office message

Subject: chat notes from ODF TC teleconference - 04 Dec 2017

From: Patrick Durusau <patrick@durusau.net>
To: ODF TC List <office@lists.oasis-open.org>
Date: Mon, 4 Dec 2017 13:02:26 -0500

Greetings!

Thanks to Jos we have very good chat notes for the meeting today!

Hope everyone is at the start of a great week!

Patrick

Chat notes - 04 December 2017

        Patrick: quorum
      

        Jos van den Oever: No additions to the agenda. Agenda approved.
      

        Patrick: agenda approved
      

        Jos van den Oever: a. https://issues.oasis-open.org/browse/OFFICE-3940 Add OpenPGP-based XML encryption
      

        Thorsten: https://www.w3.org/TR/xmldsig-core/#sec-PGPData
      

        Jos van den Oever: https://www.w3.org/TR/2008/REC-xmldsig-core-20080610/#sec-PGPData
      

        Jos van den Oever: The xmldsig version of 2008 also references PGP.
      

        Jos van den Oever: Patrick: in ODF we can already encrypt with PGP, but cannot store info on the public key that was used
      

        Jos van den Oever: Thorsten: in email you have hybrid encryption, with a symmetric key. The session key is encrypted with all recipients public key.
      

        Jos van den Oever: Thorsten: each recipient gets it's own version of the encrypted session key. This is a nice way to go about without needing an external communication channel.
      

        Jos van den Oever: Thorsten: for signatures we are good, but encryption is still lacking
      

        Jos van den Oever: Michael: i have an issue with password based encryption. It uses a different key for every file in the session. With many iterations, it takes a long time to get these keys for all files. We could restructure to use only one key per package.
      

        Jos van den Oever: Michael: we could put one package in a zip file to have only one encryption.
      

        Jos van den Oever: Thorsten: the only thing to retain AES initialization vector and keep that for every file.
      

        Jos van den Oever: Michael: init vectors is why we run KDF once per file.
      

        Jos van den Oever: Jos: does KDF take so long?
      

        Jos van den Oever: Michael: yes, because hashing would be run on cpu and that's fine, but now we have gpus' and they are much faster and in parallel. So we need more iterations to avoid brute-forcing.
      

        Jos van den Oever: Thorsten: with a public/private key this issue is not present.
      

        Jos van den Oever: Michael: yes this is an issue only with passwords
      

        Jos van den Oever: Thorsten: so you want to have key-derivation attribute out of individual files?
      

        Jos van den Oever: Michael: yes, have an inner package with the encrypted content
      

        Jos van den Oever: Jos: so for password encryption it's beneficial to have a single encrypted package file
      

        Jos van den Oever: Michael: yes
      

        Jos van den Oever: Thorsten: unf that's a larger rearchitecturing
      

        Jos van den Oever: Thorsten: the initialization vector was added because you might have many files starting with the same 16 bytes.
      

        Jos van den Oever: Thorten: one blob with encrypted content solves that issue
      

        Jos van den Oever: Thorsten: as to PGP/GPG support is just piggybanking on the existing encryption software, with the main part still being symmetric
      

        Jos van den Oever: Jos: do you create a new file for each recipient or put encrypted keys for each recipient in the file?
      

        Jos van den Oever: Thorsten: we put the encrypted keys for each recipient in the file
      

        Jos van den Oever: Jos: so you can see in the file who are the recipients
      

        Jos van den Oever: Thorsten: the key id / key fingerprint is required
      

        Jos van den Oever: Thorsten: for x509 key package is usually also included
      

        Jos van den Oever: Jos: would it make sense to keep the asymmetric receiver specific part external to the odf document?
      

        Jos van den Oever: Thorsten: it's easier to keep it all in one place
      

        Jos van den Oever: Thorsten: anything that is out of band may be lost
      

        Jos van den Oever: Jos: are we sure things are missing?
      

        Jos van den Oever: Patrick: at the time, just password protection seemed enough, promoting encrypting is the right direction
      

        Jos van den Oever: Patrick: i'm not sure this proposal goes far enough or if we need something more substantial. Can we get a lot of benefit with small effort. Would we have a good differentiator with other systems?
      

        Jos van den Oever: Thorsten: the current proposal is the minimal change we need
      

        Jos van den Oever: Thorsten: conceivable we could go to x509 if there's a sponsor for that, to cover most prevalent encryption systems
      

        Jos van den Oever: Michael: feature is a good idea, unf cannot read schema diff due to jira mangling it.
      

        Jos van den Oever: Thorsten: email to the list should have better (no) formatting
      

        Jos van den Oever: Michael: i did get the mail, even though it's broken for Thorsten
      

        Jos van den Oever: Michael: but the no-formatting does not work because enabling it would have consequenced for all current comments
      

        Jos van den Oever: Regina: can you make an example manifest.xml?
      

        Jos van den Oever: Thorsten: ok
      

        Jos van den Oever: Patrick: this is now an open issue for odf 1.3
      

        Jos van den Oever: next: b. https://issues.oasis-open.org/browse/OFFICE-3906 DCOUNT and DCOUNTA
Field argument can be omitted
      

        Jos van den Oever: Patrick: there are some cases where a field can be ommitted
      

        Jos van den Oever: Patrick: there is no example where the final field is required but a middle field is optional
      

        Jos van den Oever: Jos: have Field be optional and Criterium required would break current pattern, but Field might be required, so empty string between the two ';' characters
      

        Jos van den Oever: Patrick: the criteria should ideally be earlier because it's always desired
      

        Jos van den Oever: Regina: i see no problem. the semicolons will avoid confusion
      

        Michael Stahl: LINEST
      

        Jos van den Oever: Michael: LINEST has optional knownX which can still be followed by other arguments
      

        Jos van den Oever: Regina: this case is explained in other functions where this happens. The same text could be added to the function in this proposal
      

        Jos van den Oever: Jos: that's a good solution
      

        Regina Henschel: Something as in CEILING "If significance is omitted or an empty parameter (two consecutive ;; semicolons)..."
      

        Jos van den Oever: Patrick: with the addition of that language, we can mark this issue as resolved
      

        Jos van den Oever: Patrick: with that we adjourn
      

-- 
Patrick Durusau
patrick@durusau.net
Technical Advisory Board, OASIS (TAB)
Editor, OpenDocument Format TC (OASIS), Project Editor ISO/IEC 26300
Co-Editor, ISO/IEC 13250-1, 13250-5 (Topic Maps)

Another Word For It (blog): http://tm.durusau.net
Homepage: http://www.durusau.net
Twitter: patrickDurusau

Attachment: signature.asc
Description: OpenPGP digital signature