Re: [Cfrg] dragonfly, was: Re: Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
Andy Lutomirski <luto@amacapital.net> Thu, 28 March 2019 02:39 UTC
Return-Path: <luto@amacapital.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E277120189 for <cfrg@ietfa.amsl.com>; Wed, 27 Mar 2019 19:39:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=amacapital-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2p-OQ6XgQbQ9 for <cfrg@ietfa.amsl.com>; Wed, 27 Mar 2019 19:39:29 -0700 (PDT)
Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 527D712018E for <cfrg@irtf.org>; Wed, 27 Mar 2019 19:39:26 -0700 (PDT)
Received: by mail-wr1-x430.google.com with SMTP id k11so13516142wro.5 for <cfrg@irtf.org>; Wed, 27 Mar 2019 19:39:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=FzWVfOmHZC/mRgA8W/4cUeIlXKuaBW5qMn/Hn3DpUQY=; b=OvR5sVdH+YUialdORnjS1zoM3o8jEx08WJ5OxSoVV35fzYvGI08h/h3kPX50Od9+PT ZXwrCmqoe1sIFIPehh397KkwJhC/l732ROY3KMTZI2Ri4FCyLOAIRUVKNsGW6xh5bm2L QviP/H1S5kvhF6uSzZ265p2Akm64Xmm320Kn0mAj0bhwIxFFGTtgWlX8uzgmwFitkszc YI7nnu9mOXRB6ALqnEkGhrT8/ger63oTJMMesOyIlkZnsUgvh0rBK0NSyHMe82kadrf3 POc1ZgjkznAi+YpcSyPo+u3RW6fTtT33nDJjgujF9NJ/pPqW71xRjPl3jqjZgvBaT+pH c7fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=FzWVfOmHZC/mRgA8W/4cUeIlXKuaBW5qMn/Hn3DpUQY=; b=oz4V1DtW1DhLUj4QUg5wJocsrHsfJvYUH08J6OO/4orNePb+8XFbiXE8hp5NUNtEQi Q5mwUNBIlX+9Lh82WZSZuvVZtNsrSP2bNY3yHaJ5TZ6OX7iqgfM96cZXEZHz2DEplpR1 vxNFXTskmNFpdp22GxhdKJZU4oEy614Uj+e1QdGJWF+UW/+9mpgqWP9+Toyk9Go/MNR/ ikWN0VEFgDLnzEsq9WtAYi4dNwZwnVsg6lIvC8mwKNThjmj8k5WbWilMYVcp3XGTHwpl 4cXzB1GBxUSIGRP8TCmdLA31iSK7mA+oKVsVUW0IOI9/lxs+7dVr2M/vX4E/myzDVfbf gepQ==
X-Gm-Message-State: APjAAAVNyl24Bplv4e3xaxl7wuHzMUIGohsh6mL3uuv6zwrrAbk4xGPY leZ66+7VaWZyjVGn9/5vqHSSAhPshR799gMbz/PqzQ==
X-Google-Smtp-Source: APXvYqwK/1N1AwpihNbuD5VfQiDRSQSmHJZmqYndW2HXH/oMJxIiTZpT64zsf+H7HnIgzveru5DH85SnVC28ovCYH3M=
X-Received: by 2002:a5d:4710:: with SMTP id y16mr24288702wrq.176.1553740764798; Wed, 27 Mar 2019 19:39:24 -0700 (PDT)
MIME-Version: 1.0
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca> <CAHOTMVLtjVxZNy3bFRn09xH+cOw+tPi2CL3BkaQuJEqxAzGOJg@mail.gmail.com> <edca701b-21f3-c80c-d754-fc333f1e2e04@cs.tcd.ie> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <CAHOTMVJ2StG-wv6FRMescF=0PiZ4ei-MA0H+EV3QNiCb8yGFCQ@mail.gmail.com> <4831964a-19de-2c33-bd6d-de33a2c63276@lounge.org> <CAHOTMV+33wipA5gtF16bHSZNs_edFiyZuDVj+kv28FRXcUJw3A@mail.gmail.com>
In-Reply-To: <CAHOTMV+33wipA5gtF16bHSZNs_edFiyZuDVj+kv28FRXcUJw3A@mail.gmail.com>
From: Andy Lutomirski <luto@amacapital.net>
Date: Wed, 27 Mar 2019 19:39:13 -0700
Message-ID: <CALCETrW_X_Yb9=eNKCBULnW+rRtTBLFpw1Tvc2oSLXq-ovGmiQ@mail.gmail.com>
To: Tony Arcieri <bascule@gmail.com>
Cc: Dan Harkins <dharkins@lounge.org>, CFRG <cfrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/nxjhd7HKmf49crsNMvbel9Tl8Bc>
Subject: Re: [Cfrg] dragonfly, was: Re: Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2019 02:39:35 -0000
On Wed, Mar 27, 2019 at 9:38 AM Tony Arcieri <bascule@gmail.com> wrote: > > There is, if nothing else, some confusion around the IETF's relationship to Dragonfly, both within the WiFi Alliance and by tech journalists. Some examples: > > https://mailarchive.ietf.org/arch/msg/cfrg/lNFkQxnCQpi7dEX6cNI0ewZAuGw > >> Also note individual submission: https://tools.ietf..org/html/draft-harkins-salted-eap-pwd-02 EMU and Security Area review incorporated, IETF Last Call pending.. Related draft (will be RFC 7664), see https://datatracker.ietf.org/doc/draft-irtf-cfrg-dragonfly/ . > > > https://www.darkreading.com/operations/wpa3-brings-new-authentication-and-encryption-to-wi-fi/d/d-id/1332145 > >> WPA3 Personal authentication is a process called a simultaneous authentication of equals (SAE), which comes from the IETF Dragonfly key exchange. Robinson says that with SAE, the authentication requires interaction, and only after authentication will the keys be generated. This makes attacks that depend on cloud-based server farms and automated key attempts unavailable to attackers. > > > https://www.eweek.com/security/next-generation-wpa3-wifi-security-standard-launches > >> "SAE uses a Dragonfly handshake defined in the Internet Engineering Task Force (IETF) RFC 7664 specification and applies it to a WiFi network for password-based authentication," Robinson explained. "The Wi-Fi Alliance WPA3 specification defines additional requirements for devices operating in SAE modes." > > > From what I've observed, the IETF's name seems to end up attached to Dragonfly quite a bit. Curiously in these quotes, the CFRG and IRTF aren't mentioned at all. Perhaps this speaks to a more general problem around public perception of RGs and informational RFCs (or lack thereof), but when I read quotes like this, they sound to me like many people's perception is that Dragonfly is a standards-track IETF RFC. > > Issues like educating the tech press and trade associations on the difference between the IETF and IRTF and the difference between standards-track and informational RFCs aside, I think the main thing the IETF could do address these concerns is actually create a WG dedicated to producing a standards-track PAKE for similar use cases. PAKEs are certainly a hot topic these days, both on the CFRG (see OPAQUE thread this morning) and in cryptography in general. > As far as I can tell, basically anyone who isn't involved in the IETF or IRTF is utterly confused as to why they're called RFCs in the first place. Some of them seem to be standards (de facto, "standards track", or otherwise), some of them are definitions of a cryptographic protocol like CFRG produces (which sounds a lot like "standard" to me), and very few of them indeed appear to be requests for comments. It's entirely unclear when an RFC is supposed to be a statement that IETF or IRTF thinks the thing in the document is a good idea. I think the messaging could be made much, much more clear.
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Andy Lutomirski
- [Cfrg] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts David Wong
- Re: [Cfrg] ISE seeks help with some crypto drafts D. J. Bernstein
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Dan Brown
- Re: [Cfrg] ISE seeks help with some crypto drafts John Mattsson
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Paul Hoffman
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Watson Ladd
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Hoffman
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… S Moonesamy
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Ted Krovetz
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- [Cfrg] Time to recharter CFRG as a working group?… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Tony Arcieri
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Peter Gutmann
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… John Mattsson
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Valery Smyslov
- Re: [Cfrg] Time to recharter CFRG as a working gr… Mathy Vanhoef
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… denis bider
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Daniel Kahn Gillmor
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paul Wouters
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Watson Ladd
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Martin Thomson
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Peter Gutmann
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Donald Eastlake
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] Time to recharter CFRG as a working gr… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Martin Thomson
- [Cfrg] dragonfly, was: Re: Time to recharter CFRG… Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Tony Arcieri
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Björn Haase
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Benjamin Kaduk