IETF Logo Mail Archive

Re: [saag] sntrup761x25519-sha512

Simon Josefsson <simon@josefsson.org> Fri, 19 May 2023 20:08 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFE12C151525 for <saag@ietfa.amsl.com>; Fri, 19 May 2023 13:08:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=josefsson.org header.b="Ma/UOOy+"; dkim=pass (2736-bit key) header.d=josefsson.org header.b="HQUgC5xK"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JFggQtQOvDYG for <saag@ietfa.amsl.com>; Fri, 19 May 2023 13:08:52 -0700 (PDT)
Received: from uggla.sjd.se (uggla.sjd.se [IPv6:2001:9b1:8633::107]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B8B1C14CF17 for <saag@ietf.org>; Fri, 19 May 2023 13:08:51 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; q=dns/txt; c=relaxed/relaxed; d=josefsson.org; s=ed2303; h=Content-Type:MIME-Version:Message-ID:In-Reply-To :Date:References:Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding :Content-ID:Content-Description; bh=d7e3SR+zxef1jxECLD49N/zMJgcQGvVAWitwpQQ8ccA=; t=1684526929; x=1685736529; b=Ma/UOOy+6EnIq4X+Cv8hdMUmqHL32WnB/ssA7qQ7PlkM8o0QHjw7oiKGAnuSiD9yUhM+Vdd4hsM XEHSePk+tCw==;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=josefsson.org; s=rsa2303; h=Content-Type:MIME-Version:Message-ID: In-Reply-To:Date:References:Subject:To:From:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description; bh=d7e3SR+zxef1jxECLD49N/zMJgcQGvVAWitwpQQ8ccA=; t=1684526929; x=1685736529; b=HQUgC5xK6EjUJjalTft7CkZBxF4+Q8+abtW+nOHoCqSJqePa462Nu1Hb4e7rx/m65mHylkfLp0m /HPFb0dNF8rJjwmBzt4PxjUCGW9u6HaOj0UDZiJtD1gnnOBdbvOyqWLUQgKCiNY8cJfQZaN719V8i RQaX6zGJJrmPq8m5uQmutSwlLe+AM89TWXr/vb30bVXD5Yhd8GtlblYWdh/EH72IHgdmfB0OeykBi cCjcaotVhDbPPX94OMk+39gldJRtVNLDbx2bFT2/dX5UK2hhHZ5wuVCJRMnh5PqWPGVHRvFb5FugV rXOTtnJdZlJp0aLQVcDjIOQ/wOiRUe4AmUwWRlXsiY9bSkBrUtuP2nQGhTYwNOC9LYXOyQN37zuiU bX7uO8YwcEaCBp3ld6g2Bh0owJZJzVjCsSAtAgQTSTc0LUBqp7DaeC018h8OFAis7juDaFNIh;
Received: from [2001:9b1:41ac:ff00:2518:1867:613:b5f1] (port=45882 helo=kaka) by uggla.sjd.se with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <simon@josefsson.org>) id 1q06P9-004OvO-0y for saag@ietf.org; Fri, 19 May 2023 20:08:47 +0000
X-Hashcash: 1:22:230519:saag@ietf.org::0LIwSXPQSkDg17+S:4tRm
From: Simon Josefsson <simon@josefsson.org>
To: saag@ietf.org
References: <875y8y4ip2.fsf@kaka.sjd.se> <84296E62-5843-4E7A-BD43-430491A5A1F3@akamai.com>
OpenPGP: id=B1D2BD1375BECB784CF4F8C4D73CF638C53C06BE; url=https://josefsson.org/key-20190320.txt
X-Hashcash: 1:22:230519:rsalz=40akamai.com-tr9gzwtxerdr74of6e/6qq@public.gmane.org::L3opsbiIsz5lXvxZ:e+0
X-Hashcash: 1:22:230519:simon=40josefsson.org-tr9gzwtxerdr74of6e/6qq@public.gmane.org::05ror946LzAi/bWa:6gbo
X-Hashcash: 1:22:230519:curdle-egrivxuawey@public.gmane.org::wwfkC6dtpl0H/FAH:9Do2
X-Hashcash: 1:22:230519:ietf-ssh-s783fymb3ccdnm+yrofe0a@public.gmane.org::idtIbuucyoLpwxBY:0RFei
Date: Fri, 19 May 2023 22:08:47 +0200
In-Reply-To: <84296E62-5843-4E7A-BD43-430491A5A1F3@akamai.com> (Rich Salz's message of "Thu, 11 May 2023 22:31:31 +0000")
Message-ID: <874jo8ytgw.fsf@kaka.sjd.se>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/ZD0if6HxeAxemQzEOQIN2ZAJduA>
Subject: Re: [saag] sntrup761x25519-sha512
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2023 20:08:57 -0000

Hi

Over at the Curdle list the SSH sntrup761x25519-sha512 draft has been
discussed:

https://datatracker.ietf.org/doc/html/draft-josefsson-ntruprime-ssh-00
https://mailarchive.ietf.org/arch/browse/curdle/?gbt=1&index=g00shBcI9eUnwabG-oVTWdPXTVI

Rich's analysis below of what the IANA registry rules for SSH means, and
quoting RFC 8126:

4.8.  IETF Review
     (Formerly called "IETF Consensus" in the first edition of this
   document.)  With the IETF Review policy, new values are assigned only
   through RFCs in the IETF Stream -- those that have been shepherded
   through the IESG as AD-Sponsored or IETF working group documents
   [RFC2026] [RFC5378], have gone through IETF Last Call, and have been
   approved by the IESG as having IETF consensus.

Does SAAG has any feedback on this?  Would you prefer to publish this
through a WG or the AD-Sponsored route?

/Simon

"Salz, Rich" <rsalz@akamai.com> writes:

> One issue is that the SSH registries are "IETF Consensus" which means
> they must be RFCs published in the IETF stream [1] which means either
> re-opening CURDLE or being AD-sponsored.
>
> [1] https://www.rfc-editor.org/rfc/rfc8126.html#page-22

v2.23.0 | Report a Bug | By Email