IETF Logo Mail Archive

Re: [saag] draft-iab-crypto-alg-agility-00

S Moonesamy <sm+ietf@elandsys.com> Sun, 06 April 2014 23:15 UTC

Return-Path: <sm@elandsys.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89B951A0503 for <saag@ietfa.amsl.com>; Sun, 6 Apr 2014 16:15:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.01
X-Spam-Level:
X-Spam-Status: No, score=-4.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_I_LETTER=-2, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jCfXaCkz3Dz4 for <saag@ietfa.amsl.com>; Sun, 6 Apr 2014 16:15:45 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id EBE6A1A014F for <saag@ietf.org>; Sun, 6 Apr 2014 16:15:44 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.147.33]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s36NFQBv009666 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 6 Apr 2014 16:15:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1396826138; bh=QgIuJ+7IxGStVcr0XSXaFBo1I6M687rsYhXmduPFiIc=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=vFnQ17q6kGhCKLAfaUrgclhXVSsLbcq/8agyC8VEY1jmFap+BwG2jAtOkT2Lh5ltE CenIfdwp+OakryvJQstoGmi3Q+KaKecZ1OHSC1gsjTvz5+nUTiESeDFI535145WKEU ABRxvetlmz7CEror2exV2GFSquoUVia8RZzWX0RE=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1396826138; i=@elandsys.com; bh=QgIuJ+7IxGStVcr0XSXaFBo1I6M687rsYhXmduPFiIc=; h=Date:To:From:Subject:Cc:In-Reply-To:References; b=0BMI7Sg7Bp+EXDnJF2dp0BuavkZi5nKdyzY7LJMtQCZLcuvk0FgpIgKoeZbYGvj7K cWsPKDkNK2ox2FfddfZ/rQipKPjUx4oprYaOMhqIfqIkKdOPeXKHkaOBvnwWk7xKo5 FTiVItH0r949grm+NNtx6LbAqfx0z6Go24P+DecA=
Message-Id: <6.2.5.6.2.20140406151732.0bc4ed08@elandnews.com>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Sun, 06 Apr 2014 16:05:06 -0700
To: "Salz, Rich" <rsalz@akamai.com>
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7120A04EBD7@USMBX1.msg.corp .akamai.com>
References: <5999195E-9073-4649-A224-BF71BA61CBAF@vigilsec.com> <CAG5KPzzqSQ++YpQcnYesecL0GQ0+J0ieMXBrNk6txMAC58xEQQ@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7120A04EBD0@USMBX1.msg.corp.akamai.com> <6.2.5.6.2.20140406121529.0bd2d730@resistor.net> <2A0EFB9C05D0164E98F19BB0AF3708C7120A04EBD7@USMBX1.msg.corp.akamai.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/v3qfXM_OmTI9K6ANnVjP67pnvWg
Cc: saag@ietf.org
Subject: Re: [saag] draft-iab-crypto-alg-agility-00
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Apr 2014 23:15:49 -0000

Hi Rich,
At 14:54 06-04-2014, Salz, Rich wrote:
>I know what the text says.  But there are no protocol operations, 
>really, it's just HTTP/JSON, right?

I read the RFC again.  The better choice was "protocol operations" 
because of some requirements.  There is a thread at 
http://www.ietf.org/mail-archive/web/ietf/current/msg71257.html about 
the term "protocol".

>Having said that, I think the agility document should say "protocols 
>and data formats."
>
>I was arguing (with Google folks, mainly) for crypto identifies in 
>the CT data structures before the WG was convened. And I still think 
>that CT should be brought in line with the letter and spirit of the 
>agility document:  identify the mechanisms used, in the data types. 
>If interop is a concern, make the current set be MUST and say SHOULD 
>NOT implement anything else.
>
>CT should not be a special case exemption from the agility spec.

And the above is the part which I would look at in terms of data 
formats.  It is better to solve the Certificate Transparency part in 
the TRANS working group.  The agility document is in the IAB 
Stream.  It's better to keep the two documents separate for now.

Regards,
S. Moonesamy

v2.8.7 | Report a Bug | By Email