By Neal | September 4, 2024
Over the past few months, we’ve attended a number of conferences. In addition to hearing from a lot of people who had helpful feedback and fresh ideas, we’ve also held several presentations.
In this post, I summarize our talks, and link to recordings when they are available. I also report on the OpenPGP Email Summit, which is a yearly gathering of some people from the OpenPGP community. (If you are interested in the so-called LibrePGP / OpenPGP schism, read on.)
At the end, I list where you can meet us in person in the near future. (Spoiler: at Datenspuren in Dresden in September, and IETF 121 in Dublin in November.)
Chameleon - trying out Sequoia the easy way
Holger started packaging Sequoia for Debian a year ago. He’s recently created a presentation about getting started with Sequoia in Debian. Over the past few months, he’s presented it at the miniDebConf Berlin, BornHack in Denmark, and DebConf 24 in South Korea.
Holger’s presentation can be summarized in one line:
$ sudo apt install gpg-from-sq
The above command installs the Chameleon in Debian testing. The
Chameleon is our reimplementation of the gpg command-line interface.
We created the Chameleon to provide people an easy way to transition
from using GnuPG to Sequoia. The main difficulty is that if a person
uses some programs that use GnuPG and simultaneously uses other
programs that use Sequoia, they will have two sets of keys,
certificates, and associated data that they have to constantly
reconcile. This is annoying to say the least. By providing a drop-in
replacement for gpg, users can switch to Sequoia all at once even if
the programs they use haven’t been explicitly ported to Sequoia. The
Chameleon was actually inspired by GnuPG, which started by
reimplementing PGP’s CLI.
Immediately after Holger’s presentations, there’s been a surge of interest in the Chameleon and Sequoia as measured by the number of bug reports and questions on IRC. Thanks a lot Holger!
Sequoia PGP, sq, gpg-from-sq, v6 OpenPGP, and Debian
Two years ago, Justus presented an introduction to Sequoia for Debian developers at DebConf 22. This year’s presentation focused on what has changed since then in both Sequoia itself, and more broadly in the OpenPGP ecosystem.
With respect to Sequoia, Justus described our architecture, our design
philosophy, and our various frontends. The frontends include sq,
our primary command line interface; the Chameleon, our drop-in
replacement for gpg; the Octopus, our replacement for Thunderbird’s
OpenPGP implementation; and sqop, our implementation of the
Stateless OpenPGP interface (SOP).
Justus then spoke about the new OpenPGP RFC, RFC 9580 (yes, we are RFC!!! 😍). He listed the highlights (authenticated encryption, Argon2, non-deterministic signatures, padding, and SHA2-based fingerprints), and he addressed the so-called schism. The schism is what the media is calling the OpenPGP and LibrePGP split. LibrePGP is Werner’s fork of an earlier version of the OpenPGP draft.
Justus explained his perspective on the situation. After years of being mostly dormant, the working group rechartered and reviewed the document proposed by Werner. The working group did not take all of Werner’s changes, and made many changes of their own. These changes included protection against key overwriting attacks, a wire format change to prevent signature aliasing, and added protection against downgrade attacks.
Werner was unhappy with the changes proposed by the working group. He then disengaged, and published his own document, which he called LibrePGP. This document was no longer compatible with the OpenPGP draft. To reduce conflicts arising from parsing ambiguities if an implementation were to support Werner’s document and the OpenPGP specification, the working group decided to yield version 5 to Werner, and switched the OpenPGP draft to version 6. A few weeks later, Werner published GnuPG 2.4.0, which started producing v5 artifacts.
Justus observed that the same sequence of events is happening again. The OpenPGP working group is currently working on standardizing post-quantum cryptography. Werner has again decided to not engage with the community. Instead, he has forked the draft, changed it in an incompatible way, and released GnuPG 2.5.0 with support for it.
The primary losers are the users. Justus asks: What can we do? Do we want to live in a world where a broad community comes together to produce a standard based on rough consensus, or accept a standard that a king deigns to give us? He prefers the former, and says that where possible we should use standardized interfaces, and avoid vendor lock-in. And he backs that position up by suggesting that people not directly use Sequoia where possible, but to instead prefer the Stateless OpenPGP interface (SOP) when it is sufficient.
OpenPGP Email Summit
Most of the Sequoia team attended this year’s OpenPGP Email Summit. The OpenPGP Email Summit is a more or less yearly gathering of people to discuss the technical details around encrypted emails using OpenPGP. Patrick Brunschwig, the author of Enigmail, founded the summit in 2015, and has organized it since then.
The summit is designed primarily as a unconference. That is, rather than having prepared presentations, those present suggest topics, which everyone then votes on. The topics with the most interest are then assigned to sessions. The sessions aren’t recorded, but we take detailed notes.
The first session this year was on a topic on everyone’s mind: how to deal with the schism arising from Werner’s fork of the OpenPGP standard. Unfortunately, there was no way to work towards a compromise: no one from GnuPG was present, and everyone who was present expressed support for OpenPGP.
The first part of the discussion focused on how different people had approached Werner to try and find a constructive way forward. Despite everyone’s willingness to make concessions, everyone reported the same result: Werner refused to budge. Further, they all had the same feeling: There is nothing that anyone can do to bring Werner back to the community; Werner will not share power.
The second half of the discussion focused on what we can do given the situation. Everyone agreed that OpenPGP is socially, and technically better, and has broad support within the community. We cannot allow a single person to dictate terms in order to avoid a conflict; we must focus on collaboration, and what is best for users. Bart Butler from Proton captured the feeling in the room: “We are moving on. This is not war.” Despite the fear that the schism would inject itself into every discussion, it wasn’t raised in a substantial way again.
Sylvester Tremmel, a reporter from Heise, was also present at the summit. He and Keywan Tonekaboni summarized their perspective on the schism in an article published on heise online (German).
The rest of the sessions focused on various topics like post quantum cryptography, header protection, forward compatibility, key distribution, and how to migrated from v4 certificates to v6 certificates.
The organization of the next summit has already been started. It will again be near Frankfurt, Germany, and will take place from April 4 to April 6, 2025. If you work on OpenPGP or have ideas about how the ecosystem should evolve, do come.
Other Appearances
I attended Rust.nl 2024, RustFest.ch, CoSin, and FrOSCon. These were great opportunities for networking, and getting to know collaborators. I also held a short presentation at RustFest, Sequoia PGP: A Not So New OpenPGP Implementation in Rust. Unfortunately, the recording has not yet been published.
Upcoming Conferences
We’ll be at Datenspuren, which is taking place in Dresden from September 20.-22. I’ll hold a talk (in German) on Saturday at 14.30 entitled Sequoia PGP: Eine nicht mehr ganz neue Implementierung von OpenPGP.
Justus will attend IETF 121 in Dublin at the beginning of November where there is most certainly going to be an OpenPGP Working Group session.
If you’re attending either event, or are in the area, we’d be happy to chat.
