Re: [SPICE] Call for consensus on SPICE charter
Manu Fontaine <Manu@hushmesh.com> Mon, 26 February 2024 13:30 UTC
Return-Path: <manu@hushmesh.com>
X-Original-To: spice@ietfa.amsl.com
Delivered-To: spice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13541C151077 for <spice@ietfa.amsl.com>; Mon, 26 Feb 2024 05:30:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hushmesh-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f8ScLaqNPobt for <spice@ietfa.amsl.com>; Mon, 26 Feb 2024 05:30:30 -0800 (PST)
Received: from mail-qv1-xf2c.google.com (mail-qv1-xf2c.google.com [IPv6:2607:f8b0:4864:20::f2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 20D91C14F68D for <spice@ietf.org>; Mon, 26 Feb 2024 05:30:03 -0800 (PST)
Received: by mail-qv1-xf2c.google.com with SMTP id 6a1803df08f44-68f9c01a148so16217376d6.3 for <spice@ietf.org>; Mon, 26 Feb 2024 05:30:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hushmesh-com.20230601.gappssmtp.com; s=20230601; t=1708954202; x=1709559002; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=l8NOD+M1XesUklbxJ90cJunF0p2WUBnPKPg9q4KnJS0=; b=IvoODANFa8jT4LE8TvR9oQlgoiPL7soRJbMJJ1CVleqkFzsLFKaWN1yQO7MCyssjH7 B94SHGXEgTaTe+VhJkvXAEToPzuJo30AVffj8xZqkbzQWJhI9MZgGmnLeTbOGNK7fiSd sRUZp8/V14cpkFd9Bj8aqsLGII+yxu/FUXtRpP6yyxiMqCIIlIoHewc7H1VcIHnGEcAr qotJjn0BDazoK+mLcnqA7TybFO0a3NBQeSKwd5M7U0UljhBduodaVb39E/Ubr8/90Z78 8HHfnwmb5j7JJLrmQ6odK25jwcYYUe8YxoR87xNC04mlp4qBxbkST9YQ/fg68TCX9iRS ks1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708954202; x=1709559002; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=l8NOD+M1XesUklbxJ90cJunF0p2WUBnPKPg9q4KnJS0=; b=rM3PaoCtXwaCdrlUF5UkDwNrpIbZ6sYtJYZfC/+Z/IQqUg0GivXAH4x1sI2UjeEwhy sSkCIj1X9QKpmo2996XM4c0KvVhF/5Zf6NuvXKo8vqK3JRoitEjdrgPdMVSIsaq0hjaD e0QO7TkcWKaeM/+h42Z4PJ4yr8KfT2Or3vuZdRhOBlBTOrgxUQvXHecRSAM4Z0mdpTeO wPmXDmtV4a0IMasXUxYmdcPlbTP9dqTQH/lMhDwy6lfGKrS/s9Akv0yayd6VKiT4+9W2 JiJw9mPgZVFNhUw5osJyQESp8CPtgeSOMmgs+dlIxTL/lQL6brZ0UbaQw08rP29Fg1Lg /5Jw==
X-Forwarded-Encrypted: i=1; AJvYcCWk/dBXz1veKB7WRHttvy4/GOi7bVBt4g8YoJcz4kKOZZieeQGrtbNBGAy3uTkaFmk9AzPa63xMQr4tY90UbQ==
X-Gm-Message-State: AOJu0YyJMci3WV2n1gHWnq6qG6w/3ARoXxRuHyqRPILEoSCH9f1fk7GM jh1ktxikPmk5QwOYdd/wuBtf8x/SGRDHPfS/0y10ejBtLae/dx0EajEox09fal1zqH5vZr9BuCQ NMP06mGPox/GLPUpwfMfvuBRkRvGDgQacj3zpvw==
X-Google-Smtp-Source: AGHT+IFOiTKF5qa891ph9ThnZJu9o++T0x10MDshxc/k1Vao1MjdPnFCK56SMwTkztbE+Db649o3PkMwL9rhr0m+O7k=
X-Received: by 2002:a0c:e2c6:0:b0:68f:8c72:b89d with SMTP id t6-20020a0ce2c6000000b0068f8c72b89dmr7719498qvl.44.1708954201982; Mon, 26 Feb 2024 05:30:01 -0800 (PST)
MIME-Version: 1.0
References: <BN2P110MB110725C85B7253C421DDFE71DC4BA@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <CA+tYtvG3KmYfUdWM9AqMcs=8abjOA1bCYHa5qeJdyRE_WzeF=g@mail.gmail.com> <CAAse2dFGZ3wFDv8FFQyBm5PYXTm0RrBaUYfF3Tum6tReFsemrA@mail.gmail.com> <CANez3f4GzDjpfL1PQCk4M80EUkDvTF1t7sfCES3GHsoO-x1DXQ@mail.gmail.com> <CACsn0cmqd2R5yJMuQYCgqpV4-Q0X442mEGX4RJatEKvu8eW5Lg@mail.gmail.com> <CAN8C-_+ioJab1Qbiu+gBQ_nx-k77_3_koj=kwEJaGhVEEVc1OQ@mail.gmail.com> <CAHu=PL1y3KHcTv3OhopHUiewF5d2hN6_sqBOgmwMaA3wQEGEZw@mail.gmail.com> <c168cf13-deae-0ac8-41ca-21497fb187ef@ietf.contact>
In-Reply-To: <c168cf13-deae-0ac8-41ca-21497fb187ef@ietf.contact>
From: Manu Fontaine <Manu@hushmesh.com>
Date: Mon, 26 Feb 2024 08:29:50 -0500
Message-ID: <CAHu=PL2WU+6iDyP+Gii4yjB8PKYo9ro6rvhnepL=REn5bfMzUw@mail.gmail.com>
To: Henk Birkholz <henk.birkholz@ietf.contact>
Cc: Orie Steele <orie@transmute.industries>, Watson Ladd <watsonbladd@gmail.com>, spice@ietf.org
Content-Type: multipart/alternative; boundary="00000000000025a0e5061248e86e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spice/z7xA5ZFEWxEeF649rzW6nIt3s44>
Subject: Re: [SPICE] Call for consensus on SPICE charter
X-BeenThere: spice@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Patterns for Internet CrEdentials <spice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spice>, <mailto:spice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spice/>
List-Post: <mailto:spice@ietf.org>
List-Help: <mailto:spice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spice>, <mailto:spice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Feb 2024 13:30:34 -0000
Thanks Henk, I hope you'll be in Brisbane so we can meet in person. Our perspective is that CC is literally (chip+workload) identity and cryptographic security at the *physical* layer. It's the infamous "missing layer" of the internet that we've all been looking for. It's *the* security bedrock. I cannot think of better places than the intersection of CCC and the IETF SEC Area to re-imagine security from the silicon up. Manu On Sun, Feb 25, 2024 at 11:17 PM Henk Birkholz <henk.birkholz@ietf.contact> wrote: > Dear Manu, > > I've been a member of the Confidential Computing Consortium since its > formation. I agree the CCC work is an implementation steered hub that > binds many, many of the standardized building blocks that you mentioned. > And a lot of IETF contributors and implementers meet there to find > common ground, generalize APIs across hardware, and complain about > Attestation Evidence heterogeneity all the time (that is fun, too). > > Advertisement hat on: It's a great place! Have a look! > > There is a tendency to produce confidential computing solutions from the > bottom up - okay. But I'd not go so far as to say the "infrastructure > layer" is the nucleus here. A ton of work is done on the API level and > the OPS level and the IETF provides these really useful nuclei, one of > them draft-ietf-rats-ar4si. That work shows that all pieces of the stack > are important to the assessment, even the infrastructure layer. Is the > situation great across vendors on that layer? Probably not great. Are we > trying to give the best incentives to make it better? Yes! > > Let's try to scope the SPICE WG in a way that attracts the real-world > experts, both users that really need standards, because "all I have are > these ancient processes and documents and everything seems to be hyper > confidential and now it must be interoperable and secure next week?" and > experts that bring the experience to the SPICE WG that have the > potential to solve parts of the problem. The interconnected system you > are illustrating is not blocked by that. I think it is a good way to get > there in time, actually. And it requires to listen to other WGs experts > and interact with them in the IETF. I think that's great. > > > Viele Grüße, > > Henk > > On 24.02.24 17:11, Manu Fontaine wrote: > > I am reacting to mentions of "hardware", "balance", and "maximalist > > positions" regarding important parts of "delivering secure and usable > > systems". > > > > Confidential Computing hardware (TEEs) is readily available, and a > > blueprint exists > > < > https://datatracker.ietf.org/meeting/118/materials/slides-118-hotrfc-sessa-05-a-universal-name-system-uns-and-universal-certificate-authority-uca-00> > to solve for global assurance of provenance, integrity, authenticity, > confidentiality, reputation, and privacy for all bits, be they code or > data, for persons and non-person entities. No exotic cryptography required. > > > > The problem space collapses when using Confidential Computing at the > > "infrastructure layer". In 2024, identity, authentication, > > authorization, data encryption, key management, and credentialing should > > all be re-imagined on top of Confidential Computing, if for nothing else > > than CC providing attestation+verification of hardware+software > > integrity. Why would anyone not want to verify these critical pieces of > > infrastructure? #zerotrust > > > > I am still an IETF newbie trying to understand how to bring this work to > > the IETF, realizing that it's tricky as it overlaps with many WGs. I'll > > be in Brisbane and will schedule a side meeting to give an update on our > > work in this direction, and I hope to start/continue conversations with > > all of you. > > > > Manu > > > > > > On Fri, Feb 23, 2024 at 9:58 PM Orie Steele <orie@transmute.industries> > > wrote: > > > > The charter mentions profiles of JWP/CWP, which is from JOSE not > > OAuth, and which supports BBS, but can be extended to other systems, > > assuming they can support similar interfaces. > > > > https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-proof/ > > <https://datatracker.ietf.org/doc/draft-ietf-jose-json-web-proof/> > > > > I'd personally like to see CFRG publish some lattice based zkp > > system that could offer similar capabilities... Probably, we are > > years away from seeing hardware support for that... I'd be happy to > > be wrong, as long as the lattice system lasts longer than elliptic > > curve discrete log. > > > > In the informal meetings, which we have had, BBS has been discussed > > a lot. > > > > As have the consent and privacy issues, and infrastructure costs > > associated with single use key bound credentials, which include ISO > > mDoc and SD-JWT. > > > > Sustainability, privacy, inclusivity and transparency are all > > important parts of delivery secure and usable systems. > > > > Some balance is necessary, because we are unlikely to agree to > > maximalist positions on any one of these important dimensions. > > > > See also: > > > > > https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/ > < > https://datatracker.ietf.org/doc/statement-iab-statement-on-the-risks-of-attestation-of-software-and-hardware-on-the-open-internet/ > > > > > > OS > > > > > > On Fri, Feb 23, 2024, 8:36 PM Watson Ladd <watsonbladd@gmail.com > > <mailto:watsonbladd@gmail.com>> wrote: > > > > On Fri, Feb 23, 2024, 5:17 PM Kaliya Identity Woman > > <kaliya@identitywoman.net <mailto:kaliya@identitywoman.net>> > wrote: > > > > > > I don't know what you mean by "privacy" Nick. > > > I think the folks who are in the trenches of developing the > > protocols of digital identity at least those arising out of the > > community arising from Internet Identity Workshop community have > > been very focused on how to best give individual people the most > > control possible over how they can leverage digital credentials > > and have worked very hard. > > > > Results, not effort, matter. > > > > > > > > We have also come up against very real world constraints - > > while the BLS family of cryptography that the BBS+ work is > > anchored in and is progressing through CFRG is fantastic in > > providing a path forward for really great selective disclosure > > capabilities. It isn't finished review and it hasn't been > > standardized for how to actually use it to create credentials > > (Although some great companies leading this work have been > > experimenting). > > > > Isn't that the work of standards bodies and companies to develop > the > > tech and standardize? > > > > > Even if it WAS ready "now" the phones that are on the market > > and widely adopted don't have the capabilities to actually do > > BLS signatures to anchor the credentials to phones. (for > > better or worse this is the primary subject holder binding > > mechanism that European governments have decided to proceed with > > for the issuance of state issued documents to > citizens/residents). > > > > I'm not that familiar with secure element design but I have > written > > papers and run code showing that it's possible to achieve these > > bindings while preserving privacy and not modifying the element. > Now > > there were some mistakes later work has fixed but it is > > possible: see > > SAC '21 and the successor that fixes some stuff is a preprint I > can > > share. > > > > > > > > Extensive research into all the possibilities of formats and > > signatures and bindings was made and I believe that SD-JWT was > > the best possible one out of the bunch given all the REAL WORLD > > constraints. (see this community built spread sheet for the > details) > > > > > > I think we need the SPICE working group in the IETF to > > actually make a home to continue to progress the work towards > > even better credentials with better properties. It is > > specifically envisioned by the folks who are asking for this > > working group that work on how to do credentials with BBS+ > > signatures would happen in this group once the CFRG review is > > complete and I know that there are government folks who want > > better choices then they have now in terms of ways to protect > > and support citizen empowerment and "privacy". > > > > But that's not what the group is being singularly chartered for > > nor is > > it combining all this work over the IETF. The debate here is > really > > about what should be done in the group and elsewhere, and if the > > charter was BBS identity I think a lot of people would support > it. > > > > > > > > > > > If we don't actually make space to move the work forward it > > can't move forward. > > > > No one is saying we shouldn't do BBS based credentials here. > We're > > asking questions about the scope and whether or not to approve > > mechanisms that don't meet the bar privacy wise without a lot > more > > effort in deployment that's been pushed out of scope. > > > > > > > > > > > I find it a bit hard to take seriously folks who have not > > been actively engaged in the community working on digital > > credentials for people landing down taking one glance around and > > saying in an off the cuff way "its not good enough privacy" when > > they have not really taken the time to understand the history, > > context, real extremely extraneous effort that has been put into > > achieving the development of reasonable systems within the real > > world constraints that really exist. > > > > > > Maybe it is our job to do a better job to communicate this > > prior art and significant body of existing work, and really > > dedicated people who have a real commitment to core positive > values. > > > > If this community was committed to privacy you'd collectively > away > > when the constraints make it impossible. That's what being > committed > > to values means. Luther did not say "I stand here, and I'll move > > a bit > > if it's inconvenient". > > > > SD-JWT isn't a minor privacy problem. It lets the government > track > > every time you use a credential online, with active proposals to > > mandate it for the viewing of "sensitive" materials, a category > > encompassing some of the most beautiful photography of the 20th > > century, several Oscar winning movies. Some governments will of > > course > > seek to extend this further to Winnie the Poh memes, French > Peanuts > > reprinters, or news Carter-Ruck doesn't like. > > > > > The work has been happening in earnest with a coherent group > > of people who have been inter-related and working together on > > this for 20 years. Many of these people gather twice a year at > > the Internet Identity Workshop and ongoing efforts inbetween > > happen in bodies such as the Decentralized Identity Foundation, > > OpenID Foundation, Trust over IP Foundation, Kantara Initiative, > > various W3C Community Groups. > > > > There has been inordinate work on credentials ever since CL01 and > > CL04, and all of that has been ignored. It could have gone into > > secure > > elements: TPM has DAA after all. But instead we get this. The > > lack of > > engagement with cryptographers and privacy engineers is > unfortunate, > > but we can't ignore these issues on the basis that the water has > > passed under the bridge. > > > > > > > > I have only been to the last two IETFs and I was really > > impressed with the deep collective intelligence and wisdom I saw > > in action. I was surprised about how many different working > > groups who's efforts touch in some way on identity are not > > intersecting very much or learning from each other (PrivacyPass > > has quite limited overlap with OAuth work - TIGRESS is working > > on moving keys between phones/wallets? also not interacting with > > work focused on that in the identity community) Dick and Rifaat > > have a great outline for an identity sense making effort that > > could go a long way to helping various groups just as step 1 > > understand what each other is doing. > > > > PrivacyPass is doing something different than OAUTH hence the > > lack of > > overlap. If they overlapped more then there would be a problem. > > > > > > > > I think SPICE is needed and I hope the charter will be > approved. > > > I don't think adding more MUSTs to the charter right now will > > help us progress. Folks who believe that certain properties and > > features should be in protocols that the group works on should > > get engaged to struggle through the real work needed to find the > > path - rooted in the real world of real adoption by real users > > of the technology. If it (digital identity) was "easy" it would > > have been solved 15 years ago. > > > > And if the people solving it has been at all familiar with the > > literature and cared about privacy they wouldn't have made > > SD-JWT. If > > we end up with SD-JWT everywhere choking the oxygen from a better > > solution that's bad. > > > > End of the day there is no protocol police. So what exactly is > > it you > > want the IETF to give you this real world adoption cannot? Why > can't > > we say "here's a privacy preserving solution to your problems" > > rather > > than ratify a lot of very flawed work? To be clear I think we > > need to > > have a forum to have this discussion, but to the extent SPICE > > isn't it > > because things continue in OAUTH (thanks to JWT) and the charter > > prejudges the result I'm against it. I'd support a broader > charter > > that doesn't have a commitment to ratifying SD-JWT. > > > > Sincerely, > > Watson Ladd > > > > -- > > SPICE mailing list > > SPICE@ietf.org <mailto:SPICE@ietf.org> > > https://www.ietf.org/mailman/listinfo/spice > > <https://www.ietf.org/mailman/listinfo/spice> > > > > -- > > SPICE mailing list > > SPICE@ietf.org <mailto:SPICE@ietf.org> > > https://www.ietf.org/mailman/listinfo/spice > > <https://www.ietf.org/mailman/listinfo/spice> > > > > >
- [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Kristina Yasuda
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Michael Richardson
- Re: [SPICE] Call for consensus on SPICE charter Kristina Yasuda
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Michael Jones
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Michael Jones
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Michael Richardson
- Re: [SPICE] Call for consensus on SPICE charter Kristina Yasuda
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] [OAUTH-WG] FW: Call for consensus on … Mahmoud Alkhraishi
- Re: [SPICE] Call for consensus on SPICE charter Kristina Yasuda
- Re: [SPICE] Call for consensus on SPICE charter Christopher Allen
- Re: [SPICE] [OAUTH-WG] FW: Call for consensus on … Brent Zundel
- Re: [SPICE] Call for consensus on SPICE charter Kaliya Identity Woman
- Re: [SPICE] Call for consensus on SPICE charter Giuseppe De Marco
- Re: [SPICE] Call for consensus on SPICE charter Jon Geater
- Re: [SPICE] Call for consensus on SPICE charter Justin Richer
- Re: [SPICE] Call for consensus on SPICE charter Michael Jones
- Re: [SPICE] [COSE] FW: Call for consensus on SPIC… Christopher Allen
- Re: [SPICE] [COSE] FW: Call for consensus on SPIC… Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Christopher Allen
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] [OAUTH-WG] FW: Call for consensus on … Denis
- Re: [SPICE] Call for consensus on SPICE charter Margaret Cullen
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Ira McDonald
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Denis
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Denis
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Ira McDonald
- Re: [SPICE] Call for consensus on SPICE charter Nick Doty
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Michael Richardson
- Re: [SPICE] Call for consensus on SPICE charter Alexander Stein
- Re: [SPICE] Call for consensus on SPICE charter Christopher Allen
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Nick Doty
- Re: [SPICE] [saag] FW: Call for consensus on SPIC… Denis
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- [SPICE] Fwd: [OAUTH-WG] FW: Call for consensus on… Denis
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Denis
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Kaliya Identity Woman
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Leif Johansson
- Re: [SPICE] Call for consensus on SPICE charter Kaliya Identity Woman
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Michael Richardson
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] [COSE] FW: Call for consensus on SPIC… Christopher Allen
- Re: [SPICE] [saag] Call for consensus on SPICE ch… Ira McDonald
- Re: [SPICE] [COSE] FW: Call for consensus on SPIC… Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Heather Flanagan
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Denis
- [SPICE] 00-01 charter comments (was Re: Call for … Michael Richardson
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Christopher Allen
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Tschofenig, Hannes
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Tschofenig, Hannes
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Brent Zundel
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Manu Fontaine
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Orie Steele
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Kaliya Identity Woman
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Henk Birkholz
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock
- Re: [SPICE] Call for consensus on SPICE charter Christopher Allen
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Watson Ladd
- Re: [SPICE] Call for consensus on SPICE charter Alexander Stein
- Re: [SPICE] Call for consensus on SPICE charter Roman Danyliw
- Re: [SPICE] Call for consensus on SPICE charter Denis
- Re: [SPICE] Call for consensus on SPICE charter Michael Prorock