Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts

Michael StJohns <msj@nthpermutation.com> Mon, 18 March 2019 20:44 UTC

Return-Path: <msj@nthpermutation.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12831130DD3 for <cfrg@ietfa.amsl.com>; Mon, 18 Mar 2019 13:44:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UhkVuGHhZq8w for <cfrg@ietfa.amsl.com>; Mon, 18 Mar 2019 13:43:58 -0700 (PDT)
Received: from mail-qt1-x843.google.com (mail-qt1-x843.google.com [IPv6:2607:f8b0:4864:20::843]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF2E71289FA for <cfrg@irtf.org>; Mon, 18 Mar 2019 13:43:57 -0700 (PDT)
Received: by mail-qt1-x843.google.com with SMTP id z25so19602020qti.13 for <cfrg@irtf.org>; Mon, 18 Mar 2019 13:43:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=ZuTEAbvvmEL2qFskWskEGPDDPaGO8gxppJDC5dY0Cyg=; b=X0sksdQ1ppMjvc5cUMG9bM1xta0zUqLeN8uhFf6z8yiR+S2wM6MxXeMVnArWrSP1Yj IlDuuvjoGdchUsjvqqZFd6OSDq/a4loOWhhjZ/6OAtYeoEIcsORU3235vIFxIQaCsP1F fBuZpm+bPCuG5IeaiB7eK+n21X109WqKJsMrptDxNuLMb/raSCcHmr4LUe9wIbaZxgpB GYH5ltLvCHpdt9BZkhycBsbpgnIeORXzQSCGF7zwukGztafgsMIPaptpwH0+3/6Ftezb 9NKYEg9mu2sb7PfU07YCq0MaNYkI1goDKPzBaM4jt0dq3GXDGibwQgg0/OmpOC2wkxOY uVnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=ZuTEAbvvmEL2qFskWskEGPDDPaGO8gxppJDC5dY0Cyg=; b=GZ+v3wu+Czvx/jyIkiuKtwphCM8s/V2PZWjPIGe/kEI2d52vd0SjvQZxkIvHl7armT JkdjGwXZh+Hqe0FY6cVau5AivsE9U97WiZxwDihn/pkVlbrsKWW8sZgaNXhR3OAyrYLV Qj94zbbRBcP+UWBcrrm4v2oyBZyRev3oZ+1gP/Yhwig/sr3WF3eIhV7DQDMRwgxieDAU rMSVP5nkYlKMTeZiBk/AetZ0zcpCNikkfXbkK7diCzDQMFrv3AKszGXgeeKQEnvg/XPX PArrp2MFbo6A1//CsDmgr6AK6gF59/EeVzov5sZU/9Wwdn7memCCbvFYiHG6eroa1eoM WZBg==
X-Gm-Message-State: APjAAAXg6Uqsq0LeLCP34Psh3jbG3diR8rGvNhujmQc208A5+37s1UnQ H+RvJ410IvoicHmTmW+nNRF8EA==
X-Google-Smtp-Source: APXvYqy/yT6NY1aZ+Gv4uXU1MoZq3ILZFJkSE4Ig4j3omL5ZOjYNcaWBoo91+hxhf0M/IFy4GTnvyg==
X-Received: by 2002:ac8:16c5:: with SMTP id y5mr15420061qtk.117.1552941836707; Mon, 18 Mar 2019 13:43:56 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:9578:5f7f:3a98:d37c? ([2601:152:4400:4013:9578:5f7f:3a98:d37c]) by smtp.gmail.com with ESMTPSA id w127sm6481235qka.46.2019.03.18.13.43.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Mar 2019 13:43:55 -0700 (PDT)
To: mcgrew <mcgrew@cisco.com>
Cc: Richard Barnes <rlb@ipv.sx>, secdir <secdir@ietf.org>, CFRG <cfrg@irtf.org>, "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca> <CAHOTMVLtjVxZNy3bFRn09xH+cOw+tPi2CL3BkaQuJEqxAzGOJg@mail.gmail.com> <edca701b-21f3-c80c-d754-fc333f1e2e04@cs.tcd.ie> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <3FA4B2DD-334E-4C7C-A01E-6C370CAE4C00@ll.mit.edu> <2935C6E3-3AE8-4447-BA01-8DAE0410E5C6@ericsson.com> <CAL02cgSeCgAOOh3oMhJZqCGvT0F=JQ6n-bmgWYU=6hxkV+aOHQ@mail.gmail.com> <0d38eabd-6f90-2d19-3b45-f1ce19ba9b73@nthpermutation.com> <CAL02cgRVXn2U3SKhGh6biTZJKmHM6KrW6D_rVB2-ZTC5Oohh4w@mail.gmail.com> <829ca608-8d47-083e-e0a6-e7276525b080@nthpermutation.com> <5D247CD2-710E-4C78-8495-085C70D4CFAB@cisco.com>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <9b192f26-8c19-494f-7430-7d1ca24872a3@nthpermutation.com>
Date: Mon, 18 Mar 2019 16:43:53 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
In-Reply-To: <5D247CD2-710E-4C78-8495-085C70D4CFAB@cisco.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/4FGA0CVBi-6UcDebBmTp-Qfjifk>
Subject: Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 20:44:01 -0000

I don't understand - usually when I say "I'm fine with the status quo 
for now" people stop arguing with me.   Oh well.

And thanks David for making some points for me.  See below.


On 3/18/2019 9:26 AM, mcgrew wrote:
> Hi Mike,
>
> Let me add few data points from a CFRG-historical perspective.  CFRG has been the first publisher of a number of specifications (for instance, XMSS, Poly1305, and HBS are in this category -  https://datatracker.ietf.org/rg/cfrg/documents/) and has done essential review for some ISE-published crypto like UMAC (RFC 4418).

My point was that becoming a first publisher puts the CFRG into the 
position of being the standardizer.  XMSS, Poly1305 and HBS (not yet 
published) are all 2018 and 2019 documents.  EDDSA was 2017.  In fact 
the set of documents currently attributed to the CFRG only goes back to 
2014 while the CFRG has been around a lot longer than that.  Something 
changed and now we're getting standards-like production out of the 
CFRG.  Note that I don't think its a bad thing per se, just that you 
need to be following different rules than those that are applicable to RGs.

For example, why does an informational document in the research stream 
need a registry?  (e.g. RFC8391)   That's about as obvious a 
standardization requirement as any I've seen in CFRG documents.

>   For UMAC, it is worth noting that the ISE reviewers asked for changes around IPR language,

I don't think I even recall seeing anything that wants to use UMAC - I 
may have missed a protocol or two though.  In any event, the request was 
to REMOVE claims about IPR language from the document and direct the 
authors to make a normal IPR disclosure. Again - pretty consistent with 
what we do with standards and IETF stream documents.

> and CFRG reviewers made important improvements to the technical content as well (https://datatracker.ietf.org/doc/rfc4418/history/ and CFRG mail threads from fall 2005).  So the issues we are dealing with today are not really new.

But again, that's normal for any document that comes in through any 
stream - specifically - people review it and usually irrespective of 
association with a specific WG/RG/directorate, etc.  The fact that the 
document author, the ISE and the IESG reached out the the CFRG is pretty 
much an example of looking for the experts in a pile of experts.  I'm 
not sure why this wouldn't happen if the CFRG were chartered as a WG?


>
> You have started a good, healthy discussion with the points that you have raised.  My thinking is that CFRG (including Kenny, Alexy, and the many contributors) is doing really good, really important work, and the IRTF and IETF should avoid changes that would disrupt it.

I don't want to change the people, I don't even want to change the work 
flow (much - except that moving it to a WG would actually remove the 
IRTF from the approval process for an RFC), I just want this to be 
appropriately categorized and managed as a WG and subject to the same 
rules as any other WG.   I think its gone well past the normal rules for 
an RG at this point.

Again - I've indicated my concerns and I'm happy the discussion is 
happening.  Unfortunately what I keep hearing is "we like it the way it 
is, now go and leave us alone" rather than "we're really a RG because we 
do things X, Y and Z so we really don't need to be a WG".  I'd really 
like to hear more commentary on that latter - especially how the CFRG in 
fact differs from the behavior of a WG.

Thanks - Mike



>
> Best,
>
> David
>
>> On Mar 15, 2019, at 2:52 PM, Michael StJohns <msj@nthpermutation.com> wrote:
>>
>> On 3/13/2019 7:32 AM, Richard Barnes wrote:
>>> Mike, are your concerns here primarily IPR related?  If that's so, then maybe that's the level at which we should address them, as opposed to flipping the bigger RG->WG switch.
>>>
>> Hi Richard -
>>
>> Like I said, I'm not going to push this at this time.  But I think its more than just IPR - avoiding technology because of IPR is more a symptom (and in fact is IETF guidance rather than IRTF policy).
>>
>> The CFRG has a unique position in that - unlike ANY other RG as far as I can tell - it's looked at as an immediate feeder for technology for the IETF.  If it were agnostically evaluating the crypto properties of any offered technology, I'd say we're good and I'd move on.  But, with the publication of Curve25519 and its related ... standards ..., the CFRG has moved from evaluation and re-publication of cryptographic standards developed and produced elsewhere into being the first publisher of what could only be characterized as standards, even if published as an Informational RFC in the IRTF stream.
>>
>> Ultimately, I think it comes down to fairness and transparency. As an RG, the publications of the RG are not subject to the standards appeals process.  In an WG, the decision not to work on an IPR encumbered technology (or others such as national cryptography) MAY be appealed and overturned (or might not) or sponsored by an AD if there's no applicable or agreeable WG. There's a process for showing such decisions were made transparently, and with a broader audience than just the CFRG having a say.
>>
>>
>> Later, Mike
>>
>> Ps - hmm... Note that the CFRG charter only mentions the IETF and not the IRTF....
>>
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> https://www.irtf.org/mailman/listinfo/cfrg