Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts

Michael StJohns <> Tue, 12 March 2019 18:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 329BE1311F1 for <>; Tue, 12 Mar 2019 11:11:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3WpzC0vlt8HO for <>; Tue, 12 Mar 2019 11:11:34 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::842]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1108A1277E7 for <>; Tue, 12 Mar 2019 11:11:34 -0700 (PDT)
Received: by with SMTP id v20so3617996qtv.12 for <>; Tue, 12 Mar 2019 11:11:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=RpLxjaj1Ab0IMDAlmYGmLBBWIJWCn+uZI1xSu5SsEIg=; b=P36CLjAUEU+vCtCRE55KSGFR2/vUc7wwwLId6XxBD2jXCh6O/hHakineieTNmguQEb ai3WK8OxBzDqX4cBPg8DR3JheCdCJZbAGq5CIHoVfxJdyR70NfqTrneauL+BbPOrJlgw InN3mD6qSbnlm5KiATdVRPFYqXWEV1PNahQfJPUYTX0Ih/zae2+BFS1ZymXX/m7PgQv2 5Jr1iZBqsIXknNiFdof4/15UzPIBx0ubapf/sJTkTSTwSXHgoS/GBeLjUuwHtrk+7OF2 pWcTrzFeLx5oGpL9eoBLht3EcHHhHVrFystEJCk5xJO6z1MO0bo/XnoLQHxRR8UApwDI OFfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=RpLxjaj1Ab0IMDAlmYGmLBBWIJWCn+uZI1xSu5SsEIg=; b=iT9Nl8Zd/54s4IEmFwzZP7JLeIFRHjYKmS6f7h9DHu3YQljARU9Hansaxd9sQKIWvi 2WKoa9JWPyEx3+BbTzUMIq+YfWyLPn9OtExiyeqPs4G/qcdhwo8vTTWl+BUcIKLPqgce elMTzwtQLViAsFynQGFjumr0S045rwCNSzhnHy/Emw8aNUdPZC/pLxEgOUCPWiPdi8Rd OnwbX18a/q0xexaCpibfz5dwiJUnTCNJ8qFWBB/uMSR69xHmRv0PL1g+3Dzl/r7Wl9th f1PjTFnm2yhYbyN87eWEfv3+4E8kze6dJO3kdKgoVcX23IRphGt4PeyP+rBEMzTkQxg6 G9jg==
X-Gm-Message-State: APjAAAVpuf16uccSZocbBA58CD+FxWwBI6vymboYzrMrGIcqul4YY0YT ttSVBFuCVabs7SK8b8b3LGKJwQ==
X-Google-Smtp-Source: APXvYqy4r+LEhSqXczKWNXjOASE5k++/hfrKFAff5dlUV1sRLec646L1CBt9sqL1sxPIzwNnGqOF2w==
X-Received: by 2002:ac8:3f46:: with SMTP id w6mr32036162qtk.175.1552414293067; Tue, 12 Mar 2019 11:11:33 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:44d2:dbe7:595a:139? ([2601:152:4400:4013:44d2:dbe7:595a:139]) by with ESMTPSA id g123sm13114863qkg.0.2019. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 12 Mar 2019 11:11:32 -0700 (PDT)
To: "Blumenthal, Uri - 0553 - MITLL" <>
Cc: Stephen Farrell <>, CFRG <>, "RFC ISE (Adrian Farrel)" <>, secdir <>
References: <> <> <> <> <> <> <> <> <> <> <>
From: Michael StJohns <>
Message-ID: <>
Date: Tue, 12 Mar 2019 14:11:30 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------C64163497402539D2C0169DA"
Content-Language: en-US
Archived-At: <>
Subject: Re: [Cfrg] Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Mar 2019 18:11:36 -0000

On 3/10/2019 7:38 PM, Blumenthal, Uri - 0553 - MITLL wrote:
> I do not think CFRG should move to become a part of the IETF.
> While (some of) the CFRG-produced documents may be de-facto standards, 
> they aren't of the kind that IETF is expected to define, and deal with 
> somewhat different things.

My point is that the CFRG is behaving more like a WG and should be 
following WG rules and not RG rules.    The charter for the CFRG 
basically says it can bring stuff that's been published elsewhere ("... 
via Informational RFCs (in the tradition of, e.g., RFC 1321 (MD5) and 
RFC 2104 (HMAC)."), but has become the first publisher for a few things 
that weren't mere republications but involved setting on-the-wire/on 
disk formats (e.g., Curve25519 and related) that have been accepted as 
de-facto standards.  Then there's the requirements setting documents.  
If these were just math publications with the bits and bytes formats 
published in the IETF, that would be fine - but that doesn't appear to 
be what's happening.

Now Stephen is suggesting that the CFRG become the filter through which 
all crypto related things are brought to the IETF or independent 
stream.  Two things - CFRG is not in the IETF, and that's not the 
general purpose of a research group.   Rechartering the CFRG (or part of 
it) as a WG following WG rules would at least fix that problem.

A third possibility (the first was rechartering, the second was 
splitting into a IETF WG and an IRTF RG), is dual chartering the CFRG as 
both a RG and a WG. It would allow/require the group to produce actual 
standards, but also to keep on with it's more researchy tasks.

The fourth possibility is doing a better job of referring the less 
research/more practical bit and byte on the wire documents to the IETF 
rather than keeping them and also leave the filtering to the IETF groups 
such as secdispatch or saag.

Later, Mike

> Regards,
> Uri
> Sent from my iPhone
> On Mar 10, 2019, at 18:46, StJohns, Michael < 
> <>> wrote:
>> I’ve been wondering for a while now whether it’s time to move the 
>> CFRG over to the IETF as a working group.  Stephen’s comment on 
>> routing stuff directly to the CFRG suggests to me that it’s probably 
>> time or RSN.
>>    In recent years, the CFRG has produced documents that are for lack 
>> of a better phrase de facto standards.  The rate of document 
>> production of the CFRG mimics more closely that of a WG than the 
>> other extant RGs AFAICT.   As an RG the CFRG isn’t permitted to 
>> publish standards track documents, nor is the IESG or the ISE 
>> permitted or constrained to require a conflict review on the 
>> documents the CFRG does produce.  [the latter comment is my 
>> understanding of the rules of the research stream - it may be flawed, 
>> but the purpose of RGs is supposed to be looking at futures and that 
>> by definition shouldn’t be conflicting with the nows].
>> An alternative might be to charter a crypto standards WG and try to 
>> keep the CFRG focused on years out - say how the heck do we deal with 
>> the quantum apocalypse?
>> Or keep the math in CFRG and the on the wire specs for using in a WG.
>> Discuss!
>> Mike
>> On Sun, Mar 10, 2019 at 17:48 Stephen Farrell 
>> < <>> wrote:
>>     PS: In case the ISE is still listening, the above is a
>>     reason why I think having CFRG produce this kind of RFC
>>     (instead of routing 'em via the ISE) would be a better
>>     plan. CFRG could (I think) likely reach better informed
>>     judgements (in the open) as to whether or not some crypto
>>     technique is really worth documenting in an RFC.