[Cfrg] CFRG Review Panel - Draft Charter

Alexey Melnikov <alexey.melnikov@isode.com> Tue, 10 May 2016 12:48 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 0116812D6BA for <cfrg@ietfa.amsl.com>; Tue, 10 May 2016 05:48:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.995
X-Spam-Status: No, score=-2.995 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id vznfCS2oOjBJ for <cfrg@ietfa.amsl.com>; Tue, 10 May 2016 05:48:09 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com []) by ietfa.amsl.com (Postfix) with ESMTP id 9935E12D6B5 for <cfrg@irtf.org>; Tue, 10 May 2016 05:48:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1462884488; d=isode.com; s=selector; i=@isode.com; bh=z41ER0scrQlEqMaSj9k4zPhuUvWxL4K9sZEd5smCeKQ=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=F50/dfAOYSA+UpLIYwBt38nSFtDCug7QwVFTLvl5ECRWGHYUJ1iVjl0/SE2IqPKPYUK7Xf RskMVz7QdotkY4aP82WsICF48BUBeBxPQ+wxosinW5fNhPS07n4g2W5hwkbHd9qw9j9nhc w0xoqu7nhKjcPfTr6e2PozgGtXKmsm8=;
Received: from [] (c-66-30-10-217.hsd1.ma.comcast.net []) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <VzHYhwBntIWv@waldorf.isode.com>; Tue, 10 May 2016 13:48:08 +0100
X-SMTP-Protocol-Errors: PIPELINING
From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Tue, 10 May 2016 13:56:04 +0100
Message-Id: <B8C1696D-A9B3-4CC5-A9E3-2F4C155ACCCA@isode.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailer: iPad Mail (13E238)
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=Apple-Mail-C48B568F-65B4-4FD8-AAEA-B115A18A075A
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/SIBHgfn8rLLdDhSWRLwk8vjkp90>
Resent-From: <alias-bounces@ietf.org>
Resent-To: @ietf.org
Subject: [Cfrg] CFRG Review Panel - Draft Charter
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2016 12:48:11 -0000

Dear CFRG participants,
Kenny and I would like to solicit comments on the Crypto Review Panel that we announced in Buenos Aires.

We would like to solicit review of objectives and process outlined below. Please express your opinions and/or suggest your edits by the end of May 22nd. Both replies to the mailing list and directly to chairs are welcomed.

Best Regards,
Kenny and Alexey

> CFRG Review Panel
> Objectives:
> CFRG is a volunteer-led activity that currently relies on the goodwill of its participants to provide review of documents. This can result in documents not receiving enough scrutiny, or examination only being forthcoming over an unacceptably long period of time. Also, there is lack of consistency between reviews of different documents.
> The CFRG Review Panel will ensure that CFRG chairs have at their disposal sufficient resources and lightweight processes to provide critical, objective, timely and consistent review of cryptographic algorithms in IRTF and IETF documents.
> The recommendations coming out of panel reviews will not be binding on CFRG, but are intended to provide high-quality input to augment the usual development process for CFRG drafts.
> Reviews will identify issues - both security issues and deployment issues - but not necessarily low-level nits and typos. Reviews will also identify relevant research, or the need for further research.
> Processes:
> When CFRG chairs decide that a document would benefit from a panel review, they will select one or more reviewers and request a review within a given time period (typically 2 to 4 weeks). Reviews will be made public via the CFRG mailing list; private discussion between reviewers, authors and CFRG chairs may also take place.
> A document's authors may identify conflicts and conflicts of interest with particular panel members. Such conflicts should be notified to the CFRG chairs by the authors (or panel members) when the chairs initiate the review process.
> Not every CFRG draft needs to be reviewed by the panel; documents that are not CFRG drafts may also be reviewed by the panel.
> The CFRG chairs will make appointments to the Review Panel.  The panel will be composed of 6-8 members; it may be increased in size by the CFRG chairs should the number of documents to review necessitate the increase.
> Reviewers will be appointed to the panel for a period of 2 years, renewable. The CFRG chairs will endeavour to ensure that the Review Panel has a balanced composition covering the main technical areas of relevance to CFRG. Individuals may self-nominate or nominate others for panel membership.
> Being a panel member represents a commitment to review documents in a timely and thorough fashion; reviewers' panel membership will be rescinded at the discretion of the CFRG chairs.