Re: [sasl] MOGGIES Proposed Charter

Nicolas Williams <Nicolas.Williams@oracle.com> Thu, 20 May 2010 22:57 UTC

Return-Path: <Nicolas.Williams@oracle.com>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A9D83A6885; Thu, 20 May 2010 15:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.134
X-Spam-Level:
X-Spam-Status: No, score=-4.134 tagged_above=-999 required=5 tests=[AWL=-0.136, BAYES_50=0.001, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uYnWYJUb18ZU; Thu, 20 May 2010 15:57:36 -0700 (PDT)
Received: from rcsinet10.oracle.com (rcsinet10.oracle.com [148.87.113.121]) by core3.amsl.com (Postfix) with ESMTP id 521253A6875; Thu, 20 May 2010 15:57:36 -0700 (PDT)
Received: from rcsinet13.oracle.com (rcsinet13.oracle.com [148.87.113.125]) by rcsinet10.oracle.com (Switch-3.4.2/Switch-3.4.1) with ESMTP id o4KMvQL6018957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 20 May 2010 22:57:28 GMT
Received: from acsmt354.oracle.com (acsmt354.oracle.com [141.146.40.154]) by rcsinet13.oracle.com (Switch-3.4.2/Switch-3.4.1) with ESMTP id o4KJg4Bv026693; Thu, 20 May 2010 22:57:26 GMT
Received: from abhmt007.oracle.com by acsmt354.oracle.com with ESMTP id 255656301274396214; Thu, 20 May 2010 15:56:54 -0700
Received: from oracle.com (/129.153.128.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 20 May 2010 15:56:54 -0700
Date: Thu, 20 May 2010 17:56:47 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Martin Rex <mrex@sap.com>
Subject: Re: [sasl] MOGGIES Proposed Charter
Message-ID: <20100520225647.GX9605@oracle.com>
References: <20100518191521.GL9429@oracle.com> <201005202238.o4KMcML6028897@fs4113.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <201005202238.o4KMcML6028897@fs4113.wdf.sap.corp>
User-Agent: Mutt/1.5.20 (2010-03-02)
X-Auth-Type: Internal IP
X-Source-IP: rcsinet13.oracle.com [148.87.113.125]
X-CT-RefId: str=0001.0A090208.4BF5BE58.0224:SCFMA4539811,ss=1,fgs=0
Cc: kitten@ietf.org, sasl@ietf.org, tim.polk@nist.gov
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 May 2010 22:57:37 -0000

On Fri, May 21, 2010 at 12:38:22AM +0200, Martin Rex wrote:
> Nicolas Williams wrote:
> > I'd word that differently:
> > 
> >  * Specify an interface for enforcing security strength of GSS-API mechanisms.
> > 
> > The reason is that "reporting the security strength" of something
> > implies [to me] an absolute measure of security strength, and I don't
> > think it's possible to design a good, _stable_, absolute measure of
> > security strength.
> 
> I think that the comparable strength measured in "Bits of security"
> as used by NIST SP800-57 section 5.6.1 should be sufficiently stable.

I don't.  I'd much rather be able to ask for a credential or context
that meets a given security profile, or to check what profiles a given
credential or context meets.  The profiles should be named

Possible profile names and semantics:

 - FIPS-140-x        -> obvious semantics (FIPS-140-x compliant cipher suites)
 - <other standards> -> obvious semantics
 - Strong            -> obvious-but-local semantics
 - Fast              -> obvious-but-local semantics
 - Interoperable     -> standard, per-mechanism semantics
 - Weak              -> standard, per-mechanism semantics (basically:
                        interoperable cipher suites + obsolete suites)

 - Local-*           -> locally-defined profile names and semantics

> What changes over time is the amount of "strength" that one considers
> secure.  

Not only.  Cryptanalysis progresses and the relative strengths of
various algorithms can vary.

I abhor anything remotely like a quantification of cryptographic
strength, and will for the forseeable future.

Nico
--