[Secdispatch] Request for agenda item at IETF 109 sec dispatch

Stefan Santesson <stefan@aaa-sec.com> Tue, 06 October 2020 16:29 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E33903A149C for <secdispatch@ietfa.amsl.com>; Tue, 6 Oct 2020 09:29:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 9qI31aIsvcRz for <secdispatch@ietfa.amsl.com>; Tue, 6 Oct 2020 09:29:01 -0700 (PDT)
Received: from smtp.outgoing.loopia.se (smtp.outgoing.loopia.se []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 894143A1499 for <secdispatch@ietf.org>; Tue, 6 Oct 2020 09:29:01 -0700 (PDT)
Received: from s807.loopia.se (localhost []) by s807.loopia.se (Postfix) with ESMTP id 458E9216109 for <secdispatch@ietf.org>; Tue, 6 Oct 2020 18:28:38 +0200 (CEST)
Received: from s498.loopia.se (unknown []) by s807.loopia.se (Postfix) with ESMTP id 269102E2C5BF; Tue, 6 Oct 2020 18:28:38 +0200 (CEST)
Received: from s476.loopia.se (unknown []) by s498.loopia.se (Postfix) with ESMTP id 23AE7489340; Tue, 6 Oct 2020 18:28:38 +0200 (CEST)
X-Virus-Scanned: amavisd-new at amavis.loopia.se
Received: from s499.loopia.se ([]) by s476.loopia.se (s476.loopia.se []) (amavisd-new, port 10024) with LMTP id Uj51Ol6fdaLz; Tue, 6 Oct 2020 18:28:37 +0200 (CEST)
X-Loopia-Auth: user
X-Loopia-User: mailstore2@aaa-sec.com
Received: from [] (gw.aaa-sec.ideon.se []) (Authenticated sender: mailstore2@aaa-sec.com) by s499.loopia.se (Postfix) with ESMTPSA id 2EE1F1CDE8B3; Tue, 6 Oct 2020 18:28:37 +0200 (CEST)
User-Agent: Microsoft-MacOutlook/16.41.20091302
Date: Tue, 06 Oct 2020 18:28:35 +0200
From: Stefan Santesson <stefan@aaa-sec.com>
To: IETF SecDispatch <secdispatch@ietf.org>
CC: Russ Housley <housley@vigilsec.com>, Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>
Message-ID: <0ECA202D-EA01-4072-9085-AC5C427C711E@aaa-sec.com>
Thread-Topic: Request for agenda item at IETF 109 sec dispatch
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3684853717_1364145312"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/pGYvDunuUMxVYexPQt1h1i78lDA>
Subject: [Secdispatch] Request for agenda item at IETF 109 sec dispatch
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2020 16:29:04 -0000



At IETF 107 I made a presentation on SVT (Signature Validation Token) at sec dispatch.


At that time the work on SVT was in its early stages and the conclusion of the dispatch was to start a mailing list to discuss progress and direction.

This was never done eventually, but since IETF 107, this work has matured considerably and resulted in implementation and a successful Proof of Concept with running code.


The function of the SVT and the motivation of the SVT has also evolved.


In short:


SVT is a token that provides external evidence in support of long term validation of electronic signatures.

This is fully comparable with all types of long term validation strategies, who all need support of external evidence to conclude validity of the signer certificate as well as the signature itself.

The major contribution of the SVT is that it is reduces the number of external signed evidences that needs to be relied upon in order to perform successful validation, and thereby greatly reduces complexity of long term validation.

Another important contribution of SVT is that it, because of its compactness and simplicity, allows provision of multiple tokens of various strength or algorithms so that if one algorithm fails, the other may still be secure.


A first draft (00) will be authored by me and Russ Housley and will be submitted to the IETF, well in time for IETF 109.


I and Russ would like to request a timeslot at next sec dispatch to discuss progression of this draft as IETF standard.



Stefan Santesson