Re: [secdir] [Cfrg] Time to recharter CFRG as a working group? Was: Re: ISE seeks help with some crypto drafts
denis bider <denisbider.ietf@gmail.com> Mon, 18 March 2019 15:51 UTC
Return-Path: <denisbider.ietf@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DE5A130E63 for <secdir@ietfa.amsl.com>; Mon, 18 Mar 2019 08:51:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vg7K0_u3ykYQ for <secdir@ietfa.amsl.com>; Mon, 18 Mar 2019 08:51:33 -0700 (PDT)
Received: from mail-ot1-x343.google.com (mail-ot1-x343.google.com [IPv6:2607:f8b0:4864:20::343]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDCA7128B36 for <secdir@ietf.org>; Mon, 18 Mar 2019 08:51:33 -0700 (PDT)
Received: by mail-ot1-x343.google.com with SMTP id u15so4723884otq.10 for <secdir@ietf.org>; Mon, 18 Mar 2019 08:51:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VLRIhXj7M4aCNmugYsTogJXlQiQH0SFuVQJeqExiQdo=; b=IojMhzCW0KYOYe9m3/o6puBn/XWVrFknA+rlBHUM7zt1p5A0H/xae2yL5Klt1/Jv/f kh8OIqpcHb9YeyVe/7/jizfIEJg9plPr7q8t7+/KAhlM9SQ+Tk3pAZK07J4ZT1MKTudT jwn7X03fUGPozDcxhqMR0duevBZyCJDOKXOmWClSWdqLcG0dqge6JB5UqmxkfB6uxcXy gBxL1yiYEaPkNH/FpcGAGSwt9OQvWQuBCrkclH3lXMQdPjakgpbrodcFCGbSpx/VPB28 MILMWt1Ja6o9LJZXXRzS5ncAwFbGWsJ8EhYO3EXTrQ3JqED+ZrUnXT6nSTWQAsCfaPDq i42w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VLRIhXj7M4aCNmugYsTogJXlQiQH0SFuVQJeqExiQdo=; b=lzOk1GmpgQXojrcSAN3Flq/VpySY+tYiba2nMlRwugL05dk43y7lvYCVGgcGPPJlOU kCAj/EHc6efKUQy3QBBmW2owFgzj9dE9OAVyn+fVKq8XrFOAsBXcdwImGca7B6WqrxjJ BAWWgmExZ66fluk53eRPw/iL/XB7RjKPeZOB1VhvTsl3vlf872v/m638Q/RAD7wg2qIq Als4aGpFs9GbA3s89HioTz6u9O+aOXO/C1Sca0lte2RIJwBfNNasz0n8ma1RKtbjzUBf udDNUAhxv8Dm8wv99ZK0IkZOFy4ohctfJDdsxgMgXL5MYUnaaWtpYJHpnpulRL/biNbO bkjA==
X-Gm-Message-State: APjAAAXVPKP7pNzL26cqAOeqFSXkqe/lJdvNN5QnxChXVlv8G/rPSbl0 pdDsBMRZpnNLfyHhvFPDaFDGLwSx7cROzDnZyJI=
X-Google-Smtp-Source: APXvYqwNZTPmFMreOwlIF9UARYIqE5eagWUz8z9lQYvQDZkm7TGxIax1dcWA9wr+3VW8rjcJcA1NnIW1kA3M3RSfg3g=
X-Received: by 2002:a9d:7697:: with SMTP id j23mr10690910otl.344.1552924293107; Mon, 18 Mar 2019 08:51:33 -0700 (PDT)
MIME-Version: 1.0
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <3FA4B2DD-334E-4C7C-A01E-6C370CAE4C00@ll.mit.edu> <2935C6E3-3AE8-4447-BA01-8DAE0410E5C6@ericsson.com> <CAL02cgSeCgAOOh3oMhJZqCGvT0F=JQ6n-bmgWYU=6hxkV+aOHQ@mail.gmail.com> <0d38eabd-6f90-2d19-3b45-f1ce19ba9b73@nthpermutation.com> <CAL02cgRVXn2U3SKhGh6biTZJKmHM6KrW6D_rVB2-ZTC5Oohh4w@mail.gmail.com> <829ca608-8d47-083e-e0a6-e7276525b080@nthpermutation.com> <5FAC333B-38EF-4F58-89FB-3DF3F774DD2C@inf.ethz.ch> <F6A7941E-17AD-4525-905B-B76E09D8E780@nohats.ca> <679B6759-5AD3-4F28-9EF4-8794F383468B@mit.edu> <CADPMZDDYNoxK1uu06MFp4==GfAmRucCXO8R63X+q6bV0=OoXwg@mail.gmail.com> <df8882e7-da71-9007-4440-5777958fd87c@gmail.com> <CADPMZDCaeN7iLuPgAe5gSQDvMRx6eGut6rqcAM7GQLWPwBFLPA@mail.gmail.com> <1552890164140.4569@cs.auckland.ac.nz>
In-Reply-To: <1552890164140.4569@cs.auckland.ac.nz>
From: denis bider <denisbider.ietf@gmail.com>
Date: Mon, 18 Mar 2019 10:51:20 -0500
Message-ID: <CADPMZDC4ONMPoGfT2LAotjkbxWxr1LkOWmc735Lqc9hWCkECoA@mail.gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: Melinda Shore <melinda.shore@gmail.com>, Uri Blumenthal <uri@mit.edu>, "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>, secdir <secdir@ietf.org>, Martin Thomson <mt@lowentropy.net>
Content-Type: multipart/alternative; boundary="000000000000da935b0584605c1e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Xev5s0nVM9-KiKijlDhXnlZZdZI>
Subject: Re: [secdir] [Cfrg] Time to recharter CFRG as a working group? Was: Re: ISE seeks help with some crypto drafts
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 15:51:36 -0000
(removed CFRG from CC since not directly relevant) Exactly. Currently, the direction of SSH is dictated by OpenSSH, which is the de facto standard (in a loose alliance with other open source implementations like libssh and PuTTY). I'm not sure about the personal circumstances of each individual involved with these projects, but the requirements of IETF's "rigorous" processes are "rigorous"; and the motivation for volunteers to participate is approximately none. Yet these volunteers, as a group, determine the protocol's direction. As a standards organization, IETF is not competing with ISO (which requires anyone who wants to achieve something to travel to places like Hawaii), it is competing with GitHub. When OpenSSH wants to do something, they don't start a WG, they just publish stuff in their PROTOCOL file: https://github.com/openssh/openssh-portable/blob/master/PROTOCOL Currently: - The dominant encryption mechanism in SSH is not specified by IETF. It is " aes128-gcm@openssh.com" and "aes256-gcm@openssh.com", documented in that PROTOCOL file. - Encrypt-then-MAC in SSH is not specified by IETF. It is vaguely documented in that PROTOCOL file. - Host key synchronization (an extremely useful feature) is not specified by IETF - it's in that PROTOCOL file. This is just the tip of the iceberg. The PROTOCOL file contains a bunch of other things that are underspecified and under-standardized, but IMPLEMENTED, because no one wants to follow the IETF's "rigorous" process to charter a WG for every change. What makes this tragic is that it's unnecessary. SSH version 2 was standardized as an IETF WG. Then, because of the IETF rules, the WG disbanded. The IETF is literally handing off standardization to be done half-assedly at GitHub, and treating this as a success. On Mon, Mar 18, 2019 at 1:23 AM Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > denis bider <denisbider.ietf@gmail.com> writes: > > >SSH is full of underdocumented, partly functional custom extensions (to > >cryptography, compression, SFTP, port forwarding, host key > synchronization, > >VPN, and more), most of which could be better designed, better documented > and > >standardized > > +1. Mind you given the hassle in setting up a WG for it and getting things > through the IETF, it might be easier to just set up a Github repository for > documentation on what does what and how and rely on Google to point people > to > it. > > Peter. >
- [secdir] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [secdir] ISE seeks help with some crypto draf… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… David Wong
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Watson Ladd
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… S Moonesamy
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- [secdir] Time to recharter CFRG as a working grou… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Peter Gutmann
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Valery Smyslov
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Mathy Vanhoef
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Daniel Kahn Gillmor
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Donald Eastlake
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] ISE seeks help with some crypto draf… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk