Re: [secdir] secdir review draft-iab-crypto-alg-agility-06 (almost done)
"Paul Hoffman" <paul.hoffman@vpnc.org> Tue, 04 August 2015 15:40 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7FB41A1AB2; Tue, 4 Aug 2015 08:40:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KhIBbtnY0-bJ; Tue, 4 Aug 2015 08:40:24 -0700 (PDT)
Received: from hoffman.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BA661A1AA6; Tue, 4 Aug 2015 08:40:24 -0700 (PDT)
Received: from [10.32.60.55] (142-254-17-100.dsl.dynamic.fusionbroadband.com [142.254.17.100]) (authenticated bits=0) by hoffman.proper.com (8.15.1/8.14.9) with ESMTPSA id t74FeGsA007696 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 4 Aug 2015 08:40:17 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 142-254-17-100.dsl.dynamic.fusionbroadband.com [142.254.17.100] claimed to be [10.32.60.55]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: Leif Johansson <leifj@sunet.se>
Date: Tue, 04 Aug 2015 08:40:16 -0700
Message-ID: <BA04A93E-9132-4528-AA04-809182949C0C@vpnc.org>
In-Reply-To: <55C0B025.4010507@sunet.se>
References: <55BFBED5.7070107@sunet.se> <F01D8B85CFF58440B2A13965FBA90CA40138EA8F85C3@GEORGE.Emea.Arm.com> <55C0B025.4010507@sunet.se>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.1r5084)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/_H9TV2F-BZhR3jM2bU7svb0CxzM>
Cc: IESG <iesg@ietf.org>, "draft-iab-crypto-alg-agility.all@tools.ietf.org" <draft-iab-crypto-alg-agility.all@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review draft-iab-crypto-alg-agility-06 (almost done)
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Aug 2015 15:40:24 -0000
On 4 Aug 2015, at 5:29, Leif Johansson wrote: > To some extent I think you are right but I'm not sure it is possible > to > do much better in a general document. I think you are looking for a > "UTA-style BCP" with general applicability to algorithm selection and > agility and I'm not sure that is possible. It may not be possible, but that's what this draft is trying to do (but, as Hannes points out, without saying so). That is, without a tight scoping of who the document is meant for, it naturally has been pulled in different directions for different audiences without being explicit. UTA had the same problem with it's initial documents, and that is why it took so long to finish. It would be reasonable to publish this document as-is, but it would be more reasonable to do a major rewrite with a much narrower focus now that we know how deep the disagreements in different parts of the community are about where to apply algorithm agility. --Paul Hoffman
- [secdir] secdir review draft-iab-crypto-alg-agili… Leif Johansson
- Re: [secdir] secdir review draft-iab-crypto-alg-a… Hannes Tschofenig
- Re: [secdir] secdir review draft-iab-crypto-alg-a… Leif Johansson
- Re: [secdir] secdir review draft-iab-crypto-alg-a… Paul Hoffman
- Re: [secdir] secdir review draft-iab-crypto-alg-a… Leif Johansson