IETF Logo Mail Archive

Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00

Yoav Nir <ynir.ietf@gmail.com> Wed, 03 October 2018 17:33 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18CC2126CB6 for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 10:33:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QuwraBTuxYzp for <saag@ietfa.amsl.com>; Wed, 3 Oct 2018 10:33:56 -0700 (PDT)
Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com [IPv6:2a00:1450:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 203EE127148 for <saag@ietf.org>; Wed, 3 Oct 2018 10:33:56 -0700 (PDT)
Received: by mail-wr1-x432.google.com with SMTP id d2-v6so2626760wro.7 for <saag@ietf.org>; Wed, 03 Oct 2018 10:33:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=vVXxyy4JvQHJEDAje3RqcbgGLYBQtaXWkKvmgemF2ZY=; b=NzdBdETYgvE98FETR/JvHIgq7VVFRXJ0+m3TzC244Nt8QSQ7a0D+WmvglOwjBjNTeM oBljBF00pycqqgwFlZL3Y0wXjL8pixbyNIS4vR+r2Sx7+ZfqAbhhnZp2nilzcJQT8ZXJ lo/KjGfSphU6GU+abPAepjBcYKAT00vfeZOPaxv/2y9CiIEcElSQ9NyMvqFc15im3nUi Kyxn4n/r2YpJgH01STUZ2bsaXpYahiFzrumPz4GFFb43jK7uSqb+Uy9/rwjO1HwakDgi DOC47W7zJrooedl0cYb8EcXfV1gxa00afqkTGPHQX+PNniwQMqW09ZQOdbpVqJ3A2GYF 7IMQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=vVXxyy4JvQHJEDAje3RqcbgGLYBQtaXWkKvmgemF2ZY=; b=uIZScka8PjdTd9Zubal7vv3746KVg+7dO1hlpFttrPovmpRdGhRNTK9vB4+g4cbd5y BmlDYURF6ppphVCnwBJwmHQGyxwRBEZ+hpVtEDo91fFO26OiLdmlukS7ihBvCU/pYApZ 6XXD4ViYSz4ulAF0Ve/uWM+yN9cNqs6mQnrABziweoEFe7orEMGzEpn1fCt6+NOWuDsf ls5B8APz2OQx0MIwnDPDBf+NKOhJZ8qDfz2OQmZlDZWfRmPQgQ8Z/gMcXJeepxamdzlv ZLleENSqf0z1Q4KIQkVCZW4V1ZEKzsc2b7YzrPFSoZtV+Til0ZvFX9x8EEKuA6287P2R ig/Q==
X-Gm-Message-State: ABuFfojRQS9zShPR0drNuV4mn8+pcDOh1bsqfJ0ABEW2fKkPiF/R30Vz mXt5C8R1WbYo8XUMExjUg647zoI/
X-Google-Smtp-Source: ACcGV63SD0M3ocm0W3cVudBDZ7qN1bp+5xflxXDa/CgSws1iSbD469OFJ9WuvczjQNjDDaE4YGmfLQ==
X-Received: by 2002:a5d:56cb:: with SMTP id m11-v6mr2041418wrw.58.1538588034540; Wed, 03 Oct 2018 10:33:54 -0700 (PDT)
Received: from [192.168.1.12] ([46.120.57.147]) by smtp.gmail.com with ESMTPSA id t2-v6sm2772024wrr.7.2018.10.03.10.33.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 03 Oct 2018 10:33:53 -0700 (PDT)
From: Yoav Nir <ynir.ietf@gmail.com>
Message-Id: <4EEE84CD-1896-411D-9669-1461B7EB9852@gmail.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A0D916A1-EE0F-47B6-9612-80485F5ECCA1"
Mime-Version: 1.0 (Mac OS X Mail 12.0 \(3445.100.39\))
Date: Wed, 03 Oct 2018 20:33:51 +0300
In-Reply-To: <alpine.LRH.2.21.1810031258590.22146@bofh.nohats.ca>
Cc: Rich Salz <rsalz@akamai.com>, Michael Richardson <mcr+ietf@sandelman.ca>, Security Area Advisory Group <saag@ietf.org>
To: Paul Wouters <paul@nohats.ca>
References: <7CB10AE4-09C1-4AC5-B255-6489EF1FAE78@akamai.com> <alpine.LRH.2.21.1810021734350.12702@bofh.nohats.ca> <BEC2489D-FE1E-4E55-A88C-05E0143F8415@gmail.com> <02a901d45aac$e83d4030$b8b7c090$@augustcellars.com> <C2A1A8A5-FE35-47D9-8B06-E4E572380FEB@gmail.com> <14967.1538573464@localhost> <56BAE3F9-C5EC-47C7-9478-87445D973F62@akamai.com> <alpine.LRH.2.21.1810031258590.22146@bofh.nohats.ca>
X-Mailer: Apple Mail (2.3445.100.39)
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/tZj_G03qTSsL7NCOXInvjq7ZSmk>
Subject: Re: [saag] Discuss at SAAG? was Re: nation state crypto profiles - draft-jenkins-cnsa-cmc-profile-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Oct 2018 17:33:59 -0000


> On 3 Oct 2018, at 20:01, Paul Wouters <paul@nohats.ca> wrote:
> 
> On Wed, 3 Oct 2018, Salz, Rich wrote:
> 
>>>   If the community wanted Specification Required, wouldn't we have said that,
>>   rather than Expert Review?
>> 
>> Because it is the view of the current set of experts, at least, that a specification needs to be available.
> 
> Is there a way to say 'specification required and expert review' ?
> 
> This is not the same as 'RFC required' because it could be a non-IETF
> crypto algorithm specified elsewhere in a national publication.
> 
> Note that this is a little off-topic. I am fine (up to a point) for
> assigning code points to national algorithms as long as we have
> code points. It is the "recommendations" for "suites" that I have
> a problem with. I do not want the IETF to recommend any crypto
> other than via CFRG.

Yes. You say “Specification Required”:  https://tools.ietf.org/html/rfc8126#section-4.6 <https://tools.ietf.org/html/rfc8126#section-4.6>

4.6 <https://tools.ietf.org/html/rfc8126#section-4.6>.  Specification Required

   For the Specification Required policy, review and approval by a
   designated expert (see Section 5 <https://tools.ietf.org/html/rfc8126#section-5>) is required, and the values and
   their meanings must be documented in a permanent and readily
   available public specification, in sufficient detail so that
   interoperability between independent implementations is possible.
   This policy is the same as Expert Review, with the additional
   requirement of a formal public specification.  In addition to the
   normal review of such a request, the designated expert will review
   the public specification and evaluate whether it is sufficiently
   stable and permanent, and sufficiently clear and technically sound to
   allow interoperable implementations.

v2.23.0 | Report a Bug | By Email