Re: [secdir] [Cfrg] Time to recharter CFRG as a working group? Was: Re: ISE seeks help with some crypto drafts
Michael StJohns <msj@nthpermutation.com> Mon, 18 March 2019 20:43 UTC
Return-Path: <msj@nthpermutation.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2406130DE3 for <secdir@ietfa.amsl.com>; Mon, 18 Mar 2019 13:43:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nthpermutation-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XF1D7HZx995S for <secdir@ietfa.amsl.com>; Mon, 18 Mar 2019 13:43:58 -0700 (PDT)
Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF42F130DD3 for <secdir@ietf.org>; Mon, 18 Mar 2019 13:43:57 -0700 (PDT)
Received: by mail-qt1-x844.google.com with SMTP id w30so14333379qta.8 for <secdir@ietf.org>; Mon, 18 Mar 2019 13:43:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nthpermutation-com.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=ZuTEAbvvmEL2qFskWskEGPDDPaGO8gxppJDC5dY0Cyg=; b=X0sksdQ1ppMjvc5cUMG9bM1xta0zUqLeN8uhFf6z8yiR+S2wM6MxXeMVnArWrSP1Yj IlDuuvjoGdchUsjvqqZFd6OSDq/a4loOWhhjZ/6OAtYeoEIcsORU3235vIFxIQaCsP1F fBuZpm+bPCuG5IeaiB7eK+n21X109WqKJsMrptDxNuLMb/raSCcHmr4LUe9wIbaZxgpB GYH5ltLvCHpdt9BZkhycBsbpgnIeORXzQSCGF7zwukGztafgsMIPaptpwH0+3/6Ftezb 9NKYEg9mu2sb7PfU07YCq0MaNYkI1goDKPzBaM4jt0dq3GXDGibwQgg0/OmpOC2wkxOY uVnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=ZuTEAbvvmEL2qFskWskEGPDDPaGO8gxppJDC5dY0Cyg=; b=K4CIvhqCrdF0QUyIUVA4tcH+hke7dDaGXw/rkr4pDN+pULzl2CkQH7qbmYGC5BUA5k N0Ne72nYjIAFC+qWxMa+dcw9fMbJFk9dVKkLMToUuR3Z7f9BZLq1pesN9WRMg7qY0lv0 Ia5d7pCzyR5M06V39CdI4aZVdf0INZN/7/GnuNgOkVxZyPMPJtBQsj+bt4HTEUcpM2Vv +IkH9UpGRqbfaHbUTsry2t7Y6RQGKw/RlezlKV9Xw9H+fQ9HIjDMc0Al6eMxFX0sy5f0 +XmdRNeHSyv6hxkhBFAO53z/9Y1fcbJHxCp+iYqdom0ppOZrOE4LN+0lrwIdWBvu6fLK wnEg==
X-Gm-Message-State: APjAAAUjx6UtFZtAktlM5oESIQ1h1/Lrk60vDeT7DoYDdak2cWTMri08 elYuh9lXY54WDwdnGUQpiC0goA==
X-Google-Smtp-Source: APXvYqy/yT6NY1aZ+Gv4uXU1MoZq3ILZFJkSE4Ig4j3omL5ZOjYNcaWBoo91+hxhf0M/IFy4GTnvyg==
X-Received: by 2002:ac8:16c5:: with SMTP id y5mr15420061qtk.117.1552941836707; Mon, 18 Mar 2019 13:43:56 -0700 (PDT)
Received: from ?IPv6:2601:152:4400:4013:9578:5f7f:3a98:d37c? ([2601:152:4400:4013:9578:5f7f:3a98:d37c]) by smtp.gmail.com with ESMTPSA id w127sm6481235qka.46.2019.03.18.13.43.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Mar 2019 13:43:55 -0700 (PDT)
To: mcgrew <mcgrew@cisco.com>
Cc: Richard Barnes <rlb@ipv.sx>, secdir <secdir@ietf.org>, CFRG <cfrg@irtf.org>, "RFC ISE (Adrian Farrel)" <rfc-ise@rfc-editor.org>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca> <CAHOTMVLtjVxZNy3bFRn09xH+cOw+tPi2CL3BkaQuJEqxAzGOJg@mail.gmail.com> <edca701b-21f3-c80c-d754-fc333f1e2e04@cs.tcd.ie> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <3FA4B2DD-334E-4C7C-A01E-6C370CAE4C00@ll.mit.edu> <2935C6E3-3AE8-4447-BA01-8DAE0410E5C6@ericsson.com> <CAL02cgSeCgAOOh3oMhJZqCGvT0F=JQ6n-bmgWYU=6hxkV+aOHQ@mail.gmail.com> <0d38eabd-6f90-2d19-3b45-f1ce19ba9b73@nthpermutation.com> <CAL02cgRVXn2U3SKhGh6biTZJKmHM6KrW6D_rVB2-ZTC5Oohh4w@mail.gmail.com> <829ca608-8d47-083e-e0a6-e7276525b080@nthpermutation.com> <5D247CD2-710E-4C78-8495-085C70D4CFAB@cisco.com>
From: Michael StJohns <msj@nthpermutation.com>
Message-ID: <9b192f26-8c19-494f-7430-7d1ca24872a3@nthpermutation.com>
Date: Mon, 18 Mar 2019 16:43:53 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3
MIME-Version: 1.0
In-Reply-To: <5D247CD2-710E-4C78-8495-085C70D4CFAB@cisco.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/Ygpe2zMACEf3tK-pB5uKw5eQudI>
Subject: Re: [secdir] [Cfrg] Time to recharter CFRG as a working group? Was: Re: ISE seeks help with some crypto drafts
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 20:44:00 -0000
I don't understand - usually when I say "I'm fine with the status quo for now" people stop arguing with me. Oh well. And thanks David for making some points for me. See below. On 3/18/2019 9:26 AM, mcgrew wrote: > Hi Mike, > > Let me add few data points from a CFRG-historical perspective. CFRG has been the first publisher of a number of specifications (for instance, XMSS, Poly1305, and HBS are in this category - https://datatracker.ietf.org/rg/cfrg/documents/) and has done essential review for some ISE-published crypto like UMAC (RFC 4418). My point was that becoming a first publisher puts the CFRG into the position of being the standardizer. XMSS, Poly1305 and HBS (not yet published) are all 2018 and 2019 documents. EDDSA was 2017. In fact the set of documents currently attributed to the CFRG only goes back to 2014 while the CFRG has been around a lot longer than that. Something changed and now we're getting standards-like production out of the CFRG. Note that I don't think its a bad thing per se, just that you need to be following different rules than those that are applicable to RGs. For example, why does an informational document in the research stream need a registry? (e.g. RFC8391) That's about as obvious a standardization requirement as any I've seen in CFRG documents. > For UMAC, it is worth noting that the ISE reviewers asked for changes around IPR language, I don't think I even recall seeing anything that wants to use UMAC - I may have missed a protocol or two though. In any event, the request was to REMOVE claims about IPR language from the document and direct the authors to make a normal IPR disclosure. Again - pretty consistent with what we do with standards and IETF stream documents. > and CFRG reviewers made important improvements to the technical content as well (https://datatracker.ietf.org/doc/rfc4418/history/ and CFRG mail threads from fall 2005). So the issues we are dealing with today are not really new. But again, that's normal for any document that comes in through any stream - specifically - people review it and usually irrespective of association with a specific WG/RG/directorate, etc. The fact that the document author, the ISE and the IESG reached out the the CFRG is pretty much an example of looking for the experts in a pile of experts. I'm not sure why this wouldn't happen if the CFRG were chartered as a WG? > > You have started a good, healthy discussion with the points that you have raised. My thinking is that CFRG (including Kenny, Alexy, and the many contributors) is doing really good, really important work, and the IRTF and IETF should avoid changes that would disrupt it. I don't want to change the people, I don't even want to change the work flow (much - except that moving it to a WG would actually remove the IRTF from the approval process for an RFC), I just want this to be appropriately categorized and managed as a WG and subject to the same rules as any other WG. I think its gone well past the normal rules for an RG at this point. Again - I've indicated my concerns and I'm happy the discussion is happening. Unfortunately what I keep hearing is "we like it the way it is, now go and leave us alone" rather than "we're really a RG because we do things X, Y and Z so we really don't need to be a WG". I'd really like to hear more commentary on that latter - especially how the CFRG in fact differs from the behavior of a WG. Thanks - Mike > > Best, > > David > >> On Mar 15, 2019, at 2:52 PM, Michael StJohns <msj@nthpermutation.com> wrote: >> >> On 3/13/2019 7:32 AM, Richard Barnes wrote: >>> Mike, are your concerns here primarily IPR related? If that's so, then maybe that's the level at which we should address them, as opposed to flipping the bigger RG->WG switch. >>> >> Hi Richard - >> >> Like I said, I'm not going to push this at this time. But I think its more than just IPR - avoiding technology because of IPR is more a symptom (and in fact is IETF guidance rather than IRTF policy). >> >> The CFRG has a unique position in that - unlike ANY other RG as far as I can tell - it's looked at as an immediate feeder for technology for the IETF. If it were agnostically evaluating the crypto properties of any offered technology, I'd say we're good and I'd move on. But, with the publication of Curve25519 and its related ... standards ..., the CFRG has moved from evaluation and re-publication of cryptographic standards developed and produced elsewhere into being the first publisher of what could only be characterized as standards, even if published as an Informational RFC in the IRTF stream. >> >> Ultimately, I think it comes down to fairness and transparency. As an RG, the publications of the RG are not subject to the standards appeals process. In an WG, the decision not to work on an IPR encumbered technology (or others such as national cryptography) MAY be appealed and overturned (or might not) or sponsored by an AD if there's no applicable or agreeable WG. There's a process for showing such decisions were made transparently, and with a broader audience than just the CFRG having a say. >> >> >> Later, Mike >> >> Ps - hmm... Note that the CFRG charter only mentions the IETF and not the IRTF.... >> >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org >> https://www.irtf.org/mailman/listinfo/cfrg
- [secdir] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [secdir] ISE seeks help with some crypto draf… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… David Wong
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Watson Ladd
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… S Moonesamy
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- [secdir] Time to recharter CFRG as a working grou… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Peter Gutmann
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Valery Smyslov
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Mathy Vanhoef
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Daniel Kahn Gillmor
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Donald Eastlake
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] ISE seeks help with some crypto draf… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk