Re: [saag] AD sponsoring draft-josefsson-scrypt-kdf

ianG <iang@iang.org> Fri, 14 August 2015 00:55 UTC

Return-Path: <iang@iang.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A30FA1AD0C9 for <saag@ietfa.amsl.com>; Thu, 13 Aug 2015 17:55:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CLDeI2PSXO1K for <saag@ietfa.amsl.com>; Thu, 13 Aug 2015 17:55:54 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F024F1AD0C5 for <saag@ietf.org>; Thu, 13 Aug 2015 17:55:53 -0700 (PDT)
Received: from tormenta.local (iang.org [209.197.106.187]) by virulha.pair.com (Postfix) with ESMTPSA id 30EF36D722; Thu, 13 Aug 2015 20:55:52 -0400 (EDT)
Message-ID: <55CD3C9C.5080109@iang.org>
Date: Fri, 14 Aug 2015 01:55:56 +0100
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: saag@ietf.org
References: <559153E0.5050102@cs.tcd.ie> <55C932F6.7080203@cs.tcd.ie> <87y4hg9lnt.fsf@latte.josefsson.org> <CAJU7za+GW8HWCuTzG7YuV2k=pDFrkkGxaxQ9h+=Q6xG9NyQQ8A@mail.gmail.com> <CAHbuEH7peLvze9Wcphk5pSbCpGhdW3AsqtqaYSk=pomHNn9Mkg@mail.gmail.com> <87a8tv8dx3.fsf@latte.josefsson.org>
In-Reply-To: <87a8tv8dx3.fsf@latte.josefsson.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/K_YjOPm4EI344SQGuGPOs-2D8Vg>
Subject: Re: [saag] AD sponsoring draft-josefsson-scrypt-kdf
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2015 00:55:55 -0000

On 13/08/2015 15:24 pm, Simon Josefsson wrote:
> Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>; writes:
>
>> On Thu, Aug 13, 2015 at 7:48 AM, Nikos Mavrogiannopoulos
>> <nmav@gnutls.org>; wrote:
>>> On Thu, Aug 13, 2015 at 12:39 AM, Simon Josefsson <simon@josefsson.org>; wrote:
>>>> As far as I know, Salsa20 was not published at any conference or
>>>> journal, so there may not be any better references.
>>>
>>> Salsa20 was an official submission to estream competition, so the
>>> authoritative reference is the design articles at:
>>> http://www.ecrypt.eu.org/stream/salsa20pf.html (the "Salsa20
>>> specification" and "Salsa20 design").

> http://cr.yp.to/salsa20.html

> This said, I'm not convinced the estream Salsa20 specification is the
> most suitable reference to explain the Salsa20 core hash function.


Concur - the world has changed.  Review-by-web-page is now fairly well 
understood.  As it happens the most influential paper in the space was 
simply bandied around on a mail list for a while.  You could say, it was 
reviewed by running code and rough consensus!  He'll probably end up 
with the first pseudonymous Turing prize.  Or she.  Or they.



iang