Re: [Secdispatch] Call for Agenda items

Kathleen Moriarty <> Mon, 08 July 2019 18:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2A96812051D for <>; Mon, 8 Jul 2019 11:08:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.702
X-Spam-Status: No, score=-0.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, PDS_NO_HELO_DNS=1.295, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qJvsdHvCOoLw for <>; Mon, 8 Jul 2019 11:08:29 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 821EF1205DC for <>; Mon, 8 Jul 2019 11:08:29 -0700 (PDT)
Received: by with SMTP id r6so17153511oti.3 for <>; Mon, 08 Jul 2019 11:08:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CUhl18UsOv1cYfqUOgPnsQER8en/6L6O9FGJZe6Aj84=; b=qK4YrzloeisLulnT5q89o46sgksKRkp4PSi6zUXdr6P2SVM4SlRBasPw29Jn1ABRVo oyplV9pDEE6xRMTxIREif0zqRaeuQJ+rTuOrXb4E3ie8AWNHLEK+o5YxK6JXkyrtzF1e I+8iQIIqOEB1xqYMXx4vkgXb8RvwRVfHSUl1VagzyEKalBj6LqFqPyigzu6aRDywCYo+ GzgclH3USbUqEl//noypMHLOMkMcumiaVnoiALCEkc3Hp4ObL4RPcOEp8m2t5973YDt3 SiSMA7YzjRbzPvG+m5gmffWD0+A/clie3lmpI6ksD2YWpb1mCD1XZWNZYoUWV/qgE0z1 8dBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CUhl18UsOv1cYfqUOgPnsQER8en/6L6O9FGJZe6Aj84=; b=uYSr2PnXVx9MitopO8g5uGl75iNrgucGQMSyb6a630bCvwv//HaxMfsP6zZnKeUpDb Bz0uVcMXiAOKDWwDqvDUQ8PR8MAXiEy3ssOtExtzorRtdzszsjH2ka2or+PbGmMzaBdC djUYYFlV1SLqrT5oqsPHejINWNjUmyAzgvamsYMqJedyTpP8EMnoKmslaaDFmmSsZS9e hCfOrsvfAa6vQ9t7ZTOlGnESB3DuB5GdE3C5rA7mZNMGrkITtu4i5QyLsUfx229zDS5J ihQaQx1uMIvGkZ5YD/CN5X0jq2AKece+jmg11gi3+a1M4oNs2MhefK81f4CgrtCr9aY+ 6FNg==
X-Gm-Message-State: APjAAAWUnINZPFNcb3ZQ/ImIOi0gQOEV9DYY02COJ0by8Is58xHUz8/z gbHnK7aguo8QnWLE+Kb5KoCfC71Obn27KKo10k8=
X-Google-Smtp-Source: APXvYqyN1TpNLUNGB+q3ASaFgX+nAZk2lCJlQkbXQapUGfEQi+34vBR6OVTASA+AyEu+DGKaapNXwf4xcyx+vWXfnCI=
X-Received: by 2002:a9d:6394:: with SMTP id w20mr1370782otk.151.1562609308724; Mon, 08 Jul 2019 11:08:28 -0700 (PDT)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Kathleen Moriarty <>
Date: Mon, 8 Jul 2019 14:07:52 -0400
Message-ID: <>
To: Phillip Hallam-Baker <>
Cc: IETF SecDispatch <>
Content-Type: multipart/alternative; boundary="000000000000c4f1a6058d2f5425"
Archived-At: <>
Subject: Re: [Secdispatch] Call for Agenda items
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 08 Jul 2019 18:08:40 -0000

Thanks, Phil.

Please feel free to comment on Phil's proposal and drafts in a new thread.

Best regards,

On Thu, Jul 4, 2019 at 4:27 PM Phillip Hallam-Baker <>

> I would like to present the Mathematical Mesh I have been working on. I
> would also like to arrange to meet people who may be interested in this
> work at a BAR BOF. Preferably one in an actual bar at this point.
> Right now, the only person funding this work is me (though I am grateful
> for the considerable amount of support from Comodo). I am currently looking
> at options to take the work further. The one non-negotiable criteria being
> that this is at root a communications system, it can only reach its full
> potential if it is unencumbered, that means anyone can use it or extend it
> without fees, licenses or permission.
> The objective of the Mesh is to make computers easier to use by providing
> a security infrastructure that works without users needing to be aware that
> they are using it.
> The Mesh can be used as a mechanism for managing credentials (passwords,
> private keys, etc.) for existing security applications (SSH, OpenPGP,
> S/MIME) or it can be used as a platform for developing new applications
> (end-to-end secure password catalog, secure contact exchange).
> One of my frustrations with the current situation in the industry is that
> we haven't moved on from cryptography developed in the 1980s. We have
> better algorithms to use in place of DES, MD5 and RSA but we haven't added
> a new capability since BitCoin added hash chains to the canon ten years ago
> and the patent on that was 1990.
> The Mesh introduces a new set of cryptographic techniques:
> *Uniform Data Fingerprints*: Think of this as 'Cryptography on rails'.
> Rails is a powerful framework because it uses the same name for the same
> field in every situation. UDF does the same for cryptographic keys.
> *QR Codes*: Imagine being able to scan a QR code on your bills, your pay
> stubs, tax advice, etc and get to a machine readable copy of the document
> you are reading. That is what EARLs provide.
> *Multi-Party Key Generation*: Weak keys have been a problem for decades
> and now we have to consider the possibility that a key was compromised by
> the device manufacturer. But keys generated during manufacture that cannot
> be extracted could be the very best keys to use (if we can trust them).
> Combining keys generated on multiple devices allows this concern to be
> mitigated.
> *Multi-Party Decryption*: Traditional CRM schemes use the Ford-Wiener key
> release with a key server in the cloud dispensing decryption keys to
> authorized readers. The problem with this approach is that our chief data
> confidentiality concern is a breach of the cloud, i.e. the key server.
> Separating the decryption function into two parts and requiring both to
> participate enables a key server to control decryption of data without
> being able to decrypt.
> *DARE Envelope*: This is a new PKCS#7 type format built on JOSE which
> provides the hooks needed to support the Multi-Party Decryption scheme DARE
> Container.
> *DARE Container*: An append only log format supporting incremental
> encryption and authentication. If I am talking to VC, I might even call it
> a block chain.
> *Shamir Secret Sharing*: Personal Escrow of the user's keys is supported
> with up to 16 shares and a quorum of 1-15.
> There is quite a bit more to the system but it remains remarkably compact
> and especially so considering the scope of its capabilities.
> One innovation that addresses a current concern is that Mesh Accounts are
> the property of a user and not the service provider. So if I want to change
> my service provider from to, I can do that at any
> time of my choosing and I don't need to co-operate of give
> permission for the transfer.
> The trust model does have a role for Certificate Authorities but this is
> optional and limited to the discovery process, CAs are not ongoing
> participants in every transaction. Direct exchange is also supported via
> both an in-person model (e.g. QR code exchange or bump phones) or remotely.
> All the reference code is MIT License and copyright Comodo Group (to
> Version 2.0) and Comodo Group and myself (3.0 on). The tool chain used to
> build the system is MIT License and my copyright. I have attempted to avoid
> encumbered technology and I am not aware of any valid claims on the current
> specs but make no warranties in that regard.
> I have submitted all the documents as Internet drafts but there is a
> catch, I am writing the documents assuming that the transition to HTML RFCs
> is going to happen. So you can read them as plaintext drafts if you insist.
> But the HTML documents have diagrams and use superscripts and subscripts
> for the math rather than X_A which makes them a lot easier to read.
> The architecture draft provides an overview of the project:
> The following drafts are nearing completion. I am currently working on
> getting the worked examples from the running code worked in:
> I might have the protocol specification available by Montreal but that
> might slip.
> On Wed, Jun 26, 2019 at 2:55 PM Kathleen Moriarty <
>> wrote:
>> Hello,
>> If you wish to present at SecDispatch in Montreal, please send a message
>> to the chairs and preferably to the list with the draft link that you plan
>> to present.
>> Thank you.
>> --
>> Best regards,
>> Kathleen
>> _______________________________________________
>> Secdispatch mailing list


Best regards,