Re: [secdir] Secdir review of draft-herzog-static-ecdh-05

"Herzog, Jonathan - 0668 - MITLL" <jherzog@ll.mit.edu> Thu, 10 March 2011 21:01 UTC

Return-Path: <prvs=2050876065=jherzog@ll.mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4E7EC3A6945; Thu, 10 Mar 2011 13:01:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.847
X-Spam-Level:
X-Spam-Status: No, score=-5.847 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_OBFU_ALL=0.751, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eMuwgirt2D+G; Thu, 10 Mar 2011 13:01:41 -0800 (PST)
Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by core3.amsl.com (Postfix) with ESMTP id D5EA03A67F8; Thu, 10 Mar 2011 13:01:40 -0800 (PST)
Received: from LLE2K7-HUB02.mitll.ad.local (LLE2K7-HUB02.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id p2AL2qsA027860; Thu, 10 Mar 2011 16:02:52 -0500
From: "Herzog, Jonathan - 0668 - MITLL" <jherzog@ll.mit.edu>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thu, 10 Mar 2011 16:02:51 -0500
Thread-Topic: [secdir] Secdir review of draft-herzog-static-ecdh-05
Thread-Index: AcvfZoTngIbDfpYOSEivledSPY2ZZw==
Message-ID: <7896C06F-C680-4794-9DB3-CDC84CA5579D@ll.mit.edu>
References: <D858A225-D1D1-497D-BA40-A66D3F55AD57@cisco.com> <552BBAA9-712F-49B4-8A5F-C671C3817C05@ll.mit.edu> <AA323705-436C-4B71-8B51-D2CA9E4E140C@cisco.com> <47CF9528-81A1-49D7-8D4B-B1DCC136581E@ll.mit.edu> <3E69AF7B-D325-4FC5-A003-FEBA1997D67E@cisco.com> <FFD02A42-A10C-4AE7-A763-5C2D1E1DFADA@ll.mit.edu> <BA430CB6-FA7D-4A56-82CF-B72F0857C586@cisco.com> <4D77E3AE.5060903@cs.tcd.ie> <E803BE14-36B6-40F1-9F66-D04E710C7C6A@ll.mit.edu> <4D780411.9060108@cs.tcd.ie>
In-Reply-To: <4D780411.9060108@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/signed; boundary="Apple-Mail-169--638775773"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.2.15, 1.0.148, 0.0.0000 definitions=2011-03-10_10:2011-03-10, 2011-03-10, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=8 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-1012030000 definitions=main-1103100154
X-Mailman-Approved-At: Fri, 11 Mar 2011 08:19:10 -0800
Cc: "secdir@ietf.org" <secdir@ietf.org>, "draft-herzog-static-ecdh@tools.ietf.org" <draft-herzog-static-ecdh@tools.ietf.org>, "iesg@ietf.org" <iesg@ietf.org>
Subject: Re: [secdir] Secdir review of draft-herzog-static-ecdh-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2011 21:01:42 -0000

On Mar 9, 2011, at 5:49 PM, Stephen Farrell wrote:

>> 
>> So, I propose to replace SEC1 with SP 800-56A for (1) and (2), and some other RFC for (3). Would that address your concerns?
> 
> To be honest, I don't know for sure. I'm not familiar with how
> NIST do or don't handle IPR so I don't know if the outcome
> here will or won't make it easier for implementers to decide
> whether or no to adopt this. But I think you're definitely
> working in the right direction in the thread with David so
> that's good.

[and]

> I wish;-) Not sure I've seen an RFC about ECC that didn't
> come with an IPR declaration from them attached. (Though
> the content of those declarations is improving.)


Sean Turner has graciously agreed to step in and handle the IPR issues of this draft, so I'll let him address this.



>> We propose this draft because we would like to use CMS in an
> environment where:
>> 
>> 1) Participants must use Suite-B algorithms, and therefore cannot use ECMQV, and
>> 
>> 2) Participants will have certified ECDH keys but not certified signature keys. (Yes, ECDH keys are mathematically identical to ECDSA keys, but our participants will be constrained by various policies and will be unable to use their ECDH keys for ECDSA signatures.)
>> 
>> Without this Draft, CMS supports only ECMQV (which we cannot use) and ephemeral-static ECDH. In our setting, then, there is no way for recipients to cryptographically ascertain the identity of a message's sender. 
> 
> I think that's useful context for the intro.



Based on this, and some other comments from Rene Struik, I will try to make this clearer in the 'motivations' section of the Introduction.

Thanks.


-- 
Jonathan Herzog							voice:  (781) 981-2356
Technical Staff							fax:    (781) 981-7687
Cyber Systems and Technology Group		email:  jherzog@ll.mit.edu
MIT Lincoln Laboratory               			www:    http://www.ll.mit.edu/CST/
244 Wood Street    
Lexington, MA 02420-9185