to replace the existing one but I will leave that up to > the group to hash out. > > Does this sound reasonable to people? OK, but as I said, there are three places (at least) where symmetric key algorithms are specified. In addition to the SKESK which you propose to enhance, there is the public-key ESK, and also there is the secret key packet where they are used to specify what algorithm encrypts the secret key data. So we would need perhaps three new packet formats. Hal From owner-ietf-open-pgp@imc.org Wed Jan 13 14:01:48 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id OAA15855 for ; Wed, 13 Jan 1999 14:01:47 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA21994 for ietf-open-pgp-bks; Wed, 13 Jan 1999 10:15:59 -0800 (PST) Received: from boeing.rutgers.edu (boeing.rutgers.edu [165.230.8.73]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA21990 for ; Wed, 13 Jan 1999 10:15:57 -0800 (PST) Received: from localhost (mione@localhost) by boeing.rutgers.edu (8.8.8/8.8.8) with SMTP id NAA08576; Wed, 13 Jan 1999 13:17:15 -0500 (EST) Date: Wed, 13 Jan 1999 13:17:15 -0500 (EST) From: Tony Mione To: hal@rain.org cc: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901131745.JAA00997@hal.sb.rain.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- On Wed, 13 Jan 1999 hal@rain.org wrote: > Tony Mione, , writes: > > I would like to (if it is agreeable) add the concept of parameters for > > symmetric algorithms to my v1.1 laundry list. It should probably be handled > > in a similar fashion to the public-key parameters (for DSA, etc). This > > would probably mean specifying an 'Enhanced symmetric-key encrypted > > session-key packet' to replace the existing one but I will leave that up to > > the group to hash out. > > > > Does this sound reasonable to people? > OK, but as I said, there are three places (at least) where symmetric > key algorithms are specified. In addition to the SKESK which you propose > to enhance, there is the public-key ESK, and also there is the secret > key packet where they are used to specify what algorithm encrypts the > secret key data. So we would need perhaps three new packet formats. I agree. I picked out the SKESK as an example but meant to state that all places where symmetric keys are used would have to be reviewed and enhanced. Thanks for clarifying that. > Hal Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650 mione@nbcs-ns.rutgers.edu W3: http://www-ns.rutgers.edu/~mione/ PGPFP:E2252CCD28733C5B 0B918A4E22BAFA9F ***** Important: Rom 10:9-11 ***** Author of 'CDE and Motif : A Practical Primer', Prentice-Hall PTR -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBNpzjJfMKRuSgNA5pAQGz9AL9EnqXWqwcaikBxD0M1e0Kp068r32ejqpI xlHUA7SWTeG1t7LWe22juESM1IiDAM/rCOWIVrZ5KTwbV6BxW//4UEyYgp7u7s8/ KNA/2PFR9iHvPiJFLQ6t+OHOAeXJ50/D =ccTD -----END PGP SIGNATURE----- From owner-ietf-open-pgp@imc.org Wed Jan 13 14:15:38 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id OAA16515 for ; Wed, 13 Jan 1999 14:15:36 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA22065 for ietf-open-pgp-bks; Wed, 13 Jan 1999 10:21:01 -0800 (PST) Received: from ceddec.com (brickwall.ceddec.com [207.91.200.193]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA22061 for ; Wed, 13 Jan 1999 10:21:00 -0800 (PST) Received: by brickwall.ceddec.com id <42113>; Wed, 13 Jan 1999 13:22:41 -0500 Date: Wed, 13 Jan 1999 13:22:08 -0500 From: tzeruch@ceddec.com X-Sender: nobody@mars To: ietf-open-pgp@imc.org Subject: Re: Twofish - details, details... In-Reply-To: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> Message-Id: <99Jan13.132241est.42113@brickwall.ceddec.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Tue, 12 Jan 1999, Jon Callas wrote: > At 07:28 PM 1/12/99 -0500, uri wrote: > > So, Twofish is a logical successor for Blowfish - and let's treat it > like that. If people have Blowfish-encrypted stuff already (which I > doubt, but you never know) - they can do a one-time move. Better > than to carry unnecessary baggage. > > I'm uncomfortable with re-declaring an identifier. It's just not good > engineering practice to my mind. I think it is much better use another > identifier. This would only put us up to 10, and that includes four > identifiers that are presently only reserved. If 2440 were not out, I'd > have no problem. But it is out there, and it just bugs me to redeclare an > identifier if it inconveniences even a single user. > > By the bye, an inconvenient page break in 2440 made me say something stupid > in my last message. The identifier should be 10, not 8. 10 would be better. I already have blowfish in my implmentation even if no one uses it. Also, as someone else pointed out, we need to have established key lengths AND I assume that it will be in the ECB mode with the PGP cfb with reset at 10 bytes like everything else? Does anyone have an implementation, or at least what calls they are using if they are using the counterpane reference source? From owner-ietf-open-pgp@imc.org Wed Jan 13 15:07:12 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id PAA18547 for ; Wed, 13 Jan 1999 15:07:11 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA22624 for ietf-open-pgp-bks; Wed, 13 Jan 1999 11:19:30 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA22620 for ; Wed, 13 Jan 1999 11:19:28 -0800 (PST) Received: by koeln.shuttle.de (8.9.0/8.9.0) id UAA07900 for ietf-open-pgp@imc.org; Wed, 13 Jan 1999 20:20:49 +0100 (MET) Received: (qmail 26247 invoked from network); 13 Jan 1999 19:10:49 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 13 Jan 1999 19:10:49 -0000 Received: (qmail 14036 invoked by uid 501); 13 Jan 1999 19:10:45 -0000 Message-ID: <19990113201045.A14028@isil.d.shuttle.de> Date: Wed, 13 Jan 1999 20:10:45 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Twofish - details, details... Mail-Followup-To: ietf-open-pgp@imc.org References: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> <99Jan13.132241est.42113@brickwall.ceddec.com> Mime-Version: 1.0 X-Mailer: Mutt 0.93i In-Reply-To: <99Jan13.132241est.42113@brickwall.ceddec.com>; from tzeruch@ceddec.com on Wed, Jan 13, 1999 at 01:22:08PM -0500 X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: tzeruch@ceddec.com writes: > 10 would be better. I already have blowfish in my implmentation even if > no one uses it. GnuPG uses Blowfish too. > Does anyone have an implementation, or at least what calls they are using > if they are using the counterpane reference source? Actually GnuPG has a Twofish (128 bit key) implemenation as experimental algorithm. Werner From owner-ietf-open-pgp@imc.org Wed Jan 13 18:59:24 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id SAA21876 for ; Wed, 13 Jan 1999 18:59:24 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA29994 for ietf-open-pgp-bks; Wed, 13 Jan 1999 15:18:15 -0800 (PST) Received: from mulga.cs.mu.OZ.AU (mulga.cs.mu.OZ.AU [128.250.1.22]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA29985 for ; Wed, 13 Jan 1999 15:18:12 -0800 (PST) Received: from mundook.cs.mu.OZ.AU (mundook.cs.mu.OZ.AU [128.250.37.154]) by mulga.cs.mu.OZ.AU with ESMTP id KAA06896; Thu, 14 Jan 1999 10:19:33 +1100 (EST) Received: (from bromage@localhost) by mundook.cs.mu.OZ.AU (8.8.5/8.7.3) id KAA21926; Thu, 14 Jan 1999 10:19:31 +1100 (EST) From: Andrew Bromage Message-Id: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Subject: Re: Twofish To: jon@pgp.com (Jon Callas) Date: Thu, 14 Jan 1999 10:19:30 +1100 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> from Jon Callas at "Jan 12, 99 04:49:27 pm" X-Mailer: ELM [version 2.4ME+ PL15 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: G'day all. At 07:28 PM 1/12/99 -0500, uri wrote: > So, Twofish is a logical successor for Blowfish - and let's treat it > like that. If people have Blowfish-encrypted stuff already (which I > doubt, but you never know) - they can do a one-time move. Better > than to carry unnecessary baggage. Jon Callas wrote: > I'm uncomfortable with re-declaring an identifier. It's just not good > engineering practice to my mind. I have to agree. RFC 2440, the current "standard", is published. If we were looking at an error, I'd say "fix it". But we are not The Evil Software Empire(tm), and can't move the ground out from under people. This kind of ambiguity will only cause confusion at best and put people off PGP at worst. > I think it is much better use another > identifier. This would only put us up to 10, and that includes four > identifiers that are presently only reserved. ...and one would be deprecated. Cheers, Andrew Bromage From owner-ietf-open-pgp@imc.org Wed Jan 13 23:13:01 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id XAA26014 for ; Wed, 13 Jan 1999 23:13:01 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id TAA13321 for ietf-open-pgp-bks; Wed, 13 Jan 1999 19:03:55 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-25-90.oak.inreach.net [209.142.25.90]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id TAA13309 for ; Wed, 13 Jan 1999 19:03:53 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.8.7/8.8.7) with ESMTP id TAA03021 for ; Wed, 13 Jan 1999 19:08:10 -0800 X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Wed, 13 Jan 1999 19:08:10 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Upon greater light being shed on the subject, I vote that identifier 10 be TwoFish and 11 be whatever wins AES, if it is TwoFish it will be un-needed. Now the problem is the bit size, looking at how we have other stuff done (Block size = 64 bit, key size = 128), it seems fitting that if Block size =128 we have key size = 256 Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? From owner-ietf-open-pgp@imc.org Thu Jan 14 18:42:51 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id SAA19163 for ; Thu, 14 Jan 1999 18:42:50 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA25110 for ietf-open-pgp-bks; Thu, 14 Jan 1999 14:44:35 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA25106 for ; Thu, 14 Jan 1999 14:44:34 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id OAA29054; Thu, 14 Jan 1999 14:45:19 -0800 (PST) Message-Id: <3.0.3.32.19990114144335.00af23e0@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Thu, 14 Jan 1999 14:43:35 -0800 To: Max Inux , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: References: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 07:08 PM 1/13/99 -0800, Max Inux wrote: Upon greater light being shed on the subject, I vote that identifier 10 be TwoFish and 11 be whatever wins AES, if it is TwoFish it will be un-needed. We already reserved three for AES in 2440, for 128, 192, and 256 bit key lengths, so we're already covered. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) From owner-ietf-open-pgp@imc.org Fri Jan 15 19:59:14 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id TAA01264 for ; Fri, 15 Jan 1999 19:59:14 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23737 for ietf-open-pgp-bks; Fri, 15 Jan 1999 08:44:14 -0800 (PST) Received: (from phoffman@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23710; Fri, 15 Jan 1999 08:43:45 -0800 (PST) Date: Fri, 15 Jan 1999 08:43:45 -0800 (PST) Message-Id: <199901151643.IAA23710@mail.proper.com> From: List Manager of ietf-open-pgp To: ietf-open-pgp@imc.org Subject: How to be removed from this list Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Greetings again. Occasionally, people will sign up for a mailing list and forget how to be removed. This message is a reminder for those folks. First off, when you subscribe to a mailing list, you almost always get a first message from the list owner telling you about the mailing list, and explaining how to unsubscribe. It is always a good idea to keep those messages, since you never know when you will need to unsubscribe. This is particularly useful when you change email addresses, because it is difficult to unsubscribe from a list after you have a different mailing address. In the case of this list, the method to unsubscribe is to send a message to: ietf-open-pgp-request@imc.org with the single word: unsubscribe in the body of the message. This is the same as it always has been. To make this easier for you, I have crafted this message so that you should be able to simply reply to this message, and the reply address should be ietf-open-pgp-request@imc.org (although some mail clients screw this up...). Remove everything from the body of the reply, and put in the single word: unsubscribe If you have tried this method, and the mailing list software won't let you unsubscribe, it is probably because your address has changed. In that case, please send a message to subs@imc.org stating which list (or lists) you want to unsubscribe from, and what you think your previous address was. There is a human (that's me!) who will then try to take care of your request, often within a few days. --Paul Hoffman, Director --Internet Mail Consortium From owner-ietf-open-pgp@imc.org Tue Jan 19 04:20:52 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id EAA09338 for ; Tue, 19 Jan 1999 04:20:52 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA13782 for ietf-open-pgp-bks; Tue, 19 Jan 1999 00:02:47 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA13778 for ; Tue, 19 Jan 1999 00:02:46 -0800 (PST) Received: from jcallas ([38.232.7.55]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id AAA02249 for ; Tue, 19 Jan 1999 00:04:04 -0800 (PST) Message-Id: <3.0.3.32.19990118235942.00a80840@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Mon, 18 Jan 1999 23:59:42 -0800 To: ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <3.0.3.32.19990114144335.00af23e0@mail.pgp.com> References: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I spoke to Bruce today about what key length to use. I asked him because a few months ago we had a casual conversation and he said he was more confident of Twofish at 128 bits than 256 bits. I brought it up again, mentioning we're discussing putting it in OpenPGP (and he is delighted about that). Anyway, he first said to do it at 128 bits and then said, "Wait a minute -- it doesn't cost you anything to go to the full 256?" and I said it didn't. "Then do 256" he replied. I discussed our previous conversation, and he said that his doubt is merely that he is not convinced that the 256-bit keys are fully exponentially stronger than 128. I think this is reasonable, and have the same doubts myself about all the present generation 256 bit cyphers. So no biggie, really. Does anyone *not* want to do 256? Send me private mail if you don't want to be seen as a party-pooper, but have concerns. I launder information real well. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) From owner-ietf-open-pgp@imc.org Tue Jan 19 22:10:31 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id WAA04495 for ; Tue, 19 Jan 1999 22:10:31 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA25269 for ietf-open-pgp-bks; Tue, 19 Jan 1999 18:29:17 -0800 (PST) Received: from mulga.cs.mu.OZ.AU (mulga.cs.mu.OZ.AU [128.250.1.22]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA25263 for ; Tue, 19 Jan 1999 18:29:14 -0800 (PST) Received: from mundook.cs.mu.OZ.AU (mundook.cs.mu.OZ.AU [128.250.29.16]) by mulga.cs.mu.OZ.AU with ESMTP id NAA08446; Wed, 20 Jan 1999 13:30:57 +1100 (EST) Received: (from bromage@localhost) by mundook.cs.mu.OZ.AU (8.8.5/8.7.3) id NAA12682; Wed, 20 Jan 1999 13:30:55 +1100 (EST) From: Andrew Bromage Message-Id: <199901200230.NAA12682@mundook.cs.mu.OZ.AU> Subject: Re: Twofish To: jon@pgp.com (Jon Callas) Date: Wed, 20 Jan 1999 13:30:54 +1100 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: <3.0.3.32.19990118235942.00a80840@mail.pgp.com> from Jon Callas at "Jan 18, 99 11:59:42 pm" X-Mailer: ELM [version 2.4ME+ PL15 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: G'day all. Jon Callas wrote: > I discussed our previous conversation, and he said that his doubt is merely > that he is not convinced that the 256-bit keys are fully exponentially > stronger than 128. I think this is reasonable, and have the same doubts > myself about all the present generation 256 bit cyphers. Quite. We have a precedent in our requirement of 3DES which is vulnerable to a meet-in-the-middle attack, so we don't expect it to be fully exponentially stronger than a modern 128 bit cipher. Cheers, Andrew Bromage From owner-ietf-open-pgp@imc.org Tue Jan 26 15:45:01 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id PAA03139 for ; Tue, 26 Jan 1999 15:45:00 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA16611 for ietf-open-pgp-bks; Tue, 26 Jan 1999 11:41:25 -0800 (PST) Received: from hotmail.com (f213.hotmail.com [207.82.251.104]) by mail.proper.com (8.8.8/8.8.5) with SMTP id LAA16607 for ; Tue, 26 Jan 1999 11:41:21 -0800 (PST) Received: (qmail 23359 invoked by uid 0); 26 Jan 1999 19:42:46 -0000 Message-ID: <19990126194246.23358.qmail@hotmail.com> Received: from 206.105.236.100 by www.hotmail.com with HTTP; Tue, 26 Jan 1999 11:42:46 PST X-Originating-IP: [206.105.236.100] From: "Manuel Vargas" To: jesus@sunserver.dsi.uaq.mx, serf@arnet.com.ar, systarob@bblanca.com.ar, rauljromanuttisa@datacop5.com.ar, goyajm@yahoo.com, alexisgarcia@datacop5.com.ar, angelheart_20@hotmail.com, type_one@majordomo.netcom.com, svlug@svlug.org, ietf-open-pgp@imc.org Subject: LEE ESTE MENSAJE Y MANDASELO A TUS OTROS AMIGOS Date: Tue, 26 Jan 1999 11:42:46 PST Mime-Version: 1.0 Content-Type: text/plain Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Que el señor derrame ricas y abundantes bendiciones para usted y su familia en este año 1999. El propósito de este e-mail es de darle a conocer la Nueva Version De Mi Página Cristiana "Jesus Me Ama", http://jesusmeama.cjb.net en ella encontrará una gama de Innovaciones, como son: 1.- Una Seccion de Caricaturas http://cariaturas.cjb.net 2.- Musica Cristiana, En en la que puedes deleirtar tus oidos con 2 tipos de formatos, como son: midis y wavs. 3.- Curso De la Biblia Gratuitamente, via e-mail. Puedes recibir a la comodidad de tu hogar distintos cursos de la Biblia Gratuitamente, Solo llenas tus datos y te lo enviaremos!!!! 4.- Algo Nunca Visto, Una Seccion Verdaderamente impactante!!! 5.- Una seccion de Links de Diversas Páginas Cristianas, y Otra de Banners. 6.- Y para finalizar una Seccion de Visitas. 7.- Al entrar a mi pagina encontrarás un banner en la parte de Superior . Haciendo click en el , Contribuirás Gratuitamente a la expanción del evangelio de Nuestro Señor Jesucristo por todo el Mundo. Por Favor Ayúdame en eso. La Direccion de mi pagina es: http://jesusmeama.cjb.net PD. Por Favor manda este e-mail a Tus amigos y Hermanos en Cristo, para que me apoyes, con este ministerio!!! ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-ietf-open-pgp@imc.org Tue Jan 26 17:36:16 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id RAA07154 for ; Tue, 26 Jan 1999 17:36:13 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA18030 for ietf-open-pgp-bks; Tue, 26 Jan 1999 13:53:50 -0800 (PST) Received: from riemann.iam.uni-bonn.de (root@riemann.iam.uni-bonn.de [131.220.223.83]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA18025 for ; Tue, 26 Jan 1999 13:53:44 -0800 (PST) Received: from sobolev.rhein.de (root@mathphysppp0.iam.uni-bonn.de [131.220.223.84]) by riemann.iam.uni-bonn.de (8.8.8/8.8.8/Debian/GNU) with ESMTP id WAA16172 for ; Tue, 26 Jan 1999 22:55:34 +0100 Received: (from roessler@localhost) by sobolev.rhein.de (8.8.8/8.8.8/Debian/GNU) id WAA13188 ; Tue, 26 Jan 1999 22:49:33 +0100 Date: Tue, 26 Jan 1999 22:49:33 +0100 From: Thomas Roessler To: ietf-open-pgp@imc.org Subject: to be done Message-ID: <19990126224933.J11060@sobolev.rhein.de> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.95.1-unstable-1999-01-25i Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Since things don't look like we are ever getting the minutes from the IETF meeting, I'd like to give a push for some work which should be done by this WG. - Revise RFC 2015. I'm hearing that the agreement in Orlando was to do some small changes. While this isn't interesting or anything, it should be done. - Define a multiple signature protocol. There are essentially two possible paths to go. On the one hand, we may define a multipart/mixed protocol as suggested by Michael Elkins, or we may just extend the current multipart/signed. Personally, I'm in favor of the fist approach. tlr -- Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/ 2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1 > Hi! I'm Signature Virus 99! Copy me into your signature and join the fun! From owner-ietf-open-pgp@imc.org Wed Jan 27 00:14:00 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id AAA13243 for ; Wed, 27 Jan 1999 00:13:59 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA27726 for ietf-open-pgp-bks; Tue, 26 Jan 1999 20:35:30 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA27719 for ; Tue, 26 Jan 1999 20:35:28 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id NAA17138 for ; Wed, 27 Jan 1999 13:37:53 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id NAA15980 for ; Wed, 27 Jan 1999 13:37:51 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id NAA23202 for ; Wed, 27 Jan 1999 13:37:52 +0900 (JST) From: "=?iso-8859-1?B?kFiTYyCPuY1H?=" To: Subject: Secure mailing list service using OpenPGP Date: Wed, 27 Jan 1999 13:37:11 +0900 Message-ID: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, I want to discuss about secure mailing list service using OpenPGP. I have developed a secure mailing list service by extending an existing mailing list server, FML 2.2 (see http://www.sapporo.iij.ad.jp/staff/fukachan/href/fml/index-e.html). The patch to the original source code will be released in a few weeks. Using this extention, a member of a secure mailing list service can sends a message encrypted to the public key of the server, and the destribution of the message is also encrypted. The server decrypts the message and encrypts to the all public keys of the members of the list. Then the server delivers the re-encrypted message to the members. In the current implementaiton, the server clips a message from an armor header line, BEGIN PGP MESSAGE to an armor trailer line, END PGP MESSAGE, and pipes the clipped message to decrypt and encrypt programs, then replaces the original message with the re-encrypted one. The server also adds a signature when re-encrypting to identify the mailing list server. One problem in this implementation is authentication of the original message sender. The server removes original sender's signature attached to an encrypted message when replacing an original message with the re-encrypted message. This is because PGP decrypt program, pgpv, strips the signature when it decrypts the message. Another problem is comformance to OpenPGP/MIME specification proposed by K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using 'Encrypted-then-Signed' service, the current implementation replace the inner multipart/encrypted MIME object and this makes impossible to verify the signature in the outer multipart/signed MIME object. Currently, I don't have the solutions for these problems. I'm just starting to grapple with them. I will welcome to your comments. [OpenPGP/MIME] K.Yamamoto. MIME Security with OpenPGP. Internet Draft. Dec, 1998. --- Masahiro Morita, NTT Information Sharing Platform Laboratories. From owner-ietf-open-pgp@imc.org Wed Jan 27 02:04:16 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id CAA19937 for ; Wed, 27 Jan 1999 02:04:14 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id WAA04769 for ietf-open-pgp-bks; Tue, 26 Jan 1999 22:28:43 -0800 (PST) Received: from pompano.pcola.gulf.net (root@gulf.net [198.69.72.14]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id WAA04765 for ; Tue, 26 Jan 1999 22:28:41 -0800 (PST) Received: from whgiii (dugong11.pcola.gulf.net [205.160.71.74]) by pompano.pcola.gulf.net (8.9.1a/8.9.1) with SMTP id AAA10992; Wed, 27 Jan 1999 00:30:53 -0600 (CST) Received: from 100.100.100.1 by whgiii (IBM OS/2 SENDMAIL VERSION 2.03/2.0) id AAA006.22; Wed, 27 Jan 1999 00:43:41 -0500 Message-Id: <199901270543.AAA006.22@whgiii> From: "William H. Geiger III" Date: Wed, 27 Jan 1999 00:37:28 -0500 To: " X c G" In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Cc: Subject: Re: Secure mailing list service using OpenPGP X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.52 b52 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp>, on 01/27/99 at 01:37 PM, " X c G" said: >Another problem is comformance to OpenPGP/MIME specification proposed by >K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using >'Encrypted-then-Signed' service, the current implementation replace the >inner multipart/encrypted MIME object and this makes impossible to verify >the signature in the outer multipart/signed MIME object. >Currently, I don't have the solutions for these problems. I'm just >starting to grapple with them. I will welcome to your comments. Signature retention is a big issue that I have been involved with on both the PGP/MIME and now the OpenPGP working groups. Basically there are two ways to accomplish this: NON-MIME Approach: The original sender of the message clearsigns the message then encrypts the message (a two step process). This way the server decrypts & re-encrypts the message and the signature is retained. MIME Approach: The original sender OpenPGP/MIME signs the message then OpenPGP/MIME encrypts the message (again a two step process). Unfortunately few mailers/plugins are designed to use this approach when singing & encrypting a message. Instead they use the sign & encrypt approach (one step process) which signature retention is not possible after decryption. -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html --------------------------------------------------------------- From owner-ietf-open-pgp@imc.org Wed Jan 27 02:29:38 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id CAA20552 for ; Wed, 27 Jan 1999 02:29:37 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id WAA05408 for ietf-open-pgp-bks; Tue, 26 Jan 1999 22:52:48 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id WAA05404 for ; Tue, 26 Jan 1999 22:52:47 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id PAA27137; Wed, 27 Jan 1999 15:54:46 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id PAA25666; Wed, 27 Jan 1999 15:54:45 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id PAA24982; Wed, 27 Jan 1999 15:54:45 +0900 (JST) From: "=?iso-2022-jp?B?GyRCPzlFRBsoQiAbJEI+OzkoGyhC?=" To: Cc: Subject: RE: Secure mailing list service using OpenPGP Date: Wed, 27 Jan 1999 15:54:04 +0900 Message-ID: <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <199901270543.AAA006.22@whgiii> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: William H. Geiger III wrote: > Unfortunately few mailers/plugins are designed to use this approach when > singing & encrypting a message. Instead they use the sign & encrypt > approach (one step process) which signature retention is not possible > after decryption. That's right. I've read OpenPGP Message Format specification and I think that it is logically possible to decrypt a signed&encrypted message and to extract the message together with the signature. Is this correct? If this is true, we can build a program to do this process and to re-encrypt to recipients of a ML. However, which approach should we take in? Geiger's two step approach with prohibiting the usual one step sign&encrypt process, or my approach described above? --hiro --- Morita Masahiro, NTT Information Sharing Platform Laboratories. From owner-ietf-open-pgp@imc.org Wed Jan 27 04:32:57 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id EAA21390 for ; Wed, 27 Jan 1999 04:32:55 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA09742 for ietf-open-pgp-bks; Wed, 27 Jan 1999 00:47:48 -0800 (PST) Received: from riemann.iam.uni-bonn.de (root@riemann.iam.uni-bonn.de [131.220.223.83]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA09733 for ; Wed, 27 Jan 1999 00:47:42 -0800 (PST) Received: from sobolev.rhein.de (root@mathphysppp0.iam.uni-bonn.de [131.220.223.84]) by riemann.iam.uni-bonn.de (8.8.8/8.8.8/Debian/GNU) with ESMTP id JAA17758 for ; Wed, 27 Jan 1999 09:49:50 +0100 Received: (from roessler@localhost) by sobolev.rhein.de (8.8.8/8.8.8/Debian/GNU) id JAA26120 ; Wed, 27 Jan 1999 09:44:29 +0100 Date: Wed, 27 Jan 1999 09:44:29 +0100 From: Thomas Roessler To: ietf-open-pgp@imc.org Subject: Re: Secure mailing list service using OpenPGP Message-ID: <19990127094429.Q11060@sobolev.rhein.de> References: <199901270543.AAA006.22@whgiii> <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.95.1-unstable-1999-01-25i In-Reply-To: <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On 1999-01-27 15:54:04 +0900, ?$B?9ED?(B ?$B>;9(?(B wrote: > However, which approach should we take in? Geiger's two step > approach with prohibiting the usual one step sign&encrypt process, > or my approach described above? --hiro As long as you don't want to use "clearsigning", you can try to extract the signature from the "signed+encrypted" stuff. Anyway, doing this will require some patches to the PGP version you are using. tlr -- Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/ 2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1 > Hi! I'm Signature Virus 99! Copy me into your signature and join the fun! From owner-ietf-open-pgp@imc.org Wed Jan 27 05:19:11 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id FAA21599 for ; Wed, 27 Jan 1999 05:19:09 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id BAA12250 for ietf-open-pgp-bks; Wed, 27 Jan 1999 01:26:33 -0800 (PST) Received: from barbar.esat.kuleuven.ac.be (root@barbar.esat.kuleuven.ac.be [134.58.56.153]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id BAA12246 for ; Wed, 27 Jan 1999 01:26:29 -0800 (PST) Received: from domus.esat.kuleuven.ac.be (domus.esat.kuleuven.ac.be [134.58.189.68]) by barbar (version 8.8.5) with ESMTP id KAA12699; Wed, 27 Jan 1999 10:28:31 +0100 (MET) Organization: ESAT, K.U.Leuven, Belgium Date: Wed, 27 Jan 1999 10:28:31 +0100 (MET) From: "CMS'99" To: ietf-open-pgp@imc.org Subject: CFP: Communications and Multimedia Security '99 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by mail.proper.com id BAA12247 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: [Apologies if you receive this more than once.] ------------------------------------------------------------------------ International Federation for Information Processing CMS '99 Communications and Multimedia Security Joint working conference IFIP TC6 and TC11 September 20-21, 1999 Katholieke Universiteit Leuven, Belgium ------------------------------------------------------------------------ Call For Papers ------------------------------------------------------------------------ GOALS and TOPICS of INTEREST CMS '99 is the fourth in a series of international conferences which aim at reviewing state-of-the-art issues as well as practical experiences and new trends in the areas of communications and multimedia systems security. It is the intention of the organisers to focus the attention of the conference presentations and discussions on issues which combine innovative research work with a highly promising application potential. Topics of interest include, but are not limited to * communications systems security * mobile communications security * Internet, intranet and extranet security * security of mobile code * multimedia systems security * applied cryptography * electronic commerce and digital signatures * security in distributed systems * secure teleworking, telecooperation, telemedicine * legal, social and ethical aspects of communication systems security * standards for communication and multimedia systems security SUBMISSION DETAILS Authors are strongly encouraged to submit their papers electronically. Please email your submission in postscript (or pdf) format to: cms99@esat.kuleuven.ac.be Electronic submissions must be received by March 15, 1999, 23:00 GMT in order to be considered. Authors unable to submit electronically are invited to send a cover letter and 5 (five) copies of an anonymous paper (double-sided copies preferred) to the Program Chair at the postal address below. Submissions must be received by the Program Chair on or before March 15, 1999. The cover letter should contain the paper's title and the names and affiliations of the authors, and should identify the contact author including e-mail and postal addresses. Submissions must not substantially duplicate work that any of the authors have published elsewhere or have submitted in parallel to any other conference or workshop that has proceedings. The paper must be anonymous, with no author names, affiliations, acknowledgments, or obvious references. It should begin with a title, a short abstract, and a list of key words, and its introduction should summarise the contributions of the paper at a level appropriate for a non-specialist reader. The paper should be at most 5000 words long. A full page figure is 500 words. It is anticipated that the proceedings will be published by Kluwer Academic Publishers. Therefore authors are encouraged to use for their submissions the Kluwer IFIP templates for LaTeX or Word (see http://www.wkap.com/IFIP). All submitted papers will be refereed by at least three members of the International Program Committee according to the standard blind refereeing procedures. The Conference Proceedings will be published by an international publisher; copies of the proceedings will be available at the conference. Notification of acceptance or rejection will be sent to authors by April 30, 1999. Authors of accepted papers must guarantee that their paper will be presented at the conference. Important dates: * Submission Deadline: March 15, 1999 * Notification: April 30, 1999 * Final camera-ready version: May 21, 1999 * Conference: September 20-21, 1999 To submit a paper, or for further details, please contact: Prof. Bart Preneel, Program Committee Chair CMS'99 Katholieke Universiteit Leuven Dept. Electrical Engineering-ESAT/COSIC K. Mercierlaan 94, B-3001 Heverlee, BELGIUM Email: cms99@esat.kuleuven.ac.be Tel +32 16 32 10 50 Fax: +32 16 32 19 86 For further details see http://www.esat.kuleuven.ac.be/cosic/cms99/ Program Committee Chair: B. Preneel, Katholieke Universiteit Leuven, Belgium Program Committee: P. Ashley, Queensland University of Technology, Australia A. Casaca, Inesc, Portugal S. Fischer-Huebner, Hamburg University, Germany W. Fumy, Siemens Research, Germany D. Gollmann, Microsoft Research, UK D. Gritzalis, Athens University of Economics and Business, Greece P. Horster, University of Klagenfurt, Austria S. Katsikas, University of the Aegean, Greece L.R. Knudsen, University of Bergen, Norway C. Mitchell, Royal Holloway, University of London, UK D. Naccache, Gemplus, France R. Oppliger, BFI, Switzerland G. Pernul, University of Essen, Germany R. Posch, TU Graz, Austria G. Quirchmayr, University of Vienna, Austria J.-J. Quisquater, Université Catholique de Louvain, Belgium M. Reiter, Bell Labs, USA D. Tygar, University of California at Berkeley, USA P. van Oorschot, Entrust Technologies, Canada S.H. von Solms, Rand Afrikaans University, South Africa L. Yngstrom, Stockholm University and Royal Institute of Technology, Sweden L Strous, De Nederlandsche Bank NV, The Netherlands, advisory member Organising Committee Chair: J. Vandewalle, Katholieke Universiteit Leuven Organising Committee: Joris Claessens, Katholieke Universiteit Leuven Jorge Nakahara, Katholieke Universiteit Leuven Péla Noë, Katholieke Universiteit Leuven Vincent Rijmen, Katholieke Universiteit Leuven Mark Vandenwauver, Katholieke Universiteit Leuven Main Organiser: IFIP TC 11 and TC 6 ------------------------------------------------------------------------ From owner-ietf-open-pgp@imc.org Wed Jan 27 12:11:52 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id MAA27028 for ; Wed, 27 Jan 1999 12:11:51 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA20452 for ietf-open-pgp-bks; Wed, 27 Jan 1999 08:12:38 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA20448 for ; Wed, 27 Jan 1999 08:12:37 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id IAA02373 for ; Wed, 27 Jan 1999 08:15:08 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id IAA17474 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 08:08:22 -0800 Date: Wed, 27 Jan 1999 08:08:22 -0800 From: hal@rain.org Message-Id: <199901271608.IAA17474@hal.sb.rain.org> To: ietf-open-pgp@imc.org Subject: RE: Secure mailing list service using OpenPGP Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I suggest you patch your pgpv so that it stops the decryption process after finding an encrypted message. Handling a message is a recursive process, involving a series of stages: decrypting, decompressing, signature-verifying, removing literal packets. You can make it stop the process after any desired stage; the code is designed to make this easy. This way the output of your pgpv will be an OpenPGP compatible signed message, suitable for further encryption. Hal > That's right. > > I've read OpenPGP Message Format specification and I think that it is > logically possible to decrypt a signed&encrypted message and to extract the > message together with the signature. Is this correct? > > If this is true, we can build a program to do this process and to re-encrypt > to recipients of a ML. > > However, which approach should we take in? Geiger's two step approach with > prohibiting the usual one step sign&encrypt process, or my approach > described above? --hiro From owner-ietf-open-pgp@imc.org Wed Jan 27 13:32:32 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id NAA01499 for ; Wed, 27 Jan 1999 13:32:31 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA21337 for ietf-open-pgp-bks; Wed, 27 Jan 1999 09:45:11 -0800 (PST) Received: from newman.myriad.net (mail.myriad.net [204.57.67.6]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA21333 for ; Wed, 27 Jan 1999 09:45:09 -0800 (PST) Received: from baccarat (baccarat.tca.net [208.162.125.235]) by newman.myriad.net (8.8.7/8.8.7) with SMTP id LAA26210 for ; Wed, 27 Jan 1999 11:47:34 -0600 Message-Id: <4.1.19990127114608.00935e60@128.194.103.4> X-Sender: kmr2938@128.194.103.4 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 27 Jan 1999 11:47:35 -0600 To: ietf-open-pgp@imc.org From: Keith Michael Ray Subject: ElGamal Source Code Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Does anyone have any links to some public domain ElGamal implementations (pref in C)? I haven't been able to find things like test vectors, documentation, etc. --------------------------------------------------------------------- Keith Michael Ray PGP Key DH : http://people.tamu.edu/~kmr2938/0x7E9175B4 PGP Key RSA : http://people.tamu.edu/~kmr2938/0xB774EBED --------------------------------------------------------------------- From owner-ietf-open-pgp@imc.org Wed Jan 27 17:01:32 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id RAA06655 for ; Wed, 27 Jan 1999 17:01:31 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA23427 for ietf-open-pgp-bks; Wed, 27 Jan 1999 13:13:57 -0800 (PST) Received: from Tabs.inside.omikron.de (mail.omikron.de [194.77.140.146]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA23422 for ; Wed, 27 Jan 1999 13:13:53 -0800 (PST) Received: (from uucp@localhost) by Tabs.inside.omikron.de (8.8.8/8.8.8) with UUCP id WAA07241 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 22:15:39 +0100 Received: (from eddy@localhost) by m120.omikron.de (8.8.5/8.8.5) id VAA06373 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 21:40:38 +0100 From: Edwin Cremer Message-Id: <199901272040.VAA06373@m120.omikron.de> Subject: Re: Secure mailing list service using OpenPGP In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> from =?us-ascii?Q?=3D=3Fiso=2D8859=2D1=3FB=3FkFiTYyCPuY1H=3F=3D?= at "Jan 27, 1999 1:37:11 pm" To: ietf-open-pgp@imc.org Date: Wed, 27 Jan 1999 21:40:37 +0100 (MET) X-NoSpam: Pursuant to US Code; Title 47; Chapter 5; Subchapter II; 227 X-NoSpam: any and all nonsolicited commercial E-mail sent to this address is X-NoSpam: subject to a download and archival fee in the amount of 500 US dollars. X-NoSpam: Any E-mail sent to this address denotes acceptance of these terms. MIME-Version: 1.0 Content-Type: application/pgp; format=text; x-action=sign Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hi ????, you wrote: > > I have developed a secure mailing list service by extending an existing > mailing list server, FML 2.2 (see > http://www.sapporo.iij.ad.jp/staff/fukachan/href/fml/index-e.html). The > patch to the original source code will be released in a few weeks. view month ago I do the same with a patch for "tulp" listserver. > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. > > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. > > Currently, I don't have the solutions for these problems. I'm just starting > to grapple with them. I will welcome to your comments. I have the same problem :-( my solution is: the server check the signatur and decrypt the message. if both ok the server write a new footer with the output of the signcheck and then sign and encrypt the new message. if you have a trusted server, the sigcheck is trust ;-) and the members of the list don't need all the key's of all other members. it work's fine with (nearly) all of pgp version. Eddy - -- - ------------------------------------------------------------------------ Edwin Cremer Eddy@m120.omikron.de PGP-Key-ID: 3AF75CD9 PGP-Key-fingerprint: 22 D7 06 43 3E 04 3F FA D4 7A 67 EA 6B 70 60 25 - ------------------------------------------------------------------------ "Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it." Linus Torvalds: -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNq95sWlFCjc691zZAQHyxAP/d0UDjRUKRDFB3P3mobmQQ6y1E8WDR8ZT GheX4oFgh0nPIryeN/ERc08K8BYUucPHetzLZQSWdvK5onrFvJT/6N8ARiHYbjqM F/ErDNpn1ZfglZzxXmHEE+tH/Di8jLjQ5fruojCk3K1SJXo83qsfg1T/qQddu2Cc HctHLiEcoUo= =yhQs -----END PGP SIGNATURE----- From owner-ietf-open-pgp@imc.org Wed Jan 27 22:07:39 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id WAA10934 for ; Wed, 27 Jan 1999 22:07:39 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA16205 for ietf-open-pgp-bks; Wed, 27 Jan 1999 18:28:21 -0800 (PST) Received: from hotmail.com (f44.hotmail.com [207.82.250.55]) by mail.proper.com (8.8.8/8.8.5) with SMTP id SAA16153 for ; Wed, 27 Jan 1999 18:27:56 -0800 (PST) Received: (qmail 29707 invoked by uid 0); 28 Jan 1999 02:29:51 -0000 Message-ID: <19990128022951.29706.qmail@hotmail.com> Received: from 206.105.238.86 by www.hotmail.com with HTTP; Wed, 27 Jan 1999 18:29:50 PST X-Originating-IP: [206.105.238.86] From: "Manuel Vargas" To: tuvieja@radar.com.ar, miamigo@impsat1.com.ar, cls2@inea.com.ar, jesus@sunserver.dsi.uaq.mx, serf@arnet.com.ar, systarob@bblanca.com.ar, rauljromanuttisa@datacop5.com.ar, goyajm@yahoo.com, alexisgarcia@datacop5.com.ar, angelheart_20@hotmail.com, type_one@majordomo.netcom.com, svlug@svlug.org, ietf-open-pgp@imc.org, cpsr-pdx@cpsr.org, current-users@netbsd.org, islandriver@egroups.com, jokeboss@egroups.com, familycornerjokes@egroups.com, cigars@egroups.com, cartmannews@egroups.com, michael-shanks@egroups.com, goodbye4now@egroups.com, lookhear@egroups.com, funjokes@egroups.com, fishtank@egroups.com, atlmusic@egroups.com, gnftalk@egroups.com, hum-s@egroups.com, swingmusic@egroups.com, ryla@egroups.com, pro_football@egroups.com, mhp@egroups.com, spanish_l@egroups.com Subject: LEE ESTE MENSAJE Y MANDASELO A TUS OTROS AMIGOS Date: Wed, 27 Jan 1999 18:29:50 PST Mime-Version: 1.0 Content-Type: text/plain Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Que el señor derrame ricas y abundantes bendiciones para usted y su familia en este año 1999. El propósito de este e-mail es de darle a conocer la Nueva Version De Mi Página Cristiana "Jesus Me Ama", http://members.xoom.com/Stalin1/Jesusmeama.html en ella encontrará una gama de Innovaciones, como son: 1.- Una Seccion de Caricaturas http://members.xoom.com/Stalin1/caricaturas.html http://members.xoom.com/Stalin1/estafuetuvida.htm 2.- Musica Cristiana, En en la que puedes deleirtar tus oidos con 2 tipos de formatos, como son: midis y wavs. 3.- Curso De la Biblia Gratuitamente, via e-mail. Puedes recibir a la comodidad de tu hogar distintos cursos de la Biblia Gratuitamente, Solo llenas tus datos y te lo enviaremos!!!! 4.- Algo Nunca Visto, Una Seccion Verdaderamente impactante!!! http://members.xoom.com/Stalin1/cristovienepronto.html 5.- Una seccion de Links de Diversas Páginas Cristianas, y Otra de Banners. 6.- Y para finalizar una Seccion de Visitas. 7.- Al entrar a mi pagina encontrarás un banner en la parte de Superior . Haciendo click en el , Contribuirás Gratuitamente a la expanción del evangelio de Nuestro Señor Jesucristo por todo el Mundo. Por Favor Ayúdame en eso. La Direccion de mi pagina es: http://members.xoom.com/Stalin1/Jesusmeama.html PD. Por Favor manda este e-mail a Tus amigos y Hermanos en Cristo, para que me apoyes, con este ministerio!!! ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From owner-ietf-open-pgp@imc.org Wed Jan 27 23:59:20 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id XAA13841 for ; Wed, 27 Jan 1999 23:59:20 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA29659 for ietf-open-pgp-bks; Wed, 27 Jan 1999 20:17:25 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA29651 for ; Wed, 27 Jan 1999 20:17:23 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id NAA02379 for ; Thu, 28 Jan 1999 13:19:57 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id NAA27975 for ; Thu, 28 Jan 1999 13:19:56 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id NAA01412 for ; Thu, 28 Jan 1999 13:19:56 +0900 (JST) From: "=?iso-8859-1?B?kFiTYyCPuY1H?=" To: Subject: RE: Secure mailing list service using OpenPGP Date: Thu, 28 Jan 1999 13:19:14 +0900 Message-ID: <002501be4a75$5cfa7720$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I wrote: > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. Many people advised me about this issue. Thanks > everyone. I think that the best way is modifying pgpv to stop the decryption process after finding an encrypted message and re-encrypting the message with the original signature. Is this modification easy? > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. I think that this issue needs to define standard processes of this kind of mailing list agents. I mean, for example, if a signed-then-encrypted message is posted to a mailing list, the mailing list agent should decrypt and re-encrypt to the members, then the agent may sign to it. Or, if a encrypted-then-signed message, the agent can eliminate the signature and decrypt&re-encrypt, and so on. In S/MIME, an I-Draft, "Enhanced Security Services for S/MIME" describes secure mailing list services and defines the standerd process of mailing list agents. We need the definitions like it for OpenPGP, don't we? --hiro From owner-ietf-open-pgp@imc.org Thu Jan 28 01:36:38 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id BAA16015 for ; Thu, 28 Jan 1999 01:36:38 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id VAA12132 for ietf-open-pgp-bks; Wed, 27 Jan 1999 21:58:22 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id VAA12119 for ; Wed, 27 Jan 1999 21:58:20 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id PAA09929 for ; Thu, 28 Jan 1999 15:00:55 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id PAA05420 for ; Thu, 28 Jan 1999 15:00:53 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id PAA02567 for ; Thu, 28 Jan 1999 15:00:53 +0900 (JST) From: "Masahiro Morita" To: Subject: RE: Secure mailing list service using OpenPGP Date: Thu, 28 Jan 1999 15:00:11 +0900 Message-ID: <002701be4a83$778aaa20$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I wrote: > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. Many people advised me about this issue. Thanks > everyone. I think that the best way is modifying pgpv to stop the decryption process after finding an encrypted message and re-encrypting the message with the original signature. Is this modification easy? > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. I think that this issue needs to define standard processes of this kind of mailing list agents. I mean, for example, if a signed-then-encrypted message is posted to a mailing list, the mailing list agent should decrypt and re-encrypt to the members, then the agent may sign to it. Or, if a encrypted-then-signed message, the agent can eliminate the signature and decrypt&re-encrypt, and so on. In S/MIME, an I-Draft, "Enhanced Security Services for S/MIME" describes secure mailing list services and defines the standerd process of mailing list agents. We need the definitions like it for OpenPGP, don't we? --hiro From owner-ietf-open-pgp@imc.org Fri Jan 29 15:31:48 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id PAA07436 for ; Fri, 29 Jan 1999 15:31:48 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA15685 for ietf-open-pgp-bks; Fri, 29 Jan 1999 11:48:23 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA15678 for ; Fri, 29 Jan 1999 11:48:19 -0800 (PST) Received: by koeln.shuttle.de (8.9.2/8.9.2) id UAA18373 for ietf-open-pgp@imc.org; Fri, 29 Jan 1999 20:50:52 +0100 (MET) Received: (qmail 17205 invoked from network); 29 Jan 1999 19:35:40 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 29 Jan 1999 19:35:40 -0000 Received: (qmail 1370 invoked by uid 501); 29 Jan 1999 19:32:49 -0000 Date: Fri, 29 Jan 1999 20:32:49 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Id 10 for Twofish Message-ID: <19990129203249.A1350@frodo.isil.d.shuttle.de> Mail-Followup-To: ietf-open-pgp@imc.org Mime-Version: 1.0 X-Mailer: Mutt 0.95.1i X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, just a short poll: 1) Did we agree on using the algorithm id 10 for Twofish? And can I create preference lists with 10 in it. 2) What is the conclusion about the keysize: 128, 196 or 256 bit. The first point is quite important for me. Thanks, Werner -- ceterum censeo RSA esse delendam From owner-ietf-open-pgp@imc.org Fri Jan 29 19:19:31 1999 Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id TAA13210 for ; Fri, 29 Jan 1999 19:19:30 -0500 (EST) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA17669 for ietf-open-pgp-bks; Fri, 29 Jan 1999 15:42:45 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-25-246.oak.inreach.net [209.142.25.246]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA17664 for ; Fri, 29 Jan 1999 15:42:40 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.9.2/8.8.7) with ESMTP id PAA04631; Fri, 29 Jan 1999 15:50:53 -0800 (PST) X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Fri, 29 Jan 1999 15:50:53 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: Werner Koch cc: ietf-open-pgp@imc.org, g10@net.lut.ac.uk Subject: Re: Id 10 for Twofish In-Reply-To: <19990129203249.A1350@frodo.isil.d.shuttle.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Fri, 29 Jan 1999, Werner Koch wrote: > 1) Did we agree on using the algorithm id 10 for Twofish? And > can I create preference lists with 10 in it. > > 2) What is the conclusion about the keysize: 128, 196 or 256 bit. I believe our conjecture was id: 10, keysize: 256 Sorry about the cross-post, but it is valuable for both lists. Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA17669 for ietf-open-pgp-bks; Fri, 29 Jan 1999 15:42:45 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-25-246.oak.inreach.net [209.142.25.246]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA17664 for ; Fri, 29 Jan 1999 15:42:40 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.9.2/8.8.7) with ESMTP id PAA04631; Fri, 29 Jan 1999 15:50:53 -0800 (PST) X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Fri, 29 Jan 1999 15:50:53 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: Werner Koch cc: ietf-open-pgp@imc.org, g10@net.lut.ac.uk Subject: Re: Id 10 for Twofish In-Reply-To: <19990129203249.A1350@frodo.isil.d.shuttle.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Fri, 29 Jan 1999, Werner Koch wrote: > 1) Did we agree on using the algorithm id 10 for Twofish? And > can I create preference lists with 10 in it. > > 2) What is the conclusion about the keysize: 128, 196 or 256 bit. I believe our conjecture was id: 10, keysize: 256 Sorry about the cross-post, but it is valuable for both lists. Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA15685 for ietf-open-pgp-bks; Fri, 29 Jan 1999 11:48:23 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA15678 for ; Fri, 29 Jan 1999 11:48:19 -0800 (PST) Received: by koeln.shuttle.de (8.9.2/8.9.2) id UAA18373 for ietf-open-pgp@imc.org; Fri, 29 Jan 1999 20:50:52 +0100 (MET) Received: (qmail 17205 invoked from network); 29 Jan 1999 19:35:40 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 29 Jan 1999 19:35:40 -0000 Received: (qmail 1370 invoked by uid 501); 29 Jan 1999 19:32:49 -0000 Date: Fri, 29 Jan 1999 20:32:49 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Id 10 for Twofish Message-ID: <19990129203249.A1350@frodo.isil.d.shuttle.de> Mail-Followup-To: ietf-open-pgp@imc.org Mime-Version: 1.0 X-Mailer: Mutt 0.95.1i X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, just a short poll: 1) Did we agree on using the algorithm id 10 for Twofish? And can I create preference lists with 10 in it. 2) What is the conclusion about the keysize: 128, 196 or 256 bit. The first point is quite important for me. Thanks, Werner -- ceterum censeo RSA esse delendam Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id VAA12132 for ietf-open-pgp-bks; Wed, 27 Jan 1999 21:58:22 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id VAA12119 for ; Wed, 27 Jan 1999 21:58:20 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id PAA09929 for ; Thu, 28 Jan 1999 15:00:55 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id PAA05420 for ; Thu, 28 Jan 1999 15:00:53 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id PAA02567 for ; Thu, 28 Jan 1999 15:00:53 +0900 (JST) From: "Masahiro Morita" To: Subject: RE: Secure mailing list service using OpenPGP Date: Thu, 28 Jan 1999 15:00:11 +0900 Message-ID: <002701be4a83$778aaa20$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I wrote: > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. Many people advised me about this issue. Thanks > everyone. I think that the best way is modifying pgpv to stop the decryption process after finding an encrypted message and re-encrypting the message with the original signature. Is this modification easy? > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. I think that this issue needs to define standard processes of this kind of mailing list agents. I mean, for example, if a signed-then-encrypted message is posted to a mailing list, the mailing list agent should decrypt and re-encrypt to the members, then the agent may sign to it. Or, if a encrypted-then-signed message, the agent can eliminate the signature and decrypt&re-encrypt, and so on. In S/MIME, an I-Draft, "Enhanced Security Services for S/MIME" describes secure mailing list services and defines the standerd process of mailing list agents. We need the definitions like it for OpenPGP, don't we? --hiro Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA29659 for ietf-open-pgp-bks; Wed, 27 Jan 1999 20:17:25 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA29651 for ; Wed, 27 Jan 1999 20:17:23 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id NAA02379 for ; Thu, 28 Jan 1999 13:19:57 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id NAA27975 for ; Thu, 28 Jan 1999 13:19:56 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id NAA01412 for ; Thu, 28 Jan 1999 13:19:56 +0900 (JST) From: "=?iso-8859-1?B?kFiTYyCPuY1H?=" To: Subject: RE: Secure mailing list service using OpenPGP Date: Thu, 28 Jan 1999 13:19:14 +0900 Message-ID: <002501be4a75$5cfa7720$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I wrote: > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. Many people advised me about this issue. Thanks > everyone. I think that the best way is modifying pgpv to stop the decryption process after finding an encrypted message and re-encrypting the message with the original signature. Is this modification easy? > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. I think that this issue needs to define standard processes of this kind of mailing list agents. I mean, for example, if a signed-then-encrypted message is posted to a mailing list, the mailing list agent should decrypt and re-encrypt to the members, then the agent may sign to it. Or, if a encrypted-then-signed message, the agent can eliminate the signature and decrypt&re-encrypt, and so on. In S/MIME, an I-Draft, "Enhanced Security Services for S/MIME" describes secure mailing list services and defines the standerd process of mailing list agents. We need the definitions like it for OpenPGP, don't we? --hiro Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA16205 for ietf-open-pgp-bks; Wed, 27 Jan 1999 18:28:21 -0800 (PST) Received: from hotmail.com (f44.hotmail.com [207.82.250.55]) by mail.proper.com (8.8.8/8.8.5) with SMTP id SAA16153 for ; Wed, 27 Jan 1999 18:27:56 -0800 (PST) Received: (qmail 29707 invoked by uid 0); 28 Jan 1999 02:29:51 -0000 Message-ID: <19990128022951.29706.qmail@hotmail.com> Received: from 206.105.238.86 by www.hotmail.com with HTTP; Wed, 27 Jan 1999 18:29:50 PST X-Originating-IP: [206.105.238.86] From: "Manuel Vargas" To: tuvieja@radar.com.ar, miamigo@impsat1.com.ar, cls2@inea.com.ar, jesus@sunserver.dsi.uaq.mx, serf@arnet.com.ar, systarob@bblanca.com.ar, rauljromanuttisa@datacop5.com.ar, goyajm@yahoo.com, alexisgarcia@datacop5.com.ar, angelheart_20@hotmail.com, type_one@majordomo.netcom.com, svlug@svlug.org, ietf-open-pgp@imc.org, cpsr-pdx@cpsr.org, current-users@netbsd.org, islandriver@egroups.com, jokeboss@egroups.com, familycornerjokes@egroups.com, cigars@egroups.com, cartmannews@egroups.com, michael-shanks@egroups.com, goodbye4now@egroups.com, lookhear@egroups.com, funjokes@egroups.com, fishtank@egroups.com, atlmusic@egroups.com, gnftalk@egroups.com, hum-s@egroups.com, swingmusic@egroups.com, ryla@egroups.com, pro_football@egroups.com, mhp@egroups.com, spanish_l@egroups.com Subject: LEE ESTE MENSAJE Y MANDASELO A TUS OTROS AMIGOS Date: Wed, 27 Jan 1999 18:29:50 PST Mime-Version: 1.0 Content-Type: text/plain Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Que el señor derrame ricas y abundantes bendiciones para usted y su familia en este año 1999. El propósito de este e-mail es de darle a conocer la Nueva Version De Mi Página Cristiana "Jesus Me Ama", http://members.xoom.com/Stalin1/Jesusmeama.html en ella encontrará una gama de Innovaciones, como son: 1.- Una Seccion de Caricaturas http://members.xoom.com/Stalin1/caricaturas.html http://members.xoom.com/Stalin1/estafuetuvida.htm 2.- Musica Cristiana, En en la que puedes deleirtar tus oidos con 2 tipos de formatos, como son: midis y wavs. 3.- Curso De la Biblia Gratuitamente, via e-mail. Puedes recibir a la comodidad de tu hogar distintos cursos de la Biblia Gratuitamente, Solo llenas tus datos y te lo enviaremos!!!! 4.- Algo Nunca Visto, Una Seccion Verdaderamente impactante!!! http://members.xoom.com/Stalin1/cristovienepronto.html 5.- Una seccion de Links de Diversas Páginas Cristianas, y Otra de Banners. 6.- Y para finalizar una Seccion de Visitas. 7.- Al entrar a mi pagina encontrarás un banner en la parte de Superior . Haciendo click en el , Contribuirás Gratuitamente a la expanción del evangelio de Nuestro Señor Jesucristo por todo el Mundo. Por Favor Ayúdame en eso. La Direccion de mi pagina es: http://members.xoom.com/Stalin1/Jesusmeama.html PD. Por Favor manda este e-mail a Tus amigos y Hermanos en Cristo, para que me apoyes, con este ministerio!!! ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA23427 for ietf-open-pgp-bks; Wed, 27 Jan 1999 13:13:57 -0800 (PST) Received: from Tabs.inside.omikron.de (mail.omikron.de [194.77.140.146]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA23422 for ; Wed, 27 Jan 1999 13:13:53 -0800 (PST) Received: (from uucp@localhost) by Tabs.inside.omikron.de (8.8.8/8.8.8) with UUCP id WAA07241 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 22:15:39 +0100 Received: (from eddy@localhost) by m120.omikron.de (8.8.5/8.8.5) id VAA06373 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 21:40:38 +0100 From: Edwin Cremer Message-Id: <199901272040.VAA06373@m120.omikron.de> Subject: Re: Secure mailing list service using OpenPGP In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> from =?us-ascii?Q?=3D=3Fiso=2D8859=2D1=3FB=3FkFiTYyCPuY1H=3F=3D?= at "Jan 27, 1999 1:37:11 pm" To: ietf-open-pgp@imc.org Date: Wed, 27 Jan 1999 21:40:37 +0100 (MET) X-NoSpam: Pursuant to US Code; Title 47; Chapter 5; Subchapter II; 227 X-NoSpam: any and all nonsolicited commercial E-mail sent to this address is X-NoSpam: subject to a download and archival fee in the amount of 500 US dollars. X-NoSpam: Any E-mail sent to this address denotes acceptance of these terms. MIME-Version: 1.0 Content-Type: application/pgp; format=text; x-action=sign Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- Hi ????, you wrote: > > I have developed a secure mailing list service by extending an existing > mailing list server, FML 2.2 (see > http://www.sapporo.iij.ad.jp/staff/fukachan/href/fml/index-e.html). The > patch to the original source code will be released in a few weeks. view month ago I do the same with a patch for "tulp" listserver. > One problem in this implementation is authentication of the original message > sender. The server removes original sender's signature attached to an > encrypted message when replacing an original message with the re-encrypted > message. This is because PGP decrypt program, pgpv, strips the signature > when it decrypts the message. > > Another problem is comformance to OpenPGP/MIME specification proposed by > K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using > 'Encrypted-then-Signed' service, the current implementation replace the > inner multipart/encrypted MIME object and this makes impossible to verify > the signature in the outer multipart/signed MIME object. > > Currently, I don't have the solutions for these problems. I'm just starting > to grapple with them. I will welcome to your comments. I have the same problem :-( my solution is: the server check the signatur and decrypt the message. if both ok the server write a new footer with the output of the signcheck and then sign and encrypt the new message. if you have a trusted server, the sigcheck is trust ;-) and the members of the list don't need all the key's of all other members. it work's fine with (nearly) all of pgp version. Eddy - -- - ------------------------------------------------------------------------ Edwin Cremer Eddy@m120.omikron.de PGP-Key-ID: 3AF75CD9 PGP-Key-fingerprint: 22 D7 06 43 3E 04 3F FA D4 7A 67 EA 6B 70 60 25 - ------------------------------------------------------------------------ "Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it." Linus Torvalds: -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNq95sWlFCjc691zZAQHyxAP/d0UDjRUKRDFB3P3mobmQQ6y1E8WDR8ZT GheX4oFgh0nPIryeN/ERc08K8BYUucPHetzLZQSWdvK5onrFvJT/6N8ARiHYbjqM F/ErDNpn1ZfglZzxXmHEE+tH/Di8jLjQ5fruojCk3K1SJXo83qsfg1T/qQddu2Cc HctHLiEcoUo= =yhQs -----END PGP SIGNATURE----- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA21337 for ietf-open-pgp-bks; Wed, 27 Jan 1999 09:45:11 -0800 (PST) Received: from newman.myriad.net (mail.myriad.net [204.57.67.6]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA21333 for ; Wed, 27 Jan 1999 09:45:09 -0800 (PST) Received: from baccarat (baccarat.tca.net [208.162.125.235]) by newman.myriad.net (8.8.7/8.8.7) with SMTP id LAA26210 for ; Wed, 27 Jan 1999 11:47:34 -0600 Message-Id: <4.1.19990127114608.00935e60@128.194.103.4> X-Sender: kmr2938@128.194.103.4 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 27 Jan 1999 11:47:35 -0600 To: ietf-open-pgp@imc.org From: Keith Michael Ray Subject: ElGamal Source Code Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Does anyone have any links to some public domain ElGamal implementations (pref in C)? I haven't been able to find things like test vectors, documentation, etc. --------------------------------------------------------------------- Keith Michael Ray PGP Key DH : http://people.tamu.edu/~kmr2938/0x7E9175B4 PGP Key RSA : http://people.tamu.edu/~kmr2938/0xB774EBED --------------------------------------------------------------------- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA20452 for ietf-open-pgp-bks; Wed, 27 Jan 1999 08:12:38 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id IAA20448 for ; Wed, 27 Jan 1999 08:12:37 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id IAA02373 for ; Wed, 27 Jan 1999 08:15:08 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id IAA17474 for ietf-open-pgp@imc.org; Wed, 27 Jan 1999 08:08:22 -0800 Date: Wed, 27 Jan 1999 08:08:22 -0800 From: hal@rain.org Message-Id: <199901271608.IAA17474@hal.sb.rain.org> To: ietf-open-pgp@imc.org Subject: RE: Secure mailing list service using OpenPGP Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I suggest you patch your pgpv so that it stops the decryption process after finding an encrypted message. Handling a message is a recursive process, involving a series of stages: decrypting, decompressing, signature-verifying, removing literal packets. You can make it stop the process after any desired stage; the code is designed to make this easy. This way the output of your pgpv will be an OpenPGP compatible signed message, suitable for further encryption. Hal > That's right. > > I've read OpenPGP Message Format specification and I think that it is > logically possible to decrypt a signed&encrypted message and to extract the > message together with the signature. Is this correct? > > If this is true, we can build a program to do this process and to re-encrypt > to recipients of a ML. > > However, which approach should we take in? Geiger's two step approach with > prohibiting the usual one step sign&encrypt process, or my approach > described above? --hiro Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id BAA12250 for ietf-open-pgp-bks; Wed, 27 Jan 1999 01:26:33 -0800 (PST) Received: from barbar.esat.kuleuven.ac.be (root@barbar.esat.kuleuven.ac.be [134.58.56.153]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id BAA12246 for ; Wed, 27 Jan 1999 01:26:29 -0800 (PST) Received: from domus.esat.kuleuven.ac.be (domus.esat.kuleuven.ac.be [134.58.189.68]) by barbar (version 8.8.5) with ESMTP id KAA12699; Wed, 27 Jan 1999 10:28:31 +0100 (MET) Organization: ESAT, K.U.Leuven, Belgium Date: Wed, 27 Jan 1999 10:28:31 +0100 (MET) From: "CMS'99" To: ietf-open-pgp@imc.org Subject: CFP: Communications and Multimedia Security '99 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by mail.proper.com id BAA12247 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: [Apologies if you receive this more than once.] ------------------------------------------------------------------------ International Federation for Information Processing CMS '99 Communications and Multimedia Security Joint working conference IFIP TC6 and TC11 September 20-21, 1999 Katholieke Universiteit Leuven, Belgium ------------------------------------------------------------------------ Call For Papers ------------------------------------------------------------------------ GOALS and TOPICS of INTEREST CMS '99 is the fourth in a series of international conferences which aim at reviewing state-of-the-art issues as well as practical experiences and new trends in the areas of communications and multimedia systems security. It is the intention of the organisers to focus the attention of the conference presentations and discussions on issues which combine innovative research work with a highly promising application potential. Topics of interest include, but are not limited to * communications systems security * mobile communications security * Internet, intranet and extranet security * security of mobile code * multimedia systems security * applied cryptography * electronic commerce and digital signatures * security in distributed systems * secure teleworking, telecooperation, telemedicine * legal, social and ethical aspects of communication systems security * standards for communication and multimedia systems security SUBMISSION DETAILS Authors are strongly encouraged to submit their papers electronically. Please email your submission in postscript (or pdf) format to: cms99@esat.kuleuven.ac.be Electronic submissions must be received by March 15, 1999, 23:00 GMT in order to be considered. Authors unable to submit electronically are invited to send a cover letter and 5 (five) copies of an anonymous paper (double-sided copies preferred) to the Program Chair at the postal address below. Submissions must be received by the Program Chair on or before March 15, 1999. The cover letter should contain the paper's title and the names and affiliations of the authors, and should identify the contact author including e-mail and postal addresses. Submissions must not substantially duplicate work that any of the authors have published elsewhere or have submitted in parallel to any other conference or workshop that has proceedings. The paper must be anonymous, with no author names, affiliations, acknowledgments, or obvious references. It should begin with a title, a short abstract, and a list of key words, and its introduction should summarise the contributions of the paper at a level appropriate for a non-specialist reader. The paper should be at most 5000 words long. A full page figure is 500 words. It is anticipated that the proceedings will be published by Kluwer Academic Publishers. Therefore authors are encouraged to use for their submissions the Kluwer IFIP templates for LaTeX or Word (see http://www.wkap.com/IFIP). All submitted papers will be refereed by at least three members of the International Program Committee according to the standard blind refereeing procedures. The Conference Proceedings will be published by an international publisher; copies of the proceedings will be available at the conference. Notification of acceptance or rejection will be sent to authors by April 30, 1999. Authors of accepted papers must guarantee that their paper will be presented at the conference. Important dates: * Submission Deadline: March 15, 1999 * Notification: April 30, 1999 * Final camera-ready version: May 21, 1999 * Conference: September 20-21, 1999 To submit a paper, or for further details, please contact: Prof. Bart Preneel, Program Committee Chair CMS'99 Katholieke Universiteit Leuven Dept. Electrical Engineering-ESAT/COSIC K. Mercierlaan 94, B-3001 Heverlee, BELGIUM Email: cms99@esat.kuleuven.ac.be Tel +32 16 32 10 50 Fax: +32 16 32 19 86 For further details see http://www.esat.kuleuven.ac.be/cosic/cms99/ Program Committee Chair: B. Preneel, Katholieke Universiteit Leuven, Belgium Program Committee: P. Ashley, Queensland University of Technology, Australia A. Casaca, Inesc, Portugal S. Fischer-Huebner, Hamburg University, Germany W. Fumy, Siemens Research, Germany D. Gollmann, Microsoft Research, UK D. Gritzalis, Athens University of Economics and Business, Greece P. Horster, University of Klagenfurt, Austria S. Katsikas, University of the Aegean, Greece L.R. Knudsen, University of Bergen, Norway C. Mitchell, Royal Holloway, University of London, UK D. Naccache, Gemplus, France R. Oppliger, BFI, Switzerland G. Pernul, University of Essen, Germany R. Posch, TU Graz, Austria G. Quirchmayr, University of Vienna, Austria J.-J. Quisquater, Université Catholique de Louvain, Belgium M. Reiter, Bell Labs, USA D. Tygar, University of California at Berkeley, USA P. van Oorschot, Entrust Technologies, Canada S.H. von Solms, Rand Afrikaans University, South Africa L. Yngstrom, Stockholm University and Royal Institute of Technology, Sweden L Strous, De Nederlandsche Bank NV, The Netherlands, advisory member Organising Committee Chair: J. Vandewalle, Katholieke Universiteit Leuven Organising Committee: Joris Claessens, Katholieke Universiteit Leuven Jorge Nakahara, Katholieke Universiteit Leuven Péla Noë, Katholieke Universiteit Leuven Vincent Rijmen, Katholieke Universiteit Leuven Mark Vandenwauver, Katholieke Universiteit Leuven Main Organiser: IFIP TC 11 and TC 6 ------------------------------------------------------------------------ Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA09742 for ietf-open-pgp-bks; Wed, 27 Jan 1999 00:47:48 -0800 (PST) Received: from riemann.iam.uni-bonn.de (root@riemann.iam.uni-bonn.de [131.220.223.83]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA09733 for ; Wed, 27 Jan 1999 00:47:42 -0800 (PST) Received: from sobolev.rhein.de (root@mathphysppp0.iam.uni-bonn.de [131.220.223.84]) by riemann.iam.uni-bonn.de (8.8.8/8.8.8/Debian/GNU) with ESMTP id JAA17758 for ; Wed, 27 Jan 1999 09:49:50 +0100 Received: (from roessler@localhost) by sobolev.rhein.de (8.8.8/8.8.8/Debian/GNU) id JAA26120 ; Wed, 27 Jan 1999 09:44:29 +0100 Date: Wed, 27 Jan 1999 09:44:29 +0100 From: Thomas Roessler To: ietf-open-pgp@imc.org Subject: Re: Secure mailing list service using OpenPGP Message-ID: <19990127094429.Q11060@sobolev.rhein.de> References: <199901270543.AAA006.22@whgiii> <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.95.1-unstable-1999-01-25i In-Reply-To: <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On 1999-01-27 15:54:04 +0900, ?$B?9ED?(B ?$B>;9(?(B wrote: > However, which approach should we take in? Geiger's two step > approach with prohibiting the usual one step sign&encrypt process, > or my approach described above? --hiro As long as you don't want to use "clearsigning", you can try to extract the signature from the "signed+encrypted" stuff. Anyway, doing this will require some patches to the PGP version you are using. tlr -- Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/ 2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1 > Hi! I'm Signature Virus 99! Copy me into your signature and join the fun! Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id WAA05408 for ietf-open-pgp-bks; Tue, 26 Jan 1999 22:52:48 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id WAA05404 for ; Tue, 26 Jan 1999 22:52:47 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id PAA27137; Wed, 27 Jan 1999 15:54:46 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id PAA25666; Wed, 27 Jan 1999 15:54:45 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id PAA24982; Wed, 27 Jan 1999 15:54:45 +0900 (JST) From: "=?iso-2022-jp?B?GyRCPzlFRBsoQiAbJEI+OzkoGyhC?=" To: Cc: Subject: RE: Secure mailing list service using OpenPGP Date: Wed, 27 Jan 1999 15:54:04 +0900 Message-ID: <000001be49c1$d431c5a0$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <199901270543.AAA006.22@whgiii> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: William H. Geiger III wrote: > Unfortunately few mailers/plugins are designed to use this approach when > singing & encrypting a message. Instead they use the sign & encrypt > approach (one step process) which signature retention is not possible > after decryption. That's right. I've read OpenPGP Message Format specification and I think that it is logically possible to decrypt a signed&encrypted message and to extract the message together with the signature. Is this correct? If this is true, we can build a program to do this process and to re-encrypt to recipients of a ML. However, which approach should we take in? Geiger's two step approach with prohibiting the usual one step sign&encrypt process, or my approach described above? --hiro --- Morita Masahiro, NTT Information Sharing Platform Laboratories. Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id WAA04769 for ietf-open-pgp-bks; Tue, 26 Jan 1999 22:28:43 -0800 (PST) Received: from pompano.pcola.gulf.net (root@gulf.net [198.69.72.14]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id WAA04765 for ; Tue, 26 Jan 1999 22:28:41 -0800 (PST) Received: from whgiii (dugong11.pcola.gulf.net [205.160.71.74]) by pompano.pcola.gulf.net (8.9.1a/8.9.1) with SMTP id AAA10992; Wed, 27 Jan 1999 00:30:53 -0600 (CST) Received: from 100.100.100.1 by whgiii (IBM OS/2 SENDMAIL VERSION 2.03/2.0) id AAA006.22; Wed, 27 Jan 1999 00:43:41 -0500 Message-Id: <199901270543.AAA006.22@whgiii> From: "William H. Geiger III" Date: Wed, 27 Jan 1999 00:37:28 -0500 To: " X c G" In-Reply-To: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> Cc: Subject: Re: Secure mailing list service using OpenPGP X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.52 b52 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: In <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp>, on 01/27/99 at 01:37 PM, " X c G" said: >Another problem is comformance to OpenPGP/MIME specification proposed by >K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using >'Encrypted-then-Signed' service, the current implementation replace the >inner multipart/encrypted MIME object and this makes impossible to verify >the signature in the outer multipart/signed MIME object. >Currently, I don't have the solutions for these problems. I'm just >starting to grapple with them. I will welcome to your comments. Signature retention is a big issue that I have been involved with on both the PGP/MIME and now the OpenPGP working groups. Basically there are two ways to accomplish this: NON-MIME Approach: The original sender of the message clearsigns the message then encrypts the message (a two step process). This way the server decrypts & re-encrypts the message and the signature is retained. MIME Approach: The original sender OpenPGP/MIME signs the message then OpenPGP/MIME encrypts the message (again a two step process). Unfortunately few mailers/plugins are designed to use this approach when singing & encrypting a message. Instead they use the sign & encrypt approach (one step process) which signature retention is not possible after decryption. -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html --------------------------------------------------------------- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id UAA27726 for ietf-open-pgp-bks; Tue, 26 Jan 1999 20:35:30 -0800 (PST) Received: from tama3.tas.ntt.co.jp (tama3.tas.ntt.co.jp [192.68.248.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id UAA27719 for ; Tue, 26 Jan 1999 20:35:28 -0800 (PST) Received: from nttmail.ecl.ntt.co.jp (nttmail.tas.ntt.co.jp [192.68.248.11]) by tama3.tas.ntt.co.jp (8.8.8/3.6W/01/21/99) with ESMTP id NAA17138 for ; Wed, 27 Jan 1999 13:37:53 +0900 (JST) Received: from alsace.isl.ntt.co.jp by nttmail.ecl.ntt.co.jp (8.9.2/3.7W/01/21/99) with ESMTP id NAA15980 for ; Wed, 27 Jan 1999 13:37:51 +0900 (JST) Received: from vaio-luke (godzilla29.isl.ntt.co.jp [129.60.104.205]) by alsace.isl.ntt.co.jp (8.8.8/3.7W) with SMTP id NAA23202 for ; Wed, 27 Jan 1999 13:37:52 +0900 (JST) From: "=?iso-8859-1?B?kFiTYyCPuY1H?=" To: Subject: Secure mailing list service using OpenPGP Date: Wed, 27 Jan 1999 13:37:11 +0900 Message-ID: <005901be49ae$b4cb1da0$cd683c81@vaio-luke.isl.ntt.co.jp> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Hi, I want to discuss about secure mailing list service using OpenPGP. I have developed a secure mailing list service by extending an existing mailing list server, FML 2.2 (see http://www.sapporo.iij.ad.jp/staff/fukachan/href/fml/index-e.html). The patch to the original source code will be released in a few weeks. Using this extention, a member of a secure mailing list service can sends a message encrypted to the public key of the server, and the destribution of the message is also encrypted. The server decrypts the message and encrypts to the all public keys of the members of the list. Then the server delivers the re-encrypted message to the members. In the current implementaiton, the server clips a message from an armor header line, BEGIN PGP MESSAGE to an armor trailer line, END PGP MESSAGE, and pipes the clipped message to decrypt and encrypt programs, then replaces the original message with the re-encrypted one. The server also adds a signature when re-encrypting to identify the mailing list server. One problem in this implementation is authentication of the original message sender. The server removes original sender's signature attached to an encrypted message when replacing an original message with the re-encrypted message. This is because PGP decrypt program, pgpv, strips the signature when it decrypts the message. Another problem is comformance to OpenPGP/MIME specification proposed by K.Yamamoto[OpenPGP/MIME]. For example, if an original message is using 'Encrypted-then-Signed' service, the current implementation replace the inner multipart/encrypted MIME object and this makes impossible to verify the signature in the outer multipart/signed MIME object. Currently, I don't have the solutions for these problems. I'm just starting to grapple with them. I will welcome to your comments. [OpenPGP/MIME] K.Yamamoto. MIME Security with OpenPGP. Internet Draft. Dec, 1998. --- Masahiro Morita, NTT Information Sharing Platform Laboratories. Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA18030 for ietf-open-pgp-bks; Tue, 26 Jan 1999 13:53:50 -0800 (PST) Received: from riemann.iam.uni-bonn.de (root@riemann.iam.uni-bonn.de [131.220.223.83]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA18025 for ; Tue, 26 Jan 1999 13:53:44 -0800 (PST) Received: from sobolev.rhein.de (root@mathphysppp0.iam.uni-bonn.de [131.220.223.84]) by riemann.iam.uni-bonn.de (8.8.8/8.8.8/Debian/GNU) with ESMTP id WAA16172 for ; Tue, 26 Jan 1999 22:55:34 +0100 Received: (from roessler@localhost) by sobolev.rhein.de (8.8.8/8.8.8/Debian/GNU) id WAA13188 ; Tue, 26 Jan 1999 22:49:33 +0100 Date: Tue, 26 Jan 1999 22:49:33 +0100 From: Thomas Roessler To: ietf-open-pgp@imc.org Subject: to be done Message-ID: <19990126224933.J11060@sobolev.rhein.de> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.95.1-unstable-1999-01-25i Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Since things don't look like we are ever getting the minutes from the IETF meeting, I'd like to give a push for some work which should be done by this WG. - Revise RFC 2015. I'm hearing that the agreement in Orlando was to do some small changes. While this isn't interesting or anything, it should be done. - Define a multiple signature protocol. There are essentially two possible paths to go. On the one hand, we may define a multipart/mixed protocol as suggested by Michael Elkins, or we may just extend the current multipart/signed. Personally, I'm in favor of the fist approach. tlr -- Thomas Roessler · 74a353cc0b19 · dg1ktr · http://home.pages.de/~roessler/ 2048/CE6AC6C1 · 4E 04 F0 BC 72 FF 14 23 44 85 D1 A1 3B B0 73 C1 > Hi! I'm Signature Virus 99! Copy me into your signature and join the fun! Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA16611 for ietf-open-pgp-bks; Tue, 26 Jan 1999 11:41:25 -0800 (PST) Received: from hotmail.com (f213.hotmail.com [207.82.251.104]) by mail.proper.com (8.8.8/8.8.5) with SMTP id LAA16607 for ; Tue, 26 Jan 1999 11:41:21 -0800 (PST) Received: (qmail 23359 invoked by uid 0); 26 Jan 1999 19:42:46 -0000 Message-ID: <19990126194246.23358.qmail@hotmail.com> Received: from 206.105.236.100 by www.hotmail.com with HTTP; Tue, 26 Jan 1999 11:42:46 PST X-Originating-IP: [206.105.236.100] From: "Manuel Vargas" To: jesus@sunserver.dsi.uaq.mx, serf@arnet.com.ar, systarob@bblanca.com.ar, rauljromanuttisa@datacop5.com.ar, goyajm@yahoo.com, alexisgarcia@datacop5.com.ar, angelheart_20@hotmail.com, type_one@majordomo.netcom.com, svlug@svlug.org, ietf-open-pgp@imc.org Subject: LEE ESTE MENSAJE Y MANDASELO A TUS OTROS AMIGOS Date: Tue, 26 Jan 1999 11:42:46 PST Mime-Version: 1.0 Content-Type: text/plain Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Que el señor derrame ricas y abundantes bendiciones para usted y su familia en este año 1999. El propósito de este e-mail es de darle a conocer la Nueva Version De Mi Página Cristiana "Jesus Me Ama", http://jesusmeama.cjb.net en ella encontrará una gama de Innovaciones, como son: 1.- Una Seccion de Caricaturas http://cariaturas.cjb.net 2.- Musica Cristiana, En en la que puedes deleirtar tus oidos con 2 tipos de formatos, como son: midis y wavs. 3.- Curso De la Biblia Gratuitamente, via e-mail. Puedes recibir a la comodidad de tu hogar distintos cursos de la Biblia Gratuitamente, Solo llenas tus datos y te lo enviaremos!!!! 4.- Algo Nunca Visto, Una Seccion Verdaderamente impactante!!! 5.- Una seccion de Links de Diversas Páginas Cristianas, y Otra de Banners. 6.- Y para finalizar una Seccion de Visitas. 7.- Al entrar a mi pagina encontrarás un banner en la parte de Superior . Haciendo click en el , Contribuirás Gratuitamente a la expanción del evangelio de Nuestro Señor Jesucristo por todo el Mundo. Por Favor Ayúdame en eso. La Direccion de mi pagina es: http://jesusmeama.cjb.net PD. Por Favor manda este e-mail a Tus amigos y Hermanos en Cristo, para que me apoyes, con este ministerio!!! ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA25269 for ietf-open-pgp-bks; Tue, 19 Jan 1999 18:29:17 -0800 (PST) Received: from mulga.cs.mu.OZ.AU (mulga.cs.mu.OZ.AU [128.250.1.22]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA25263 for ; Tue, 19 Jan 1999 18:29:14 -0800 (PST) Received: from mundook.cs.mu.OZ.AU (mundook.cs.mu.OZ.AU [128.250.29.16]) by mulga.cs.mu.OZ.AU with ESMTP id NAA08446; Wed, 20 Jan 1999 13:30:57 +1100 (EST) Received: (from bromage@localhost) by mundook.cs.mu.OZ.AU (8.8.5/8.7.3) id NAA12682; Wed, 20 Jan 1999 13:30:55 +1100 (EST) From: Andrew Bromage Message-Id: <199901200230.NAA12682@mundook.cs.mu.OZ.AU> Subject: Re: Twofish To: jon@pgp.com (Jon Callas) Date: Wed, 20 Jan 1999 13:30:54 +1100 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: <3.0.3.32.19990118235942.00a80840@mail.pgp.com> from Jon Callas at "Jan 18, 99 11:59:42 pm" X-Mailer: ELM [version 2.4ME+ PL15 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: G'day all. Jon Callas wrote: > I discussed our previous conversation, and he said that his doubt is merely > that he is not convinced that the 256-bit keys are fully exponentially > stronger than 128. I think this is reasonable, and have the same doubts > myself about all the present generation 256 bit cyphers. Quite. We have a precedent in our requirement of 3DES which is vulnerable to a meet-in-the-middle attack, so we don't expect it to be fully exponentially stronger than a modern 128 bit cipher. Cheers, Andrew Bromage Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA13782 for ietf-open-pgp-bks; Tue, 19 Jan 1999 00:02:47 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA13778 for ; Tue, 19 Jan 1999 00:02:46 -0800 (PST) Received: from jcallas ([38.232.7.55]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id AAA02249 for ; Tue, 19 Jan 1999 00:04:04 -0800 (PST) Message-Id: <3.0.3.32.19990118235942.00a80840@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Mon, 18 Jan 1999 23:59:42 -0800 To: ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <3.0.3.32.19990114144335.00af23e0@mail.pgp.com> References: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I spoke to Bruce today about what key length to use. I asked him because a few months ago we had a casual conversation and he said he was more confident of Twofish at 128 bits than 256 bits. I brought it up again, mentioning we're discussing putting it in OpenPGP (and he is delighted about that). Anyway, he first said to do it at 128 bits and then said, "Wait a minute -- it doesn't cost you anything to go to the full 256?" and I said it didn't. "Then do 256" he replied. I discussed our previous conversation, and he said that his doubt is merely that he is not convinced that the 256-bit keys are fully exponentially stronger than 128. I think this is reasonable, and have the same doubts myself about all the present generation 256 bit cyphers. So no biggie, really. Does anyone *not* want to do 256? Send me private mail if you don't want to be seen as a party-pooper, but have concerns. I launder information real well. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23737 for ietf-open-pgp-bks; Fri, 15 Jan 1999 08:44:14 -0800 (PST) Received: (from phoffman@localhost) by mail.proper.com (8.8.8/8.8.5) id IAA23710; Fri, 15 Jan 1999 08:43:45 -0800 (PST) Date: Fri, 15 Jan 1999 08:43:45 -0800 (PST) Message-Id: <199901151643.IAA23710@mail.proper.com> From: List Manager of ietf-open-pgp To: ietf-open-pgp@imc.org Subject: How to be removed from this list Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Greetings again. Occasionally, people will sign up for a mailing list and forget how to be removed. This message is a reminder for those folks. First off, when you subscribe to a mailing list, you almost always get a first message from the list owner telling you about the mailing list, and explaining how to unsubscribe. It is always a good idea to keep those messages, since you never know when you will need to unsubscribe. This is particularly useful when you change email addresses, because it is difficult to unsubscribe from a list after you have a different mailing address. In the case of this list, the method to unsubscribe is to send a message to: ietf-open-pgp-request@imc.org with the single word: unsubscribe in the body of the message. This is the same as it always has been. To make this easier for you, I have crafted this message so that you should be able to simply reply to this message, and the reply address should be ietf-open-pgp-request@imc.org (although some mail clients screw this up...). Remove everything from the body of the reply, and put in the single word: unsubscribe If you have tried this method, and the mailing list software won't let you unsubscribe, it is probably because your address has changed. In that case, please send a message to subs@imc.org stating which list (or lists) you want to unsubscribe from, and what you think your previous address was. There is a human (that's me!) who will then try to take care of your request, often within a few days. --Paul Hoffman, Director --Internet Mail Consortium Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA25110 for ietf-open-pgp-bks; Thu, 14 Jan 1999 14:44:35 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA25106 for ; Thu, 14 Jan 1999 14:44:34 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id OAA29054; Thu, 14 Jan 1999 14:45:19 -0800 (PST) Message-Id: <3.0.3.32.19990114144335.00af23e0@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Thu, 14 Jan 1999 14:43:35 -0800 To: Max Inux , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: References: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 07:08 PM 1/13/99 -0800, Max Inux wrote: Upon greater light being shed on the subject, I vote that identifier 10 be TwoFish and 11 be whatever wins AES, if it is TwoFish it will be un-needed. We already reserved three for AES in 2440, for 128, 192, and 256 bit key lengths, so we're already covered. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id TAA13321 for ietf-open-pgp-bks; Wed, 13 Jan 1999 19:03:55 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-25-90.oak.inreach.net [209.142.25.90]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id TAA13309 for ; Wed, 13 Jan 1999 19:03:53 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.8.7/8.8.7) with ESMTP id TAA03021 for ; Wed, 13 Jan 1999 19:08:10 -0800 X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Wed, 13 Jan 1999 19:08:10 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Upon greater light being shed on the subject, I vote that identifier 10 be TwoFish and 11 be whatever wins AES, if it is TwoFish it will be un-needed. Now the problem is the bit size, looking at how we have other stuff done (Block size = 64 bit, key size = 128), it seems fitting that if Block size =128 we have key size = 256 Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA29994 for ietf-open-pgp-bks; Wed, 13 Jan 1999 15:18:15 -0800 (PST) Received: from mulga.cs.mu.OZ.AU (mulga.cs.mu.OZ.AU [128.250.1.22]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA29985 for ; Wed, 13 Jan 1999 15:18:12 -0800 (PST) Received: from mundook.cs.mu.OZ.AU (mundook.cs.mu.OZ.AU [128.250.37.154]) by mulga.cs.mu.OZ.AU with ESMTP id KAA06896; Thu, 14 Jan 1999 10:19:33 +1100 (EST) Received: (from bromage@localhost) by mundook.cs.mu.OZ.AU (8.8.5/8.7.3) id KAA21926; Thu, 14 Jan 1999 10:19:31 +1100 (EST) From: Andrew Bromage Message-Id: <199901132319.KAA21926@mundook.cs.mu.OZ.AU> Subject: Re: Twofish To: jon@pgp.com (Jon Callas) Date: Thu, 14 Jan 1999 10:19:30 +1100 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> from Jon Callas at "Jan 12, 99 04:49:27 pm" X-Mailer: ELM [version 2.4ME+ PL15 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: G'day all. At 07:28 PM 1/12/99 -0500, uri wrote: > So, Twofish is a logical successor for Blowfish - and let's treat it > like that. If people have Blowfish-encrypted stuff already (which I > doubt, but you never know) - they can do a one-time move. Better > than to carry unnecessary baggage. Jon Callas wrote: > I'm uncomfortable with re-declaring an identifier. It's just not good > engineering practice to my mind. I have to agree. RFC 2440, the current "standard", is published. If we were looking at an error, I'd say "fix it". But we are not The Evil Software Empire(tm), and can't move the ground out from under people. This kind of ambiguity will only cause confusion at best and put people off PGP at worst. > I think it is much better use another > identifier. This would only put us up to 10, and that includes four > identifiers that are presently only reserved. ...and one would be deprecated. Cheers, Andrew Bromage Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA22624 for ietf-open-pgp-bks; Wed, 13 Jan 1999 11:19:30 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA22620 for ; Wed, 13 Jan 1999 11:19:28 -0800 (PST) Received: by koeln.shuttle.de (8.9.0/8.9.0) id UAA07900 for ietf-open-pgp@imc.org; Wed, 13 Jan 1999 20:20:49 +0100 (MET) Received: (qmail 26247 invoked from network); 13 Jan 1999 19:10:49 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 13 Jan 1999 19:10:49 -0000 Received: (qmail 14036 invoked by uid 501); 13 Jan 1999 19:10:45 -0000 Message-ID: <19990113201045.A14028@isil.d.shuttle.de> Date: Wed, 13 Jan 1999 20:10:45 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Twofish - details, details... Mail-Followup-To: ietf-open-pgp@imc.org References: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> <99Jan13.132241est.42113@brickwall.ceddec.com> Mime-Version: 1.0 X-Mailer: Mutt 0.93i In-Reply-To: <99Jan13.132241est.42113@brickwall.ceddec.com>; from tzeruch@ceddec.com on Wed, Jan 13, 1999 at 01:22:08PM -0500 X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: tzeruch@ceddec.com writes: > 10 would be better. I already have blowfish in my implmentation even if > no one uses it. GnuPG uses Blowfish too. > Does anyone have an implementation, or at least what calls they are using > if they are using the counterpane reference source? Actually GnuPG has a Twofish (128 bit key) implemenation as experimental algorithm. Werner Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA22065 for ietf-open-pgp-bks; Wed, 13 Jan 1999 10:21:01 -0800 (PST) Received: from ceddec.com (brickwall.ceddec.com [207.91.200.193]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA22061 for ; Wed, 13 Jan 1999 10:21:00 -0800 (PST) Received: by brickwall.ceddec.com id <42113>; Wed, 13 Jan 1999 13:22:41 -0500 Date: Wed, 13 Jan 1999 13:22:08 -0500 From: tzeruch@ceddec.com X-Sender: nobody@mars To: ietf-open-pgp@imc.org Subject: Re: Twofish - details, details... In-Reply-To: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> Message-Id: <99Jan13.132241est.42113@brickwall.ceddec.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Tue, 12 Jan 1999, Jon Callas wrote: > At 07:28 PM 1/12/99 -0500, uri wrote: > > So, Twofish is a logical successor for Blowfish - and let's treat it > like that. If people have Blowfish-encrypted stuff already (which I > doubt, but you never know) - they can do a one-time move. Better > than to carry unnecessary baggage. > > I'm uncomfortable with re-declaring an identifier. It's just not good > engineering practice to my mind. I think it is much better use another > identifier. This would only put us up to 10, and that includes four > identifiers that are presently only reserved. If 2440 were not out, I'd > have no problem. But it is out there, and it just bugs me to redeclare an > identifier if it inconveniences even a single user. > > By the bye, an inconvenient page break in 2440 made me say something stupid > in my last message. The identifier should be 10, not 8. 10 would be better. I already have blowfish in my implmentation even if no one uses it. Also, as someone else pointed out, we need to have established key lengths AND I assume that it will be in the ECB mode with the PGP cfb with reset at 10 bytes like everything else? Does anyone have an implementation, or at least what calls they are using if they are using the counterpane reference source? Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id KAA21994 for ietf-open-pgp-bks; Wed, 13 Jan 1999 10:15:59 -0800 (PST) Received: from boeing.rutgers.edu (boeing.rutgers.edu [165.230.8.73]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id KAA21990 for ; Wed, 13 Jan 1999 10:15:57 -0800 (PST) Received: from localhost (mione@localhost) by boeing.rutgers.edu (8.8.8/8.8.8) with SMTP id NAA08576; Wed, 13 Jan 1999 13:17:15 -0500 (EST) Date: Wed, 13 Jan 1999 13:17:15 -0500 (EST) From: Tony Mione To: hal@rain.org cc: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901131745.JAA00997@hal.sb.rain.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- On Wed, 13 Jan 1999 hal@rain.org wrote: > Tony Mione, , writes: > > I would like to (if it is agreeable) add the concept of parameters for > > symmetric algorithms to my v1.1 laundry list. It should probably be handled > > in a similar fashion to the public-key parameters (for DSA, etc). This > > would probably mean specifying an 'Enhanced symmetric-key encrypted > > session-key packet' to replace the existing one but I will leave that up to > > the group to hash out. > > > > Does this sound reasonable to people? > OK, but as I said, there are three places (at least) where symmetric > key algorithms are specified. In addition to the SKESK which you propose > to enhance, there is the public-key ESK, and also there is the secret > key packet where they are used to specify what algorithm encrypts the > secret key data. So we would need perhaps three new packet formats. I agree. I picked out the SKESK as an example but meant to state that all places where symmetric keys are used would have to be reviewed and enhanced. Thanks for clarifying that. > Hal Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650 mione@nbcs-ns.rutgers.edu W3: http://www-ns.rutgers.edu/~mione/ PGPFP:E2252CCD28733C5B 0B918A4E22BAFA9F ***** Important: Rom 10:9-11 ***** Author of 'CDE and Motif : A Practical Primer', Prentice-Hall PTR -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBNpzjJfMKRuSgNA5pAQGz9AL9EnqXWqwcaikBxD0M1e0Kp068r32ejqpI xlHUA7SWTeG1t7LWe22juESM1IiDAM/rCOWIVrZ5KTwbV6BxW//4UEyYgp7u7s8/ KNA/2PFR9iHvPiJFLQ6t+OHOAeXJ50/D =ccTD -----END PGP SIGNATURE----- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA21582 for ietf-open-pgp-bks; Wed, 13 Jan 1999 09:51:10 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA21578 for ; Wed, 13 Jan 1999 09:51:09 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id JAA17877; Wed, 13 Jan 1999 09:52:24 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id JAA00997; Wed, 13 Jan 1999 09:45:46 -0800 Date: Wed, 13 Jan 1999 09:45:46 -0800 From: hal@rain.org Message-Id: <199901131745.JAA00997@hal.sb.rain.org> To: hal@rain.org, mione@boeing.rutgers.edu Subject: Re: Twofish Cc: ietf-open-pgp@imc.org Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Tony Mione, , writes: > I would like to (if it is agreeable) add the concept of parameters for > symmetric algorithms to my v1.1 laundry list. It should probably be handled > in a similar fashion to the public-key parameters (for DSA, etc). This > would probably mean specifying an 'Enhanced symmetric-key encrypted > session-key packet' to replace the existing one but I will leave that up to > the group to hash out. > > Does this sound reasonable to people? OK, but as I said, there are three places (at least) where symmetric key algorithms are specified. In addition to the SKESK which you propose to enhance, there is the public-key ESK, and also there is the secret key packet where they are used to specify what algorithm encrypts the secret key data. So we would need perhaps three new packet formats. Hal Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id HAA20195 for ietf-open-pgp-bks; Wed, 13 Jan 1999 07:30:09 -0800 (PST) Received: from sirius.infonex.com (sirius.infonex.com [209.75.197.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id HAA20190 for ; Wed, 13 Jan 1999 07:30:08 -0800 (PST) Received: (from nobody@localhost) by sirius.infonex.com (8.8.8/8.8.8) id HAA23126; Wed, 13 Jan 1999 07:31:24 -0800 (PST) Date: Wed, 13 Jan 1999 07:31:24 -0800 (PST) From: mark@unicorn.com To: ietf-open-pgp@imc.org Message-Id: <916241483.23125.193.133.230.33@unicorn.com> Subject: Re: Twofish Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: hal@rain.org wrote: >128 bits >is really very strong still, but if we do want to go up, 192 seems more >reasonable to me than 256. That would be my recommendation. What would be the *disadvantage* of choosing 256 bits? I can see the potential advantage if quantum computing does become feasible in the next decade or so, but I can't see any real disadvantage; as far as I'm aware we'd just have a slightly larger data size and a slightly longer key setup time. If that's the case and we only have one key size, I'd say go for 256 bits because it has potential advantages which could significantly outweigh the minor disadvantages. Mark Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA19346 for ietf-open-pgp-bks; Wed, 13 Jan 1999 05:40:32 -0800 (PST) Received: from boeing.rutgers.edu (boeing.rutgers.edu [165.230.8.73]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA19342 for ; Wed, 13 Jan 1999 05:40:31 -0800 (PST) Received: from localhost (mione@localhost) by boeing.rutgers.edu (8.8.8/8.8.8) with SMTP id IAA06886; Wed, 13 Jan 1999 08:41:45 -0500 (EST) Date: Wed, 13 Jan 1999 08:41:44 -0500 (EST) From: Tony Mione To: hal@rain.org cc: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <199901130110.RAA04405@hal.sb.rain.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: -----BEGIN PGP SIGNED MESSAGE----- On Tue, 12 Jan 1999 hal@rain.org wrote: > One question is key size. PGP key algorithm values have defined key > sizes. Twofish, like the other AES candidates, can be used with key > sizes of 128, 192, or 256 bits. (Actually the cipher allows use of any > smaller size key as well.) > In some contexts where symmetric key algorithm values are used, the > key size can be determined from the message format. For example, > Public-Key Encrypted Session Key Packets use PKCS-1 encoding for the > encrypted session key, and that encoding implicitly determines the > key size (at least to a multiple of eight bytes). > However, this is not always the case. Symmetric-Key ESK packets > encrypt one key with another, and the two keys' lengths are allowed > to be different. Only the encrypted key has its length determined by > context, not the encrypting key. Symmetric key algorithm values are > also used in secret key packets, and there, too, the key lengths cannot > be determined from context. I think we should deal with this issue reasonably soon. We probably cannot deal with it until the v1.1 spec. However, with the number of symmetric key algorithms that are being designed with variable key lengths and other parameters, it will become prohibitive to assign identifiers for each. Picking a specific key length may be too limiting (a user may WANT 256 bit keys) and this does not handle other variables of the algorithm. Take, for instance rc6 (another AES candidate) which allows variable rounds and blocksizes as well. rc6 as specified for the AES the way I read it will be RC6-32/20/{16,24,32}. The first number is the number of bits in a block. The second is the number of rounds. The third is the key size in bytes (it will handle 128,192,and 256 bit keys). Just because this is the definition for AES does not mean that we should not allow it to be run with alternate word sizes or rounds. I would like to (if it is agreeable) add the concept of parameters for symmetric algorithms to my v1.1 laundry list. It should probably be handled in a similar fashion to the public-key parameters (for DSA, etc). This would probably mean specifying an 'Enhanced symmetric-key encrypted session-key packet' to replace the existing one but I will leave that up to the group to hash out. Does this sound reasonable to people? > To deal with this, we have always defined symmetric key algorithm > values to represent both a cipher and a key length. Blowfish was a > variable-key-length algorithm, but the Blowfish cipher algorithm byte > was defined to represent a 128-bit key version. >... > computing which nobody really expects to happen. 192 bits is more > than enough strength for any reasonable cryptographic attack. 128 bits > is really very strong still, but if we do want to go up, 192 seems more > reasonable to me than 256. That would be my recommendation. We should probably choose a single size for the time being. Later, if the above recommendation gets implemented in the v1.1 OpenPGP spec, we would define newer algorithm identifiers with variable parameters. > Hal Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650 mione@nbcs-ns.rutgers.edu W3: http://www-ns.rutgers.edu/~mione/ PGPFP:E2252CCD28733C5B 0B918A4E22BAFA9F ***** Important: Rom 10:9-11 ***** Author of 'CDE and Motif : A Practical Primer', Prentice-Hall PTR -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBNpyijfMKRuSgNA5pAQGkcgMAjrA/l/4Ad4bVQ4KSYmUO6ZSrVliecq/w xjycZ6PYc/BAk1dSKXjrwJe5t81KZCvYeDDUISyp4gsHp/R+fqmIXuQCpm0Rmf3g fE/+yqKyH43TpghTgEH2Pp215EIeDHIR =pc/J -----END PGP SIGNATURE----- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id CAA15929 for ietf-open-pgp-bks; Wed, 13 Jan 1999 02:19:59 -0800 (PST) Received: from koeln.shuttle.de (uucp@koeln.shuttle.de [194.95.247.252]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id CAA15924 for ; Wed, 13 Jan 1999 02:19:55 -0800 (PST) Received: by koeln.shuttle.de (8.9.0/8.9.0) id LAA17429 for ietf-open-pgp@imc.org; Wed, 13 Jan 1999 11:20:58 +0100 (MET) Received: (qmail 24814 invoked from network); 13 Jan 1999 10:16:38 -0000 Received: from frodo.isil.d.shuttle.de (qmailr@172.20.1.4) by beren.isil.d.shuttle.de with SMTP; 13 Jan 1999 10:16:38 -0000 Received: (qmail 5759 invoked by uid 501); 13 Jan 1999 10:16:30 -0000 Message-ID: <19990113111630.P5519@isil.d.shuttle.de> Date: Wed, 13 Jan 1999 11:16:30 +0100 From: Werner Koch To: ietf-open-pgp@imc.org Subject: Re: Twofish Mail-Followup-To: ietf-open-pgp@imc.org References: <199901130110.RAA04405@hal.sb.rain.org> Mime-Version: 1.0 X-Mailer: Mutt 0.93i In-Reply-To: <199901130110.RAA04405@hal.sb.rain.org>; from hal@rain.org on Tue, Jan 12, 1999 at 05:10:13PM -0800 X-URL: http://www.d.shuttle.de/isil Content-Type: text/plain; charset=us-ascii Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: hal@rain.org writes: > To deal with this, we have always defined symmetric key algorithm > values to represent both a cipher and a key length. Blowfish was a Another way to handle this is to specify a new version for these packets (5) which carry more information than just the algorithm. A standard key length (192 for Twofish?) should then be used with v4 packets. I know that this is not covered by rfc2440 but we might consider it for a new release. Werner Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA21643 for ietf-open-pgp-bks; Tue, 12 Jan 1999 17:15:33 -0800 (PST) Received: from coyote.rain.org (root@coyote.rain.org [198.68.144.2]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA21639 for ; Tue, 12 Jan 1999 17:15:31 -0800 (PST) Received: from hal.sb.rain.org (hal.sb.rain.org [198.68.144.57]) by coyote.rain.org (8.9.2/8.9.2) with ESMTP id RAA05228 for ; Tue, 12 Jan 1999 17:16:49 -0800 (PST) Received: (from hal@localhost) by hal.sb.rain.org (8.8.7/8.8.7) id RAA04405 for ietf-open-pgp@imc.org; Tue, 12 Jan 1999 17:10:13 -0800 Date: Tue, 12 Jan 1999 17:10:13 -0800 From: hal@rain.org Message-Id: <199901130110.RAA04405@hal.sb.rain.org> To: ietf-open-pgp@imc.org Subject: Re: Twofish Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: One question is key size. PGP key algorithm values have defined key sizes. Twofish, like the other AES candidates, can be used with key sizes of 128, 192, or 256 bits. (Actually the cipher allows use of any smaller size key as well.) In some contexts where symmetric key algorithm values are used, the key size can be determined from the message format. For example, Public-Key Encrypted Session Key Packets use PKCS-1 encoding for the encrypted session key, and that encoding implicitly determines the key size (at least to a multiple of eight bytes). However, this is not always the case. Symmetric-Key ESK packets encrypt one key with another, and the two keys' lengths are allowed to be different. Only the encrypted key has its length determined by context, not the encrypting key. Symmetric key algorithm values are also used in secret key packets, and there, too, the key lengths cannot be determined from context. To deal with this, we have always defined symmetric key algorithm values to represent both a cipher and a key length. Blowfish was a variable-key-length algorithm, but the Blowfish cipher algorithm byte was defined to represent a 128-bit key version. In adding Twofish, we should probably either add three values, for 128-, 192-, and 256-bit versions, or we should settle on a single size. If we choose a single size, it would probably make sense to have the Twofish key size be bigger than the 128 bits used by most of our current keys. Unlike the other ciphers, Twofish has a 128 bit block size. (Keep in mind that the block size bears no necessary relation to the key size, except that bigger is better in both cases.) All our other ciphers use a 64 bit block size. Given this increase in size, we should probably consider 192 or 256 bits as the Twofish key size. Either one of these would probably be OK. Personally, I feel that 256 bits is awfully big for a key. There is some speculation that the AES required such a large key to protect against exotic advances in quantum computing which nobody really expects to happen. 192 bits is more than enough strength for any reasonable cryptographic attack. 128 bits is really very strong still, but if we do want to go up, 192 seems more reasonable to me than 256. That would be my recommendation. Hal Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA21576 for ietf-open-pgp-bks; Tue, 12 Jan 1999 17:06:32 -0800 (PST) Received: from ignem.omnigroup.com (root@omnigroup.com [198.151.161.40]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA21571 for ; Tue, 12 Jan 1999 17:06:31 -0800 (PST) Received: from reason.omnigroup.com (reason [198.151.161.25]) by ignem.omnigroup.com (8.8.5/8.8.5) with SMTP id RAA22111 for ; Tue, 12 Jan 1999 17:07:55 -0800 (PST) Message-Id: <199901130107.RAA22111@ignem.omnigroup.com> Received: by reason.omnigroup.com (NX5.67g/NX3.0X) id AA02064; Tue, 12 Jan 99 17:08:03 -0800 Content-Type: text/plain Mime-Version: 1.0 (NeXT Mail 4.2mach v148) In-Reply-To: X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.1) Received: by NeXT.Mailer (1.148) From: William Lewis Date: Tue, 12 Jan 99 17:08:02 -0800 To: ietf-open-pgp@imc.org Subject: Re: Twofish References: X-Pgp-Id: 0x27F772C1 Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Max Inux wrote: > I dont know about NAI, but from what Werner has said on the GPG list he > intends to remove Blowfish, which makes sense, I dont know about anyone > else but I have yet to see anyone use Blowfish, so why not just pretend it > was not there and just go with twofish? after AES is done, it surely will > have been proven. It's asking for trouble to have an ambiguous assigned number. If there were a shortage of available numbers, reusing Blowfish's might make sense; but there isn't, and if someday there is, Blowfish's number can be reused then. The argument that Twofish is Blowfish's successor doesn't hold water, IMHO. Twofish won't decrypt a message encrypted with Blowfish, so they're different algorithms, despite sharing authorship or structure. Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA21488 for ietf-open-pgp-bks; Tue, 12 Jan 1999 16:49:32 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA21484 for ; Tue, 12 Jan 1999 16:49:32 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id QAA11553 for ; Tue, 12 Jan 1999 16:50:21 -0800 (PST) Message-Id: <3.0.3.32.19990112164927.00ad2840@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Tue, 12 Jan 1999 16:49:27 -0800 To: ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <9901130028.AA35114@watpub1.watson.ibm.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: At 07:28 PM 1/12/99 -0500, uri wrote: So, Twofish is a logical successor for Blowfish - and let's treat it like that. If people have Blowfish-encrypted stuff already (which I doubt, but you never know) - they can do a one-time move. Better than to carry unnecessary baggage. I'm uncomfortable with re-declaring an identifier. It's just not good engineering practice to my mind. I think it is much better use another identifier. This would only put us up to 10, and that includes four identifiers that are presently only reserved. If 2440 were not out, I'd have no problem. But it is out there, and it just bugs me to redeclare an identifier if it inconveniences even a single user. By the bye, an inconvenient page break in 2440 made me say something stupid in my last message. The identifier should be 10, not 8. Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id QAA21240 for ietf-open-pgp-bks; Tue, 12 Jan 1999 16:27:15 -0800 (PST) Received: from igw3.watson.ibm.com (igw3.watson.ibm.com [198.81.209.18]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id QAA21236 for ; Tue, 12 Jan 1999 16:27:13 -0800 (PST) Received: from mailhub.watson.ibm.com (mailhub.watson.ibm.com [9.2.250.97]) by igw3.watson.ibm.com (8.8.7/07-11-97) with ESMTP id TAA07686; Tue, 12 Jan 1999 19:28:21 -0500 Received: from watpub1.watson.ibm.com (watpub1.watson.ibm.com [9.2.101.12]) by mailhub.watson.ibm.com (8.8.7/Feb-20-98) with SMTP id TAA08254; Tue, 12 Jan 1999 19:28:21 -0500 Received: by watpub1.watson.ibm.com (AIX 4.1/UCB 5.64/6/25/96) id AA35114; Tue, 12 Jan 1999 19:28:17 -0500 From: uri Message-Id: <9901130028.AA35114@watpub1.watson.ibm.com> Subject: Re: Twofish To: maxinux@bigfoot.com (Max Inux) Date: Tue, 12 Jan 1999 19:28:17 -0500 (EST) Cc: ietf-open-pgp@imc.org In-Reply-To: from "Max Inux" at Jan 12, 99 04:03:36 pm Reply-To: uri@watson.ibm.com X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Max Inux says: > >Both Werner Koch and his GNUPG team and the NAI PGP team are planning on > >putting Twofish (256-bit key) in versions of their respective OpenPGP > >programs.............. Comments? Discussion? > > I dont know about NAI, but from what Werner has said on the GPG list he > intends to remove Blowfish, which makes sense, I dont know about anyone > else but I have yet to see anyone use Blowfish, so why not just pretend it > was not there and just go with twofish? after AES is done, it surely will > have been proven. I second this. How many ciphers do we need, after all? We aren't in the contest "who can support more", right? So, Twofish is a logical successor for Blowfish - and let's treat it like that. If people have Blowfish-encrypted stuff already (which I doubt, but you never know) - they can do a one-time move. Better than to carry unnecessary baggage. -- Regards, Uri uri@watson.ibm.com -=-=-=-=-=-=- Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id PAA21052 for ietf-open-pgp-bks; Tue, 12 Jan 1999 15:59:41 -0800 (PST) Received: from khercs.chipware.net (maxinux@209-142-18-8.oak.inreach.net [209.142.18.8]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id PAA21048 for ; Tue, 12 Jan 1999 15:59:39 -0800 (PST) Received: from localhost (maxinux@localhost) by khercs.chipware.net (8.8.7/8.8.7) with ESMTP id QAA10528 for ; Tue, 12 Jan 1999 16:03:36 -0800 X-Authentication-Warning: khercs.chipware.net: maxinux owned process doing -bs Date: Tue, 12 Jan 1999 16:03:36 -0800 (PST) From: Max Inux X-Sender: maxinux@khercs.chipware.net To: ietf-open-pgp@imc.org Subject: Re: Twofish In-Reply-To: <3.0.3.32.19990112122320.00b67780@mail.pgp.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: On Tue, 12 Jan 1999, Jon Callas wrote: >Both Werner Koch and his GNUPG team and the NAI PGP team are planning on >putting Twofish (256-bit key) in versions of their respective OpenPGP >programs. Consequently, we need to agree on a constant for it. I propose we >use 8 (eight) as it's the next one in line. > >Comments? Discussion? > > Jon I dont know about NAI, but from what Werner has said on the GPG list he intends to remove Blowfish, which makes sense, I dont know about anyone else but I have yet to see anyone use Blowfish, so why not just pretend it was not there and just go with twofish? after AES is done, it surely will have been proven. -MaxInux aka William Tiemann Max New PGP Keys Available If crypto is outlawed only outlaws will have crypto. 1960 Ford Falcon Tudor Daily Driver, Dont you just wish you had one? Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id MAA19303 for ietf-open-pgp-bks; Tue, 12 Jan 1999 12:24:40 -0800 (PST) Received: from fusebox.pgp.com (fusebox.pgp.com [161.69.1.11]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id MAA19298 for ; Tue, 12 Jan 1999 12:24:30 -0800 (PST) Received: from jcallas (dhcp-47-64.dhcp.nai.com [161.69.47.64]) by fusebox.pgp.com (8.8.7/8.8.7) with SMTP id MAA10111; Tue, 12 Jan 1999 12:24:13 -0800 (PST) Message-Id: <3.0.3.32.19990112122320.00b67780@mail.pgp.com> X-Sender: jon@mail.pgp.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Tue, 12 Jan 1999 12:23:20 -0800 To: Werner Koch , ietf-open-pgp@imc.org From: Jon Callas Subject: Re: Twofish In-Reply-To: <19981223182340.B26633@isil.d.shuttle.de> References: <9812231432.AA49702@watpub1.watson.ibm.com> <9812231432.AA49702@watpub1.watson.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: Both Werner Koch and his GNUPG team and the NAI PGP team are planning on putting Twofish (256-bit key) in versions of their respective OpenPGP programs. Consequently, we need to agree on a constant for it. I propose we use 8 (eight) as it's the next one in line. Comments? Discussion? Jon ----- Jon Callas jon@pgp.com CTO, Total Network Security 3965 Freedom Circle Network Associates, Inc. Santa Clara, CA 95054 (408) 346-5860 Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS) 665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA) Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id AAA24382 for ietf-open-pgp-bks; Fri, 8 Jan 1999 00:16:34 -0800 (PST) Received: from krdl.org.sg (rodin.krdl.org.sg [137.132.252.27]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id AAA24378; Fri, 8 Jan 1999 00:16:28 -0800 (PST) Received: from mailhost.krdl.org.sg (mailbox.krdl.org.sg [137.132.247.30]) by krdl.org.sg (8.9.0/8.9.0) with ESMTP id QAA19629; Fri, 8 Jan 1999 16:20:41 +0800 (SGT) Received: from colorado (colorado [137.132.249.218]) by mailhost.krdl.org.sg (8.9.0/8.9.0) with SMTP id QAA10492; Fri, 8 Jan 1999 16:14:52 +0800 (SGT) Date: Fri, 8 Jan 1999 16:14:09 +0800 (SGT) From: Jianying Zhou X-Sender: jyzhou@colorado To: aft@socks.nec.com, ietf-cat-wg@lists.stanford.edu, cryptography@c2.net, dns-security@tis.com, Firewalls@lists.gnac.net, ids@uow.edu.au, ietf-open-pgp@imc.org, ietf-otp@bellcore.com, ietf-pkix@imc.org, ietf-radius@livingston.com, ietf-smime@imc.org, ietf-ssh@clinet.fi, ietf-tls@consensus.com, ietf@ietf.org, ipsec@tis.com, OGsecurity@opengroup.org, pem-dev@tis.com, risks@csl.sri.com, spki@c2.net, virus-l@lehigh.edu, www-buyinfo@allegra.att.com, www-security@ns2.rutgers.edu Subject: Re: ACM CCS'99 CFP In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: I apology for sending a large attachment in an early message. Sorry. Jianying Zhou Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id JAA15042 for ietf-open-pgp-bks; Mon, 4 Jan 1999 09:30:38 -0800 (PST) Received: from relay.hq.tis.com (firewall-user@relay.hq.tis.com [192.94.214.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id JAA15038 for ; Mon, 4 Jan 1999 09:30:37 -0800 (PST) Received: by relay.hq.tis.com; id MAA10486; Mon, 4 Jan 1999 12:38:38 -0500 (EST) Received: from clipper.hq.tis.com(10.33.1.2) by relay.hq.tis.com via smap (4.1) id xma010439; Mon, 4 Jan 99 12:37:41 -0500 Received: from balenson.hq.tis.com (balenson.hq.tis.com [10.33.80.11]) by clipper.hq.tis.com (8.9.1/8.9.1) with SMTP id MAA02513; Mon, 4 Jan 1999 12:26:04 -0500 (EST) Message-Id: X-Sender: balenson@pop.hq.tis.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0 Date: Mon, 04 Jan 1999 12:27:09 -0500 To: ietf-open-pgp@imc.org From: "David M. Balenson" Subject: REMINDER: Jan 6th Early Bird Deadline for NDSS '99 Cc: balenson@tis.com Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=====================_915488829==_" Sender: owner-ietf-open-pgp@imc.org Precedence: bulk List-Archive: List-Unsubscribe: --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" S A V E $ 7 0 O F F R E G I S T R A T I O N F E E ! ! R E G I S T E R B Y J A N U A R Y 6 , 1 9 9 9 THE INTERNET SOCIETY'S 1999 NETWORK AND DISTRIBUTED SYSTEM SECURITY (NDSS) SYMPOSIUM February 3-5, 1999 Catamaran Resort Hotel San Diego, California General Chair: Steve Welke, Trusted Computer Solutions Program Chairs: Steve Kent, BBN Technologies Gene Tsudik, USC/Information Sciences Institute ONLINE INFORMATION AND REGISTRATION: http://www.isoc.org/ndss99 KEYNOTE SPEAKER: Whitfield Diffie, Sun Microsystems. Co-author of "Privacy on the Line: The Politics of Wiretapping and Encryption." THIS YEAR'S TOPICS INCLUDE: - Secure Password-Based Protocol for Downloading a Private Key - A Real-World Analysis of Kerberos Password Security - Secure Remote Access to an Internal Web Server - Security and the User - Experimenting with Shared Generation of RSA Keys - Addressing the Problem of Undetected Signature Key Compromise - Practical Approach to Anonymity in Large Scale Electronic Voting Schemes - Securing the Internet's Exterior Routing Infrastructure - Distributed Policy Management for Java 1.2 - Distributed Execution with Remote Audit - An Algebra for Assessing Trust in Certification Chains - A Network Security Research Agenda - PGRIP: PNNI Global Routing Infrastructure Protection - A Cryptographic Countermeasure Against Connection Depletion Attacks - IPSec: Friend or Foe? EXPANDED PRE-CONFERENCE TECHNICAL TUTORIALS: - Principles of Network Security (Dr. Stephen T. Kent, BBN Technologies) - Optical Network Security (Jeff Ingle and Dr. Eric Harder, NSA) - Electronic Payment Systems (Dr. B. Clifford Neuman, USC/ISI) - Windows NT Security (Dominique Brezinski, Secure Computing Corp.) - Web Security and Beyond (Dr. B. Clifford Neuman, USC/ISI) - JAVA Security (Dr. Gary McGraw, Reliable Software Technologies) Full details and biographies at http://www.isoc.org/ndss99/technical.shtml --=====================_915488829==_ Content-Type: text/plain; charset="us-ascii" ---------------------------------------------------------------------- David M. Balenson, Publicity Chair, NDSS '99 TIS Labs at Network Associates, Inc. 3060 Washington Road, Suite 100, Glenwood, MD 21738 USA balenson@tis.com; 443-259-2358; fax 301-854-4731 --=====================_915488829==_--