IETF Logo Mail Archive

Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00

Paul Wouters <paul@nohats.ca> Wed, 03 October 2018 17:02 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8A5A127148 for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 10:02:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9wTEvT1OXyHz for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 10:01:59 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5D46124BE5 for <saag@ietf.org>; Wed, 3 Oct 2018 10:01:58 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 42QMkW48FnzCxk; Wed, 3 Oct 2018 19:01:55 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1538586115; bh=hiGgHXdJc/pfKR2Qe/YWFmTBTLce+ckT/yXHgHs31I4=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=GrczcPxnKaAb8M0EoVm1pcZXNLlFcWKCDO2Lv9NZE1U0ldYxl5k2UtcAxpd1VH+jR xEyWtJQed6u7hSShoAzY/LNEEOxjisn+fWWxTgQmsLY81wFmTnQ+OwjZ+t3cnYy+cd nV/jSZj/uDqVPwe5PSoyaKj+ZaU2mzs99BBTPl4E=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id MdJD2riPgkCC; Wed, 3 Oct 2018 19:01:54 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 3 Oct 2018 19:01:54 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id A671B3797AF; Wed, 3 Oct 2018 13:01:53 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca A671B3797AF
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 9E97C402E531; Wed, 3 Oct 2018 13:01:53 -0400 (EDT)
Date: Wed, 03 Oct 2018 13:01:53 -0400
From: Paul Wouters <paul@nohats.ca>
To: "Salz, Rich" <rsalz@akamai.com>
cc: Michael Richardson <mcr+ietf@sandelman.ca>, Yoav Nir <ynir.ietf@gmail.com>, Security Area Advisory Group <saag@ietf.org>
In-Reply-To: <56BAE3F9-C5EC-47C7-9478-87445D973F62@akamai.com>
Message-ID: <alpine.LRH.2.21.1810031258590.22146@bofh.nohats.ca>
References: <7CB10AE4-09C1-4AC5-B255-6489EF1FAE78@akamai.com> <alpine.LRH.2.21.1810021734350.12702@bofh.nohats.ca> <BEC2489D-FE1E-4E55-A88C-05E0143F8415@gmail.com> <02a901d45aac$e83d4030$b8b7c090$@augustcellars.com> <C2A1A8A5-FE35-47D9-8B06-E4E572380FEB@gmail.com> <14967.1538573464@localhost> <56BAE3F9-C5EC-47C7-9478-87445D973F62@akamai.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/hVkNAdd5absiSuuyYX2wa_L1tKw>
Subject: Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 17:02:01 -0000

On Wed, 3 Oct 2018, Salz, Rich wrote:

>>    If the community wanted Specification Required, wouldn't we have said that,
>    rather than Expert Review?
>
> Because it is the view of the current set of experts, at least, that a specification needs to be available.

Is there a way to say 'specification required and expert review' ?

This is not the same as 'RFC required' because it could be a non-IETF
crypto algorithm specified elsewhere in a national publication.

Note that this is a little off-topic. I am fine (up to a point) for
assigning code points to national algorithms as long as we have
code points. It is the "recommendations" for "suites" that I have
a problem with. I do not want the IETF to recommend any crypto
other than via CFRG.

Paul

v2.23.0 | Report a Bug | By Email