Re: [lamps] Starting work to CAA and SHAKE
"Dr. Pala" <madwolf@openca.org> Sat, 16 September 2017 19:40 UTC
Return-Path: <madwolf@openca.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AB84132397 for <spasm@ietfa.amsl.com>; Sat, 16 Sep 2017 12:40:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.891
X-Spam-Level:
X-Spam-Status: No, score=-1.891 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_HK_NAME_DR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R7O5NXfgvTFq for <spasm@ietfa.amsl.com>; Sat, 16 Sep 2017 12:40:30 -0700 (PDT)
Received: from mail.katezarealty.com (mail.katezarealty.com [104.168.158.213]) by ietfa.amsl.com (Postfix) with ESMTP id 6AAA412EC30 for <spasm@ietf.org>; Sat, 16 Sep 2017 12:40:30 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.katezarealty.com (Postfix) with ESMTP id 1EDC63740E3A for <spasm@ietf.org>; Sat, 16 Sep 2017 19:40:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at katezarealty.com
Received: from mail.katezarealty.com ([127.0.0.1]) by localhost (mail.katezarealty.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Ihk3S2-G5ONN for <spasm@ietf.org>; Sat, 16 Sep 2017 15:40:29 -0400 (EDT)
Received: from Maxs-MBP.hsd1.co.comcast.net (c-24-8-35-103.hsd1.co.comcast.net [24.8.35.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.katezarealty.com (Postfix) with ESMTPSA id 4730F3740CA2 for <spasm@ietf.org>; Sat, 16 Sep 2017 15:40:29 -0400 (EDT)
To: spasm@ietf.org
References: <D774A9B1-F765-4BDA-9D78-D584B4B0EFF8@vigilsec.com>
From: "Dr. Pala" <madwolf@openca.org>
Message-ID: <a1986162-447d-1243-3366-4c4c6aa1665c@openca.org>
Date: Sat, 16 Sep 2017 13:40:28 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <D774A9B1-F765-4BDA-9D78-D584B4B0EFF8@vigilsec.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Y0Ru1L4syMQ3LsS_SZNKLBoKrbw>
Subject: Re: [lamps] Starting work to CAA and SHAKE
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Sep 2017 19:40:32 -0000
Hi Russ, all, does this mean that the other two items that were proposed will not be worked on until the two items listed here? Have you considered also the other proposals for the charter that were sent sometime ago? I was under the impression that there was interest in both items... Cheers, Max On 9/15/17 1:43 PM, Russ Housley wrote: > I have been discussing the recharter with EKR, and he agrees that we should get started on this work even though the LAMPS re-charter is blocked on a bit of process. > > Having completed the S/MIME 4.0 specifications and updates to support i18n email addresses in PKIX certificates, the LAMPS WG is now ready to work on two additional topics: > > 1. Specify a discovery mechanism for CAA records to replace the one described in RFC 6844. > > 2. Specify the use of SHAKE128/256 and SHAKE256/512 for PKIX and S/MIME. > > Other topics can be considered when these two are progressing. > > > CAA > > RFC 6844 describes the mechanism by which CAA records relating to a domain are discovered. Implementation experience has demonstrated an ambiguity in the current processing of CNAME and DNAME records during discovery. Subsequent discussion has suggested that a different discovery approach would resolve limitations inherent in the current approach. We have seen at least two individual drafts on this topic. I would like to have the WG adopt a rfc6844bis as a starting point. > > > SHAKE > > Unlike the previous hashing standards, the SHA-3 functions are the outcome of an open competition. They have a clear design rationale and have received a lot of public analysis, resulting in great confidence that the SHA-3 family of functions are very secure. Also, since the design of the SHA-3 functions use a very different construction from the SHA-2 functions, they offer an excellent alternative to the SHA-2 family > of functions. In particular, SHAKE128/256 and SHAKE256/512 offer security and performance benefits. We have not seen any individual drafts on this yet. It seems to me that one draft is needed for PKIX and another draft is needed for CMS and S/MIME. Is anyone willing to work on them? > > Russ > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm
- [lamps] Starting work to CAA and SHAKE Russ Housley
- Re: [lamps] Starting work to CAA and SHAKE Salz, Rich
- Re: [lamps] Starting work to CAA and SHAKE Dr. Pala
- Re: [lamps] Starting work to CAA and SHAKE Russ Housley
- Re: [lamps] Starting work to CAA and SHAKE Russ Housley
- Re: [lamps] Starting work to CAA and SHAKE Phillip Hallam-Baker
- Re: [lamps] Starting work to CAA and SHAKE Salz, Rich
- Re: [lamps] Starting work to CAA and SHAKE Phillip Hallam-Baker
- Re: [lamps] Starting work to CAA and SHAKE Dang, Quynh (Fed)
- Re: [lamps] Starting work to CAA and SHAKE Panos Kampanakis (pkampana)
- [lamps] CMS with SHAKE128 and SHAKE256 draft. Dang, Quynh (Fed)