Re: [Cfrg] [secdir] Time to recharter CFRG as a working group? Was: Re: ISE seeks help with some crypto drafts

"Martin Thomson" <> Mon, 18 March 2019 04:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4390E129A4B for <>; Sun, 17 Mar 2019 21:12:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=C+QNoVG6; dkim=pass (2048-bit key) header.b=Yd5YoqA+
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id usogS3iKwDy6 for <>; Sun, 17 Mar 2019 21:12:34 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AF4A31277D6 for <>; Sun, 17 Mar 2019 21:12:34 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id D4E6721EDD for <>; Mon, 18 Mar 2019 00:12:33 -0400 (EDT)
Received: from imap2 ([]) by compute1.internal (MEProxy); Mon, 18 Mar 2019 00:12:33 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm1; bh=7Xmq/mogoi9P/Nk5jT07Yl+bk+DldzF Bj7I/cGxyXUQ=; b=C+QNoVG64CvHY59taElX31ZLT89iRke8v1DEgqrbxuabmUT Aqw66QbbJmcqsG3bWyx9sEkssC21QrA2wM5mXR+Hu/wbmp+kWF7qvv2PxzhIm8KG 0rOVAhqNpo+A5IBY/eFO3HqSgEc6tVjW7jQdMELIiQIfE9wdbAVBQvHhOhjK3YK8 JNFQg24igpHbJsjR/f0PiP8VpI7gspU5OtBdXbGOcYLnd1svFn8ijHELIsNgVKXV RBUcB9Z/drk4615Q8M/FbEqkeAiLNS8AWw99t234ooptFSM62Gzz8TOdyniVivb1 60JgyDe10mTsZ5oBx5Rx+TBLc2snrl1lzforgKA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=7Xmq/m ogoi9P/Nk5jT07Yl+bk+DldzFBj7I/cGxyXUQ=; b=Yd5YoqA+XwZbRp22OmmCsL OzfluHEGBmBux91KM/QWgomeaxvvFZKOLHt3/voK0UjLlzRSwDYPvHvMZE/1fpwH o0UEUiAAmK+/ChoY6UIw9jz2yzSFQKJtwrLJFAPhpXy4J92Z0KQk1cRjH4kS8O4O wWhWSJDn3Ge0fqgqB2Wxu+cNW2JiALfADS9lhip0czsf/qBAxzqV0zOHZrVJ75Ia Oy4sGYL7X9R2eNiKIX56J4o1CpAfrrvbDt2KTgJqLLXbHWXTUNlY58ubSMX2J7ij SgoP+R02zlyzSwHVwoYIUQcEH6ReSInPm6ZklujwC+b5jDoJHD3OaJWLKYxregTw ==
X-ME-Sender: <xms:sRqPXNGg4jfJ6J1X2CAuyoEedRG_iKbr62ukv-u4rb7YUgqciPe4aw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddriedtgdeilecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreerjeenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohif vghnthhrohhphidrnhgvtheqnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofi gvnhhtrhhophihrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:sRqPXGk0y4fBFzJuGuLZgR_b4cmzm58gN7dYtAql0vFTyK4BASeYOw> <xmx:sRqPXKKTEoMKf_5Esbgk0oYlj5YvfvB3Bcs-i_IcucrDRjbQQetobQ> <xmx:sRqPXHZx4yPuGB3TuLTvAqLAyLg3kNtqiw9d5Ra7l4NXYefpuqbHCw> <xmx:sRqPXFPDwyhCJPUM3yRPx6RdIehOplsa3IBjG1m8QfFGwxXUGadwoA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 467197C651; Mon, 18 Mar 2019 00:12:33 -0400 (EDT)
X-Mailer: Webmail Interface
User-Agent: Cyrus-JMAP/3.1.5-976-g376b1f3-fmstable-20190314v3
Mime-Version: 1.0
X-Me-Personality: 92534000
Message-Id: <>
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
Date: Mon, 18 Mar 2019 00:12:35 -0400
From: "Martin Thomson" <>
Content-Type: text/plain
Archived-At: <>
Subject: Re: [Cfrg] =?utf-8?q?=5Bsecdir=5D_Time_to_recharter_CFRG_as_a_workin?= =?utf-8?q?g_group=3F_Was=3A_Re=3A_ISE_seeks_help_with_some_crypto_drafts?=
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 18 Mar 2019 04:12:36 -0000

On Mon, Mar 18, 2019, at 14:11, denis bider wrote:
> SSH is full of underdocumented, partly functional custom extensions (to 
> cryptography, compression, SFTP, port forwarding, host key 
> synchronization, VPN, and more), most of which *could* be better 
> designed, better documented and standardized - if only there was a 
> continuing forum and people did not have to go through this "rigorous" 
> chartering process.

I'm sure that if you wanted to start an SSH maintenance working group to fix all that, the IETF would be receptive to that.  We did that for HTTP a few years ago and it has been somewhat successful.  Note that it doesn't take a very large group to actually drive an effort like this, but it is not especially easy or glamorous work.  The main threat to success is not getting major implementations properly invested, but if you can clear that hurdle, I'm sure you would find the IETF to be very supportive.

That sounds nothing like a problem with CFRG though.  In all this, I've heard nothing but good things about the work that goes on here, and now that I've the opportunity to add my voice: I too believe that the CFRG is currently working. A change would be somewhere between unwise and idiotic.  For all of the aforementioned reasons.