Re: [Cfrg] would it be a good idea for CFRG to try review algorithm documents?
Phillip Hallam-Baker <phill@hallambaker.com> Fri, 11 December 2015 04:29 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D53531A6EF0 for <cfrg@ietfa.amsl.com>; Thu, 10 Dec 2015 20:29:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RnArnwfldQ42 for <cfrg@ietfa.amsl.com>; Thu, 10 Dec 2015 20:29:14 -0800 (PST)
Received: from mail-lb0-x230.google.com (mail-lb0-x230.google.com [IPv6:2a00:1450:4010:c04::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 113141A6EED for <Cfrg@irtf.org>; Thu, 10 Dec 2015 20:29:14 -0800 (PST)
Received: by lbbkw15 with SMTP id kw15so63369606lbb.0 for <Cfrg@irtf.org>; Thu, 10 Dec 2015 20:29:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=2g4fajlyJV16fIz++aPh7I9ZmBC7IDFAJjjoZ5FXHNQ=; b=NxiYPRg8QvUB5gyKHZCRlFCx1eWS4XdaQZTkPFgtUqXgin36KgcXsdEHuUbmfyOdTx e1XfYyrGCChyuShuKtIanqrNJN8VDEU789xAcpPXFyuai5jH7nrqJgVEMRReWQJD/iyo 8pQ5K34TNv5Aw4JxOHje2sPSg4bo/zKD97Ahf627Wb5rVyIqyXJr5drz2PhbamoJp/1n N0usWdM1wCBuUllbl/K0AQwX3HbYeZjE1zcJ5lo6N09h2WXA8KsenGfpAj35KGCLdLyi j1iGsCwlyP67V3/tDqJEQ45aupe77EJ1n92pgl2dX/ly/d6OuoCr2+Y+NFK8oQhkMVn/ RNgQ==
MIME-Version: 1.0
X-Received: by 10.112.54.193 with SMTP id l1mr6781035lbp.58.1449808152212; Thu, 10 Dec 2015 20:29:12 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.1.227 with HTTP; Thu, 10 Dec 2015 20:29:12 -0800 (PST)
In-Reply-To: <5668D7A3.1070103@cs.tcd.ie>
References: <5668D26F.2020200@cs.tcd.ie> <5668D7A3.1070103@cs.tcd.ie>
Date: Thu, 10 Dec 2015 23:29:12 -0500
X-Google-Sender-Auth: 5idJ63-hMo3tjYSLNc-wRBTgluE
Message-ID: <CAMm+LwhEM_XK5aE4uXe+Y6cnfqaQ-Ng20k=O6v8Fo1xGPY-ypg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="001a11c3a914e7bc0c052697c3b7"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/WqkCBUsUkxFuuxfGHf67Fe4SByg>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>, Nevil Brownlee <rfc-ise@rfc-editor.org>
Subject: Re: [Cfrg] would it be a good idea for CFRG to try review algorithm documents?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2015 04:29:16 -0000
On Wed, Dec 9, 2015 at 8:38 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Hiya, > > The IESG has another of those conflict reviews on Dec 17. In this > case I doubt there's a process conflict (see below for details) > as this is documenting some more details of the GOST suite which, > as a national algorithm suite, kind of just is what it is. > > But as a non-cryptographer, I'd be happier if in future things > like this (or non-national "vanity" algorithm descriptions) had > gotten some review from CFRG, however I'm not sure if folks here > would be generally willing to do that kind of review. > > The reason I'd like review is so that we have a better idea of any > issues or caveats or cautions when/if the proponents of such > algorithms come calling at the IETF's door for code points to > use their algorithm in TLS/IPsec or whatever. (Which they usually > do do.) > > If this was done informally and we got prompt and good reviews I > think that'd be a fine thing, but if we try formalise it, then we > might end up with some tricky process issues. And I'm not sure if > folks here would be willing to do such reviews or able to get them > done when needed (there aren't too many drafts like this but they > do come along now and then in a reasonably constant dribble). > I would prefer that neither the IETF nor the IRTF did any crypto reviews and no RFCs were issued or needed unless it was for an algorithm to be used as RECOMMENDED or REQUIRED. The rationale for this is that regardless of what status IETF considers a document to have, outsiders naturally assume that every RFC is an IETF recommendation. Trying to teach the world otherwise is futile. While some protocols do have limited code points available, it is almost certainly possible to extend these by allocating a code point for and extension scheme. And I would use OIDs for the extension scheme rather than IANA issued identifiers to further distance IETF. Either review thoroughly or not at all. Leading people to think the algorithm has been reviewed when it has not is only going to lead to tears.
- [Cfrg] would it be a good idea for CFRG to try re… Stephen Farrell
- Re: [Cfrg] would it be a good idea for CFRG to tr… Yoav Nir
- Re: [Cfrg] would it be a good idea for CFRG to tr… Stephen Farrell
- Re: [Cfrg] would it be a good idea for CFRG to tr… Björn Edström
- Re: [Cfrg] would it be a good idea for CFRG to tr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] would it be a good idea for CFRG to tr… Valery Smyslov
- Re: [Cfrg] would it be a good idea for CFRG to tr… Jim Schaad
- Re: [Cfrg] [MASSMAIL] Re: would it be a good idea… Григорий Маршалко
- Re: [Cfrg] would it be a good idea for CFRG to tr… Nevil Brownlee
- Re: [Cfrg] would it be a good idea for CFRG to tr… Björn Edström
- Re: [Cfrg] would it be a good idea for CFRG to tr… Phillip Hallam-Baker
- Re: [Cfrg] would it be a good idea for CFRG to tr… Björn Edström
- Re: [Cfrg] would it be a good idea for CFRG to tr… Simon Josefsson
- Re: [Cfrg] would it be a good idea for CFRG to tr… Simon Josefsson
- Re: [Cfrg] would it be a good idea for CFRG to tr… Salz, Rich
- Re: [Cfrg] would it be a good idea for CFRG to tr… Stephen Farrell
- Re: [Cfrg] would it be a good idea for CFRG to tr… Salz, Rich
- Re: [Cfrg] would it be a good idea for CFRG to tr… Tom Ritter
- Re: [Cfrg] would it be a good idea for CFRG to tr… Phillip Hallam-Baker
- Re: [Cfrg] would it be a good idea for CFRG to tr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] would it be a good idea for CFRG to tr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] would it be a good idea for CFRG to tr… Simon Josefsson