IETF Logo Mail Archive

Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00

Michael Richardson <mcr+ietf@sandelman.ca> Wed, 03 October 2018 20:45 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E770C12F1AC for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 13:45:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F_b6b0c4rU1w for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 13:45:16 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 153E312F1AB for <saag@ietf.org>; Wed, 3 Oct 2018 13:45:15 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 491A920090; Wed, 3 Oct 2018 16:45:13 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 1F5622352; Wed, 3 Oct 2018 16:45:14 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 1CB07234D; Wed, 3 Oct 2018 16:45:14 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Paul Wouters <paul@nohats.ca>
cc: "Salz, Rich" <rsalz@akamai.com>, Yoav Nir <ynir.ietf@gmail.com>, Security Area Advisory Group <saag@ietf.org>
In-Reply-To: <alpine.LRH.2.21.1810031258590.22146@bofh.nohats.ca>
References: <7CB10AE4-09C1-4AC5-B255-6489EF1FAE78@akamai.com> <alpine.LRH.2.21.1810021734350.12702@bofh.nohats.ca> <BEC2489D-FE1E-4E55-A88C-05E0143F8415@gmail.com> <02a901d45aac$e83d4030$b8b7c090$@augustcellars.com> <C2A1A8A5-FE35-47D9-8B06-E4E572380FEB@gmail.com> <14967.1538573464@localhost> <56BAE3F9-C5EC-47C7-9478-87445D973F62@akamai.com> <alpine.LRH.2.21.1810031258590.22146@bofh.nohats.ca>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Wed, 03 Oct 2018 16:45:14 -0400
Message-ID: <7845.1538599514@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/MIXK_xOJ0VNfBm_5cwyaL8WaCcM>
Subject: Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 20:45:18 -0000

Paul Wouters <paul@nohats.ca> wrote:
    > Is there a way to say 'specification required and expert review' ?

Yes, it's Specification Required.
(Expert Review is implied.  Just went through this in CELLAR)

    > This is not the same as 'RFC required' because it could be a non-IETF
    > crypto algorithm specified elsewhere in a national publication.

Yes.

    > Note that this is a little off-topic. I am fine (up to a point) for
    > assigning code points to national algorithms as long as we have code
    > points. It is the "recommendations" for "suites" that I have a problem
    > with. I do not want the IETF to recommend any crypto other than via
    > CFRG.

in most cases, we have at least 32-bit number spaces, or it's strings,
so I just see a reason to be stingy.



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email