[skex] SKEX charter
Melchior Aelmans <melchior@aelmans.eu> Thu, 23 May 2024 21:06 UTC
Return-Path: <melchior@aelmans.eu>
X-Original-To: skex@ietfa.amsl.com
Delivered-To: skex@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E630AC151086 for <skex@ietfa.amsl.com>; Thu, 23 May 2024 14:06:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=aelmans.eu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9hWsvhmOc0ej for <skex@ietfa.amsl.com>; Thu, 23 May 2024 14:06:01 -0700 (PDT)
Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72067C14F71F for <skex@ietf.org>; Thu, 23 May 2024 14:06:01 -0700 (PDT)
Received: by mail-pg1-x530.google.com with SMTP id 41be03b00d2f7-662aeb8d157so2497151a12.1 for <skex@ietf.org>; Thu, 23 May 2024 14:06:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aelmans.eu; s=google; t=1716498360; x=1717103160; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=2oDXxPuzvffc0JO1CbmYW5bnUId+ABOGY31tZpwoUmc=; b=e8ZQEGWm3Ml//HaCm7h/hSKZP3SFFMH0NAJqHMOE0uCCvfORrktJhrJEzKScy3dA0S NJfvw3o/B9ahYk1tCmfY/PeDcj7jrb1aXond2toQiGJJIiGW1sqIPRtlS1kroA+TpqnE isVN3FZQq6YdegQH6ikjjH/nH3tXISsnABcAcdCQprkxPp6fuLGFjEDtsdTQENtsLlem qwy+tV4ueX4tSlY0kQTg0PXFn8zI7rtgkJqJiM8W44/FIflttB4kTelk+9PH+k3AB776 vjSUUSUjxK2IYBezE90bCq1a3FxRznUtOYCZ5crCslTFOBTuVbohGKcDPRxFv82kBLzZ Palw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716498360; x=1717103160; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=2oDXxPuzvffc0JO1CbmYW5bnUId+ABOGY31tZpwoUmc=; b=p3z+VsvCvTA+v+1VcBtlYPvGFAaoUiwre6iDENZ5rsvb9ZE50WStJtaBRUan0OKhdR dyQAcC0ZQB7LFjUZfu2JIYLb3uep7YJCLzsqbd/RVmBLxKua7RjuS/dnGJKnLQj+zuF7 aYLWHPwtB5ZWfN3ED0MGEdsBipn5SLElUPhaSIEbqdnqWGNRZqX562ZY/uoJbPM1QAMc Ht7ojjuERUBKomDlIenZwNMLmgCy1+0fy0+y93sly+BcbsiJpmPWiVaQRtrIB8NRkv7V g1Xrp5l+eRGH5M6m7JWqhKqzLNpRqpPo0eZR6G/1/2yY0pzKmgMHfXAE0g3HRJcDJ8vA 7HKg==
X-Gm-Message-State: AOJu0Yz95c4thpIjm31tTCCwmTZ/BSkCCcbLccCmyFBB/9J9HbykTD37 3VaYONS5CKhgFa5NO06er7R2inQRtM+SRDdYnrHe7mdyHdzdbO3m/stLwscpzf5Q9tCUyzGLVrw rjjcO/Vl9pQ1T/Kkpj99QC9C+0ChSuImv/YQwpQ+agpsjegNsDzQ=
X-Google-Smtp-Source: AGHT+IEHEEJNAMSqXHRXoAUBh1CR8ZiT/xZXaEr3bT98P1YLQGazNmdG6Nr3JE52NmdN0fX4QyCQLJqg8UaP5vgOQ+E=
X-Received: by 2002:a17:90a:b896:b0:2bd:f4cb:bd7f with SMTP id 98e67ed59e1d1-2bf5f85d4f5mr323111a91.42.1716498359846; Thu, 23 May 2024 14:05:59 -0700 (PDT)
MIME-Version: 1.0
From: Melchior Aelmans <melchior@aelmans.eu>
Date: Thu, 23 May 2024 23:05:48 +0200
Message-ID: <CALxNLBiasxn6J3dTOxhrUzMPMAA9kBmLqGub=Zr1NvyHEyiBLQ@mail.gmail.com>
To: skex@ietf.org
Content-Type: multipart/alternative; boundary="000000000000ff240a0619256ae9"
Message-ID-Hash: FICHQEZCJU6RLYTVZRU3MZCZHM4AT3B7
X-Message-ID-Hash: FICHQEZCJU6RLYTVZRU3MZCZHM4AT3B7
X-MailFrom: melchior@aelmans.eu
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [skex] SKEX charter
List-Id: Symmetric Key Exchange <skex.ietf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/skex>
List-Help: <mailto:skex-request@ietf.org?subject=help>
List-Owner: <mailto:skex-owner@ietf.org>
List-Post: <mailto:skex@ietf.org>
List-Subscribe: <mailto:skex-join@ietf.org>
List-Unsubscribe: <mailto:skex-leave@ietf.org>
Hi everyone, As we work towards organizing a SKEX BOF at IETF120, I'd like to kick off a discussion regarding the charter for a SKEX Working Group. Below is my initial draft. I look forward to your feedback, suggestions, and comments. Best regards, Melchior Asymmetric-key cryptography is a powerful tool for securing communication but has some shortcomings, including that they are generally computationally intensive, and their security relies on the difficulty of solving certain mathematical problems, which may be vulnerable over time with improvements in computational capacity or mathematical advances, and in particular, the threat posed by quantum computing to the security of key exchanges that are based on asymmetric cryptography. This drives the requirement for the establishment of keys protected by symmetric cryptography, without dependence on asymmetric algorithms. Symmetric key establishment mechanisms can be used to semi-statically and dynamically provide keys for existing protocols that accept such keys, for example TLS 1.3, IPsec and MACsec. Scalable symmetric key establishment systems require one or more intermediaries to facilitate the process of secure key establishment or creation. Existing work specifying the formats and interfaces for the consumption of such symmetric keys by networking equipment, often referred to as pre-shared keys, include https://www.etsi.org/deliver/etsi_gs/QKD/001_099/014/01.01.01_60/gs_qkd014v010101p.pdf, https://datatracker.ietf.org/doc/rfc6030/, https://datatracker.ietf.org/doc/rfc6031/ and https://datatracker.ietf.org/doc/rfc7517/. Existing work for the incorporation of dynamic symmetric keys in various protocols include https://datatracker.ietf.org/doc/rfc8784/ and https://datatracker.ietf.org/doc/rfc9258/. However, a common framework for the mutual establishment of such symmetric keys, as well as concrete examples of such protocols, is currently missing. The goal of the Symmetric Key Establishment and Exchange (SKEX) WG is to develop a standardised framework document for key establishment and exchange mechanisms and also to define protocols for such actions. The framework document is expected to cover the following topics: - Privacy and security considerations - Operations and management considerations - Implementation and deployment considerations - Scalability and applicability considerations The WG does not aim to alter existing protocols. However, it may suggest to relevant WGs how existing protocols could benefit from symmetric key establishment mechanisms. Concrete work items that SKEX may produce include: - An architectural framework describing a Symmetric Key Establishment and Exchange architecture. - One or multiple Symmetric Key Establishment and Exchange protocols
- [skex] SKEX charter Melchior Aelmans
- [skex] Re: SKEX charter Panwei (William)
- [skex] Re: SKEX charter Manfred von Willich
- [skex] Re: SKEX charter Michael Richardson
- [skex] Re: SKEX charter Manfred von Willich
- [skex] Re: SKEX charter RJ A