Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
Nico Williams <nico@cryptonector.com> Tue, 02 October 2018 21:15 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C250813120C for <saag@ietfa.amsl.com>; Tue, 2 Oct 2018 14:15:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zEELTKwgEV73 for <saag@ietfa.amsl.com>; Tue, 2 Oct 2018 14:15:44 -0700 (PDT)
Received: from pdx1-sub0-mail-a33.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C94B131259 for <saag@ietf.org>; Tue, 2 Oct 2018 14:15:44 -0700 (PDT)
Received: from pdx1-sub0-mail-a33.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a33.g.dreamhost.com (Postfix) with ESMTP id B49608017A; Tue, 2 Oct 2018 14:15:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=a1fsDW7tSVv8W/ RAoi/QU4BsxZI=; b=l69VVrBd6v1GKIhbvIcrCOf79Zm0YKwfWQ+zFYhDoKMz03 h5mxulFETq/jcBX6oVOpejLQKcPjYh/k8A0ZPV+oTwsJ7cwSSTeiV5E+op7vCjFq payrGBcHXIJuxsyg1ECj6g2H2IAPhgQCjDVxI2T86LsVOB/kzm/PJvBA4nKgQ=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a33.g.dreamhost.com (Postfix) with ESMTPSA id 67E0580179; Tue, 2 Oct 2018 14:15:41 -0700 (PDT)
Date: Tue, 02 Oct 2018 16:15:39 -0500
X-DH-BACKEND: pdx1-sub0-mail-a33
X-DH-BACKEND: pdx1-sub0-mail-a33
From: Nico Williams <nico@cryptonector.com>
To: Carl Wallace <carl@redhoundsoftware.com>
Cc: Paul Wouters <paul@nohats.ca>, saag@ietf.org
Message-ID: <20181002211538.GJ2164@localhost>
References: <alpine.LRH.2.21.1810021055160.25461@bofh.nohats.ca> <D7D94F2D.C22E0%carl@redhoundsoftware.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <D7D94F2D.C22E0%carl@redhoundsoftware.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/At-EO40xHQZGVSTEuRfnFQDqKQc>
Subject: Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 21:15:52 -0000
On Tue, Oct 02, 2018 at 04:41:06PM -0400, Carl Wallace wrote: > What's the difference between a nation state profile and a similar or same > profile that has been marshaled through a commercial entity? None, of course. I don't object to having codepoint assignments for all sorts of cryptographic algorithms from various nation states and even corporations. I also don't object to FYI publications of these, though presumably any nation state or large corporation could setup their own SDOs, therefore we perhaps should not lend then either the ISE's nor the IETF nor RFC-Editor's resources -- we just can't really refuse IANA resources. What we should want is for required-to-implement algorithms to be ones we reasonably believe are secure, and we should pick those for reasons other than national origin of said algorithms. We should make these decisions on a case-by-case basis, as we long have. Nico --
- [saag] Discuss at SAAG? was Re: nation state cryp… Paul Wouters
- Re: [saag] Discuss at SAAG? was Re: nation state … Nalini J Elkins
- Re: [saag] Discuss at SAAG? was Re: nation state … Paul Wouters
- Re: [saag] Discuss at SAAG? was Re: nation state … Dmitry Belyavsky
- Re: [saag] Discuss at SAAG? was Re: nation state … Salz, Rich
- Re: [saag] Discuss at SAAG? was Re: nation state … Carl Wallace
- Re: [saag] Discuss at SAAG? was Re: nation state … Nico Williams
- Re: [saag] Discuss at SAAG? was Re: nation state … Paul Wouters
- Re: [saag] Discuss at SAAG? was Re: nation state … Paul Wouters
- Re: [saag] Discuss at SAAG? was Re: nation state … Yoav Nir
- Re: [saag] Discuss at SAAG? was Re: nation state … Benjamin Kaduk
- Re: [saag] Discuss at SAAG? was Re: nation state … Yoav Nir
- Re: [saag] Discuss at SAAG? was Re: nation state … Michael Richardson
- Re: [saag] Discuss at SAAG? was Re: nation state … Jim Schaad
- Re: [saag] Discuss at SAAG? was Re: nation state … Yoav Nir
- Re: [saag] Discuss at SAAG? was Re: nation state … Jim Schaad
- Re: [saag] Discuss at SAAG? was Re: nation state … Michael Richardson
- Re: [saag] Discuss at SAAG? was Re: nation state … Salz, Rich
- Re: [saag] Discuss at SAAG? was Re: nation state … Paul Wouters
- Re: [saag] Discuss at SAAG? was Re: nation state … Yoav Nir
- Re: [saag] Discuss at SAAG? was Re: nation state … Michael Richardson
- Re: [saag] Discuss at SAAG? was Re: nation state … Eric Rescorla
- Re: [saag] Discuss at SAAG? was Re: nation state … Eric Rescorla
- Re: [saag] Discuss at SAAG? was Re: nation state … Kathleen Moriarty
- Re: [saag] Discuss at SAAG? was Re: nation state … Salz, Rich
- Re: [saag] Discuss at SAAG? was Re: nation state … Sean Turner
- Re: [saag] Discuss at SAAG? was Re: nation state … Eric Rescorla
- Re: [saag] Discuss at SAAG? was Re: nation state … Salz, Rich
- Re: [saag] Discuss at SAAG? was Re: nation state … Nico Williams
- Re: [saag] Discuss at SAAG? was Re: nation state … Sean Turner
- Re: [saag] Discuss at SAAG? was Re: nation state … Sean Turner
- Re: [saag] Discuss at SAAG? was Re: nation state … Benjamin Kaduk