IETF Logo Mail Archive

Re: [saag] CFRG, CFRG crypto review panel and IETF consensus

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 19 April 2024 00:02 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10F98C14F69F for <saag@ietfa.amsl.com>; Thu, 18 Apr 2024 17:02:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.998
X-Spam-Level:
X-Spam-Status: No, score=-6.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zsJ4WkTLr_u7 for <saag@ietfa.amsl.com>; Thu, 18 Apr 2024 17:02:52 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2102.outbound.protection.outlook.com [40.107.20.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A831CC14F617 for <saag@ietf.org>; Thu, 18 Apr 2024 17:02:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Woz2mNFKqNeCvNVaAZoZzK866XWq7BBhKAS0Y+hLIRODrmWKSkM3yYl997eIcbPcCNVh6ZbNM9OZLOogOv7h/f2UsQ2h9NIC1TQpeNtZJFMNwpPlqJVaBud/qVeQezDH8lv32uQnjYRIBOcl8gErJne1IPFdFLEgvoMO+L15z7vxMmjztWEV3wdFLYPDXxcvATfq+CKOg859jy7nRPewm7Fj5xC36AC/GxK1OtxB1qXqt/8fqv6R4fActwCDnkU5A8Zbo2A5Cf0oPZwIgL6+/FQBq81b/lYhaaQOwg3R26Zi69sso+WHZAxyyTfaXrfgqPZxzYybYg7Ac+fOc+nwgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NPOuWrvOApc2FOW7GAlKDfpJD7q61inN6naFJ6PdhF0=; b=DjjKVMZWXyYo3YTJJO2v9hTNXxLeLjbCYUJR0liONj08SKRa2nda+1Aq36c0hL4XXvqlefaTP5JmoCw5vZORUs4QsvPqswXgJLF3okqc4iMFVJBTxUB87i+HngMj89+Hx+AUutL9SL9Mk1SwBuAEy9gdSH4rJtsAwAnmWb8Q5ijR8ZT4hebhRHsB4s7LdsM8YfmGHE5x375LY1ULfhtGM+tS9OYrxJR7oeRZa0E9yATBKniAK3zuwXVe5JJEe0H9zKG8Zf4MpjCvV3bus+E6THmLK3b0CR4kANzrFC3gD+JezO7jBMW0LLQJBqoo/xof+Os0lWnDbobI6EgdrjU/uQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NPOuWrvOApc2FOW7GAlKDfpJD7q61inN6naFJ6PdhF0=; b=Tg/MgR4Scv5A0ftmnzEZwKmpkws+roD+3rDXTxQKzwnu9MeUv6oyKcEdHfJch9++pWK3lfQb8KSRzuJ/Q13RRSIHwPrrODecj5SI3krqqj+7mnD949JWp6MK3a1PLoFnlqj9foKPR3tkCgznemy/iur8oKJtP9PBcukwLr1PfV4mjhIde+YvXUBXKrZ8w6AU4LQylPzDe5ucaZF8MwteloOVRZwI1qDnd+wY2BtPcMitQuYHzCCbAWzSTBXPkxsPcj8ed6SEChO3gtyPKKUj49HNf2ERrAuFP9rs1psec9xbbd8p8iFkDc70ZKKmp/Vv43Hxp34lkx+wkZFR/rJfyg==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DU0PR02MB9845.eurprd02.prod.outlook.com (2603:10a6:10:44b::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.37; Fri, 19 Apr 2024 00:02:49 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9%7]) with mapi id 15.20.7472.037; Fri, 19 Apr 2024 00:02:42 +0000
Message-ID: <ceb4d631-cd94-49ca-96b3-275fdef74da8@cs.tcd.ie>
Date: Fri, 19 Apr 2024 01:02:41 +0100
User-Agent: Mozilla Thunderbird
To: Eric Rescorla <ekr@rtfm.com>
Cc: Watson Ladd <watsonbladd@gmail.com>, IETF SAAG <saag@ietf.org>
References: <CACsn0cn_G=aAB_XdNrEoxfdPkKucjC4RRvNhtns=zR7bUuvYLQ@mail.gmail.com> <53ac606e-2c27-4fb9-a456-4787f1747406@cs.tcd.ie> <CABcZeBPFXOzvwLdO_KFfaWmQsGD8HcuO14X5aPap09rEHwi8Og@mail.gmail.com> <4362f680-59ea-4d1f-b4c0-855f34de5b6f@cs.tcd.ie> <CABcZeBPTE161QHdR5MgazY_BqczE63qBHO6gM8vug2f188qpTg@mail.gmail.com>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <CABcZeBPTE161QHdR5MgazY_BqczE63qBHO6gM8vug2f188qpTg@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------J8w0tx0aZnLGQEfmavFGonPY"
X-ClientProxiedBy: DU7P250CA0005.EURP250.PROD.OUTLOOK.COM (2603:10a6:10:54f::32) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|DU0PR02MB9845:EE_
X-MS-Office365-Filtering-Correlation-Id: 36a7e9af-a6b8-44ab-74a6-08dc600408f1
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: WRN31V3d8uVdXjX1RBbAs0tN1R2UUU282MKZxeHA0Q9qRr5tD0amsp48qPNO/IvfVtYvT0jyQZACadbk4L58XZp2Nx7WTtQSTPHqJKCn34edrFUFHRYEA7e3IAkO7hDBlPOvLoxd3xuA11vhOeMvvUaccwdCKVoSnkLoiEumTwwtCPQtcV7BsSStK0a61N8j5dwCUyVxoMeHdRFddXr0WyxvTtZI8Qh6wFTnXvb8f7prJdjt5qjpc4swCsJbT6Ij609ZVYM+vnR1g8MRAN0B8YfCtcDnCB/NqAH7ldgSOBCzblRHOAX5nMiJDIgnD/WdLe2fIFEV5A8NYjZJI3LpFbbx6cYSCjDctBEDLvaradHcP+V69eKpRrTiNGzMPZ9vJsH8+lfJZ+VNfHrJqYSrIDqEIsjQ9TZ7EkjGTYeb+lIeTFbApo7Eviewn0Ezthp6DHgZKK3p2jQpXH4t+adrmgayt0xd8KbynsY9IJDGDuSILAcIWftEMXq/5/OHhOSuPO3C3HV4OiJqTgi7lIcRXny+ojVRYQF/TMQti332Pjbh+fvlSmRMLmAF+YduDRNdsvYfAXQy6eyLfkI9RRKhxzv0qRgzPcSzSRwjhfhDVCCf+Ti2WSKwHQxIjSBXs2xmiCjhcOytFWmNRgoqWaQDu3phRiv/DBlNsKw4O5uBrzc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(366007); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: VbLYLluCI8k2lfg0usc0qU7h5vtz/LKsvopPZK4mHoBnFE92ZfNTwPgHDdFQnIwETOVL+awh+N37fS8nStutRKduH+y6ZfnUSVjdu0TpN0v2IBXL+XSjFOnpK1ttm0xABKzYnV4C5EsbQFF354ALm8ftgSpGQDpfGainzgv7kdVBSUUSB/EC5w3K7k7pn8Wh1bWp0ZZhMZ8iRUcEb4aDgrz6o6RPuA5JlQKnCEs//VOeBJ5jmwcgJKOD7zqh83pZChAekE0GUckD+cPhXZqMUkz9npGPKXeK7/ZzJv/AudH2rm3EQGIHs0Yd20hnp43adOinrhCZaKc57/SxvR8J3gAAVrJaruH5eXTG+9cQr96LaM1tUAxM/qDG3wKAuDYGyMFesPN4ECD6CTAis9fixEORvVW0sRgXF5SipNT/LPSYCAV6Sd67cnqJRZ0bh4z4ecyYPOmJ5vhl7j2C8vI6pztvHYKH2327ndzKmx2P5uXJeXPm7BskjnnZW/ixeIJEIMnF31Ho21O8QYqPsONkBT/bugucOUmWUeogC8rmQ2mwq1YmgKQGMrqWpUnkyWTGbRAR9Ooct2CJg/ybQ4aXohsRvV+/LuStxPww1BKmG7yt7vpVllkQtPcif86KaNOBEhasawkcHpVRXcAJDWVjOE4WSk4WTaiZtemsEZMIxiuFRrYyJau0CmvO60IKJuwH8gYN3UA/9ZrXRPrkLpbkh6Z4Eo93OJ+yydz5F5ilffFjAirggu/MHS8s9AFK3B1WnIy/vkkcjL4k01sOUTI5Zl0juJIbaTIfF6/gWTw4LvXvF4uZsGGWupqNQRuiuemxfiJ3+rV2a+o4Oqsd/n3O8T+6Obe1BggwKYkA+K6ljph4451SDScnOTYs+nBV6sLCMDn577405Y0j6QEKDxK046LhPNx1gGMMTwbLw9mj8zX2DUlyIp04GFKm8/LnOJ7p4ICzk12OfSbPjgC80scVydi0uTCpnvLnl0tPtktK1zmv65hUJ8V4mxx0Wbg3H1hFuzoLcfoOPAa1bI8ORa/YwPGrHcUOD7nrF9hkHX5wZU0SPdozQh8+GEFkC2PYtc98sGRXRi5KrteiEUQSebgH1fjFWuT1hxxeuAT7w8laZKn7imWPqOyYBpMVnMvGUXhhG9CIOjpEhIO0APU1UTWlkU50GieogvfzTDlqckkKFQi/kNkioN3bEfKLSw0n+pAr9byoVFDJrlsmKGZn03NrXOEQ6TN5wtWkLwloqkoUyo8V6jgbmLJcj4DEhfxG9OjNsLKg9Mxs5mtVXHGQ6VLZ3hSBQ8AQxKt9OxYYJ9HvQx047nzOi4iN4MOOQh0srr3fqvvqBoHQoEcYqFp2KhEHgdqYvN1LBnNUKn0Qxxt7YDDBlhVxn97iYdjVEjOK8FtnbZj5/+A538pPFrWtA9n3ycClC2Lw9Yj2EOW5dg+HIOQJTkiSKA8XPP0lXlaygQ2i7DVKiq12F1yFDvlO4i7IHVFR/vEoABnaUVKdzwhP48ImLc4YPMOTnnUKzGT8Lp+oL7ZYttoHWwPfudj8Qa/lLARqq7A05lLvC1100yQD4psqWg74ESFXLLlDXg8Dlwj0zJAKUY2LoKJYV+MJqa4ydQdSIPA9LUT+AwWUPnYaK+YNtNETetJ5aG1cDLzC4Y4j
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 36a7e9af-a6b8-44ab-74a6-08dc600408f1
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 00:02:42.7623 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 0BUUGCTVL0OcEIN0a4xcmj8B6kptPf5ia2+PHu1Hi3MkIWv6q/+ZUydmz13x2dk1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR02MB9845
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/qj6TkbwWwuduga0F-dXeWkTMp-c>
Subject: Re: [saag] CFRG, CFRG crypto review panel and IETF consensus
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2024 00:02:57 -0000

Hiya,

On 18/04/2024 21:45, Eric Rescorla wrote:
>> To be more concrete: I think at one point Paul described the
>> crypto panel review as a consensus process which it's not.
>>
> I don't know enough to have an opinion on this statement.

Fair enough. As I've seen it the crypto panel do great stuff,
along the lines of secdir reviews, but usually better, but
that is not a consensus process.

>> The 2nd mis-statement was that an AD should not sponsor
>> any document that had received a negative opinion from CFRG,
>> which I think oversteps the bounds of IRTF/IETF interactions.
>>
> This doesn't seem like a misstatement but rather a position you
> happen to disagree with. With that said, 

The problem I see (with which others may fairly disagree) is
with generalising from one AD declining to AD-sponsor one
document, to saying that no AD ought do that. I'd argue that
casting that as a mis-statement is appropriate.

If the IESG collectively wanted to assert some sort of "CFRG
must be happy" statement, I'd be fine with that, but I figure
it'd be hard to get that text correct, and better to stick with
the status-quo where crypto-panel or CFRG advice is treated
seriously, but is not, by itself, blocking.

> I think it's entirely
> within the realm of discretion of an AD to choose not to sponsor
> documents with negative opinions from any group of people
> they trust (or, for that matter, to sponsor no documents at all).

Fully agree, and I didn't question that at all.

> 
> Do you have some citation to an IETF document that says otherwise?

Yes:-) Happy to look up IRTF vs. IETF stuff tomorrow if needed, but
I don't think it is.

Cheers,
S.

v2.23.0 | Report a Bug | By Email