IETF Logo Mail Archive

Re: [Cfrg] draft-irtf-cfrg-dragonfly document status

Watson Ladd <watsonbladd@gmail.com> Wed, 08 October 2014 18:09 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 132211A6FF7 for <cfrg@ietfa.amsl.com>; Wed, 8 Oct 2014 11:09:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M9ihCsSFFXqf for <cfrg@ietfa.amsl.com>; Wed, 8 Oct 2014 11:09:44 -0700 (PDT)
Received: from mail-yk0-x236.google.com (mail-yk0-x236.google.com [IPv6:2607:f8b0:4002:c07::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77E351A01A8 for <cfrg@irtf.org>; Wed, 8 Oct 2014 11:09:44 -0700 (PDT)
Received: by mail-yk0-f182.google.com with SMTP id 79so1631307ykr.13 for <cfrg@irtf.org>; Wed, 08 Oct 2014 11:09:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=xTJjILk/zyd8WoPMKnGxrwzh59v1Bvd91xAfc5Ui5RM=; b=DygAmu6N5adFCF5EkUvA4fh37w9FczfBJfnDd/Q1XDFXLsyouUO00XoDbleI717g+J PwYQc0EHzICqyIbRxoML5MOWUE3ifwSp35gqclbMDiIOuIk9f7k+Sc8QIHTOi9mMpN6q /FqFmnWqlLPdE2IrWa1HO+qiCmF4T+etT2nuCROCAjsBIgUt5ve5W8gnjSwz5rkGEB/+ skErCAupx2Rfmcvg/j1wJ4PXUAgiTxgwh2khXe0qa0wQ4jL/D22UVkF7unYvrI9RTtSD xkD90SflF8EfCgQgO0ltFBpYUjxPVxmp52ezmmh1TiPDZlA1pJMl0chbHvqFoVmSaiTI 2Zpg==
MIME-Version: 1.0
X-Received: by 10.236.172.161 with SMTP id t21mr17713288yhl.65.1412791783698; Wed, 08 Oct 2014 11:09:43 -0700 (PDT)
Received: by 10.170.195.149 with HTTP; Wed, 8 Oct 2014 11:09:43 -0700 (PDT)
Received: by 10.170.195.149 with HTTP; Wed, 8 Oct 2014 11:09:43 -0700 (PDT)
In-Reply-To: <54357A2A.2010800@isode.com>
References: <54357A2A.2010800@isode.com>
Date: Wed, 08 Oct 2014 11:09:43 -0700
Message-ID: <CACsn0c=222g7HHpPh++noS3H1jEhawtQAdeA1WbPObN3wZr6jQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Content-Type: multipart/alternative; boundary="20cf304273e068b80d0504ed382b"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/1Swh6GKHwFOSjYfPLJB3P2rmWFA
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] draft-irtf-cfrg-dragonfly document status
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Oct 2014 18:09:47 -0000

On Oct 8, 2014 10:53 AM, "Alexey Melnikov" <alexey.melnikov@isode.com>
wrote:
>
> Hi,
> My apologies for taking so long on this. But I felt I needed to review
mailing list discussions to make up my own mind on this topic.
>
> After reviewing mailing list discussions about this draft, I would like
to do another RGLC on it. I've seen negative comments on the mailing list,
but I've also seen some interest in this work and I am also aware that some
variants of the algorithm are already implemented/deployed. Also, there
were a couple of new revisions of the draft and it is not clear whether
people who reported original problems are happy with how they got resolved.
So I would like to see a bit more positive feedback on the latest version,
in particular I would like to know if specific issues raised by earlier
reviews are addressed in the latest version.

My comment (there is no security proof, and alternatives with better
provable security) has been acknowledged to be unresolveable. The draft
authors knew this from the very beginning.

I don't think we should approve a protocol that doesn't have a security
proof, particularly given that we are going to work on alternatives.

There is plenty of terrible crypto in IEEE standards we don't issue drafts
for because it is so terrible. To the extent our publication leads to use
of dragonfly as opposed to known - good protocols, it's a problem.

>
> Considering how difficult previous Last Call on the document was, I would
like to ask people to:
> 1) keep in mind that CFRG chairs believe that the RG should work on PAKE
requirements and after that on other PAKE proposals. This was suggested by
our previous co-chair David McGrew:
>   http://www.ietf.org/mail-archive/web/cfrg/current/msg03723.html

Why doesn't this apply to dragonfly, but only other proposals?

> 2) be professional, in particular no ad hominem attacks
> 3) be constructive. In particular if you would like a disclaimer being
added to the document, please suggest specific text.
> 4) simple statements of support for publishing the document or objection
to publishing it are fine and encouraged. Sending them directly to RG
chairs is fine. But please avoid saying "but what about PAKEXXX?", due to
1).
> 5) unlike IETF, IRTF RGs are not required to reach rough consensus.
However I would like to see us try.
>
> Best Regards,
> Alexey,
> on behalf of chairs.
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email