Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts

mcgrew <mcgrew@cisco.com> Mon, 18 March 2019 13:27 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 514F713110F for <cfrg@ietfa.amsl.com>; Mon, 18 Mar 2019 06:27:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.502
X-Spam-Level:
X-Spam-Status: No, score=-14.502 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RZ-E8yee7TGX for <cfrg@ietfa.amsl.com>; Mon, 18 Mar 2019 06:27:02 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D72D1310BA for <cfrg@irtf.org>; Mon, 18 Mar 2019 06:27:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3002; q=dns/txt; s=iport; t=1552915622; x=1554125222; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=b7PmDkUODLVKFLuMBlJo/24B0DzXk1ztFDxHmEb2H/c=; b=mhGUd0qxCN0dgxXJoUBAdE7tyTXOREZGiY0wpf3Q2cJQ/TcH4iF9SNsr rwWXqAhogmA528TCaEl0fuMqAoVQQTw6ORb2Cp9Ojg/vGeArhisX49LKH sxYOXm2vvaf4MGvWOaZI/WAyFjdBPXbUqp1ED6ja0BAwNYclr5IxK41Ct U=;
IronPort-Data: A9a23:/M2sxqi8bWvWumHMnCpIA3BsX17brhtdw9mghKucQGNkapYi63mVu1 su/5QZ51z+c2MlfchyVmY9+werCh0bVsz+/M7NbGE5zI/selH/B+d7M0Qc+ht6Bx4f6ZL3xt YqgjsSL41aKXUK9U4IidBaHR4pcWp4TmJJyGDDohhKhlPitsO8zt6fLItoUf/CNjA8u6FLUu 0E1nQJyT+JxdevdE9LdT3qWDBbeOXb9herdlGNhd4foAv0Phv6xngnlx6dQaWVHRnQmPIN2y 1Hm3IQxDpZ7sfVbRop0srbu0zV+26viW9ywscn3El6Cnva7wTs3UBdhlNhnwcgeReT3Lu7k9 nGw2SfUg6V+fFXMlINnWYcPYGK6hdp2etMuAFLyl2yUDRsgBjDzlCEuxZsHuzYMpsAqDYkwJ Yu7zuXPse0oG4njBl2LW5wKCmkjbLzSNG2O/hCWpPppYJ3OYbO4FdjG5iio9RzFb+vXK7kkm pn2Pg/bY+EiTJIIkxW0taK6mP7bWXtnsXImgx5ICQNDVtsnPIwjQxc6qEluwhJa6CwotJLPf 8/2zZb/ve/b7DofzDd6VRVZ8EQxbB0J26obehmQ0b3WqZxI5+JomK5ZmhWE5jffUj9a3UxSv SXfjRw/XOV/V4h2Nt9mhilbPkje9pP18osINL4YLyiQv5arCxodUaK8GqSG6ZyN7Biu8ApP+ CRhOUf9ZtBBklbbViiKR46FpaEo7/57ZmdMne6JtGmiB6mvNQ5Qv//c034+EUix2DJ4WQi6U biOkD7ok0sWKVjvw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AFAACFm49c/4kNJK1jGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBUgMBAQEBAQsBgWYqaIEDJwqXPoFoJZgxgXsLAQEYC4R?= =?us-ascii?q?JAoRYIjUIDQEBAwEBCQECAQJtHAyFSgEBAQMBAQElEzQLBQsLCQ8eBQsnMAY?= =?us-ascii?q?OBYMiAYFtCA+qbDOEREGFHAWBLwGJbIFDF4E/QIERJwwTgh4ugx4BAQMBgT0?= =?us-ascii?q?BAR6DO4ImA4oDMx+aAAmDQIQbi0oZk1eDS400ihOCcAIRFYFJATWBVnAVOyo?= =?us-ascii?q?Bgg0BMz6BWBcTbQEBh12FWyMBATGMFoEfAYEeAQE?=
X-IronPort-AV: E=Sophos;i="5.58,494,1544486400"; d="scan'208";a="246451413"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 18 Mar 2019 13:27:01 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x2IDR1OH004145 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 18 Mar 2019 13:27:01 GMT
Received: from rtp-mcgrew-nitro3.cisco.com (10.117.145.148) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 18 Mar 2019 08:27:00 -0500
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: mcgrew <mcgrew@cisco.com>
In-Reply-To: <829ca608-8d47-083e-e0a6-e7276525b080@nthpermutation.com>
Date: Mon, 18 Mar 2019 09:26:47 -0400
CC: Richard Barnes <rlb@ipv.sx>, secdir <secdir@ietf.org>, CFRG <cfrg@irtf.org>, "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>
Content-Transfer-Encoding: quoted-printable
Message-ID: <5D247CD2-710E-4C78-8495-085C70D4CFAB@cisco.com>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca> <CAHOTMVLtjVxZNy3bFRn09xH+cOw+tPi2CL3BkaQuJEqxAzGOJg@mail.gmail.com> <edca701b-21f3-c80c-d754-fc333f1e2e04@cs.tcd.ie> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <3FA4B2DD-334E-4C7C-A01E-6C370CAE4C00@ll.mit.edu> <2935C6E3-3AE8-4447-BA01-8DAE0410E5C6@ericsson.com> <CAL02cgSeCgAOOh3oMhJZqCGvT0F=JQ6n-bmgWYU=6hxkV+aOHQ@mail.gmail.com> <0d38eabd-6f90-2d19-3b45-f1ce19ba9b73@nthpermutation.com> <CAL02cgRVXn2U3SKhGh6biTZJKmHM6KrW6D_rVB2-ZTC5Oohh4w@mail.gmail.com> <829ca608-8d47-083e-e0a6-e7276525b080@nthpermutation.com>
To: Michael StJohns <msj@nthpermutation.com>
X-Mailer: Apple Mail (2.3445.102.3)
X-Originating-IP: [10.117.145.148]
X-ClientProxiedBy: xch-rcd-015.cisco.com (173.37.102.25) To XCH-ALN-004.cisco.com (173.36.7.14)
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/FAkCY_NVeR5fyjY-dmmZbFIuoeY>
Subject: Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 13:27:10 -0000

Hi Mike,

Let me add few data points from a CFRG-historical perspective.  CFRG has been the first publisher of a number of specifications (for instance, XMSS, Poly1305, and HBS are in this category -  https://datatracker.ietf.org/rg/cfrg/documents/) and has done essential review for some ISE-published crypto like UMAC (RFC 4418).   For UMAC, it is worth noting that the ISE reviewers asked for changes around IPR language, and CFRG reviewers made important improvements to the technical content as well (https://datatracker.ietf.org/doc/rfc4418/history/ and CFRG mail threads from fall 2005).  So the issues we are dealing with today are not really new.  

You have started a good, healthy discussion with the points that you have raised.  My thinking is that CFRG (including Kenny, Alexy, and the many contributors) is doing really good, really important work, and the IRTF and IETF should avoid changes that would disrupt it.   

Best,

David

> On Mar 15, 2019, at 2:52 PM, Michael StJohns <msj@nthpermutation.com> wrote:
> 
> On 3/13/2019 7:32 AM, Richard Barnes wrote:
>> Mike, are your concerns here primarily IPR related?  If that's so, then maybe that's the level at which we should address them, as opposed to flipping the bigger RG->WG switch.
>> 
> 
> Hi Richard -
> 
> Like I said, I'm not going to push this at this time.  But I think its more than just IPR - avoiding technology because of IPR is more a symptom (and in fact is IETF guidance rather than IRTF policy).
> 
> The CFRG has a unique position in that - unlike ANY other RG as far as I can tell - it's looked at as an immediate feeder for technology for the IETF.  If it were agnostically evaluating the crypto properties of any offered technology, I'd say we're good and I'd move on.  But, with the publication of Curve25519 and its related ... standards ..., the CFRG has moved from evaluation and re-publication of cryptographic standards developed and produced elsewhere into being the first publisher of what could only be characterized as standards, even if published as an Informational RFC in the IRTF stream.
> 
> Ultimately, I think it comes down to fairness and transparency. As an RG, the publications of the RG are not subject to the standards appeals process.  In an WG, the decision not to work on an IPR encumbered technology (or others such as national cryptography) MAY be appealed and overturned (or might not) or sponsored by an AD if there's no applicable or agreeable WG. There's a process for showing such decisions were made transparently, and with a broader audience than just the CFRG having a say.
> 
> 
> Later, Mike
> 
> Ps - hmm... Note that the CFRG charter only mentions the IETF and not the IRTF....
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg