Re: [Cfrg] how can CFRG improve cryptography in the Internet?
David McGrew <mcgrew@cisco.com> Mon, 17 February 2014 22:51 UTC
Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40BB31A04ED for <cfrg@ietfa.amsl.com>; Mon, 17 Feb 2014 14:51:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.049
X-Spam-Level:
X-Spam-Status: No, score=-10.049 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.548, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B6vMCP3nOfN4 for <cfrg@ietfa.amsl.com>; Mon, 17 Feb 2014 14:51:46 -0800 (PST)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) by ietfa.amsl.com (Postfix) with ESMTP id 794041A0422 for <cfrg@irtf.org>; Mon, 17 Feb 2014 14:51:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2036; q=dns/txt; s=iport; t=1392677504; x=1393887104; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=2mXohVp6Bd3H0oI7lT/6u8CJFeCXdy5tBJjMV1qJ1UY=; b=MVItpJohG83T7fjoYoCr6fiSFB54YODY/3WxX7qWhemUICkj6sc0aSCH Faee1yh7r9BvaNBVw5PgUqLgK/Hb0xWshnK9S/+A2g9xjY3KqY6UdjgS8 I5unw4Dwi3t1CkhY8eJ+uQEhZMCBnusaOJ0TNnQvd2KEacSvQhFn8y3dZ Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhoFANKRAlOtJXG//2dsb2JhbABZgwa9T4MKgR4WdIIlAQEBBDg6BgEQCxgJFg8JAwIBAgFFBg0BBwIQh3HKSBePAQeEOAEDiUiKOYQrhkeLXINLHg
X-IronPort-AV: E=Sophos;i="4.95,863,1384300800"; d="scan'208";a="21113378"
Received: from rcdn-core2-4.cisco.com ([173.37.113.191]) by alln-iport-1.cisco.com with ESMTP; 17 Feb 2014 22:51:41 +0000
Received: from [10.0.2.15] (rtp-mcgrew-8914.cisco.com [10.117.10.229]) by rcdn-core2-4.cisco.com (8.14.5/8.14.5) with ESMTP id s1HMpcRi027913; Mon, 17 Feb 2014 22:51:39 GMT
Message-ID: <5302927B.4030009@cisco.com>
Date: Mon, 17 Feb 2014 17:51:39 -0500
From: David McGrew <mcgrew@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
References: <CACsn0ckOL8xdp5z7DdB9wyHhFpax0DhVXjsUMuGj39HgKk4YBA@mail.gmail.com> <52f50c59.aa1b8c0a.77c0.4985SMTPIN_ADDED_MISSING@mx.google.com> <CACsn0cnYkDwyAdwdf0+-JtksWu4NhKPr3L2emG2b3kFDe5v6hg@mail.gmail.com> <52F52E2D.8090104@cisco.com> <52F55236.1070800@gmx.net> <52F925FD.4030204@cisco.com> <52FBAA96.8090802@gmx.net>
In-Reply-To: <52FBAA96.8090802@gmx.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/bKyNK9ANKN9K-ZiSlQbiRea1bF4
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, "nmav@gnutls.org" <nmav@gnutls.org>
Subject: Re: [Cfrg] how can CFRG improve cryptography in the Internet?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Feb 2014 22:51:49 -0000
Hi Hannes, On 02/12/2014 12:08 PM, Hannes Tschofenig wrote: > Hi David, > > I believe it is important to move beyond writing specifications to > improving implementations and deployments. I think we both agree. I have > been arguing for this for a while now and got pretty much no positive > feedback. I also tried to convince the IAB that this would be somewhat > important and completely failed. The response I got was: "This would > require a completely different skill set." and "ISOC should do it." > > I don't have a good story for how to do that even at the level of > individual work groups. I tried this in the OAuth working group and > couldn't really find a way how to reach out to the large number of guys > implementing OAuth libraries let alone those who deploy them. > > The CFRG might, unfortunately, not be the right group either. To me it > seems that the folks in this group are focused on crypto (as the name of > the group indicates). What we need is guys who understand the broader > Internet ecosystem and know how to improve security libraries and to > reach out to the wider Internet (security) community. One does not need > to start from scratch since some of these communities exist but they > often have no connection to the IETF or the relationship is very weak. > As such, you often find a misalignment between the IETF security > community and various other groups. I think I know what you mean. My own thinking in this space is that it would be healthy to develop stronger connections with the open source community. For instance, if CFRG were to recommend a particular crypto mechanism, and then it turns out that the linux community rejects that mechanism (due to patents, performance, code size, complexity, API incompatibility, whatever), then there is probably something that we need to learn. Better connections with the open source world could address some of that misalignment you mention, I think, though of course it is no panacea. David
- [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.t… internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Paul Lambert
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Yoav Nir
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Mike Hamburg
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Robert Ransom
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Paul Lambert
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Michael Hamburg
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Watson Ladd
- [Cfrg] publishing dragonfly (was: Re: 2^40. I can… David McGrew
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Manger, James
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- [Cfrg] NSA sabotaging crypto standards Manger, James
- Re: [Cfrg] NSA sabotaging crypto standards Alexandre Anzala-Yamajako
- Re: [Cfrg] how can CFRG improve cryptography in t… Rob Stradling
- Re: [Cfrg] NSA sabotaging crypto standards Eggert, Lars
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Dan Harkins
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Nikos Mavrogiannopoulos
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- [Cfrg] how can CFRG improve cryptography in the I… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… dan
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… Tom Ritter
- Re: [Cfrg] how can CFRG improve cryptography in t… Igoe, Kevin M.
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Paul Lambert
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Geoffrey Waters
- Re: [Cfrg] how can CFRG improve cryptography in t… S Moonesamy
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew