IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Proposed recharter text

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 17 February 2021 06:51 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21C0A3A15B9 for <spasm@ietfa.amsl.com>; Tue, 16 Feb 2021 22:51:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 689jqrlR4Ss8 for <spasm@ietfa.amsl.com>; Tue, 16 Feb 2021 22:51:46 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50072.outbound.protection.outlook.com [40.107.5.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A536D3A15B8 for <spasm@ietf.org>; Tue, 16 Feb 2021 22:51:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XOb6x4WIgBlG8Es163bcW4JMCDv4LkycMMpwaruMz4ck8PJRj99xRIKHeXte7Y/XPqZfu3QkVP/LQ/7IJX+stOKPtJ1wHie2IppkmEjgZ0w72k+5qD3hmmFFykkiR3mHcP1UKrVAvHK+FcHM5jNLDb3KXjDobcmavzYCfFXjlfFPJlYBCaS4pYA1aat9fSycrSlqcxAzZx55VpOzJsCOMy6KlDcqp58/2sTffB9YBpRz1vFSPjqxjRFXHbEtaCeV7wdiccpZxgTFgLodF9meeJsbAMoLH4SJxC1YHMI6zyZnEKPRAoKjpEIDI+pJoKB5JF+EJ/pUKcyS0ccwq0N6iQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=X8xaGyngyxYaR2uk34/plfpKkXSFeMSPHffFoezP078=; b=X5x7pRQDKvTPTE4NZicZyMVpJf0WaiQYpeL+0/gff+V4SobNSVygITzeEZjQT+Q8CqK6eUxMA5aVakdZGBMV33+rUmK3SHUJ+42F4hdHvYzYLEBJhVWJKaV0lGOPfOmjTgDp5+mOaf+JmdKp4ttmBsx8QI9eldVRNBOctP/Fy47o2Z9gT79RgsRLKEzCMmrfYVBZcFzG0kLCSyHris46xsQoz5pmtFa5g4HNWvPtKHQus4iCpqFDbOXicvB3AoRDyWkR+bNZ1GUEkg0qs+o1RHfsvTIjLWIzXAYd0VxoXNQQQrl9+Ckk35JMZL6mDBlJ2VOW2wj3iE9SeasLiOLSzg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=X8xaGyngyxYaR2uk34/plfpKkXSFeMSPHffFoezP078=; b=euebkylafZTPnUxhq2okwuZB/FmeD+j6au9yEeXS498psEL/wz0YOoinRN6553Q87/eNG4+DlYwIlQrXq71RSUf/1ODql81OXZVxH8r9zsKMWm6mNmbeyR8fpnUR2/5Pc7LmWpRCg6meE8n6E6fYU85QK71HBou2VKnjG/qq1+8=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM0PR10MB3457.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:154::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3825.24; Wed, 17 Feb 2021 06:51:43 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d199:e33a:ff08:75b1]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d199:e33a:ff08:75b1%3]) with mapi id 15.20.3868.027; Wed, 17 Feb 2021 06:51:43 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, Russ Housley <housley@vigilsec.com>, LAMPS <spasm@ietf.org>
CC: Douglas Stebila <dstebila@uwaterloo.ca>
Thread-Topic: [lamps] [EXTERNAL] Proposed recharter text
Thread-Index: AQHXBLrODBc3Sq0WKkaqQRRBKVU/JKpb5vJw
Date: Wed, 17 Feb 2021 06:51:43 +0000
Message-ID: <AM0PR10MB2418BF9CF8964C0575B24D61FE869@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
References: <DM6PR11MB43808FA7D74229A5997965649FBA9@DM6PR11MB4380.namprd11.prod.outlook.com> <9D01B155-6BB8-4438-8FAA-149686B69B64@vigilsec.com> <DM6PR11MB43802A18CEDD485928E455029F879@DM6PR11MB4380.namprd11.prod.outlook.com>
In-Reply-To: <DM6PR11MB43802A18CEDD485928E455029F879@DM6PR11MB4380.namprd11.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2021-02-17T06:51:41Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=c27169cb-eaef-46fe-9e1a-5d4cc38f4b79; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none; dmarc.ietf.org; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [165.225.200.169]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: b6f0f36b-4d92-412a-865c-08d8d3107c5e
x-ms-traffictypediagnostic: AM0PR10MB3457:
x-microsoft-antispam-prvs: <AM0PR10MB345776C38D9CBF848FEAD2D2FE869@AM0PR10MB3457.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: M7EDb+GycG6J2FBVOesL99SXsvTGmqvCJ0bdQGpnGMY+LYw565ZF6BO332nNHof1bngDj4DI9AT75o2nd+WWShYp5AKQBZcwuSj4WrStpmfPymstTsJzX2ixHzmYsqqMdAmKdHCK3cYeGiRGiPGIv7POHuLGf/45jK040JJJWo/DzUAXgiksxgitHITcE23CZTP7zhS/HdwqN3AVYAfbFM2hj4SUPjlm0iuFOtxeEnSVnqwFS8TWAC952SOZ2xyfquj23jrDcsaysW0jaib/O7sUw1gEIOHzrutoIMrKmaQouWtaoihz3WrXZyV6SIz3NyWCZlp2BDu+eIM1/iTi2B6vJSbmCKokxjI3RG6QeqxqIHEtLtXa3j6Ownfu/NAWqG2ruW0NLsPI6xkm5BIZZkyzs4NPWR5F9q+/f/8LBOkzvxQ0cga3lJlCcVK7ii7S5EFzzXoenV5jnDptd8ipYwcVpUk3S4IrJaGdBOG8/VEgi/JHGyXSz6fleWgdUM4FIXl7mORQUh+nzyv7+cMsiA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(376002)(396003)(136003)(366004)(39860400002)(346002)(26005)(9686003)(66446008)(7696005)(33656002)(55016002)(478600001)(2906002)(4326008)(66476007)(5660300002)(8936002)(4744005)(66556008)(64756008)(76116006)(71200400001)(110136005)(66946007)(186003)(6506007)(316002)(86362001)(83380400001)(52536014)(55236004)(8676002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: TdOKSHFgtszRFp3UwQGrgtPJEfW5ytr7VHAX/W5cItHcMmdv+vitt3dte9J23qxOvZ2Gg8eRfc/g6gt7zdzPqbTHDK1q5voW3KVi6+huEczaohVC2Xnj11J/mwp1JUHciJ6cyNGS3I0hokkWMDrwGkLw1EY5qhVDlOmlHnuryDRNb8kiktJiTuKftWk3q8KRqp8L1Q9C4EIn/vvOAszMli/bxyi3o24NGditWF43v+ELzNmrOyJbYJOMQFTy4aMk1WjRnAlg9+bsnd+BQfTLI9/5tKznuYY80DulcHBdMjPpdAkVBaBB25aiaJ8xvSU9vaaPLykxN4NqTE/pRrIdsUe+Ihj3TNMrCWD3KpQfiSiZ2V0bu3XKj5hTHqObQY2PXZG65JP3xQrgAWz7vl9ZuB8CwkP0TJQ8Rh413rSkR9FmgKYvjONM2wUwZSdi59LkH+ctxXfpFkxuJohSZYpcwuMWZdiFUsfSFpJn2+4rWR9OjIGWpLmI52AvwWTRE3oEdnS6vXhjf9Nawd0oakl0TDADGD/TkeoF+Tnwap27qaKSpH8lNM2k5e+h01FYj/vU2jp95mJVfl73py7HGnkZt6sU4y5v8gwy1qVBc5jwy5Sm/0t07zwYiI5Bfzb6pF9xdVekkjpTfEHj/MMTXnUxg/AC5TxOmfhw0rFCiTZ6iKSFPZ/ZG/hE48T3NTrcwidNilpMgMhZyffmvCu9rPL2DDQBKxoThrEZHk7bdzt4aQvWW9ReTskzBiFQbbH9Jd0/Bkhep4eIuHUbrlwPzSN2VfPvIn8bT5HZl8D1QjsloFwWl5/4T+JB3O7UiAgadx5XylclnGK73ipmqxciCICH+EPHrSrKmjjyNkfgAuWpKdpAzkwQUx5YD1a42DEXcdWkVehcekVZRvbaMacsD3ICwTx5HzeWSvHUJu6yoHV4DOVvr+N5Gy4nUs5/e+UJQ4UdzQf9NmncbpjZLlPYE55apgAd73PchTzsHRv5DYxL53+IBZXh3QJ2agq2Qd2QERJBKx6BGT3hlB6SSwtKLacqGQrYM1Q9FHdbp/Mi6/fNNZRTxguyZRtLh3PPDC0un5JiX0kng7UMTTEkTlIewy3ehXDdQuwrf4C6VwmAF5gfWned7x56jCEUKsTveJu0enX6L+UD0kOQS8C7L5tWQy6WKgzsK9XMwWlkl/tCVzuQqDU6gGiJ3bcpQeao5mCm/XNAX8S+0eNJ4QgG3Mm7Hl23DFPRtRwX2XiLF58Dg/FnjNKH1J9DnD66MWd9g5k6Cb1IDWhE519u4naszpzt7h0HEOPsE8Y/m5iOKc+42dJPw6dt4ger7bSecDUNJ90C4os2
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b6f0f36b-4d92-412a-865c-08d8d3107c5e
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Feb 2021 06:51:43.1672 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dvq4A4XmpOprmhSB9pf4Yggd4O9+tberXz/qzCsJRtN3LXQ1CTkcNKHr0VdjuTxnxqvXXtFWV+wLlDkakqBGb9VYK6i2dHBfT8F3SRRG6o8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB3457
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/hVs3h_BGEMfGUghdRh9k5zbv4do>
Subject: Re: [lamps] [EXTERNAL] Proposed recharter text
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2021 06:51:48 -0000

> Von: Spasm <spasm-bounces@ietf.org> Im Auftrag von Mike Ounsworth
> 
> There isn't a TLS WG draft for KEMTLS yet, but I have it on good authority
> that it's coming. If it gains traction, then the LAMPS charter will likely need a
> 5c to add KEM PoPs for enrollment, update, and revocation where they are
> missing (EST RFC 7030 and the Lightweight CMP draft come to mind).
> 

CMP is open for other PoPs than signature based as it uses CRMF. With current algorithms RSA and ECDSA/EdDSA signature based PoP is sufficient. As soon as there is a need to extend to PQ public key encryption based PoPs, this could be done. To authenticate revocation requests a public key encryption based message protection is required. Both could be handled in a PQ CMP Profile.

- Hendrik

v2.23.0 | Report a Bug | By Email