Re: [Cfrg] considering new topics for CFRG

"Blumenthal, Uri - 0558 - MITLL" <> Tue, 07 January 2014 03:50 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 279201AE40E for <>; Mon, 6 Jan 2014 19:50:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.24
X-Spam-Status: No, score=-4.24 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MISSING_MID=0.497, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.538, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id xeMmgqr7ppf6 for <>; Mon, 6 Jan 2014 19:50:12 -0800 (PST)
Received: from (MX2.LL.MIT.EDU []) by (Postfix) with ESMTP id A7A7E1AE40A for <>; Mon, 6 Jan 2014 19:50:12 -0800 (PST)
Received: from ( by (unknown) with ESMTP id s073nrup012840; Mon, 6 Jan 2014 22:49:53 -0500
From: "Blumenthal, Uri - 0558 - MITLL" <>
To: "''" <>, "''" <>, "''" <>
Date: Mon, 06 Jan 2014 22:49:52 -0500
Thread-Topic: [Cfrg] considering new topics for CFRG
Thread-Index: Ac8LMDyTzjNhgerlTi6M2ShYDbMAhgAK0idY
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.87, 1.0.14, 0.0.0000 definitions=2014-01-07_01:2014-01-07, 2014-01-07, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1401060225
Cc: "''" <>, "''" <>
Subject: Re: [Cfrg] considering new topics for CFRG
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 07 Jan 2014 03:50:15 -0000
Message-ID: <>

Next Gen PKI is of interest to me, and I'd be happy to contribute. I've published a paper in 2010, mentioning the directions I thought beneficial, and am working on a new revision. I think it would be directly applicable, and hopefully useful.

Caveat: if my current employer decides that for whatever reason I should not participate, they can stop me.

Uri Blumenthal                            Voice: (781) 981-1638
Cyber Systems and Technology   Fax:   (781) 981-0186
MIT Lincoln Laboratory                Cell:  (339) 223-5363
244 Wood Street                        Email: <>
Lexington, MA  02420-9185       



MIT LL Root CA: 


DSN:   478-5980 ask Lincoln ext.1638

----- Original Message -----
From: Stephen Farrell []
Sent: Tuesday, January 07, 2014 04:09 AM
To: Paul Lambert <>; David McGrew <>
Cc: Sean Turner <>; <>
Subject: Re: [Cfrg] considering new topics for CFRG

On 01/06/2014 08:32 PM, Paul Lambert wrote:
>> > This is an intriguing thought, but probably something out of scope for
>> > CFRG.   (Seems more like a PKNG thing if I understand you right.)
> There was an IETF PKNG that died with no visible results. 

That was an IRTF RG. IMO it never had a cadre of researchers
nor a sufficient set of IETF participants who were interested
in a nextgen thing.

> This is an area where the IETF seems either too unfocused or mired
> in existing PKI to make progress.  Hence it's on my wish list ...
> Let me know if you have any suggestion for other viable forums in IETF
> for such a topic.

We have a list where we discussed certificate transparency but
which has a broader remit. [1] That's discussing whether or
not to start a new CT WG in the IETF at the moment.

There's the wpkops WG for operational issues related to the
web PKI. [2] They could do with help in terms of cycles to do
already-identified work (not hugely interesting for a
security/crypto researcher though probably).

The PKIX list [3] is still open, and would be a good place to
talk about any X.509-related PKI stuff. Not so good for non
X.509 based PKI though maybe unless for an approach that's
very much evolutionary and starts from X.509.

And there's the saag list [4] which is for general security
topics if none of the above fit.

So stuff is happening and there are places to discuss and
propose stuff. And Sean and I would be quite happy to try
help PKI nextgen stuff progress in the IETF should there
be credible proposals.

However, current PKI is not an easy thing to displace, no
matter how much you dislike parts or all of it. The main
reasons IMO are that replacements are likely to suffer a lot
of the same (or equivalent) complexity since its a complex
problem, and that any credible replacement will take at least
a few years to work out and them 5-10 to get deployed which
seems to be beyond the horizon for researchers (speaking as
one who chases funding;-). One could argue that that's why
of all the "large DB of public keys" approaches, only CT
seems to be left standing.

One other thing - listing the problems with the current PKI
is not likely to be a useful place to start. We know those,
and any credible approach would start with a fairly well
worked out proposal, including consideration of that 5-10
year overlap period. Its not easy;-)

Having said all that though, CT is I think a good proof of
concept that the large-DB-of-public-keys thing could be
a runner, and we have learned a lot about the wrinkles in
X.509 based PKI over the years so there is hope maybe.


PS: For any of [1]-[4] please check the archives before
diving in, or ask someone who might be familiar, which
could include me.


Cfrg mailing list