[Sandbox-mailoutput] [Django development] Internal WG Review: Open Specification for Pretty Good Privacy (openpgp)

IETF Secretariat <ietf-secretariat-reply@ietf.org> Tue, 20 October 2020 17:00 UTC

Return-Path: <ietf-secretariat-reply@ietf.org>
X-Original-To: sandbox-mailoutput@ietfa.amsl.com
Delivered-To: sandbox-mailoutput@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0E7C3A11A3 for <sandbox-mailoutput@ietfa.amsl.com>; Tue, 20 Oct 2020 10:00:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EMyEBXVRhsEz for <sandbox-mailoutput@ietfa.amsl.com>; Tue, 20 Oct 2020 10:00:26 -0700 (PDT)
Received: from mailtest.ietf.org (sandbox.ietf.org [4.31.198.57]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11FB53A11A4 for <sandbox-mailoutput@ietf.org>; Tue, 20 Oct 2020 10:00:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by sandbox.amsl.com (Postfix) with ESMTP id F18DC602891 for <sandbox-mailoutput@ietf.org>; Tue, 20 Oct 2020 10:00:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at mailtest.ietf.org
Received: from mailtest.ietf.org ([4.31.198.57]) by localhost (mailtest.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tUwIjWtHhwQu for <sandbox-mailoutput@ietf.org>; Tue, 20 Oct 2020 10:00:20 -0700 (PDT)
Received: from sandbox.amsl.com (localhost [IPv6:::1]) by sandbox.amsl.com (Postfix) with ESMTP id E1AC66027C3 for <sandbox-mailoutput@ietf.org>; Tue, 20 Oct 2020 10:00:20 -0700 (PDT)
Content-Type: multipart/mixed; boundary="===============6046269125668538098=="
MIME-Version: 1.0
From: IETF Secretariat <ietf-secretariat-reply@ietf.org>
To: sandbox-mailoutput@ietf.org
Message-ID: <160321322091.15878.14535865644029896718@sandbox.amsl.com>
Date: Tue, 20 Oct 2020 10:00:20 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sandbox-mailoutput/L_TWljveLlPT46zkNfpMmmFd0sU>
Subject: [Sandbox-mailoutput] [Django development] Internal WG Review: Open Specification for Pretty Good Privacy (openpgp)
X-BeenThere: sandbox-mailoutput@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <sandbox-mailoutput.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sandbox-mailoutput>, <mailto:sandbox-mailoutput-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sandbox-mailoutput/>
List-Post: <mailto:sandbox-mailoutput@ietf.org>
List-Help: <mailto:sandbox-mailoutput-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sandbox-mailoutput>, <mailto:sandbox-mailoutput-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2020 17:00:28 -0000

The attached message would have been sent, but the tracker is in development mode.
It was not sent to anybody.

--- Begin Message ---

A new charter for the Open Specification for Pretty Good Privacy (openpgp) WG
in the Security Area of the IETF is being considered.  The draft charter for
this WG is provided below for your review and comment.

Review time is one week.

The IETF Secretariat

Open Specification for Pretty Good Privacy (openpgp)
-----------------------------------------------------------------------
Current status: Concluded WG

Chairs:
  Barry Leiba <barryleiba@computer.org>
  Daniel Gillmor <dkg@fifthhorseman.net>

Assigned Area Director:
  Eric Rescorla <ekr@rtfm.com>

Security Area Directors:
  Benjamin Kaduk <kaduk@mit.edu>
  Roman Danyliw <rdd@cert.org>

Mailing list:
  Address: openpgp@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/openpgp
  Archive: https://mailarchive.ietf.org/arch/browse/openpgp/

Charter: https://datatracker.ietf.org/doc/charter-ietf-openpgp/

OpenPGP is an Internet standard that covers object encryption, object
signing, and identity certification. These were defined by the first
incarnation of the OpenPGP working group.

The following is an excerpt from the charter of the original incarnation
of the openpgp working group

> The goal of the OpenPGP working group is to provide IETF
> standards for the algorithms and formats of PGP processed
> objects as well as providing the MIME framework for exchanging
> them via e-mail or other transport protocols.

The working group concluded this work and was closed in March of 2008.
In the intervening period, there has been a rough consensus reached that
the RFC that defined the IETF openpgp standard, RFC4880, is in need of
revision.

This incarnation of the working group is chartered to primarily produce
a revision of RFC4880 to address issues that have been identified by the
community since the working group was originally closed.

These revisions will include, but are not limited to:

- Potential inclusion of elliptic curves recommended by the Crypto Forum
Research Group (CFRG) (see note below)

- A symmetric encryption mechanism that offers modern message integrity
protection (e.g. AEAD)

- Revision of mandatory-to-implement algorithm selection and deprecation
of weak algorithms

- An updated public-key fingerprint mechanism

The Working Group will perform the following work:

- Revise RFC4880

- Other work related to OpenPGP may be entertained by the working group
as long as it does not interfere with the completion of the RFC4880
revision. As the revision of RFC4880 is the primary goal of the working
group, other work may be undertaken, so long as:

1. The work will not unduly delay the closure of the working group after
the revision is finished (unless the working group is rechartered).

2. The work has widespread support in the working group.

These additional work items may only be added with approval from the
responsible Area Director or by re-chartering.

Inclusion of CFRG Curves
-----------------------------

The Working Group will consider CFRG curves as possible Mandatory to
Implement (MTI) based on the output of the CFRG and Working Group
consensus or based strictly on Working Group consensus..

Working Group Process
--------------------------

The working group will endeavor to complete most if not all of its work
online on the working group's mailing list. We expect that the
requirement for face-to-face sessions at IETF meetings to be minimal.

Furthermore, the working group will accept no ID's as working group
items unless there is a review by at least two un-interested parties of
the ID as part of the acceptance process.

New charter stuff for the sandbox goes here.

Milestones:


--- End Message ---