Re: [Cfrg] IBE checking...

Stephen Farrell <> Mon, 21 March 2016 14:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CD51B12D8A7 for <>; Mon, 21 Mar 2016 07:47:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DkGD9GN9oeXi for <>; Mon, 21 Mar 2016 07:47:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B00C212D84D for <>; Mon, 21 Mar 2016 07:46:49 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6526ABE39 for <>; Mon, 21 Mar 2016 14:46:48 +0000 (GMT)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PGtwJYmYpx0r for <>; Mon, 21 Mar 2016 14:46:48 +0000 (GMT)
Received: from [] ( []) by (Postfix) with ESMTPSA id B3745BE33 for <>; Mon, 21 Mar 2016 14:46:47 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1458571608; bh=DsEflrXR7phZiS7Pp7FHjFwzFXjebfwQUVstLNeCc0U=; h=Subject:To:References:From:Date:In-Reply-To:From; b=De+j7OiEJxmwU3vTQ6L5ZxBaN5r2ZMeDxzf1K7dYhsF/OWNi9oT8uezljkm10wMrx y1WSfzNiBGNInoQthffaoEWzAlFvS3ytkF7ypYaDvtrN4n3Kwoa9B51fQFHYaSuIjS bAOnMPuFy1BOG5JyilnS66iNrbeOTbyQvoGfzwyw=
To: "" <>
References: <>
From: Stephen Farrell <>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <>
Date: Mon, 21 Mar 2016 14:46:46 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms050905030305010903050800"
Archived-At: <>
Subject: Re: [Cfrg] IBE checking...
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 21 Mar 2016 14:47:03 -0000

Closing a long-open loop...

On 17/11/14 15:56, Stephen Farrell wrote:
> Hiya,
> This IBE draft [1] is on next week's IESG telechat. Since
> IBE ain't my thang really, I figured I'd check see if
> someone here wanted to give it a read from a crypto POV.
> There's not too much to this over and above RFC6507 [2] (I
> think:-) but this seems to be the first case of a standards
> track document making use of 6507 so there's a bit of process
> novelty here, even if not much cryptographic novelty.
> If you can review, sending comments here, or to the secdir
> list, or the IETF list or just to Kathleen and I are all fine
> things to do. If you might get to it but aren't sure please
> drop me a note.
> Oh, and it's not that long: just 16 pages incl. examples:-)

I held a DISCUSS on this since November 2014. The resolution of
that was to change the draft to aim for an experimental RFC
mainly on the basis that the crypto didn't have any published
analyses. So I've moved to an ABSTAIN position (you can see
my comments in the tracker if you go to [3] below).

While I'm not a fan of IBE myself, and there's still no published
analyses, I don't think we can block experimental stuff for those
reasons alone. (Otherwise CFRG might have a hard time producing
some new experimental specs for example.) Mind you, that does
assume that the rest of the world know the difference between
experimental and standards-track RFCs, which is not actually
true, but we do also need to stick with the rules of the game
that we've setup so I think this is the correct, if not the
optimal, outcome.

This may still come back to the IESG for another evaluation
as the IESG personnel turnover in the meantime means it needs
some more ballots, so if there's any new information that'd
be relevant, I'd still be interested in hearing about that.


> Thanks in advance,
> S.
> [1]
> [2]


> _______________________________________________
> Cfrg mailing list