IETF Logo Mail Archive

[lamps] DRAFT LAMPS Recharter Text

Russ Housley <housley@vigilsec.com> Sun, 06 August 2017 16:51 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72F82126B7E for <spasm@ietfa.amsl.com>; Sun, 6 Aug 2017 09:51:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MnR1zje-dOuO for <spasm@ietfa.amsl.com>; Sun, 6 Aug 2017 09:51:28 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A80C0127B73 for <spasm@ietf.org>; Sun, 6 Aug 2017 09:51:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id AEDEA300526 for <spasm@ietf.org>; Sun, 6 Aug 2017 12:51:27 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id KBRrfg1B8y7g for <spasm@ietf.org>; Sun, 6 Aug 2017 12:51:26 -0400 (EDT)
Received: from [192.168.1.13] (75-139-107-240.dhcp.mant.nc.charter.com [75.139.107.240]) by mail.smeinc.net (Postfix) with ESMTPSA id 85D4D300455 for <spasm@ietf.org>; Sun, 6 Aug 2017 12:51:26 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Message-Id: <3EC3EBBE-D17D-4A25-A61C-27872613FB4D@vigilsec.com>
Date: Sun, 06 Aug 2017 12:51:24 -0400
To: spasm@ietf.org
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/WDqQFzpYNuKJAEVVtamb2VjiD_A>
Subject: [lamps] DRAFT LAMPS Recharter Text
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Aug 2017 16:51:30 -0000

At IETF 99, the LAMPS WG considered several potential recharter work items.  The attached draft is a result of that discussion.  Please review and comment.

Russ

= = = = = = = =

The PKIX and S/MIME Working Groups have been closed for some time. Some
updates have been proposed to the X.509 certificate documents produced 
by the PKIX Working Group and the electronic mail security documents 
produced by the S/MIME Working Group.

The LAMPS (Limited Additional Mechanisms for PKIX and SMIME) Working 
Group is chartered to make updates where there is a known constituency 
interested in real deployment and there is at least one sufficiently 
well specified approach to the update so that the working group can 
sensibly evaluate whether to adopt a proposal.

Having completed the S/MIME 4.0 specifications and updates to support
i18n email addresses in PKIX certificates, the LAMPS WG is now:

1. Specify a discovery mechanism for CAA records to replace the one
   described in RFC 6844.

2. Specify the use of SHAKE128/256 and SHAKE256/512 for PKIX and S/MIME.

RFC 6844 describes the mechanism by which CAA records relating to a
domain are discovered.  Implementation experience has demonstrated an
ambiguity in the current processing of CNAME and DNAME records during
discovery.  Subsequent discussion has suggested that a different
discovery approach would resolve limitations inherent in the current
approach.

Unlike the previous hashing standards, the SHA-3 functions are the
outcome of an open competition.  They have a clear design rationale and
have received a lot of public analysis, resulting in great confidence
that the SHA-3 family of functions are very secure.  Also, since the
design of the SHA-3 functions use a very different construction from the
SHA-2 functions, they offer an excellent alternative to the SHA-2 family
of functions.  In particular, SHAKE128/256 and SHAKE256/512 offer
security and performance benefits.

In addition, the LAMPS Working Group may investigate other updates to 
the documents produced by the PKIX and S/MIME Working Groups, but the 
LAMPS Working Group shall not adopt any of these potential work items 
without rechartering.

MILESTONES

Nov 2017: Adopt a draft for rfc6844bis
Dec 2017: Adopt a PKIX draft for SHAKE128/256 and SHAKE256/512
Dec 2017: Adopt a S/MIME draft for SHAKE128/256 and SHAKE256/512
Apr 2018: rfc6844bis sent to IESG for standards track publication
Sep 2018: SHAKE128/256 and SHAKE256/512 for PKIX sent to IESG for
             standards track publication
Sep 2018: SHAKE128/256 and SHAKE256/512 for S/MIME sent to IESG for
             standards track publication

v2.23.0 | Report a Bug | By Email