IETF Logo Mail Archive

Re: [CFRG] options == bad?

Kai Mindermann <kai.mindermann@ic-consult.com> Thu, 18 August 2022 14:55 UTC

Return-Path: <kai.mindermann@ic-consult.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 539BEC1522C1 for <cfrg@ietfa.amsl.com>; Thu, 18 Aug 2022 07:55:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ic-consult.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rbYK9twuKFJo for <cfrg@ietfa.amsl.com>; Thu, 18 Aug 2022 07:54:56 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2129.outbound.protection.outlook.com [40.107.20.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FD3AC147920 for <cfrg@irtf.org>; Thu, 18 Aug 2022 07:54:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jNP5mZLwq4u3Pp5UnTFzdt87FqQr/QzOrjRxbm7If+AwBX/VSD/z6CprzO8hkZxWFMd6YjbteR5wQTcpDO1n6wbTQgN6wSRQlvj8Yf18cFrjZfjPqwOftaWwOdjt8qhGjSstaCluK8Mb7AQ4eoXXGKhDXGvzNyqmGkhMlBQI1vIbnb8B1KdKPAP27uGSGaeHKF8B7kpcgAQtcseX6CiZk1uE8qNFA/5Jtw5BReRI8vG/ShshAcTRMwa9iDCEnYjiokFEqQK+LqQM7AOQN4FHxxw3kdVnbYe+P9rdXE5O8uWgSkFy8fWVgtMRJGLEXbYVhosBRHHJlC7O8t4AdHPYOQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XPhuoFOcnQEiTixTd1/IgUprQSxaps3covDKDCiKLYg=; b=Fi+NEY5seh6CROqtwN8snu8ZjD3E/DMg6rMR4Q+2WPGK2IxhNejDTFQKPM0fSpUDv1iYzzpgZlnzMSZEe0fvsaBtM2Wd01S0bWYsg7Ittll4idRKuv1CbxM/WGc9AtDNXhJDhHKPKwSagdLAGmX6vngySRowmdIOuaJvtGoF/RyZPFtp+Ou238H8H7E349pLmIClana7Ya57OwhpNJmv/BQUPmO0ZJOeZaGj752zhYPfr1iLrXBfnLJWkVEYtx3Aj0dtHdrJUQkKjrlhzD2ysgi9HyTBuwSl72xE2goDImU3BVpE4AoSu99FKs5lS6HDwUqAU2nTc25YIM+XE0uvgg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ic-consult.com; dmarc=pass action=none header.from=ic-consult.com; dkim=pass header.d=ic-consult.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ic-consult.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XPhuoFOcnQEiTixTd1/IgUprQSxaps3covDKDCiKLYg=; b=Wus5zv6mCz41ZL5AdA6bshiFrq/yHm5hHXXtyLU51fgYtObU3/i9lBas/NbTwQl1YHepU2FniaTW92QTu+Slzg0eJjFUGA2CisUPJU2oDL3nppr2rDjiiISwbQbw/NbcoVMT18Wf1xSTCcUtRJM8nQwYB/FBbkXhjzaQeW8PoL1ThZv9qRlHIMmdhLsRdzu0NGcSCBwcM1OwERas/HQMqDOMgHrrGUkdktLmnqrQIeHmrH6K9kNrD4UGEWwibtIXKGB/RAHQFM4v4FVrasN6PROycyP261WXCij++QCqwPLeSG8E8btf12yAbp47ZGjYKxc+OSUJ4S0lUkoYQtGxew==
Received: from AM9P194MB1265.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:3a9::10) by AM7P194MB0787.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:171::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5525.11; Thu, 18 Aug 2022 14:54:51 +0000
Received: from AM9P194MB1265.EURP194.PROD.OUTLOOK.COM ([fe80::9511:b8b3:a69c:1919]) by AM9P194MB1265.EURP194.PROD.OUTLOOK.COM ([fe80::9511:b8b3:a69c:1919%2]) with mapi id 15.20.5546.016; Thu, 18 Aug 2022 14:54:51 +0000
From: Kai Mindermann <kai.mindermann@ic-consult.com>
To: Manu Sporny <msporny@digitalbazaar.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
CC: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: [CFRG] options == bad?
Thread-Index: AQHYsxCCfn10zh6L9ku6UsX2AuOLKK20u4DA
Date: Thu, 18 Aug 2022 14:54:51 +0000
Message-ID: <AM9P194MB1265C3C141951A47FEB315D5B66D9@AM9P194MB1265.EURP194.PROD.OUTLOOK.COM>
References: <CH0PR11MB5739393F19DD5282E3D7EF549F6A9@CH0PR11MB5739.namprd11.prod.outlook.com> <CH0PR11MB5739557425DD3FDE5812D8479F6A9@CH0PR11MB5739.namprd11.prod.outlook.com> <4a3c52bf-d9b9-4e32-9f7f-f42256479906@beta.fastmail.com> <d9bd996d-0d2f-c313-80d2-3468cd4c956b@cs.tcd.ie> <CAMBN2CQ9+ZXAmz=5zRgpEfur9i=REwAOKsuZa5LEJfwvW4zcQQ@mail.gmail.com>
In-Reply-To: <CAMBN2CQ9+ZXAmz=5zRgpEfur9i=REwAOKsuZa5LEJfwvW4zcQQ@mail.gmail.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_ActionId=cc82cd78-5fdd-4f9b-9d7d-9507fc622deb; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_ContentBits=0; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Enabled=true; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Method=Standard; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_Name=Public; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_SetDate=2022-08-18T14:43:01Z; MSIP_Label_8c03c5b4-cdb1-4af6-a3a7-6ba071b42a99_SiteId=3ac65224-61ae-43a3-b5af-f6da3cac486c;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ic-consult.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c0ab4c19-ac1d-43eb-a603-08da81299abc
x-ms-traffictypediagnostic: AM7P194MB0787:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9bNR5/OufaDr3TvwrKMZvRrgVl7UARuRoKRtzInOisDzkqPLn/BF4U/RJQO6/B0FBpQ/m40GKrg8ykJ5dYL1o0xCaj63JQhTmVvqMs/2mlRBTSRXPVhLHPG3FW/9wrYsnE5k/wLOLxAUU5TuKr4uUBITbb0nUiDhzOs04OzojIGE4btrY4sn3o5OwEtpXE/sTlx1BAYBqYco3e5fKB5PGEw6XTNh8m7MEo2IA7x2XDcpAXRZieJLZacHma4+gT3e0WmYYUak10yZaagl3A+1ocbqBmATsM0J0aJXFoDhpbSSpbmnaqvDLAiSLb9SUmfncopc76Q8YjmT2Rd2/bZdhQYXuhdpcZldeAmdHKnri5X/RwDDzOVbqcKWTZjbP0Sv19uzrYRiFcYsT9K8ijMJhbQLcFuwBPxxBN3EtGdjd0nac6miU2G1IdnNsMLFer8HN7hcf8QFm2Aicy5ibmrNsdkpmvYtbpnSbzNLgl/1Qcpqo0+OC8fXvvDvjbhQlcptiQ1T6lJ3+82omOfHxN4bNgazBecP68UNNqctDFHwKkh0UVQIFDL25avWoHe2mxq4+I0+ujJyKiZiGFHoQVBDbyrVpmBLdzyRs6nMue0e9wPz9fw0MCcYRG43Jc4Ir7MDD5Z1sa2Cj9sc46vX9rp7rZLvVyvhtQu57Co47Yt6frYpgyWFRMqLRHHVRAr8jbWaeaD0lOB9S6Ki4nOGFFGhnvPTJGi5Tmm+ngOuzeKlZt034eV9bRT2yPHqv3mJ3FOSNz5p5BbcP3rvuBfB45Oem/WHz3T8qiuolb1x8dn9fHE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM9P194MB1265.EURP194.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(346002)(396003)(39840400004)(136003)(376002)(66574015)(8936002)(66446008)(66476007)(66556008)(64756008)(186003)(9686003)(38070700005)(15974865002)(44832011)(76116006)(5660300002)(2906002)(52536014)(8676002)(4326008)(66946007)(55016003)(33656002)(86362001)(38100700002)(110136005)(7696005)(53546011)(45080400002)(316002)(6506007)(122000001)(966005)(71200400001)(41300700001)(478600001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: rFObE3oVDjI6pXbK+AvUOdd/VjDEt9f3G+kFsD3deDJpKqzHOXKdjQ/HJkIqnqAxencXSVv83edM8lpJYpd5Xw6db7WGffJgD7N1r/5zWyXfTx4TKx/T1PFP1NaKWFAC58PiUmwKNS8AdT+TbNi2ZNUA1BV2nStZqRqGi7rwG5lXxSR+FsqAzHPzrP6ZGm8WiUbPZidu0uWp6hRkQU1TQnjpXCAj/De4MCrigPqIg/07NuE0iFrS3ak6bEUHz3TR43X6PWkLXhHgwNd5kyZMkALfkPAfnSCfKYlrxYlrg9/LAyYxDDIuw4A5jWbahUCg9dC7P5ZeURza6kYjifSUsW4oMBZi+/XYxsOo9iB065TFpTIaaZivQ1xc25VhGMMprRhIG86zsZnRUrNkEAYz0j9qxp6Ys9s1tMw2bOkT4S/z22hQXCxvtVurkIsm+66vHW4osEf16jwh5pgfGxTWlFqML9EfsmgBde6JMYJDtlWorq8t1jnMdGA2K9dAG0sZklGUS2xmvtmNFUJ3nekqpUxRuU8nKLavYMrOLhmltI57YNJdJRqUkeWDUs4DTzv+XcS3K4m/Cry8zCP+sV69pa4ELS4eL0prh2hOdg3DKhzWXtIxBWDS/Fq/greGZXnordUemOueeaM0hiqm7oMH6TSxnckQt0U0h7l5EfV44EZsp99jHD/nk00mFBtOgwG3DVVxjLjWfrqQ/qHOMIpYgBpX5lz7QMEP2qJvInPfGKZLoDJcMgnr+b0mU2/7kx3w9q8pzfwLQAg0gSPF6S2/3BQ8DjD2aTR97/IcGyybSMwFuYQPNq6hEgzfw8eFQgZNDZmzlPknGxRxuhatk9+y1HO9sst5Hzsp7CnJpCLdl22wWhHEQstRszad4+/0xm970I6KdRbNHqtCqwcoLhGrzBX0+1UrdpACxUzL/bJNPyWjmjSaa/YANNGKZo2sYdQQex0HLGLcQJ3WpJUveRcs7tX8ga1Ob2xiHHRIu+knvX7QclFH2DJ3mY+fiF5go2yfYmazaMG8QpjTyhGTKR7/x7h+/EtR7moc3xGCO876eXT42cWg0lhT7bVzyGRd9yOk3rebFIm7yIqyqGVl7j+qAjfHvzadKOYA40X2Y6WdAZRSkI1pN5gl9GkYRCuQPQVdcOAjma1ybNfhEMXUyoTBIHXSalgz06aSNGgYyt0AJBIk/mLxXhnz2dbtJfbUHjEDAff/9rKMwJo7CH6IZNCgvpyMV/LJNHElNWLoR/ZTds4CzDIa/kzd9jS4QCfuiKO1Qc3RY11X/n0CXVuNR3Z3z1n66lruBPmwxzn30EFnbqRQof/JIaeN4Uf9lc3EG1Wk/LLMVMz7IP9CCyVUUuaLF9waKjjSGLYYUQ5kUHD0BU40rO3sh396MKSgUxb0Duc+qVMKdhUuFxkxoFBGbO4OSD+YGagLDs2HH/l5QjqQwc3Giq2tvBlBD68wfGTR6JkR680Mj8TMh+uOhvGGPUJs0ZFGIQEtDcNqda9F66KzGKfSTip7jU4B1rBy98WLCf6JQAmNksUwNRmXEHbG5/H47UrXg5EP39AuHcNqySVBAhlUrIpjY9hecL4dALzpaW8MQq9oEjbClM1JNdN1Z83WZIFafCt6B1gH5/M0aOLbNbuYHPWoFZ8mqYm5YGAhievsZzO7BN0vc3t7rIOWYanJvw==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ic-consult.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM9P194MB1265.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: c0ab4c19-ac1d-43eb-a603-08da81299abc
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Aug 2022 14:54:51.5731 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3ac65224-61ae-43a3-b5af-f6da3cac486c
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OKB2DrgUhrz7MkQgzPdRVskJ7+R5/+6ZBWg9gqu+7dqaGGbVrWWr3GI2bR0/y67sTI4aC1f04jL9uY15RulSuTMLWScexZA5CGTtnCf6cyA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7P194MB0787
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/T4MZiH7br7KVH9uHzWAFdRyUfgQ>
Subject: Re: [CFRG] options == bad?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Aug 2022 14:55:01 -0000

Hi,

sounds a lot like you are going for some of the ideas I presented/drafted in https://datatracker.ietf.org/doc/html/draft-kaimindermann-securecryptoconfig a while ago.
There is also a demonstration implementation done here: https://github.com/secureCryptoConfig/secureCryptoConfigInterface 

Its of very big importance to leave as much of the decisions regarding crypto parameters to the crypto experts/libraries and only expose the needed parameters.
(Of course, there can also still be an interface that allows all the possible parameters for power users / experts).

What I have no concrete idea about yet are tunable parameters, e.g. some of the argon2id parameters may depend on the runtime environment. (see https://datatracker.ietf.org/doc/html/draft-kaimindermann-securecryptoconfig#section-6.2.5)
Also, regarding hashing output formats, there seems to be no standard yet in relation/similar to COSE/JOSE, right? I am aware of https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md though.



Mit freundlichen Grüßen / Best regards
Kai Mindermann

-- 
Kai Mindermann
Senior Consultant
M +49 1512 1054730
 
kai.mindermann@ic-consult.com
www.ic-consult.com
 
iC Consult Gesellschaft für Systemintegration und Kommunikation mbH
Standort: Zettachring 8a | 70567 Stuttgart | Germany
Verwaltung: Huyssenallee 99-103 | 45128 Essen | Germany
Geschäftsführer: Dr. Andreas Neumann
HRB 116170 Amtsgericht München

-----Ursprüngliche Nachricht-----
Von: CFRG <cfrg-bounces@irtf.org> Im Auftrag von Manu Sporny
Gesendet: Donnerstag, 18. August 2022 16:40
An: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: cfrg@irtf.org
Betreff: Re: [CFRG] options == bad?

[Sie erhalten nicht h?ufig E-Mails von msporny@digitalbazaar.com. Weitere Informationen, warum dies wichtig ist, finden Sie unter https://aka.ms/LearnAboutSenderIdentification ]

On Wed, Aug 17, 2022 at 8:57 PM Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> My own bias is to want as few as possible, but that always seems to 
> lose out to a tendency to want to enable whatever future uses people 
> can reasonably envisage, which can soon lead to a combinatoric 
> explosion.

Stephen, how timely! :).

There is currently work happening[1] at W3C in the Verifiable Credentials WG that is exploring exactly this topic. As an Editor on a number of these specifications, I have an action to engage with CFRG on the topic.

We have a need to define new identifiers for cryptography suites that combine data transformation (such as canonicalization) with "approved IETF/NIST/FIPS cryptography". The JOSE/COSE algorithms only help us so much, and there is concern wrt. the optionality of all of the algorithms that could be used. You can read some very draft-y language that we're debating at present, speaking to what Stephen raised, here:

(Don't read too much into the existing text in the draft, it's pre-FPWD at present and is undergoing many changes) https://pr-preview.s3.amazonaws.com/w3c/vc-data-integrity/pull/36.html#versioning-cryptography-suites

> So if even 2 options for eddsa (RFC8032) turns out to be a problem, I 
> wonder if we're doing all this right and how we might maybe do it 
> better. I'd hope if there is a way to do it better then CFRG would be 
> the place to do that.

There is a subset of the VC community that feels like just blanket adopting ALL the Recommended and Optional values in JOSE/COSE Algorithms registry is going to not only harm adoption (due to interop difficulty), but also give the developers using this technology a number of dangerous options (if we provide the ability to pick among a set of parameters where they have little to no understanding wrt. the ramifications).

So, the proposal is to aggressively profile what's in the current JOSE/COSE algorithms registry and provide "cryptographic suites" that have identifiers like "ecdsa-2022" or "eddsa-v1" instead of the typical parametric approach: "RSASSA-PKCS1-v1_5-SHA1". What we are trying to do, in effect, is publish highly focused profiles (every couple of years) of existing CFRG-approved crypto... and eliminate as much optionality as possible because the developers in the market verticals involved (universities, retail, supply chain, HR) often do not have a deep understanding of cryptography, but use it anyway.

> I don't have much in the way of concrete suggestions for a way to 
> improve matters, other than maybe it'd be a plan to require a 
> justification for each option when stuff gets to RG last call or 
> something.

There are at least two levels to this discussion. The first is how much optionality to have in the cryptographic primitives. The second is how much optionality to expose to non-expert developers in "cryptographic suites" and software libraries.

The VCWG is focused on the second item, presuming that CFRG/NIST/FIPS is going to continue to pump out algorithms with large amounts of parametric variability. In effect, we're trying to contain the parameterization at the first layer (CFRG approved algorithms and parameters), at the second layer (through the use of highly constrained cryptographic suites).

So, this raises a number of questions:

Can "we" come to ground on what an appropriate minimal set of parameters is for, as an example, a particular type of Elliptic Curve digital signature algorithm (to address 80% of the use cases) for a given period of time (and publish that as a "cryptography suite")?
That is, can we say "For the year 2022, we believe these fixed parameters for ECDSA are good enough for 80% of the use cases" and then revisit the parameters again in 2027 and publish a new cryptographic suite definition? For example, P-256 seems like it could meet 80% of the use cases in the market this year? If not, what about P-384? If not that, what about P-521? If we fail there, perhaps we say the ECDSA cryptosuite MUST support both P-256 and P-521 and call THAT the cryptographic suite for ECDSA for 2022?

Do we think we can get to an "asymmetric-signature-2022" cryptography suite? If so, would that be EdDSA w/ Ed25519? or would we pick ECDSA since EdDSA has a bit to go to get to NIST/FIPS compliant HSMs? Do we think we could get to a "recommended-signature-2022"?

I fully realize how heated these sorts of debates could become, but if we can narrow the parameters for a given year (like safecurves did from time to time) don't we increase both interoperability and safety?

We would love to see some debate in/guidance from CFRG on the topic. Thoughts?

-- manu

[1]https://www.w3.org/2022/06/verifiable-credentials-wg-charter.html#deliverables

--
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/

_______________________________________________
CFRG mailing list
CFRG@irtf.org
https://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email