Re: [Secdispatch] Request for agenda item at IETF 109 sec dispatch

Stefan Santesson <stefan@aaa-sec.com> Thu, 29 October 2020 16:04 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E0753A083F for <secdispatch@ietfa.amsl.com>; Thu, 29 Oct 2020 09:04:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b94hukjwT8XR for <secdispatch@ietfa.amsl.com>; Thu, 29 Oct 2020 09:04:40 -0700 (PDT)
Received: from smtp.outgoing.loopia.se (smtp.outgoing.loopia.se [93.188.3.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE6B93A03F3 for <secdispatch@ietf.org>; Thu, 29 Oct 2020 09:04:38 -0700 (PDT)
Received: from s807.loopia.se (localhost [127.0.0.1]) by s807.loopia.se (Postfix) with ESMTP id 6E4D910CC0E7 for <secdispatch@ietf.org>; Thu, 29 Oct 2020 17:04:33 +0100 (CET)
Received: from s645.loopia.se (unknown [172.22.191.6]) by s807.loopia.se (Postfix) with ESMTP id 4F4442EB35FC; Thu, 29 Oct 2020 17:04:33 +0100 (CET)
Received: from s470.loopia.se (unknown [172.22.191.5]) by s645.loopia.se (Postfix) with ESMTP id 3F25F1579F91; Thu, 29 Oct 2020 17:04:33 +0100 (CET)
X-Virus-Scanned: amavisd-new at amavis.loopia.se
Received: from s630.loopia.se ([172.22.191.6]) by s470.loopia.se (s470.loopia.se [172.22.190.10]) (amavisd-new, port 10024) with UTF8LMTP id R1rYfz0GlzHR; Thu, 29 Oct 2020 17:04:32 +0100 (CET)
X-Loopia-Auth: user
X-Loopia-User: mailstore2@aaa-sec.com
X-Loopia-Originating-IP: 85.235.7.89
Received: from [192.168.2.50] (gw.aaa-sec.ideon.se [85.235.7.89]) (Authenticated sender: mailstore2@aaa-sec.com) by s630.loopia.se (Postfix) with ESMTPSA id 0FFDA13B9314; Thu, 29 Oct 2020 17:04:32 +0100 (CET)
User-Agent: Microsoft-MacOutlook/16.42.20101102
Date: Thu, 29 Oct 2020 17:04:30 +0100
From: Stefan Santesson <stefan@aaa-sec.com>
To: IETF SecDispatch <secdispatch@ietf.org>
CC: Russ Housley <housley@vigilsec.com>, Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>
Message-ID: <16A74F6D-4DFA-4CC4-B9F9-F4CD8CB88356@aaa-sec.com>
Thread-Topic: [Secdispatch] Request for agenda item at IETF 109 sec dispatch
References: <DA9F40CE-A102-45C8-8509-E8637BBB9D38@aaa-sec.com>
In-Reply-To: <DA9F40CE-A102-45C8-8509-E8637BBB9D38@aaa-sec.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3686835872_1821568023"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/uwUYf8VQHxTiOvXZaEbcmkts6AM>
Subject: Re: [Secdispatch] Request for agenda item at IETF 109 sec dispatch
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Oct 2020 16:04:43 -0000

Yet one more update on this requested agenda item for next IETF meeting is that we have now submitted 2 more drafts, the XML and PDF profiles of the main specification.

 

We have also created a Github repo where all information about the current draft development is available: https://github.com/swedenconnect/IETF-SVT

This page also includes information about available open source as well as reference implementation.

 

 

Stefan Santesson 

 

From: Secdispatch <secdispatch-bounces@ietf.org> on behalf of Stefan Santesson <stefan@aaa-sec.com>
Date: Wednesday, 21 October 2020 at 23:17
To: IETF SecDispatch <secdispatch@ietf.org>
Cc: Russ Housley <housley@vigilsec.com>, Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>
Subject: Re: [Secdispatch] Request for agenda item at IETF 109 sec dispatch

 

As an update on this request, we just submitted an I-D on the main specification:

https://datatracker.ietf.org/doc/draft-santesson-svt/

 

 

Stefan Santesson 

 

From: Secdispatch <secdispatch-bounces@ietf.org> on behalf of Stefan Santesson <stefan@aaa-sec.com>
Date: Tuesday, 6 October 2020 at 18:29
To: IETF SecDispatch <secdispatch@ietf.org>
Cc: Russ Housley <housley@vigilsec.com>, Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>
Subject: [Secdispatch] Request for agenda item at IETF 109 sec dispatch

 

Hi,

 

At IETF 107 I made a presentation on SVT (Signature Validation Token) at sec dispatch.

 

At that time the work on SVT was in its early stages and the conclusion of the dispatch was to start a mailing list to discuss progress and direction.

This was never done eventually, but since IETF 107, this work has matured considerably and resulted in implementation and a successful Proof of Concept with running code.

 

The function of the SVT and the motivation of the SVT has also evolved.

 

In short:

 

SVT is a token that provides external evidence in support of long term validation of electronic signatures.

This is fully comparable with all types of long term validation strategies, who all need support of external evidence to conclude validity of the signer certificate as well as the signature itself.

The major contribution of the SVT is that it is reduces the number of external signed evidences that needs to be relied upon in order to perform successful validation, and thereby greatly reduces complexity of long term validation.

Another important contribution of SVT is that it, because of its compactness and simplicity, allows provision of multiple tokens of various strength or algorithms so that if one algorithm fails, the other may still be secure.

 

A first draft (00) will be authored by me and Russ Housley and will be submitted to the IETF, well in time for IETF 109.

 

I and Russ would like to request a timeslot at next sec dispatch to discuss progression of this draft as IETF standard.

 

 

Stefan Santesson 

 

_______________________________________________ Secdispatch mailing list Secdispatch@ietf.org https://www.ietf.org/mailman/listinfo/secdispatch 

_______________________________________________ Secdispatch mailing list Secdispatch@ietf.org https://www.ietf.org/mailman/listinfo/secdispatch