Re: [Cfrg] considering new topics for CFRG
"Max Pritikin (pritikin)" <pritikin@cisco.com> Wed, 08 January 2014 02:31 UTC
Return-Path: <pritikin@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C65B21AE295 for <cfrg@ietfa.amsl.com>; Tue, 7 Jan 2014 18:31:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.039
X-Spam-Level:
X-Spam-Status: No, score=-10.039 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZB3C5cwnRjup for <cfrg@ietfa.amsl.com>; Tue, 7 Jan 2014 18:31:51 -0800 (PST)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) by ietfa.amsl.com (Postfix) with ESMTP id 731361AE293 for <cfrg@irtf.org>; Tue, 7 Jan 2014 18:31:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4936; q=dns/txt; s=iport; t=1389148302; x=1390357902; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=qezF+o/YjWU3Mt/Y+2fVEUcrdjmRmrvaKDJ3PyD/amc=; b=TyjYbQOMfsUul/Vd8ipB0QHb1CuhJCdlCgMIp1eRHpptFwCnaiLytHkn QiWfk2qeesVABJsDo+HlZz1v+zWfbqgOjUENjXIMiAK8NUUARjJlHlzuL v0Oed/li7QI2yCqFhg/85Uhrr0V48YAJdMuz16ALQAewoAln8YA1QLtkO g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgcFALy3zFKtJXHA/2dsb2JhbABZgws4VbkiT4EPFnSCJQEBAQMBAQEBNzQLEAIBCBgeECcLJQIEDgUJh3MIDcQ0F4xigW8zB4MkgRMEmBeBMJBlgy2CKg
X-IronPort-AV: E=Sophos;i="4.95,621,1384300800"; d="scan'208";a="11253672"
Received: from rcdn-core2-5.cisco.com ([173.37.113.192]) by alln-iport-8.cisco.com with ESMTP; 08 Jan 2014 02:31:40 +0000
Received: from xhc-rcd-x04.cisco.com (xhc-rcd-x04.cisco.com [173.37.183.78]) by rcdn-core2-5.cisco.com (8.14.5/8.14.5) with ESMTP id s082Ve9T001658 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 8 Jan 2014 02:31:40 GMT
Received: from xmb-rcd-x03.cisco.com ([169.254.7.72]) by xhc-rcd-x04.cisco.com ([fe80::200:5efe:173.37.183.34%12]) with mapi id 14.03.0123.003; Tue, 7 Jan 2014 20:31:39 -0600
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [Cfrg] considering new topics for CFRG
Thread-Index: AQHPCOZ5ilotVn8nX0GDP1xk3l6DPZp00MIAgAJsvICAAVI3AIAAI3sAgAHTHIA=
Date: Wed, 08 Jan 2014 02:31:39 +0000
Message-ID: <91BE5B4B-AE45-4C05-A423-EDF744A54766@cisco.com>
References: <52C755AA.70200@cisco.com> <CEED2882.2B867%paul@marvell.com> <52C9F739.1020301@cisco.com> <7BAC95F5A7E67643AAFB2C31BEE662D018B7D6E094@SC-VEXCH2.marvell.com> <52CB30B4.9090206@cs.tcd.ie>
In-Reply-To: <52CB30B4.9090206@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.0.25]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <3F94E87BC49A3D438E21DA5DB2C09A6F@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Sean Turner <turners@ieca.com>, "David McGrew (mcgrew)" <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] considering new topics for CFRG
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jan 2014 02:31:56 -0000
With the advent of DICE (DTLS in Constrained Environments), and similar attempts to discuss optimizations, it would seem that any discussion of "next generation" PKI discussions should include discussion on how to optimize the X.509 certificate/chain format. That appears to be missing in this conversation so far. I agree that any replacement for our current PKI is going to run into the same complexities. So, rather than assume they don't exist, would it be reasonable to look at how to optimize the existing work? Some off the cuff examples to frame what I mean: - Define a specific lightweight trust anchor format (yes, we can all use X.509 certs. But what about a canonical smaller format?) - Optimized version of the X.509 cert itself: Perhaps a compressed format similar to the (old, abandoned and incomplete) http://tools.ietf.org/html/draft-pritikin-comp-x509-00 draft for compressed certs? Perhaps a v4 format that is restructured to provide easier/quicker parsing Or if a non-ASN1 format is truly preferred then such a format could be defined that is can carry the same semantics as the existing PKI (namely, if the problem is ASN1 then we can fix that without also re-inventing all the rest) Approaching the questions from this angle leads me to ask what _exactly_ the concerns with the current PKI are. Is it the ASN1, the CA infrastructure, the certificate chains, the cruft in each individual certificate, or? Thanks, - max On Jan 6, 2014, at 3:39 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > > On 01/06/2014 08:32 PM, Paul Lambert wrote: >>>> This is an intriguing thought, but probably something out of scope for >>>> CFRG. (Seems more like a PKNG thing if I understand you right.) >> >> There was an IETF PKNG that died with no visible results. > > That was an IRTF RG. IMO it never had a cadre of researchers > nor a sufficient set of IETF participants who were interested > in a nextgen thing. > >> This is an area where the IETF seems either too unfocused or mired >> in existing PKI to make progress. Hence it's on my wish list ... >> Let me know if you have any suggestion for other viable forums in IETF >> for such a topic. > > We have a list where we discussed certificate transparency but > which has a broader remit. [1] That's discussing whether or > not to start a new CT WG in the IETF at the moment. > > There's the wpkops WG for operational issues related to the > web PKI. [2] They could do with help in terms of cycles to do > already-identified work (not hugely interesting for a > security/crypto researcher though probably). > > The PKIX list [3] is still open, and would be a good place to > talk about any X.509-related PKI stuff. Not so good for non > X.509 based PKI though maybe unless for an approach that's > very much evolutionary and starts from X.509. > > And there's the saag list [4] which is for general security > topics if none of the above fit. > > So stuff is happening and there are places to discuss and > propose stuff. And Sean and I would be quite happy to try > help PKI nextgen stuff progress in the IETF should there > be credible proposals. > > However, current PKI is not an easy thing to displace, no > matter how much you dislike parts or all of it. The main > reasons IMO are that replacements are likely to suffer a lot > of the same (or equivalent) complexity since its a complex > problem, and that any credible replacement will take at least > a few years to work out and them 5-10 to get deployed which > seems to be beyond the horizon for researchers (speaking as > one who chases funding;-). One could argue that that's why > of all the "large DB of public keys" approaches, only CT > seems to be left standing. > > One other thing - listing the problems with the current PKI > is not likely to be a useful place to start. We know those, > and any credible approach would start with a fairly well > worked out proposal, including consideration of that 5-10 > year overlap period. Its not easy;-) > > Having said all that though, CT is I think a good proof of > concept that the large-DB-of-public-keys thing could be > a runner, and we have learned a lot about the wrinkles in > X.509 based PKI over the years so there is hope maybe. > > S. > > PS: For any of [1]-[4] please check the archives before > diving in, or ask someone who might be familiar, which > could include me. > > [1] https://www.ietf.org/mailman/listinfo/therightkey > [2] http://tools.ietf.org/wg/wpkops/ > [3] https://www.ietf.org/mailman/listinfo/pkix > [4] https://www.ietf.org/mailman/listinfo/saag > > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Trevor Perrin
- [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG David Wagner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Adam Back
- [Cfrg] QKD is pointless (was: Re: considering new… David McGrew
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paterson, Kenny
- Re: [Cfrg] QKD is pointless (was: Re: considering… Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Watson Ladd
- [Cfrg] DANE in the IETF (was: Re: considering new… Paul Hoffman
- [Cfrg] One Key -> RE: considering new topics for … Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paul Lambert
- [Cfrg] ReL DANE in the IETF (was: Re: considering… Paul Hoffman
- Re: [Cfrg] QKD is pointless David McGrew
- Re: [Cfrg] QKD is pointless Hilarie Orman
- [Cfrg] likelihood that someone has a quantum comp… David McGrew
- Re: [Cfrg] considering new topics for CFRG dan
- Re: [Cfrg] likelihood that someone has a quantum … David Jacobson
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … Watson Ladd
- Re: [Cfrg] likelihood that someone has a quantum … Yoav Nir
- Re: [Cfrg] likelihood that someone has a quantum … Stephen Farrell
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] likelihood that someone has a quantum … Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless David Wagner
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Igoe, Kevin M.
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- [Cfrg] 'key centric' architecture (was: Re: consi… Rene Struik
- Re: [Cfrg] 'key centric' architecture (was: Re: c… Richard Barnes
- Re: [Cfrg] considering new topics for CFRG David McGrew