IETF Logo Mail Archive

Re: [lamps] Potential Topics for LAMPS Recharter

Russ Housley <housley@vigilsec.com> Tue, 03 April 2018 17:22 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E309F12E8A4 for <spasm@ietfa.amsl.com>; Tue, 3 Apr 2018 10:22:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u7jut2GFlGEA for <spasm@ietfa.amsl.com>; Tue, 3 Apr 2018 10:22:47 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 923D412D7E4 for <spasm@ietf.org>; Tue, 3 Apr 2018 10:22:47 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 854FF300A12 for <spasm@ietf.org>; Tue, 3 Apr 2018 13:22:45 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 9MBUTY1pUErP for <spasm@ietf.org>; Tue, 3 Apr 2018 13:22:44 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id 4B4AD3002C7; Tue, 3 Apr 2018 13:22:44 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <0B4868A9-00D8-4BF0-BB02-385B4FC058C4@vigilsec.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_416293C9-8F51-45C0-B03F-238E699FDD8F"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 03 Apr 2018 13:23:04 -0400
In-Reply-To: <d8b67f78-4e46-a85f-4bc7-2065aaf90c6c@cs.tcd.ie>
Cc: LAMPS <spasm@ietf.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <1D329233-AFCE-421B-81FE-EDDC30386260@vigilsec.com> <d8b67f78-4e46-a85f-4bc7-2065aaf90c6c@cs.tcd.ie>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/kjOOSQvETbKRh3TODIuKKsPCiUk>
Subject: Re: [lamps] Potential Topics for LAMPS Recharter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Apr 2018 17:22:50 -0000

> On Apr 2, 2018, at 10:34 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> On 30/03/18 19:05, Russ Housley wrote:
>> 2) draft-housley-cms-mts-hash-sig: SECDISPATCH suggested that the
>> LAMPS WG take on hash-based signatures for CMS as an additional work
>> item.
> 
> As I said at the mic in London, I support this work being done
> in the IETF, but I'm not sure LAMPS is a good choice. It's not
> a *terrible* choice, but doing this in LAMPS is a bit odd as I
> for one would argue that an experimental RFC could be the right
> target for this work and that seems like a mismatch with the
> LAMPS charter.
> 
> Re-chartering LAMPS to allow for this kind of work also seems
> to me to risk hitting the PKIX problem where we end up with a
> WG that's a catch-all for anything related to PKI. I figure
> that'd be a bad plan, but others may disagree.
> 
> In summary, I think maybe SUIT is a better match for hash-based
> sig work, given that s/w signing is the likely use-case for
> these schemes. That said, I'm not subscribed to SUIT so don't
> know if there's real interest from participants there either.
> I'd also be fine if the ADs spun up a new short-lived WG just
> for this work.

SUIT seems to be looking for the same document, but using COSE.

Russ

v2.23.0 | Report a Bug | By Email