[lamps] Spencer Dawkins' No Objection on charter-ietf-lamps-02-00: (with COMMENT)

Spencer Dawkins <spencerdawkins.ietf@gmail.com> Wed, 23 May 2018 18:13 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
To: The IESG <iesg@ietf.org>
Cc: lamps-chairs@ietf.org, spasm@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152709922899.26838.11074435093932176947.idtracker@ietfa.amsl.com>
Date: Wed, 23 May 2018 11:13:48 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/hvivetNqR4T4xfEtSsOKd4auw18>
Subject: [lamps] Spencer Dawkins' No Objection on charter-ietf-lamps-02-00: (with COMMENT)

Spencer Dawkins has entered the following ballot position for
charter-ietf-lamps-02-00: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)



The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/charter-ietf-lamps/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I am, of course, curious about Warren's BLOCKing comment, but assuming that
conversation goes well ...

I had some editorial comments, of course.

The last sentence in this list item is borked, as Warren noted ...

3. Specify the use of short-lived X.509 certificates for which no
revocation information is made available by the Certification Authority.
Short-lived certificates have a lifespan that is shorter than the time
needed to detect, report, and distribute revocation information, as a
result revoking them pointless.

Perhaps something like

3. Specify the use of short-lived X.509 certificates for which no
revocation information is made available by the Certification Authority.
Short-lived certificates have a lifespan that is shorter than the time
needed to detect, report, and distribute revocation information. As a
result, revoking such short-lived certificates is unnecessary and would be
pointless.

I'm not sure that "near-term" is necessary in the first sentence of this list
item.

4. Specify the use of a pre-shared key (PSK) along with other key
management techniques with supported by the Cryptographic Message
Syntax (CMS) as a near-term mechanism to protect present day
communication from the future invention of a large-scale quantum
computer.

I found it confusing because "near-term" isn't "near-term from now", it's
"near-term after the invention of quantum computing destroys civilization. If
you want an adjective, perhaps something like "proactive" would be closer.

In this text,

5. Specify the use of hash-based signatures with the Cryptographic
 Message Syntax (CMS).  A hash-based signature uses small private and
 public keys, and it has low computational cost; however, the signature
 values are quite large.  For this reason they might not be used for
 signing X.509 certificates or S/MIME messages, but they are secure
 even if a large-scale quantum computer is invented.  These properties
 make hash-based signatures useful in some environments, such a the
 distribution of software updates.

I wasn't sure from this description whether quantum computing resistance was
the only "environment" where these are applicable. As a nit, s/such a/such as/.

[lamps] Spencer Dawkins' No Objection on charter-… Spencer Dawkins
Re: [lamps] Spencer Dawkins' No Objection on char… Adam Roach
Re: [lamps] Spencer Dawkins' No Objection on char… Salz, Rich
Re: [lamps] Spencer Dawkins' No Objection on char… Salz, Rich
Re: [lamps] Spencer Dawkins' No Objection on char… Russ Housley
Re: [lamps] Spencer Dawkins' No Objection on char… Phillip Hallam-Baker
Re: [lamps] Spencer Dawkins' No Objection on char… Spencer Dawkins at IETF