[secdir] a few new algs and a bunch of deprecation

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 03 November 2015 04:38 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id B8C841B2D9B for <secdir@ietfa.amsl.com>; Mon, 2 Nov 2015 20:38:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id GOz-byEG8T2n for <secdir@ietfa.amsl.com>; Mon, 2 Nov 2015 20:38:22 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7723F1B2DA2 for <secdir@ietf.org>; Mon, 2 Nov 2015 20:38:22 -0800 (PST)
Received: from localhost (localhost []) by mercury.scss.tcd.ie (Postfix) with ESMTP id CAD55BE3F for <secdir@ietf.org>; Tue, 3 Nov 2015 04:38:20 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([]) by localhost (mercury.scss.tcd.ie []) (amavisd-new, port 10024) with ESMTP id aBIT_kpeF75j for <secdir@ietf.org>; Tue, 3 Nov 2015 04:38:19 +0000 (GMT)
Received: from [] (unknown []) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 6A5C8BE2F for <secdir@ietf.org>; Tue, 3 Nov 2015 04:38:16 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1446525499; bh=y88H2JdYn08JHAgghwYZCWPs/sClM8sfkK36QVHiGFo=; h=To:From:Subject:Date:From; b=EFq9vufciNAIijnSNk88uODaVIxS20T54FZwtasHPQ3/4JRgPODgXoCDx3uLz64tz WSd9IJNFFkQwAQes6K49LIEgM7v1lUbzC3zvW9geVdC2T/tJTPGXhDmpMsfNDzlaW9 eoTcsHqaP04BteR7p9IEXnABhySmSg+K+FnoAfzU=
To: "secdir@ietf.org" <secdir@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
X-Enigmail-Draft-Status: N1110
Message-ID: <56383A36.3020200@cs.tcd.ie>
Date: Tue, 3 Nov 2015 04:38:14 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/VPES7Rbg1SBVLa0ZBFpAq3fb3S4>
Subject: [secdir] a few new algs and a bunch of deprecation
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2015 04:38:28 -0000


At the secdir lunch we spoke about needing a bit of organisation
around adding new curves and about deprecating some old algs (e.g.
sha1). There's a scattered set of stuff that'll need doing some
of which is in progress (e.g. drafts allocating OIDs for new
curves), others of which may not yet be. One possibility would be
to try do this as a WG with a charter that tightly defines which
new things can be added but allows for deprecating anything
that should be deprecated. (The putative WG here would not I
think tackle items where we have a current WG active, e.g. TLS
can handle defining codepoints for TLS.)

As a separate but related thing, Alexey said he'd create a cfrg
wiki page where folks could add the names of drafts that are
defining things related to new curves. That might feed into the
positive parts of chartering.

FWIW, if this is something people supported and found useful,
Kathleen and I are happy to help it happen. Next step would likely
be to send a mail like this to saag then if nothing bad happens, to
start a mailing list for this and see if there's enough energy
to get stuff going. (If there is, I doubt a BoF would be needed.)