Re: [Curdle] WG Action: Formed CURves, Deprecating and a Little more Encryption (curdle)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 18 December 2015 16:57 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23A4E1B3745 for <curdle@ietfa.amsl.com>; Fri, 18 Dec 2015 08:57:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aWMeE56O88Jx for <curdle@ietfa.amsl.com>; Fri, 18 Dec 2015 08:57:06 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A8431B3746 for <curdle@ietf.org>; Fri, 18 Dec 2015 08:57:04 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 0E71EBEDB for <curdle@ietf.org>; Fri, 18 Dec 2015 16:57:02 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LyeiDgYw-DtU for <curdle@ietf.org>; Fri, 18 Dec 2015 16:56:59 +0000 (GMT)
Received: from [10.87.48.95] (unknown [86.46.22.208]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 6D4E1BE51 for <curdle@ietf.org>; Fri, 18 Dec 2015 16:56:58 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1450457819; bh=2XF8YSqM4+TXUJRjwBbN9i345RQ2szC+lawM5j+VunQ=; h=Subject:References:To:From:Date:In-Reply-To:From; b=hpsWFtlGOnvKTiSl90xgAUEwvhFKtWCOfgKq4CufkCNp227kLLhVhwNZGwTkH5zRJ 33kEiz85f4R8G6Z0azU9B4sgqXsWUR+c2zEhqzttI4I4fwdpyPBooysA3BGM+3bWDn EgztyIHvRqE9BUeP77k+BwjHqmK7TXMuQSrduY80=
References: <20151218165200.24085.7127.idtracker@ietfa.amsl.com>
To: curdle@ietf.org
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56743AD9.6@cs.tcd.ie>
Date: Fri, 18 Dec 2015 16:56:57 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <20151218165200.24085.7127.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/curdle/sxw7sz2auPi2TorS9Ln0KpIOPMM>
Subject: Re: [Curdle] WG Action: Formed CURves, Deprecating and a Little more Encryption (curdle)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Dec 2015 16:57:09 -0000
Thanks all for the help with writing docs and the charter to get this going. And now off you go to get the work done! Cheers, S. On 18/12/15 16:52, The IESG wrote: > A new IETF working group has been formed in the Security Area. For > additional information please contact the Area Directors or the WG > Chairs. > > CURves, Deprecating and a Little more Encryption (curdle) > ------------------------------------------------ > Current Status: Proposed WG > > Chairs: > Daniel Migault <daniel.migault@ericsson.com> > Rich Salz <rsalz@akamai.com> > > Assigned Area Director: > Stephen Farrell <stephen.farrell@cs.tcd.ie> > > Mailing list > Address: curdle@ietf.org > To Subscribe: https://www.ietf.org/mailman/listinfo/curdle > Archive: https://mailarchive.ietf.org/arch/browse/curdle/ > > Charter: > > CURDLE - CURves, Deprecating and a Little more Encryption > > The CURDLE working group is chartered to add a small set of cryptographic > mechanisms to some IETF protocols, and to make implementation > requirements including deprecation of old algorithms where there is IETF > consensus to do so. The focus with regards to adding mechanisms is for > those mechanisms that enjoy broad support from implementers. > > The set of cryptographic mechanisms that can be introduced are limited to > key agreement (ECDH) and digital signatures (EdDSA) with Curve25519 and > Curve448 as defined by CFRG [1] [2], and the AEAD mode ciphers consisting > of ChaCha20 and Poly1305 also defined by CFRG [3]. Other variants of > mechanisms, such as the ChaCha20-Poly1305 construct deployed for SSH, may > also be considered as well as AES-CCM[4] and AES-GCM [5] where those are > not already defined and where there is implementer interest. Related > specifications such as private and public key formats are also within > scope. > > The protocols the WG intends to work on are Secure Shell (SSH), DNSSEC, > PKIX, CMS, XML Digital Signatures and potentially XML Encryption, > Kerberos and JSON. > > Where initial drafts for this work have been produced those will be > immediately considered for adoption as working group documents. These > include, for SSH, Curve25519/Curve448 digital signatures [6] and key > exchange [7]; for DNSSEC, Ed25519 [8] and Curve448 [9]; for PKIX, > Curve25519/448 NamedCurve [10] and EdDSA signatures [11]; for JSON curves > and signatures [12]. > > The CURDLE working group will be handling changes to protocols and > registries some of which include what are now considered outdated > algorithm options, and may propose deprecation of such algorithms. Such > deprecation needs to be done with care, ensuring that interoperability > and the needs of existing implementers and deployments are properly > considered. Where deprecation is practical, the working group is > encouraged to deprecate. > > Where there is an IETF working group or area group with expertise in a > relevant topic the CURDLE working group will defer to the consensus of > the more specific working group as to where work will be done. For > example, the TLS, OpenPGP and IPSECME WGs are actively considering some > of these topics. > > The CURDLE working group will liaise with W3C to ensure that XML digital > signature and XML encryption work does not conflict with W3C. > > The CURDLE working group is expected to be a short-lived working group > that may not need to ever meet face-to-face. Once the work on the > initially adopted set of drafts has completed the working group will > close or re-charter. > > The CURDLE working group is not chartered to consider allocating new > codepoints for any algorithms or modes other than those mentioned above. > Should someone wish to propose such work, a re-charter will be required. > At this time, there is no expectation that such a re-charter will be > requested. > > [1] https://tools.ietf.org/html/draft-irtf-cfrg-curves > [2] https://tools.ietf.org/html/draft-irtf-cfrg-eddsa-00 > [3] RFC 7539 > [4] RFC 3610 > [5] RFC5288 > [6] https://tools.ietf.org/html/draft-bjh21-ssh-ed25519-02 > [7] https://tools.ietf.org/html/draft-josefsson-ssh-curves-00 > [8] https://tools.ietf.org/html/draft-sury-dnskey-ed25519-03 > [9] https://tools.ietf.org/html/draft-sury-dnskey-ed448-00 > [10] https://tools.ietf.org/html/draft-josefsson-pkix-newcurves-01 > [11] https://tools.ietf.org/html/draft-josefsson-pkix-eddsa-04 > [12] http://www.ietf.org/mail-archive/web/jose/current/msg05357.html > > > Milestones: > Jan 2016 - Decision on which drafts to adopt > Jun 2016 - Send last draft to IESG > > > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle >
- [Curdle] WG Action: Formed CURves, Deprecating an… The IESG
- Re: [Curdle] WG Action: Formed CURves, Deprecatin… Stephen Farrell