Re: [Cfrg] considering new topics for CFRG
Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 06 January 2014 22:51 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ED441AE2A4 for <cfrg@ietfa.amsl.com>; Mon, 6 Jan 2014 14:51:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Level:
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w5bSHu-DLx3d for <cfrg@ietfa.amsl.com>; Mon, 6 Jan 2014 14:51:11 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 2C9F71AE28D for <cfrg@irtf.org>; Mon, 6 Jan 2014 14:51:11 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 3E26FBE35; Mon, 6 Jan 2014 22:51:02 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EMCmHO+2ARu3; Mon, 6 Jan 2014 22:50:54 +0000 (GMT)
Received: from [10.87.48.14] (unknown [86.45.52.213]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 08900BE33; Mon, 6 Jan 2014 22:50:54 +0000 (GMT)
Message-ID: <52CB334D.9000703@cs.tcd.ie>
Date: Mon, 06 Jan 2014 22:50:53 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Paul Lambert <paul@marvell.com>, David McGrew <mcgrew@cisco.com>
References: <52C755AA.70200@cisco.com> <CEED2882.2B867%paul@marvell.com> <52C9F739.1020301@cisco.com> <7BAC95F5A7E67643AAFB2C31BEE662D018B7D6E094@SC-VEXCH2.marvell.com> <52CB30B4.9090206@cs.tcd.ie>
In-Reply-To: <52CB30B4.9090206@cs.tcd.ie>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: Sean Turner <turners@ieca.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] considering new topics for CFRG
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jan 2014 22:51:13 -0000
Oops - and I forgot one of my own WGs:-) The DANE WG [0] has developed PKI based on DNS and depending on DNSSEC and is doing work on a few extensions still. S. [0] http://tools.ietf.org/wg/dane/ On 01/06/2014 10:39 PM, Stephen Farrell wrote: > > > On 01/06/2014 08:32 PM, Paul Lambert wrote: >>>> This is an intriguing thought, but probably something out of scope for >>>> CFRG. (Seems more like a PKNG thing if I understand you right.) >> >> There was an IETF PKNG that died with no visible results. > > That was an IRTF RG. IMO it never had a cadre of researchers > nor a sufficient set of IETF participants who were interested > in a nextgen thing. > >> This is an area where the IETF seems either too unfocused or mired >> in existing PKI to make progress. Hence it's on my wish list ... >> Let me know if you have any suggestion for other viable forums in IETF >> for such a topic. > > We have a list where we discussed certificate transparency but > which has a broader remit. [1] That's discussing whether or > not to start a new CT WG in the IETF at the moment. > > There's the wpkops WG for operational issues related to the > web PKI. [2] They could do with help in terms of cycles to do > already-identified work (not hugely interesting for a > security/crypto researcher though probably). > > The PKIX list [3] is still open, and would be a good place to > talk about any X.509-related PKI stuff. Not so good for non > X.509 based PKI though maybe unless for an approach that's > very much evolutionary and starts from X.509. > > And there's the saag list [4] which is for general security > topics if none of the above fit. > > So stuff is happening and there are places to discuss and > propose stuff. And Sean and I would be quite happy to try > help PKI nextgen stuff progress in the IETF should there > be credible proposals. > > However, current PKI is not an easy thing to displace, no > matter how much you dislike parts or all of it. The main > reasons IMO are that replacements are likely to suffer a lot > of the same (or equivalent) complexity since its a complex > problem, and that any credible replacement will take at least > a few years to work out and them 5-10 to get deployed which > seems to be beyond the horizon for researchers (speaking as > one who chases funding;-). One could argue that that's why > of all the "large DB of public keys" approaches, only CT > seems to be left standing. > > One other thing - listing the problems with the current PKI > is not likely to be a useful place to start. We know those, > and any credible approach would start with a fairly well > worked out proposal, including consideration of that 5-10 > year overlap period. Its not easy;-) > > Having said all that though, CT is I think a good proof of > concept that the large-DB-of-public-keys thing could be > a runner, and we have learned a lot about the wrinkles in > X.509 based PKI over the years so there is hope maybe. > > S. > > PS: For any of [1]-[4] please check the archives before > diving in, or ask someone who might be familiar, which > could include me. > > [1] https://www.ietf.org/mailman/listinfo/therightkey > [2] http://tools.ietf.org/wg/wpkops/ > [3] https://www.ietf.org/mailman/listinfo/pkix > [4] https://www.ietf.org/mailman/listinfo/saag > > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg > >
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Trevor Perrin
- [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG David Wagner
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Henrick Hellström
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG William Whyte
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Watson Ladd
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Adam Back
- [Cfrg] QKD is pointless (was: Re: considering new… David McGrew
- Re: [Cfrg] considering new topics for CFRG Stephen Farrell
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paterson, Kenny
- Re: [Cfrg] QKD is pointless (was: Re: considering… Sean Turner
- Re: [Cfrg] considering new topics for CFRG Sean Turner
- Re: [Cfrg] considering new topics for CFRG Max Pritikin (pritikin)
- Re: [Cfrg] considering new topics for CFRG Dan Brown
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless (was: Re: considering… Watson Ladd
- [Cfrg] DANE in the IETF (was: Re: considering new… Paul Hoffman
- [Cfrg] One Key -> RE: considering new topics for … Paul Lambert
- Re: [Cfrg] QKD is pointless (was: Re: considering… Paul Lambert
- [Cfrg] ReL DANE in the IETF (was: Re: considering… Paul Hoffman
- Re: [Cfrg] QKD is pointless David McGrew
- Re: [Cfrg] QKD is pointless Hilarie Orman
- [Cfrg] likelihood that someone has a quantum comp… David McGrew
- Re: [Cfrg] considering new topics for CFRG dan
- Re: [Cfrg] likelihood that someone has a quantum … David Jacobson
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … Watson Ladd
- Re: [Cfrg] likelihood that someone has a quantum … Yoav Nir
- Re: [Cfrg] likelihood that someone has a quantum … Stephen Farrell
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] likelihood that someone has a quantum … Igoe, Kevin M.
- Re: [Cfrg] QKD is pointless David Wagner
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … William Whyte
- Re: [Cfrg] likelihood that someone has a quantum … David McGrew
- Re: [Cfrg] likelihood that someone has a quantum … arne renkema-padmos
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG Igoe, Kevin M.
- Re: [Cfrg] considering new topics for CFRG Paul Lambert
- Re: [Cfrg] considering new topics for CFRG David McGrew
- [Cfrg] 'key centric' architecture (was: Re: consi… Rene Struik
- Re: [Cfrg] 'key centric' architecture (was: Re: c… Richard Barnes
- Re: [Cfrg] considering new topics for CFRG David McGrew