Re: [Cfrg] EC signature: next steps

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

Hi Alexey,

On 31/08/15 10:53, Alexey Melnikov wrote:
> Dear CFRG participants,
> 
> Many thanks to Ilari for posting this updated summary of where things
> currently stand. Kenny and I would now like to run a short discussion
> focusing on this summary, with our intention being to flush out any last
> issues or additional points of comparison between the different schemes
> that everyone should be aware of.
> 
> Once everyone has kicked the tires, so to speak, we plan to move to a
> poll to decide which scheme CFRG should focus on writing up and formally
> recommending. We, as chairs, are hoping these steps will get us to the
> finishing line.
> 
> So:
> 
> - are there important characteristics or points of comparison that
> Ilari's summary does not cover?

IPR. There have been a few modifications to the schemes compared to
when those were initially proposed during the process. One of the
things that IETF working groups (well, document shepherds) do these
days is to get authors of documents to re-confirm that yes, they have
in fact ensured that all required IPR declarations have been made.
That does catch some errors and omissions that would otherwise cause
issues later in the process.

While we don't yet have a draft here, I think it would be a valuable
input if each of the authors commented in the next week as to whether
or not they are personally aware of any IPR that affects their
proposal. (Of course, if they know of IPR that affects someone else's
proposal then our IPR process also does ask that they tell us about
that too.) And again, as with the document shepherd case, it'd be
fine if they just sent mails to the chairs who then summarised to the
list before you start that poll, e.g. saying who had (or had not) sent
you such a mail and what they said. (On list would be fine but might
get fractious, hence my suggestion that the chairs summarise.)

And just to be very clear, the information that I would find useful
in that aspect of the evaluation is whether or not some IPR declaration
will be needed should CFRG select the proposal concerned. The actual
declaration would of course follow in due course but knowing now that
the proponents do not expect to have to make such a declaration would
be good input for me. So simply saying "this is the same as <<that>>"
is not a useful answer for me for any value of <<that>>.

Hopefully, the answer is that nobody has an issue saying that they
will not need to make an IPR declaration for their scheme, but
confirming that, or folks inability to state that, would be useful
as there is history in this space and that kind of problem could
also ensure that CFRG is delayed to the point where the chosen scheme
is overtaken by events.

Thanks,
S.


> 
> - are there errors of fact or omission that need to be corrected?
> 
> - anything else?
> 
> 
> We'll let this discussion run for exactly one week, but we might extend
> the time if the discussion is still going strong and new arguments or
> points of comparison are brought up. After that, if no major new
> information is brought up, we will start the Quaker poll for selecting a
> single CFRG-recommended signature scheme.
> 
> 
> Best Regards,
> Kenny and Alexey
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@mail.ietf.org
> https://mail.ietf.org/mailman/listinfo/cfrg
>