Re: [secdir] a few new algs and a bunch of deprecation
Simon Josefsson <simon@josefsson.org> Tue, 03 November 2015 08:56 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 056CD1B300F for <secdir@ietfa.amsl.com>; Tue, 3 Nov 2015 00:56:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.551
X-Spam-Level:
X-Spam-Status: No, score=-1.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1ij49IGap6j for <secdir@ietfa.amsl.com>; Tue, 3 Nov 2015 00:56:35 -0800 (PST)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6ABAD1B3014 for <secdir@ietf.org>; Tue, 3 Nov 2015 00:56:34 -0800 (PST)
Received: from latte.josefsson.org ([IPv6:2001:9b0:104:42::a86]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id tA38uIoG004015 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 3 Nov 2015 09:56:19 +0100
Date: Tue, 03 Nov 2015 09:56:11 +0100
From: Simon Josefsson <simon@josefsson.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <20151103095611.33a536b9@latte.josefsson.org>
In-Reply-To: <56383A36.3020200@cs.tcd.ie>
References: <56383A36.3020200@cs.tcd.ie>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/E+y1fB/9HKNZb=aY7miNmT/"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/w6kZGKeWh7tz-6pPD85wp_7VCf8>
Cc: "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] a few new algs and a bunch of deprecation
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2015 08:56:41 -0000
I'm following Curve25519/Ed25519 use in IETF protocols and is interested in helping that effort. It seems the intersection between this putative WG and existing WGs needs to be carefully explained though, it isn't clear to me how it could be done. Isn't deprecating crypto parts of a protocol up to each protocol community to think about? We've seen with TLS, OpenPGP, Secure Shell and PKIX that adding Curve25519/Ed25519 is highly protocol specific and requires domain knowledge. /Simon > > Hiya, > > At the secdir lunch we spoke about needing a bit of organisation > around adding new curves and about deprecating some old algs (e.g. > sha1). There's a scattered set of stuff that'll need doing some > of which is in progress (e.g. drafts allocating OIDs for new > curves), others of which may not yet be. One possibility would be > to try do this as a WG with a charter that tightly defines which > new things can be added but allows for deprecating anything > that should be deprecated. (The putative WG here would not I > think tackle items where we have a current WG active, e.g. TLS > can handle defining codepoints for TLS.) > > As a separate but related thing, Alexey said he'd create a cfrg > wiki page where folks could add the names of drafts that are > defining things related to new curves. That might feed into the > positive parts of chartering. > > FWIW, if this is something people supported and found useful, > Kathleen and I are happy to help it happen. Next step would likely > be to send a mail like this to saag then if nothing bad happens, to > start a mailing list for this and see if there's enough energy > to get stuff going. (If there is, I doubt a BoF would be needed.) > > Thoughts? > > S. > > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir > wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
- [secdir] a few new algs and a bunch of deprecation Stephen Farrell
- Re: [secdir] a few new algs and a bunch of deprec… Simon Josefsson
- Re: [secdir] a few new algs and a bunch of deprec… Yoav Nir
- Re: [secdir] a few new algs and a bunch of deprec… Stephen Farrell
- Re: [secdir] a few new algs and a bunch of deprec… Simon Josefsson
- Re: [secdir] a few new algs and a bunch of deprec… Stephen Farrell