IETF Logo Mail Archive

Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00

Eric Rescorla <ekr@rtfm.com> Thu, 04 October 2018 15:06 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4067130DFB for <saag@ietfa.amsl.com>; Thu, 4 Oct 2018 08:06:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SwRROfMs1bIE for <saag@ietfa.amsl.com>; Thu, 4 Oct 2018 08:05:53 -0700 (PDT)
Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09F4B12958B for <saag@ietf.org>; Thu, 4 Oct 2018 08:05:53 -0700 (PDT)
Received: by mail-lf1-x12e.google.com with SMTP id s10-v6so7033734lfc.9 for <saag@ietf.org>; Thu, 04 Oct 2018 08:05:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DibAB/VmejSmlewuCo0nJOALHOvgDcQoimSG54wBsJo=; b=EuxzrpnzVnPxI9EHQ4BpXteiGXcXshvbAkIVzdUCBGE+5EAtGWU+9hOA4fPO3ki0Qg ag0q3+eqb+hUnho3nhqhchXySnzlFgfH6sNDfuqwvgKdhfYUW3O9Tz2hbL2w4LvMNUDN 2SKpeeOqt+bFfr/0/a9etfPtHuS0geHIICHoXFAIpwcyP8hdNg6LO0NStBFEQlzAkEUt yEF6LenMo3wcQmolbBaBg9BhMZkMZePB0ZH4+YdmTrpsI9PvrKWAHUl6m0vOlnagek+S 7XJbI7LZpzkeERYF8cHLQpYRh8+GY96GUk/n9J7+EB1sjTtIU44lPYBBA79mr+jI5gq4 QmWw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DibAB/VmejSmlewuCo0nJOALHOvgDcQoimSG54wBsJo=; b=XlqYomEUMOn5lQuUNI94LDK5D9mKRGb/05QwKSEIQnFqE4Q2BxY+yRZy05sdxvUnLk h43ihsb74Lys0gtSWi4r1BsQkvv2SvAajm7L7oKKtvQH8tiGoR6jWPopEoGMuphgWKG7 I1RVKi8fI4vA+BmAiyPH2rCwIzBAwx75evL3ncF+PxjcNipjJ0Bv0Uznc1vViw05SeSE vwQt8Dkb9mjanA3STn7ylON4+j6Iafh5iNES4ff3/klKtTl7or3u+YMXCt/bWvEN2z4M nE9MQ3vca0n3uSeRFzF1+qSwWaO4S9/KwJkRF0ut22eBjLu+v9Nn7UHRttaRnMf+k7kb Dp2A==
X-Gm-Message-State: ABuFfojYmeGebU0enW/riMFYoFEWYNtw3h9B/pf+fT7auQHWKXiuZwuK cy5J1RyXu1cgUiDQ/PsxGlaOziQPfI2SEfvZNToqhlsf064=
X-Google-Smtp-Source: ACcGV608OUGlbFHXFiW6pI97FGev+bXjeSivtr+ovZe6lUkOcqQVQ9B4li1lX/zrKBBQlybzfwrq/OOHJtK9Odam91A=
X-Received: by 2002:a19:1188:: with SMTP id 8-v6mr4376935lfr.32.1538665551236; Thu, 04 Oct 2018 08:05:51 -0700 (PDT)
MIME-Version: 1.0
References: <7CB10AE4-09C1-4AC5-B255-6489EF1FAE78@akamai.com> <alpine.LRH.2.21.1810021734350.12702@bofh.nohats.ca> <BEC2489D-FE1E-4E55-A88C-05E0143F8415@gmail.com> <20181002220720.GD56675@kduck.kaduk.org> <CABcZeBPJjfjdxbHCWFQFLJcnMKZSCpVb0oEZPhpymVgu-=bspQ@mail.gmail.com> <4DCAFB4A-9CDB-4692-9382-FBD04DC8FA16@akamai.com>
In-Reply-To: <4DCAFB4A-9CDB-4692-9382-FBD04DC8FA16@akamai.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 04 Oct 2018 08:05:14 -0700
Message-ID: <CABcZeBMuRG6yrwkVwLpFu2ta6s=+7Q9oydT20AigZk2tP-vacQ@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Cc: Benjamin Kaduk <kaduk@mit.edu>, Paul Wouters <paul@nohats.ca>, saag@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009c25770577687d73"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/1hTAMixORGRa5L-F3NBiBJq4zQM>
Subject: Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Oct 2018 15:06:01 -0000

On Thu, Oct 4, 2018 at 7:49 AM Salz, Rich <rsalz@akamai.com> wrote:

>
>    - The reasoning here was that having code points marked Not
>    Recommended was better than having people squatting.
>
>
>
> They’re actually “no comment” as opposed to Not Recommended.
>

Well, it might be useful to go back to the text here:

   Per this document, a "Recommended" column has been added to many of
   the TLS registries to indicate parameters that are generally
   recommended for implementations to support.  Adding a "Recommended"
   parameter (i.e., "Y") to a registry or updating a parameter to
   "Recommended" status requires Standards Action.  Not all parameters
   defined in Standards Track documents need to be marked as
   "Recommended".

   If an item is not marked as "Recommended" (i.e., "N"), it does not
   necessarily mean that it is flawed; rather, it indicates that the
   item either has not been through the IETF consensus process, has
   limited applicability, or is intended only for specific use cases.

Perhaps the most appropriate thing would be to characterize the "N"
marking as "it is not a 'Recommended code point'".


The only way something gets to be recommended is if it’s a WG document.
>

To be more precise, in IETF 8447, it's Standards Action, which might or
might not be a WG document.

-Ekr



> This is, admittedly, a fine point and could well be lost on many, but it’s
> important.
>

v2.23.0 | Report a Bug | By Email