Re: [lamps] Draft LAMPS Recharter
Russ Housley <housley@vigilsec.com> Wed, 02 May 2018 20:45 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C1791242F7 for <spasm@ietfa.amsl.com>; Wed, 2 May 2018 13:45:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TIpCEwWMl1_K for <spasm@ietfa.amsl.com>; Wed, 2 May 2018 13:45:26 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6146012DA23 for <spasm@ietf.org>; Wed, 2 May 2018 13:45:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 451B3300A43 for <spasm@ietf.org>; Wed, 2 May 2018 16:45:24 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Ir7CIwvBSfvm for <spasm@ietf.org>; Wed, 2 May 2018 16:45:22 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id C4421300A3E; Wed, 2 May 2018 16:45:22 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <1E6A89B6-82C7-4D8F-8E36-7FF9B2106293@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D460871A-260E-4C78-A4FA-2C5016503193"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Wed, 02 May 2018 16:45:23 -0400
In-Reply-To: <ade6bc1e860a4739b3e271f4e4752683@XCH-ALN-010.cisco.com>
Cc: LAMPS <spasm@ietf.org>
To: Panos Kampanakis <pkampana@cisco.com>
References: <1D329233-AFCE-421B-81FE-EDDC30386260@vigilsec.com> <94C70910-6BA3-4364-BE43-3316AE1E51C6@vigilsec.com> <ade6bc1e860a4739b3e271f4e4752683@XCH-ALN-010.cisco.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ftZY3JspNp4BCCvc-lolZH7OYPo>
Subject: Re: [lamps] Draft LAMPS Recharter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 May 2018 20:45:28 -0000
> On May 2, 2018, at 4:36 PM, Panos Kampanakis (pkampana) <pkampana@cisco.com> wrote: > > Hi Russ, > > Looks great. One minor correction: > s/they will probably not be used for signing X.509 certificates or S/MIME messages,/they might not be used for signing X.509 certificates or S/MIME messages, Sure. > > And one question about 4. I think I didn’t see many comments on this one in the recharter email thread. I have a concern that draft-housley-cms-mix-with-psk will not see great deployment. draft-ietf-ipsecme-qr-ikev2 is similar, but given the existing IKEv2 wide deployment, draft-ietf-ipsecme-qr-ikev2 had to exist as temporary solution in order to prevent downgrades to IKEv1 because of QC concerns. I don’t see the same issue for CMS. And given the challenge with establishing the PSK, it will likely not see wide adoption before the NIST PQ Project standardizes on PQ algorithms that can go into CMS. I asked our AD about this, and he felt that a near-term CMS solution was worth discussing. The IKE environment is somewhat different, and it is worth discussing the size of the group that would need access to the PSK for this to be viable. Obviously, it is not a PSK if everyone on the public Internet has access to it. Russ
- Re: [lamps] Potential Topics for LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Erik Andersen
- [lamps] Potential Topics for LAMPS Recharter Russ Housley
- Re: [lamps] Potential Topics for LAMPS Recharter Tim Hollebeek
- Re: [lamps] Potential Topics for LAMPS Recharter Stephen Farrell
- Re: [lamps] Potential Topics for LAMPS Recharter Erik Andersen
- Re: [lamps] Potential Topics for LAMPS Recharter Phillip Hallam-Baker
- Re: [lamps] Potential Topics for LAMPS Recharter Panos Kampanakis (pkampana)
- Re: [lamps] Potential Topics for LAMPS Recharter Tim Hollebeek
- Re: [lamps] Potential Topics for LAMPS Recharter Russ Housley
- [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Panos Kampanakis (pkampana)
- Re: [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Ryan Sleevi
- Re: [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Yoav Nir
- Re: [lamps] Draft LAMPS Recharter Ryan Sleevi
- Re: [lamps] Draft LAMPS Recharter Phillip Hallam-Baker
- Re: [lamps] Draft LAMPS Recharter Eric Rescorla
- Re: [lamps] Draft LAMPS Recharter Ryan Sleevi
- Re: [lamps] Draft LAMPS Recharter Ryan Sleevi
- Re: [lamps] Draft LAMPS Recharter Phillip Hallam-Baker
- Re: [lamps] Draft LAMPS Recharter Ryan Sleevi
- Re: [lamps] Draft LAMPS Recharter Stephen Farrell
- Re: [lamps] Draft LAMPS Recharter Tim Hollebeek
- Re: [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Jim Schaad
- Re: [lamps] Draft LAMPS Recharter Salz, Rich
- Re: [lamps] Draft LAMPS Recharter Daniel Van Geest
- Re: [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Daniel Van Geest
- Re: [lamps] Draft LAMPS Recharter Russ Housley
- Re: [lamps] Draft LAMPS Recharter Daniel Van Geest