From nobody Fri Jul 2 15:04:48 2021 Return-Path: X-Original-To: saag@ietf.org Delivered-To: saag@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5159C3A08CF; Fri, 2 Jul 2021 15:02:54 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: "\"IETF Secretariat\"" To: , Cc: kaduk@mit.edu, saag@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 7.34.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <162526337432.26814.8159027228595869118@ietfa.amsl.com> Date: Fri, 02 Jul 2021 15:02:54 -0700 Archived-At: Subject: [saag] saag - Requested session has been scheduled for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Jul 2021 22:03:03 -0000 Dear Roman Danyliw, The session(s) that you have requested have been scheduled. Below is the scheduled session information followed by the original request. saag Session 1 (2:00 requested) Tuesday, 27 July 2021, Session II 1430-1530 Room Name: Room 7 size: 507 --------------------------------------------- iCalendar: https://datatracker.ietf.org/meeting/111/sessions/saag.ics Request Information: --------------------------------------------------------- Working Group Name: Security Area Open Meeting Area Name: Security Area Session Requester: Roman Danyliw Number of Sessions: 1 Length of Session(s): 2 Hours Number of Attendees: 150 Conflicts to Avoid: People who must be present: Benjamin Kaduk Roman Danyliw Resources Requested: Special Requests: Normally we ask for Thursday "after lunch", but for the virtual meeting any time on Thursday should be fine. Please don't schedule this concurrently with any SEC area activity --------------------------------------------------------- From nobody Sun Jul 4 13:50:40 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 62A9D3A1E92 for ; Sun, 4 Jul 2021 13:50:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.236 X-Spam-Level: X-Spam-Status: No, score=-2.236 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.338, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hfgx-qN1xWiN for ; Sun, 4 Jul 2021 13:50:33 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B39773A1E90 for ; Sun, 4 Jul 2021 13:50:33 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id C584838AFD for ; Sun, 4 Jul 2021 16:52:52 -0400 (EDT) Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Cn9Jv_jeXaPM for ; Sun, 4 Jul 2021 16:52:49 -0400 (EDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 7C4EF38ADD for ; Sun, 4 Jul 2021 16:52:49 -0400 (EDT) Received: from [IPv6:::1] (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id B881A4B6 for ; Sun, 4 Jul 2021 16:50:27 -0400 (EDT) To: saag@ietf.org References: <161402913142.668.8084091230406313422@ietfa.amsl.com> <2322.1614029367@localhost> From: Michael Richardson Message-ID: <8807c53a-6329-78b6-a883-374716eae600@sandelman.ca> Date: Sun, 4 Jul 2021 16:50:27 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <2322.1614029367@localhost> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [saag] New Version Notification for draft-richardson-saag-onpath-attacker-02.txt X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jul 2021 20:50:39 -0000 Again, I find situations in which some common understanding of attacks would be useful. Is there any further interest in this document? What do you think about Malory-in-the-Middle? Can we come up with a less golf-aware term like "rough"? On 2021-02-22 4:29 p.m., Michael Richardson wrote: > > internet-drafts@ietf.org wrote: > > A new version of I-D, draft-richardson-saag-onpath-attacker-02.txt has > > been successfully submitted by Michael Richardson and posted to the > > IETF repository. > > Html: https://www.ietf.org/archive/id/draft-richardson-saag-onpath-attacker-02.html > Diff: https://www.ietf.org/rfcdiff?url2=draft-richardson-saag-onpath-attacker-02 > > Abstract: > The terms on-path attacker and Man-in-the-Middle Attack have been > used in a variety of ways, sometimes interchangeably, and sometimes > meaning different things. > > This document offers an update on terminology for network attacks. A > consistent set of terminology is important in describing what kinds > of attacks a particular protocol defends against, and which kinds the > protocol does not. From nobody Fri Jul 9 13:31:40 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CC6C3A2E05 for ; Fri, 9 Jul 2021 13:31:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iBwBCOKE3A7n for ; Fri, 9 Jul 2021 13:31:33 -0700 (PDT) Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0104.outbound.protection.office365.us [23.103.209.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24EAD3A2E02 for ; Fri, 9 Jul 2021 13:31:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=dpyVJrur3b0224OXM3/g7rf63Am16yUejnY0F3mF105Pd9RvaMcrBKY4l33FuAbdFVlHXSIu7MkXmgTj4dyb1/k9kcxTGEJFotT/60+lShUqp1uPPF1W7/DQXZFIRfDSkmYawJOhU/ywultr9559qSG/W73BCEzBX/ZrApVKB36GO6S8HIGBdyk2ezIG9kda9MoUNmC/BXAwtQ4J8sbLeVC6ULyLH/up5SULGCWbQGGIz9aTwMrZDPOwKH6R4cVVS2AcaekIY75+NZkDYSq3Kh/RL9Uqks5Ppxw+9vSoQJWknoFbmhlGmfpBYFMch3WGosEJ6M8kCB/pYYv1k9pzAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z/lEtJ8RGDZ38pEgW+/h9GFUvTy8pIDzTKF96C7/MU0=; b=UXrH/lr0h0hGMsPdpCPdIaDnL+67GaQ33F8EC2yRful+QaXXBvkNaDUCu3qRcfuloM9ZJ31Rrz5IA6EoJZK58WyY1f8EMtdm1vMt9EZqeu1Pjv4v9Z+nAYApiIcnRGhRZghGzBCKhQTPCqaVcWI5aTDhCVDSmNsd45gUMudRPyvAN9k+Wss80K+552tY/5PCnPKTC/5HMT3r4IYq1Da2jogVHT8teCRhT0jmZBsbNG9B7j+4ibGEFOUr13Yyn2Vj9b2BcDnosZZkVRMd2rDGEF6uzJVBgpM5VXiW0fTS+Z7xVRswudoXRgaNhDo4cdAxAn6NOC2K0wyHDeg4FpvM3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z/lEtJ8RGDZ38pEgW+/h9GFUvTy8pIDzTKF96C7/MU0=; b=HMRcOrIJuH3rvX32qOBliqNMSSIADg33EbPK5dcD/Q0p1Ja9l6UFFiMqKkyAkTPbvdMiMb64hZ3HUlb9ZLfzHOMepBI0/oar84mcxNsTWiQG1jke+LJcPa+tvREN6LZgpYnUB5MijYiSubsh4cinNVYI/wfNomppGCIsrIx9AkQ= Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:414::9) by DM3P110MB0380.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:411::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.21; Fri, 9 Jul 2021 20:31:31 +0000 Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36]) by DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36%5]) with mapi id 15.20.4308.023; Fri, 9 Jul 2021 20:31:31 +0000 From: Roman Danyliw To: "tobias.gondrom@gondrom.org" , 'Sean Turner' CC: "saag@ietf.org" Thread-Topic: [saag] AD Sponsorship of draft-housley-ers-asn1-modules Thread-Index: AddJAbsp1BBg3y2TRLCMLANtCbAykgUYHEAAAhtO1gADzHu2MA== Date: Fri, 9 Jul 2021 20:31:31 +0000 Message-ID: References: <12861641c9f345868f3201bfac6c3db9@cert.org> <2474C9E1-2860-4648-BD94-1A084CFA21A4@sn3rd.com> <023101d765ad$e27e6200$a77b2600$@gondrom.org> In-Reply-To: <023101d765ad$e27e6200$a77b2600$@gondrom.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: gondrom.org; dkim=none (message not signed) header.d=none;gondrom.org; dmarc=none action=none header.from=cert.org; x-originating-ip: [128.237.16.29] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ff916904-8888-4ba5-1a1c-08d94318895b x-ms-traffictypediagnostic: DM3P110MB0380: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2803; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: swfFizMSWWFSXxL/e76Qor5vPCkpiqL2tmQ4xyC+BRrDmEx3pUdIwLeSQHjVP9sNjK9Cm1OsFHT35Bgm1iJEhbcKnFePh/8LJm2WsBce7ckwhMjVzWb689Ob/6qRFBC7TsnjILk5u9pmGxH5cZ/4MSCXXcVBBVh9y/VyHNkJU7O4/nmwVXdCYjQUbsE9Yop5i4fiXEW5iNSSoDn8Iv4cHajFZ3Ky8hXWVLlMAgAGO7VVX4vtlelQqlSz9JpUqQeh/vTKgm3VPdqyxwUwkWqMvUolRTgvn0orgyL9A9DOi6ICctFS70poYTOr+D3lig/1LF+Hgk0jtnEssD1REXnvsU094wuZ1vCNx2vlGrRzi9LQJLxcT4G+KeOX/CTgE8mFcv6hqjKIpKsUf7Y5AyuEUDRLh511rsTRFAPhynCbQwZYLzRED9f8bRejayA+psqqYsS6XOjKIJ7QgKYvYJ3SqNANu8V/vqAh2Ez9zeWMJOmUTMVn19dXpkHj7xKFC4dAby0194fx/OUZE65N+ROeYAXfJpIj9sv18N7Mp0SnPlVF0DskauiZvbsVMYUM/iw0 x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(346002)(39850400004)(396003)(366004)(136003)(376002)(26005)(4326008)(966005)(86362001)(9686003)(66446008)(110136005)(66556008)(6506007)(55016002)(8936002)(52536014)(53546011)(7696005)(5660300002)(64756008)(478600001)(2906002)(8676002)(66476007)(122000001)(38100700002)(186003)(83380400001)(66946007)(316002)(71200400001)(33656002)(76116006); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: wLN0sTGBWoA3P4vDiykyEjaa8MyjnrsM06orwllx7LZjJC6LH2gyMLL+llODNt6PnqqMlZgaiIG8TJ90HFvYJ/jp7uXo5TWc5Vi8xU9Z/p/91Nlzx7lLf3e+nTl/5NLPyRAuUBi/IWK54sr5KVQZlYH/d6zY0XT+wUXdtHYn60K+0naJFEnQmOLCkjmF90m7F8Uoc5mR3vvv1OEB/C8Y+QFs8y9YAhtPNZl0c2Us9LtJ6cI7Bmn18p2P5AKkrvw2jxNdtbyVu+0tisfaDhEJnY0VC405HgJ9RBkUtbqvfYh4krgAeWRkMsJl2wEn6YQqJ+VurFrI6aWhWOaGxlNnS0zYMgjj2B6B/tLTLofV/Psc1RH9ioXhEle8fnS/Sr+inKyhWojuXb8Dg4xxmjVQvoaUWYvxFYtbbocBtCDsXNxeiXRPq5wnUDhaXKFU0ZLt9M4VrcjTaS7GrL5iwETAA1DjPapz+Bh+T0hs8ocgivzL2AdFAbqa/zlHtZ3W77II4oZ3PdaaegwBKdGJG0HmOZmZnd/5EMrun2wlAUJ6tabFdVxIUtTXURTXnYqImNSGAFc1O3yt3tScE6D6Sf+EU7d/uuvZxnA4RWqhup+Vl9fFkm8JasVcQf9CejnXpssx7oBM6H7FcLMUQSG3WY6/GtUFFV1QzLCi7XOC4LXOcuW5k19RA2WdUqBLMr0I/TRyN2D6ScnuxwGE2yEa0rvRrg== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: cert.org X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: ff916904-8888-4ba5-1a1c-08d94318895b X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2021 20:31:31.1321 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3P110MB0380 Archived-At: Subject: Re: [saag] AD Sponsorship of draft-housley-ers-asn1-modules X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jul 2021 20:31:38 -0000 Hi Tobias and Sean! Thank you so much for your reviews. Regards, Roman > -----Original Message----- > From: tobias.gondrom@gondrom.org > Sent: Sunday, June 20, 2021 4:26 AM > To: 'Sean Turner' ; Roman Danyliw > Cc: saag@ietf.org > Subject: RE: [saag] AD Sponsorship of draft-housley-ers-asn1-modules >=20 > I took a review/look at this update as well. > It has been a while since I last worked on ERS, so am a bit rusty... > But reviewed and no problems as far as I can tell. >=20 > Best regards, Tobias >=20 >=20 > -----Original Message----- > From: saag On Behalf Of Sean Turner > Sent: Wednesday, June 9, 2021 11:04 PM > To: Roman Danyliw > Cc: saag@ietf.org > Subject: Re: [saag] AD Sponsorship of draft-housley-ers-asn1-modules >=20 > Roman, >=20 > I have but one point to raise and then some cosmetic nits (cosmetic becau= se > compilers ignore whitespace). >=20 > 0) Point to Raise: >=20 > re: AllWantBacks. I am not entirely sure whether what is there for swb-er= s-all > WANT-BACK merely defines the new value or whether it also adds it to the = list > of available AllWantBacks. AllWantBacks is imported from RFC > 5912: >=20 > AllWantBacks WANT-BACK ::=3D { > WantBackSet | ACertWantBackSet | AnyWantBackSet, ... > } >=20 > To add swb-ers-all to the list, I wonder whether merely defining it is en= ough. Is > there something more that needs to be done to get it into the list as the= fourth > option? >=20 > 1) Cosmetic Nits: >=20 > Header: >=20 > s/New ASN.1 Modules for the Evidence Recor /New ASN.1 Modules for the > Evidence Record >=20 > s2 (remove space, add space): >=20 > s/{ v1(1) } ,/{ v1(1) }, > s/AttributeSet{{ERSAttrSet}}/AttributeSet {{ERSAttrSet}} >=20 > s3: >=20 > Since the ExpandedWantBacks are All, New, and ERS might consider > reorganizing them in the ASN to match that pattern. >=20 > s (fix indention of evidence record)/ > EvidenceRecordWantBack ::=3D SEQUENCE { > targetWantBack WANT-BACK.&id ({ExpandedWantBacks}), > evidenceRecord EvidenceRecord OPTIONAL } / EvidenceRecordWantBack ::= =3D > SEQUENCE { > targetWantBack WANT-BACK.&id ({ExpandedWantBacks}), > evidenceRecord EvidenceRecord OPTIONAL } >=20 > s/{id-swb 16 }/{ id-swb 16 } > s/{id-swb 17 }/{ id-swb 17 } > s/{id-swb 18 }/{ id-swb 18 } > s/{id-swb 19 }/{ id-swb 19 } > s/{id-swb 20 }/{ id-swb 20 } >=20 > > On May 14, 2021, at 16:45, Roman Danyliw wrote: > > > > Hi! > > > > Per the community interest and dispatch result at IETF 110 [1], I am > > AD > sponsoring draft-housley-ers-asn1-modules [2]. > > > > I welcome early feedback or reviews on this document. > > > > Regards, > > Roman > > > > [1] https://datatracker.ietf.org/doc/minutes-110-secdispatch/ > > [2] https://datatracker.ietf.org/doc/draft-housley-ers-asn1-modules/ > > > > _______________________________________________ > > saag mailing list > > saag@ietf.org > > https://www.ietf.org/mailman/listinfo/saag >=20 > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag From nobody Fri Jul 9 15:00:47 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E63563A3084 for ; Fri, 9 Jul 2021 15:00:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MSaDroJ-Oo9W for ; Fri, 9 Jul 2021 15:00:33 -0700 (PDT) Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0125.outbound.protection.office365.us [23.103.209.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B3113A3083 for ; Fri, 9 Jul 2021 15:00:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=l2E3Cw2OZ7VDmekqWJksgusystlLQemsvJi5WbCux4rASL81WCErWRSj2KFegBH9XPqa7tVcvheZN1CYz8UdvZ9qzO8oP9RhDBRD8/PfycMtjUTnEX++Y83hlL5IdjLAhR+7jOf2R1OjEosoZLQ+64G8wuRo7Tn9lXvAWa/Jvegsc4tmInmKplwti4FqsaqZMscjCp5q4qW8GD4hf9uCbI3H0B1ScoEzW5QU1iw+kcVnBinUEp7S1MJog45Bt5y0BGtTgeMM2Ahd8lbBwtlUIHG6E9b531FGXEqDdhzcy7hGYhSavdjaUsfootDLLDV5NeIjtEWjRawKVwgywXQ1qA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q1LBZ4fwG36DufrFXGKJH29uh41ghJHuVND8pTLGxHY=; b=TXXy4O8OLzgKoEF5VjPU3qWLzq1VkKmhrji6tVY/9+VLDfznyke7JOZAdlUR12wcqIYqpPQDTlN7LypaKl+UoCto4F/05+GpOmhAhnJJnhNBzsEiWUGRKAfGrlSjXhOj57lnIMlauqBR8XRDgQQVl9/D5o6ITedufYUAxAF9B09WMaeQEpHgdqMEyscgR3BlcuJfW0MZdnImyY+VQ965JBfFGkQP1mMCs7IfRU86W807bRvNYXyjCSYO2OigZPqnI7+NHuMOR/Z2gwnCsiC3zmzytNGuLlKMgU+yl3Dh84kpE52llhv4tILmnLAyYKSMsHGLe45sjbxxi36KUeF8jw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q1LBZ4fwG36DufrFXGKJH29uh41ghJHuVND8pTLGxHY=; b=WtE+QYXQSTSwXsATro5kd4P/SZVnSYeM7IuqFfbu1pQ9+Yl6EONL+ELVSQJJC22ZJHqLGtUZ0EL8CmvKEH7B/6pInLP/9f8MdeBqodPz5hsWJoGbhbue7xBAGEG4Yp+J1dO10SuxaDKRbT9oaCVvMmj/CFb1FZdtkgJXf/oozNo= Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM (52.145.10.9) by DM3P110MB0252.NAMP110.PROD.OUTLOOK.COM (23.103.33.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.23; Fri, 9 Jul 2021 22:00:30 +0000 Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36]) by DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36%5]) with mapi id 15.20.4308.023; Fri, 9 Jul 2021 22:00:30 +0000 From: Roman Danyliw To: "saag@ietf.org" Thread-Topic: AD Review of draft-housley-ers-asn1-modules-02 Thread-Index: Add1DTsHbOmu9EZ1QbCHo9dZYRpVQQ== Date: Fri, 9 Jul 2021 22:00:30 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cert.org; x-originating-ip: [128.237.16.29] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1b5f80fc-58a5-4205-3add-08d94324f7f7 x-ms-traffictypediagnostic: DM3P110MB0252: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6108; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: odla3XGsS8Z9fXLwGpKKVLEEAbuJw7ou4k0mu5uMtM9WBJQrne6JCkqHc81V86NLsuoeVp1/d3IyFF1uMQQptACa53HfresD6u9eH0TWcJjVNy33OLmra15YaVzZa2i1cdHSJQa8hhJo2M0h3W51uHOSGL4IDMYc5e60LiLobuXXd4705jV6oIBA6H6uJvGI0qLOjfuECe/PR+s6x4tTsu4L3cij12C0Wz9fIgTj9NYQXVqGYFH2MH6UROTHyI/9ttFLpZ/vU1b1LeWYWw1pZJtKjO2u2dLAwMTpbPt12rpEMJZIOzlSgvkHwNKKRc1n+HwND2ClT4pqS7Vd9L1NZr1VGFh0NDx2UoYUbG1D3rifk+mttEjk0chivH1kDXVGSNMeOICDWxuwWDCPfB0+0kMfXluehDj+kpDDbyM5Q5rn6w5jAafx0O7wnzfkM6H6otqLSMsUsX5Oypr/vDSQX76xPgcZU7VBdO3HlFi+yB3c1ZJUS9scoKt6OdLpxqtprUFx+dJDZHyCFQLqxKA4O1mfxaOBU7lWStMczFpyjzl4m9KpM8jxVE+a2tMTrnfd x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(366004)(396003)(136003)(39850400004)(376002)(346002)(8676002)(52536014)(55016002)(5660300002)(316002)(4744005)(71200400001)(83380400001)(86362001)(122000001)(33656002)(66946007)(66476007)(64756008)(66556008)(66446008)(76116006)(9686003)(7696005)(2906002)(8936002)(26005)(38100700002)(186003)(6916009)(478600001)(6506007); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata: hNCBTAjNR5kS9E6Ajf+txYMscSugjyjAN85Xqkeik2V7GZfJTs+pTlixuK/7lSCbC5Hx7LGDHbRyWk45BmPQOpVwPu0Qmu4deLgcKtCwdDiovQAyC/XlUFa13R+l6E6KbH1QXwjblQ2fVoJQCFw4pU8OJoCwF6OtBWGZaKhu4ynfHn6t4kSQwgOXudioUbfTHcMQRiZ9S92Cj4/D+iUVYXEGkklaEGlxkOUfJwa5MqhGhYvROs5tHuDhAW2exQfWGERYMBFlLOGYsb2BoX38PKPG7Mzrb/bd7leE2N4FiNrvHkYjNAX5D7FeZIqKBeTUN3jiFjV1d+RJktL5SN9SpHg/wfk+wF7qNlfXE3kgT0gT22f5FQKezReDRjzzr1NXSQeV/dZT8jCkjH3EfPozO4hvkrWE4VXhTqWcQ2rdZItBsdGiHv/CsWgagecacf775sGAiZltTRq5phJ9N5PjaNy1YmoolydVAZovLWXadF/HxR0diWcOOo9xAmVPSB6JZm0w1tfKpXOEwNKK10jWHNOdff3meW0CkBLbrv+KxdRgNyLQ3AaM6BHmfWW5xD5QBZ/o6VgT8wrXpx747Wam9yNUILYAIjBaOmZ/HejXwqu/ynbhVK6rPlnubtIk5DNgtTUoUwUgFA/0XhB8SZo1tglJoSlZYym1t5wSNWZjatGdaaMY77OzbhVztSI7bAxU48s4RipVNLBSxezxO+Rq4A== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: cert.org X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 1b5f80fc-58a5-4205-3add-08d94324f7f7 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jul 2021 22:00:30.7154 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3P110MB0252 Archived-At: Subject: [saag] AD Review of draft-housley-ers-asn1-modules-02 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jul 2021 22:00:35 -0000 Hi! I conducted an AD review of draft-housley-ers-asn1-modules-02, a document t= hat is being AD-sponsored. Beyond the earlier reviews already posted on the SAAG list, I have no furth= er comments. I have confirm that the included ASN.1 modules successfully co= mpiles. =20 I'm advancing this document to IETF LC. Regards, Roman From nobody Sun Jul 11 20:07:48 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 574FB3A2A8E for ; Sun, 11 Jul 2021 20:07:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P0U4b4p09hDr for ; Sun, 11 Jul 2021 20:07:44 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 346D83A2ACF for ; Sun, 11 Jul 2021 20:07:43 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id AAE6338FFB for ; Sun, 11 Jul 2021 21:10:21 -0400 (EDT) Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 0iWkPWrrIN2k for ; Sun, 11 Jul 2021 21:10:06 -0400 (EDT) Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id D350138FFE for ; Sun, 11 Jul 2021 21:10:05 -0400 (EDT) Received: from [IPv6:::1] (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 338FA48B for ; Sun, 11 Jul 2021 21:07:11 -0400 (EDT) To: saag@ietf.org References: <162526337432.26814.8159027228595869118@ietfa.amsl.com> From: Michael Richardson Message-ID: <6dd3e025-0a42-3929-649c-bcef36853a5a@sandelman.ca> Date: Sun, 11 Jul 2021 21:07:11 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <162526337432.26814.8159027228595869118@ietfa.amsl.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [saag] saag - Requested session has been scheduled for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jul 2021 03:07:46 -0000 On 2021-07-02 6:02 p.m., "IETF Secretariat" wrote: > saag Session 1 (2:00 requested) > Tuesday, 27 July 2021, Session II 1430-1530 > Room Name: Room 7 size: 507 Tuesday? Will we even know it's a SAAG meeting? On the other hand, my list of conflicts is few! I would like to have 10 minutes to talk about draft-richardson-saag-onpath-attacker-02 I think that agreeing on some three terms would help us with discussions. I'm completely agnostic about the choice. Maybe we don't even need to publish a document, as long as we can get consensus on the terms and when to use them. Updates RFC4949 would be nice. (RFC4949bis would also be a nice thing to do) From nobody Wed Jul 14 01:38:06 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 687E03A18B6; Wed, 14 Jul 2021 01:37:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mU5TkJoAjl02; Wed, 14 Jul 2021 01:37:52 -0700 (PDT) Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E24C3A18B3; Wed, 14 Jul 2021 01:37:46 -0700 (PDT) Received: by mail-ed1-x52c.google.com with SMTP id w14so2013035edc.8; Wed, 14 Jul 2021 01:37:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Mi9461Ak+veUtCulfz/X878ohiUDI43LzTvKNrsYLws=; b=Uxbi3ZdN9ViZGHBzzeneyKZrZ6t49eGh1mG4RZFAE0rwio8zjFAYqeZHJaLv3C/Qtf oQxacBcSsmXRwYql/gxY2bEWlGQ9I6DMhK9ZsH/jk1TZcOIKppGI2faw4mk9u4ivd68C WcSzngF449r03Um3ixzuIbdJPbAcWkeRm6k6CQBCzRoLBa6yIH0tkIwJKt8VtzCfV1KT rsFHmkMPyTBq6oFyxAvFbKps201msRXqILx3M7NX6avMNEuJqNTAi64+w8XixcCTFu2u lLswdtIp6YibH2K+naKplVOhQCKjmFo6kqqnRRKpjtdNbT8YqkW06V6/NVtrffRbAPCU CV+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Mi9461Ak+veUtCulfz/X878ohiUDI43LzTvKNrsYLws=; b=TPmpoFeazvni9WMtMrRYgx7CCgXRrrkm88T16XoaA6Z6QRSndHXsWxkrBUDyJKxrJc q0xmqfkB4kenuHW3O0XeH18X56jlg8Lo0MnAJymhP0N7ZIhCRHMQHgdiCw2psSQbLSJr qANimRa1g516MSPYZ/dFTPamjXUjWuFJORj0HRyv+iAlUiZF4oawfo64dWApqXZEJHDO r4786DmlKIgi/Gy38qRDITMj3OmSoZC7Sm74+Ah2zi8AEyyHszJZb1niz6qhEYb+l3pi 9/NwkRacLL6ttGO2NrTeRlQph2PdI0wpgOkbkMmkltNdNmTXus8PE6lnokFhXZNzPDRB RG7A== X-Gm-Message-State: AOAM532yFEHLXSYxjcEaw8BHcmFAHQ3qwyC1XfgDiMj1N51as93VqJp+ GA7F7w48vbuNsmTNaOXzWlu0xkt+yU/JfuYmvc1uFIL+8zLOHNCs X-Google-Smtp-Source: ABdhPJy/xDp3tyErpNvU/iblXyuMGsds05wgEQUi9jspDZNUL6B6mQOVLLDrz5MffpzvsFxyZOFlmURo5ZsBLUZgZ3c= X-Received: by 2002:a05:6402:100e:: with SMTP id c14mr11920294edu.51.1626251864104; Wed, 14 Jul 2021 01:37:44 -0700 (PDT) MIME-Version: 1.0 From: Christine van Vredendaal Date: Wed, 14 Jul 2021 10:37:33 +0200 Message-ID: To: secdispatch@ietf.org, spasm@ietf.org, saag@ietf.org Content-Type: multipart/alternative; boundary="000000000000ace09005c7114450" Archived-At: Subject: [saag] Pre-draft QSC Key Serialization and Identification X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2021 08:37:58 -0000 --000000000000ace09005c7114450 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello all, We (folks from NXP, IBM and Utimaco) have been working on a draft specifying key serializations and OIDs for quantum-safe cryptography to already start to prepare for the upcoming new public-key standard. We shared this with the CFRG for feedback and recommendations and would now also like to share it for the same purpose in this broader community. At the moment this is a pre-draft in the sense that it is not in an IETF format yet, but all the content is there. You can find the link to a comment-only Google Docs version here . The abstract of the document is as follows: With the NIST standardization effort still in full swing, companies implementing post-quantum cryptography now are running into multiple issues, such as: 1. Difficulty in managing algorithm versions and the compatibility of associated keys 2. Difficulty in interoperability testing 3. Difficulty in evaluating the impact of integrating algorithms with higher level standards These difficulties result in delay of many follow-up activities for algorithm integration and adoption. The document `Quantum Safe Key Identification and Serialization=E2=80=99 sp= ecifies the key formats of selected quantum safe algorithms, to hopefully resolve some of these interoperability issues. Additionally it should serve to make choices in future standard clear and prevent delays in adaption. To this end the document contains parameter identifiers for the Round 3 finalist parameter sets (specific OIDs in some cases to be added), as well as key descriptions, byte sizes, and their ASN.1 formatting. Open items that we would consider still adding (opinions are welcome) are the addition of CBOR formats, and the serialization of signatures and ciphertexts. We also note that the current OIDs are not useable or filled in yet. We are investigating adding temporary OIDs, and in the end permanent OIDs should be assigned by NIST upon standardization of a set of algorithms. *(Current) authors: *Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio Dragone (IBM), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osborne (IBM), Christine Cloostermans (NXP, f.k.a. van Vredendaal), Karen Willbrand (Utimaco) Looking forward to your thoughts and suggestions, Cheers on behalf of the team, Christine --000000000000ace09005c7114450 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Hello all,

We (folk= s from NXP, IBM and Utimaco) have been working on a draft specifying key se= rializations and OIDs for quantum-safe cryptography to already start to pre= pare for the upcoming new public-key standard.

We shared this with the CFRG for feedb= ack and recommendations and would now also like to share it for the same pu= rpose in this broader=C2=A0community.


At the moment this is a pre-draft in the sense that it is not i= n an IETF format yet, but all the content is there.
You can find the lin= k to a comment-only Google Docs version=C2=A0here.


The abstract of the document is as follows:


With the NIST standardizat= ion effort still in full swing, companies implementing post-quantum cryptog= raphy now are running into multiple issues, such as:


  1. Difficulty in managin= g algorithm versions and the compatibility of associated keys
    2. D= ifficulty in interoperability testing
  2. Difficulty in evaluating = the impact of integrating algorithms with higher level standards

These difficulties result in delay of many follow-up activities fo= r algorithm integration and adoption.

The document `Quantum Safe Key Identification a= nd Serialization=E2=80=99 specifies the key formats of selected quantum saf= e algorithms, to hopefully resolve some of these interoperability issues.

Additio= nally it should serve to make choices in future standard clear and prevent = delays in adaption.


To this end the document contains parameter identifiers for the Round = 3 finalist parameter sets (specific OIDs in some cases to be added), as wel= l as key descriptions, byte sizes, and their ASN.1 formatting.

Open items that we wou= ld consider still adding (opinions are welcome) are the addition of CBOR fo= rmats, and the serialization of signatures and ciphertexts.

We also note that the cur= rent OIDs are not useable or filled in yet. We are investigating adding tem= porary OIDs, and in the end permanent OIDs should be assigned by NIST upon = standardization of a set of algorithms.


(Current) authors:=C2=A0Dieter Bong (Utimaco), Jop= pe Bos (NXP), Silvio Dragone (IBM), Basil Hess (IBM), Christopher Meyer (Ut= imaco), Mike Osborne (IBM), Christine Cloostermans (NXP,=C2=A0f.k.a. van Vrede= ndaal), = Karen Willbrand (Utimaco)


Looking forward to your thoughts and suggestions,


Cheers on behalf of the te= am,


Christine

--000000000000ace09005c7114450-- From nobody Wed Jul 14 04:42:00 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 213B93A0128 for ; Wed, 14 Jul 2021 04:41:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pqshield-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cdp8QvK1SVmM for ; Wed, 14 Jul 2021 04:41:53 -0700 (PDT) Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2FE13A010D for ; Wed, 14 Jul 2021 04:41:52 -0700 (PDT) Received: by mail-lj1-x232.google.com with SMTP id a6so2926764ljq.3 for ; Wed, 14 Jul 2021 04:41:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pqshield-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=s2rwPkI1rGjaArzPBYSVknUwJsoNdv1jmNIMWsrBS+c=; b=X04zllDP29KkBehx9IC9R47WoC7lj7Q7imNDykDqh2BA6an3uRA6DTZnEoad5TZ51l 9Wj8L8+a4FTUaM4kYCCPz9eVm4eg63puLSCrr68Ss9iVNi7kTxeJ6BcLQGgHmBOd74TD KipTD7qKm6zsvK3wvcvhcLcGRFtTLaTpG+IegHiZEgMFTk+bFbMbtGpLH7mgu1yAwyT0 d1m42LfNCIScmcDRN/tjVtcjPbQI1wPoatap7k2Ulq3YRQDQjN+wRRGISMySRSFcp7uV A9gzRTBeslI/mjDXFjcDedDOBDJkK0iE5DXGuO8lwiYvSBn+yNE/9TGoh7ELmSo/kCNV o1Ew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=s2rwPkI1rGjaArzPBYSVknUwJsoNdv1jmNIMWsrBS+c=; b=I4JjoeihUHSXHVfWlpSga7DhzrEE0caDq7IzjwRb45n0ieA4ODlq4o+luk74INjQL/ 0NhWRM//xQXvYkdR5pz4ElcOvf0OY9zv5BiafJwaxUsGimfbWqnEFu1iyMV4O5vx4mj7 gJuull1X4/BI6h5RfsQpoS3REYk4qfuRRmzEfRvnXFRCnjPBBmN0ux9JGl30KLfddICK SYinvS4IDddvV5o1MKKre4d7t2nwMQ/mlmHtaMYhe/6CcDRS+nXAYv0qq6g7l0hnG4y6 JSeiwMDaT3/iLmln2OzUY6DdMS5ipDw7hG1beQN5YB3kv+GKKxWCOV0j2npGMBDieyz7 Jdbg== X-Gm-Message-State: AOAM530b/8MSuq/XZ04L9RaUOySEMUYWw/WIP2PW1iS9EzntbU9ujXun Hd1875J/3yNGm8eEHEt2jR2u+4zECtO2h9i3sr/AjQ== X-Google-Smtp-Source: ABdhPJyjW6nZyroMjZWKjWIYsNMQv7ZEFb5B0QMHJQqFDxa8QBM4RKObGlBM5o/c4HvhuB1gd1bGy76hi5el8+5RGOw= X-Received: by 2002:a05:651c:2c1:: with SMTP id f1mr8896384ljo.128.1626262909881; Wed, 14 Jul 2021 04:41:49 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: "Markku-Juhani O. Saarinen" Date: Wed, 14 Jul 2021 12:41:38 +0100 Message-ID: To: Christine van Vredendaal Cc: IETF SecDispatch , SPASM , saag@ietf.org Content-Type: multipart/alternative; boundary="0000000000000e1e3305c713d7a1" Archived-At: Subject: Re: [saag] [lamps] Pre-draft QSC Key Serialization and Identification X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2021 11:41:58 -0000 --0000000000000e1e3305c713d7a1 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, Some of this commentary is already commented inline in the google doc, but I'll paste it here too for the record. The document proposes OID identifiers for public and private key serialization draft Round3 PQC algorithms, which are likely to change when the NIST standard-writing process. The PQC algorithm specifications and reference implementations already contain serialization methods (that can be used as simple octet strings). The proposal is not using these serialization methods directly (as "octet string blobs" or similar). Suggest including some additional justification for proposing new serialization methods; either efficiency or security. I'd also like to hear comments on the relationship between this proposal and the "RawPublicKey" discussed in the new "KEM-based Authentication for TLS 1.3" draft https://datatracker.ietf.org/doc/draft-celi-wiggers-tls-authkem/ Each NIST Submission comes with a set of KAT test vectors that are used to test compliance and also interoperability. Hence we already have de facto serialization methods for these algorithms, which are efficient, and created by the algorithm design teams (and hence have already had years of security testing). We have also used these serialization methods in hardware modules. If ASN.1 type encoding is desired, a transformation tool between the new ASN.1 format and the standard ones should be provided. Additionally, ASN.1 may introduce serious input validation security issues that must be carefully studied. Note that Elliptic Curve Cryptography has largely chosen to go with simplified octet string encodings for implementation security reasons. One could argue that new ASN.1 serialization a step backward in terms of interoperability and also potentially creates unnecessary security risks? The implementation security aspects arise e.g. in the input validation and constant-time encoding and decoding of KEM public keys, which are part of the PQC key exchange process. Cheers, - markku Dr. Markku-Juhani O. Saarinen PQShield, Oxford UK. On Wed, Jul 14, 2021 at 9:38 AM Christine van Vredendaal wrote: > Hello all, > > We (folks from NXP, IBM and Utimaco) have been working on a draft > specifying key serializations and OIDs for quantum-safe cryptography to > already start to prepare for the upcoming new public-key standard. > > We shared this with the CFRG for feedback and recommendations and would > now also like to share it for the same purpose in this broader community. > > > At the moment this is a pre-draft in the sense that it is not in an IETF > format yet, but all the content is there. > You can find the link to a comment-only Google Docs version here > > . > > > The abstract of the document is as follows: > > > With the NIST standardization effort still in full swing, companies > implementing post-quantum cryptography now are running into multiple > issues, such as: > > > > 1. Difficulty in managing algorithm versions and the compatibility of > associated keys > 2. Difficulty in interoperability testing > 3. Difficulty in evaluating the impact of integrating algorithms with > higher level standards > > > These difficulties result in delay of many follow-up activities for > algorithm integration and adoption. > > The document `Quantum Safe Key Identification and Serialization=E2=80=99 = specifies > the key formats of selected quantum safe algorithms, to hopefully resolve > some of these interoperability issues. > > Additionally it should serve to make choices in future standard clear and > prevent delays in adaption. > > > To this end the document contains parameter identifiers for the Round 3 > finalist parameter sets (specific OIDs in some cases to be added), as wel= l > as key descriptions, byte sizes, and their ASN.1 formatting. > > Open items that we would consider still adding (opinions are welcome) are > the addition of CBOR formats, and the serialization of signatures and > ciphertexts. > > We also note that the current OIDs are not useable or filled in yet. We > are investigating adding temporary OIDs, and in the end permanent OIDs > should be assigned by NIST upon standardization of a set of algorithms. > > > *(Current) authors: *Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio > Dragone (IBM), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osborn= e > (IBM), Christine Cloostermans (NXP, f.k.a. van Vredendaal), Karen > Willbrand (Utimaco) > > > Looking forward to your thoughts and suggestions, > > > Cheers on behalf of the team, > > > Christine > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm > --0000000000000e1e3305c713d7a1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

Some of this commentary = is already commented inline in the google doc, but I'll paste it here t= oo for the record.

The document proposes OID i= dentifiers for public and private key serialization draft Round3 PQC algori= thms, which are likely to change when the NIST standard-writing process.

The PQC algorithm specifications and reference = implementations already contain serialization methods (that can be used as = simple octet strings). The proposal is not using these serialization method= s directly (as "octet string blobs" or similar). Suggest includin= g some additional justification for proposing new serialization methods; ei= ther efficiency or security.

I'd als= o like to hear comments on the relationship between this proposal and the &= quot;RawPublicKey" discussed in the new "KEM-based Authentication= for TLS 1.3" draft

Each NIST Submission comes with a set of KAT test vectors that are used t= o test compliance and also interoperability. Hence we already have de facto= serialization methods for these algorithms, which are efficient, and creat= ed by the algorithm design teams (and hence have already had years of secur= ity testing).=C2=A0 We have also used these serialization methods in hardwa= re modules.

If ASN.1 type encoding is desired, a transformation tool= between the new ASN.1 format and the standard ones should be provided. Add= itionally, ASN.1 may introduce serious input validation security issues tha= t must be carefully studied. Note that Elliptic Curve Cryptography has larg= ely chosen to go with simplified octet string encodings for implementation = security reasons. One could argue that new ASN.1 serialization a step backw= ard in terms of interoperability and also potentially creates unnecessary s= ecurity risks? The implementation security aspects arise e.g. in the input = validation and constant-time encoding and decoding of KEM public keys, whic= h are part of the PQC key exchange process.

Cheers,
=
- markku

Dr. Markku-Juhani O. Saarinen <mjos@pqshield.com> PQShield, Oxford UK.=


On Wed, Jul 14, 2021 at 9:38 AM Christine van Vredend= aal <cvvrede@gmail.com> wrot= e:

Hello all,

We (folks from NXP, IBM and Utimaco) have be= en working on a draft specifying key serializations and OIDs for quantum-sa= fe cryptography to already start to prepare for the upcoming new public-key= standard.

We shared this with the CFRG for feedback and recommendations and would no= w also like to share it for the same purpose in this broader=C2=A0community.


At the moment this is a = pre-draft in the sense that it is not in an IETF format yet, but all the co= ntent is there.
You can find the link to a comment-only Google Docs vers= ion=C2=A0here.


<= /p>

The abstract of t= he document is as follows:


With the NIST standardization effort still in full swing, compa= nies implementing post-quantum cryptography now are running into multiple i= ssues, such as:


  1. Difficulty in managing algorithm versions and the compatib= ility of associated keys
  2. Difficulty in interoperability testing=
  3. Difficulty in evaluating the impact of integrating algorithms = with higher level standards

These difficulties result = in delay of many follow-up activities for algorithm integration and adoptio= n.

The doc= ument `Quantum Safe Key Identification and Serialization=E2=80=99 specifies= the key formats of selected quantum safe algorithms, to hopefully resolve = some of these interoperability issues.

Additionally it should serve to make choic= es in future standard clear and prevent delays in adaption.


To this end the document c= ontains parameter identifiers for the Round 3 finalist parameter sets (spec= ific OIDs in some cases to be added), as well as key descriptions, byte siz= es, and their ASN.1 formatting.

Open items that we would consider still adding (opini= ons are welcome) are the addition of CBOR formats, and the serialization of= signatures and ciphertexts.

We also note that the current OIDs are not useable or fi= lled in yet. We are investigating adding temporary OIDs, and in the end per= manent OIDs should be assigned by NIST upon standardization of a set of alg= orithms.

<= br>

(Cu= rrent) authors:=C2=A0Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio Dragone (IB= M), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osborne (IBM), Chri= stine Cloostermans (NXP,=C2=A0f.k.a. van Vredendaal), Karen Willbrand (Utimaco)=

<= span style=3D"font-size:10pt;font-family:Arial,sans-serif">

<= p style=3D"margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Looking forward to yo= ur thoughts and suggestions,


Cheers on behalf of the team,


Christine

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://www.ietf.org/mailman/listinfo/spasm
--0000000000000e1e3305c713d7a1-- From nobody Wed Jul 14 08:06:42 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E19E3A1D6D for ; Wed, 14 Jul 2021 08:06:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pqshield-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gR0wxirtTWj4 for ; Wed, 14 Jul 2021 08:06:35 -0700 (PDT) Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B640A3A1D6F for ; Wed, 14 Jul 2021 08:06:34 -0700 (PDT) Received: by mail-lj1-x232.google.com with SMTP id s18so3868958ljg.7 for ; Wed, 14 Jul 2021 08:06:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pqshield-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=V5CoIHU4El/Ru8f6J3cVp1GV7gRx754P8cPIk3QP5wk=; b=cglpmrY68mNBQ6XQYrpVJU9DhjZfSQUAc41rVUiSIKRUARhaDNNaVVhPhfMCgG0ceY 0clef5RJ5cmbFmyxXWzCVlr+CvWBG3DvBHJN6XC30ebcfShjIzfxtGmKgsIeJNvMQRw/ WErCKnST+ENNTblUkvJ3v29oRyx3MsrEWxLzMW4FsbIG4gWhYJYnuNEQT/JJ1hclCVIj WAqKUT+vhuYCGcWRjDTqx1foJ3f98J/X4cQwlRYECapxZNkx6JRdgdYemR19Ic70ihtU OPtVAi4m1Z/aWR9nbg0KXRw84NKuyeBnq5uI4KfQiIWlw5XspTHt0p2Nm4GFNNEGdWkE x2Fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=V5CoIHU4El/Ru8f6J3cVp1GV7gRx754P8cPIk3QP5wk=; b=eoeQ8IjqMd1HUpbCUdhhqsPjHgDsdA4ltXDnbpjBCC5BbazTxMf7wzJhd8Fn/dxN56 n/vx2LdplRabgnqRlw40AXIRfT9XnryHACZ6Bp3pXfaE58hHgWkS5dGqA4EnE14Q9uNV vfRpXQKGs4XDPMHyguzKE3/oQ34tlfwxiqEinlYCdc0upRZTF4rDnzw2tuEWE17Tnlm4 UXEOFBUCNcPIBhZLBtJ39/LFCWJ9AbYZR77crQgM4KbQgdFjE4ql8jsnu7mx0c0JXIE7 HatKVRC7Vf1bFkVenSwGYRTgsTvAgXK4lmjXKpkhER4BLNIOFI1eMMxqpTBekb5i/N4I 1obA== X-Gm-Message-State: AOAM530qGHxwPx4pDHzWKejBKKh6NECgHpF7j9rLBEJEBPq/OD038aBK 2iYREHzl70xOZLV2pQfxyrTooqW58Ki1k/iF9LbXzA== X-Google-Smtp-Source: ABdhPJxZzPAi7sDPF9OniBL/VkQUjH1l/C3aY3cM3LkGvGEeORxcz+MN4attcZwMBhuWXmDNByA0JEYgYXCEPzx59HU= X-Received: by 2002:a05:651c:4ca:: with SMTP id e10mr9377526lji.503.1626275191941; Wed, 14 Jul 2021 08:06:31 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: "Markku-Juhani O. Saarinen" Date: Wed, 14 Jul 2021 16:06:21 +0100 Message-ID: To: Christine van Vredendaal Cc: IETF SecDispatch , SPASM , saag@ietf.org Content-Type: multipart/alternative; boundary="0000000000001f83dc05c716b366" Archived-At: Subject: Re: [saag] [lamps] Pre-draft QSC Key Serialization and Identification X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2021 15:06:41 -0000 --0000000000001f83dc05c716b366 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I typed: "The document proposes OID identifiers for public and private key serialization draft Round3 PQC algorithms, which are likely to change when the NIST standard-writing process." trying again! This document proposes OID identifiers for draft Round3 PQC algorithms, together with an ASN.1 public and private key serialization mechanism that diverges from the serialization methods used in the NIST PQC competition. Since the algorithms are likely to change during the NIST standards-writing process, the applicability and lifetime of this document is very limited and it is unknown (and indeed, unlikely) that if it will be compatible with NIST standards. I should add that descriptive detail in the specification is insufficient for interoperable implementation. Hence I was asking for a conversion tool from the serialization format in algorithm specifications and implementations to the proposed ASN.1 format. Cheers, -markku Dr. Markku-Juhani O. Saarinen PQShield, Oxford UK. On Wed, Jul 14, 2021 at 12:41 PM Markku-Juhani O. Saarinen < mjos@pqshield.com> wrote: > Hi, > > Some of this commentary is already commented inline in the google doc, bu= t > I'll paste it here too for the record. > > The document proposes OID identifiers for public and private key > serialization draft Round3 PQC algorithms, which are likely to change whe= n > the NIST standard-writing process. > > The PQC algorithm specifications and reference implementations already > contain serialization methods (that can be used as simple octet strings). > The proposal is not using these serialization methods directly (as "octet > string blobs" or similar). Suggest including some additional justificatio= n > for proposing new serialization methods; either efficiency or security. > > I'd also like to hear comments on the relationship between this proposal > and the "RawPublicKey" discussed in the new "KEM-based Authentication for > TLS 1.3" draft > https://datatracker.ietf.org/doc/draft-celi-wiggers-tls-authkem/ > > Each NIST Submission comes with a set of KAT test vectors that are used t= o > test compliance and also interoperability. Hence we already have de facto > serialization methods for these algorithms, which are efficient, and > created by the algorithm design teams (and hence have already had years o= f > security testing). We have also used these serialization methods in > hardware modules. > > If ASN.1 type encoding is desired, a transformation tool between the new > ASN.1 format and the standard ones should be provided. Additionally, ASN.= 1 > may introduce serious input validation security issues that must be > carefully studied. Note that Elliptic Curve Cryptography has largely chos= en > to go with simplified octet string encodings for implementation security > reasons. One could argue that new ASN.1 serialization a step backward in > terms of interoperability and also potentially creates unnecessary securi= ty > risks? The implementation security aspects arise e.g. in the input > validation and constant-time encoding and decoding of KEM public keys, > which are part of the PQC key exchange process. > > Cheers, > - markku > > Dr. Markku-Juhani O. Saarinen PQShield, Oxford UK. > > > On Wed, Jul 14, 2021 at 9:38 AM Christine van Vredendaal < > cvvrede@gmail.com> wrote: > >> Hello all, >> >> We (folks from NXP, IBM and Utimaco) have been working on a draft >> specifying key serializations and OIDs for quantum-safe cryptography to >> already start to prepare for the upcoming new public-key standard. >> >> We shared this with the CFRG for feedback and recommendations and would >> now also like to share it for the same purpose in this broader community= . >> >> >> At the moment this is a pre-draft in the sense that it is not in an IETF >> format yet, but all the content is there. >> You can find the link to a comment-only Google Docs version here >> >> . >> >> >> The abstract of the document is as follows: >> >> >> With the NIST standardization effort still in full swing, companies >> implementing post-quantum cryptography now are running into multiple >> issues, such as: >> >> >> >> 1. Difficulty in managing algorithm versions and the compatibility of >> associated keys >> 2. Difficulty in interoperability testing >> 3. Difficulty in evaluating the impact of integrating algorithms with >> higher level standards >> >> >> These difficulties result in delay of many follow-up activities for >> algorithm integration and adoption. >> >> The document `Quantum Safe Key Identification and Serialization=E2=80=99 >> specifies the key formats of selected quantum safe algorithms, to hopefu= lly >> resolve some of these interoperability issues. >> >> Additionally it should serve to make choices in future standard clear an= d >> prevent delays in adaption. >> >> >> To this end the document contains parameter identifiers for the Round 3 >> finalist parameter sets (specific OIDs in some cases to be added), as we= ll >> as key descriptions, byte sizes, and their ASN.1 formatting. >> >> Open items that we would consider still adding (opinions are welcome) ar= e >> the addition of CBOR formats, and the serialization of signatures and >> ciphertexts. >> >> We also note that the current OIDs are not useable or filled in yet. We >> are investigating adding temporary OIDs, and in the end permanent OIDs >> should be assigned by NIST upon standardization of a set of algorithms. >> >> >> *(Current) authors: *Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio >> Dragone (IBM), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osbor= ne >> (IBM), Christine Cloostermans (NXP, f.k.a. van Vredendaal), Karen >> Willbrand (Utimaco) >> >> >> Looking forward to your thoughts and suggestions, >> >> >> Cheers on behalf of the team, >> >> >> Christine >> _______________________________________________ >> Spasm mailing list >> Spasm@ietf.org >> https://www.ietf.org/mailman/listinfo/spasm >> > --0000000000001f83dc05c716b366 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I typed:

&q= uot;The document proposes OID identifiers for public and private key serialization draft Round3 PQC algorithms, which are likely to change when the NIST standard-writing process."

trying again!

This document proposes OI= D identifiers for draft Round3 PQC algorithms, together with an ASN.1 publi= c and private key serialization mechanism that diverges from the serializat= ion methods used in the NIST PQC competition. Since the algorithms are like= ly to change during the NIST standards-writing process, the applicability a= nd lifetime of this document is very limited and it is unknown (and indeed,= unlikely) that if it will be compatible with NIST standards.
I should add that descriptive detail in the specification is in= sufficient for interoperable implementation. Hence I was asking for a conve= rsion tool from the serialization format in algorithm specifications and im= plementations to the proposed ASN.1 format.

C= heers,
-markku

Dr. M= arkku-Juhani O. Saarinen <mjos@pqshield.com> PQShield, Oxford UK.

On Wed, Jul 14, 2021 at 12:41 PM Markku-Juhani O. Saarinen <mjos@pqshield.com> wrote:
Hi,
=

Some of this commentary is already commented inline in = the google doc, but I'll paste it here too for the record.

The document proposes OID identifiers for public and priva= te key serialization draft Round3 PQC algorithms, which are likely to chang= e when the NIST standard-writing process.

The= PQC algorithm specifications and reference implementations already contain= serialization methods (that can be used as simple octet strings). The prop= osal is not using these serialization methods directly (as "octet stri= ng blobs" or similar). Suggest including some additional justification= for proposing new serialization methods; either efficiency or security.

I'd also like to hear comments on the = relationship between this proposal and the "RawPublicKey" discuss= ed in the new "KEM-based Authentication for TLS 1.3" draft

Each NIST S= ubmission comes with a set of KAT test vectors that are used to test compli= ance and also interoperability. Hence we already have de facto serializatio= n methods for these algorithms, which are efficient, and created by the alg= orithm design teams (and hence have already had years of security testing).= =C2=A0 We have also used these serialization methods in hardware modules.
If ASN.1 type encoding is desired, a transformation tool between the = new ASN.1 format and the standard ones should be provided. Additionally, AS= N.1 may introduce serious input validation security issues that must be car= efully studied. Note that Elliptic Curve Cryptography has largely chosen to= go with simplified octet string encodings for implementation security reas= ons. One could argue that new ASN.1 serialization a step backward in terms = of interoperability and also potentially creates unnecessary security risks= ? The implementation security aspects arise e.g. in the input validation an= d constant-time encoding and decoding of KEM public keys, which are part of= the PQC key exchange process.

Cheers,
- markku=

<= div dir=3D"ltr">Dr. Markku-Juhani O. Saarinen <mjos@pqshield.com> PQShield, Oxford UK= .


On Wed, Jul 14, 2021 at 9:38 AM Christine van Vreden= daal <cvvrede@gma= il.com> wrote:

Hello all,

We (folks from NXP, IBM and Utimaco) have be= en working on a draft specifying key serializations and OIDs for quantum-sa= fe cryptography to already start to prepare for the upcoming new public-key= standard.

We shared this with the CFRG for feedback and recommendations and would no= w also like to share it for the same purpose in this broader=C2=A0community.


At the moment this is a = pre-draft in the sense that it is not in an IETF format yet, but all the co= ntent is there.
You can find the link to a comment-only Google Docs vers= ion=C2=A0here.


<= /p>

The abstract of t= he document is as follows:


With the NIST standardization effort still in full swing, compa= nies implementing post-quantum cryptography now are running into multiple i= ssues, such as:


  1. Difficulty in managing algorithm versions and the compatib= ility of associated keys
  2. Difficulty in interoperability testing=
  3. Difficulty in evaluating the impact of integrating algorithms = with higher level standards

These difficulties result = in delay of many follow-up activities for algorithm integration and adoptio= n.

The doc= ument `Quantum Safe Key Identification and Serialization=E2=80=99 specifies= the key formats of selected quantum safe algorithms, to hopefully resolve = some of these interoperability issues.

Additionally it should serve to make choic= es in future standard clear and prevent delays in adaption.


To this end the document c= ontains parameter identifiers for the Round 3 finalist parameter sets (spec= ific OIDs in some cases to be added), as well as key descriptions, byte siz= es, and their ASN.1 formatting.

Open items that we would consider still adding (opini= ons are welcome) are the addition of CBOR formats, and the serialization of= signatures and ciphertexts.

We also note that the current OIDs are not useable or fi= lled in yet. We are investigating adding temporary OIDs, and in the end per= manent OIDs should be assigned by NIST upon standardization of a set of alg= orithms.

<= br>

(Cu= rrent) authors:=C2=A0Dieter Bong (Utimaco), Joppe Bos (NXP), Silvio Dragone (IB= M), Basil Hess (IBM), Christopher Meyer (Utimaco), Mike Osborne (IBM), Chri= stine Cloostermans (NXP,=C2=A0f.k.a. van Vredendaal), Karen Willbrand (Utimaco)=

<= span style=3D"font-size:10pt;font-family:Arial,sans-serif">

<= p style=3D"margin:0in;font-size:11pt;font-family:Calibri,sans-serif">Looking forward to yo= ur thoughts and suggestions,


Cheers on behalf of the team,


Christine

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://www.ietf.org/mailman/listinfo/spasm
--0000000000001f83dc05c716b366-- From nobody Thu Jul 15 10:15:06 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B5243A0EC9; Thu, 15 Jul 2021 10:15:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id az61Xr2RmLCE; Thu, 15 Jul 2021 10:14:55 -0700 (PDT) Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C36FA3A0EBD; Thu, 15 Jul 2021 10:14:49 -0700 (PDT) Received: by mail-yb1-xb2c.google.com with SMTP id g5so10227335ybu.10; Thu, 15 Jul 2021 10:14:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=ghnJY+LDcTNJNTbuXJIcf1DAAm/tMaX7x2XkRSxgT8Y=; b=ozr7bgwZbRG6jHs3gns6SRv0UDPOfFOaTzhbydV0bqIHS8KXEMAoTTG2/1lM2b3RBQ jYaz+h33fuACsJByB6PXGYpkCQFsKlx08b18KRez8aTXEitApnjqrG08OF0xGGxahA1B eVdUCwqauWwWu7dFWZkgYwQGRI5IfWGHpl2AdllYfc/JsZJZ1YiwGP9J+C/kn4kk80yc 7YLOtJ/B/Zoct0eJflNjrNdlfgXQXTLLq0fV4QUJqJB6lSobbcQLG8xNv11SmcD4lVb7 s/8D0ok5NLdff5LPPG7uPv3G2uD1WPDzd2mX5CdRIgeOssErB+Hl3+ogf/fH4EM+Wd0L x1uA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=ghnJY+LDcTNJNTbuXJIcf1DAAm/tMaX7x2XkRSxgT8Y=; b=a18z7e+OqUD05Vr7fJTC5fEwzuqQOtHJFSu5Xnrl9bBcbz8Bj4BlqybX4x44aKmbLe vZ8wXsNC/DXkk+Yz7BvGhTWkxEhRDIqHESYbkVbqOGpPttXThrpcK9w0BEvixE0qs4Km 3DtDGp9Yo7Ie1Ra6FUKh5D0Rh3JD4MJ6+7MzBJMzYlmBS+LGS4nsVF9CQGa51wHxjoqh jw+A+NH9aAVnQ9uZDp+gTSQ9bX25WE4niJCjKeYvnqeEl2WbCZz9KI6zsgybDx9OK4ie xCgnwQWUNhnaV9ml9RGP4EiYe5kkA2n4yuGr+3kL3sZsjGVoBoUwFYaEMpzZegGTsvSd J40w== X-Gm-Message-State: AOAM5321TERnIr+n1hxigNrbB/hzdSxzsifoOdDmvHMaiupfFtymVWNn G2U8uKtXGSdQ4VDA34hBZ6jAPSfU/O1Yhr6fghWZ7H35vY4= X-Google-Smtp-Source: ABdhPJzCwWyhB1YJ9d35OvCjxk6xDf9/4a8Nj+l2pDQDaJ8FxYYaSHU2T83sMdHmL9dVxPVQDM2aDrcZSyl75Y/raOs= X-Received: by 2002:a25:442:: with SMTP id 63mr6717568ybe.114.1626369288178; Thu, 15 Jul 2021 10:14:48 -0700 (PDT) MIME-Version: 1.0 From: Daniel Migault Date: Thu, 15 Jul 2021 13:14:36 -0400 Message-ID: To: saag , int-area , IPsecME WG , sfc@ietf.org, tls , IETF QUIC WG Content-Type: multipart/alternative; boundary="000000000000b20d6d05c72c9ba9" Archived-At: Subject: [saag] Heads up on Netdev conf 0x15 - not too late to attend! X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2021 17:15:00 -0000 --000000000000b20d6d05c72c9ba9 Content-Type: text/plain; charset="UTF-8" Hi, For those that have not already attending Netdev, Netdev conf 0x15 has been running since July 7 but it runs for 3 weeks but the talk sessions don't start until Monday. As usual a lot of IETF relevant talks. See: https://netdevconf.info/0x15/accepted-sessions.html The fee is USD $50. Students(proof required) are 50% off. The first 2 weeks was keynote, workshops and tutorials. You can replay all the sessions you missed by entering the conference platform (registration required). The keynote was by Hari Balakrishnan, see: https://netdevconf.info/0x15/session.html?keynote-balakrishnan On Monday as well there will be an industry perspectives panel on smartnics which will involve 6 vendors and an industry veteran moderating the session. For registration go here: https://netdevconf.info/0x15/virtual.html Yours, Daniel -- Daniel Migault Ericsson --000000000000b20d6d05c72c9ba9 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,=C2=A0

For those that have not= already attending Netdev, Netdev conf 0x15 has been running since July 7 b= ut it runs for 3 weeks but the talk sessions don't start until Monday. = As usual a lot of IETF relevant talks.
See:=C2=A0https://netdevco= nf.info/0x15/accepted-sessions.html

The fee is USD $50. Students= (proof required) are 50% off.

The first 2 weeks was keynote, worksho= ps and tutorials. You can replay all the sessions you missed by entering th= e conference platform (registration required).

The keynote was by Ha= ri Balakrishnan, see:
https://netdevconf.info/0x15/ses= sion.html?keynote-balakrishnan

On Monday as well there will be a= n industry perspectives panel on smartnics which will involve 6 vendors and= an industry veteran moderating the session.

For registration go her= e:
https://netdevconf.info/0x15/virtual.html

Yours,= =C2=A0
Daniel

--
Daniel Migault
Ericsson
=
--000000000000b20d6d05c72c9ba9-- From nobody Sun Jul 18 15:29:05 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 563D53A11CA; Sun, 18 Jul 2021 15:29:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.197 X-Spam-Level: X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5QU9MsIBcq-K; Sun, 18 Jul 2021 15:28:59 -0700 (PDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC8173A1203; Sun, 18 Jul 2021 15:28:58 -0700 (PDT) Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 16IMSoTx010843 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 18 Jul 2021 18:28:56 -0400 Date: Sun, 18 Jul 2021 15:28:49 -0700 From: Benjamin Kaduk To: John Mattsson Cc: saag Message-ID: <20210718222849.GA88594@kduck.mit.edu> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Archived-At: Subject: Re: [saag] =?utf-8?q?Public_key_parameters_in_the_signature_algorith?= =?utf-8?q?m_=E2=80=94that_is_the_question?= X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jul 2021 22:29:03 -0000 Hi John, On Wed, Jun 23, 2021 at 08:35:24PM +0000, John Mattsson wrote: > Hi, > > There has been a lot of discussions in various groups recently on whether to have public key parameters also in the signature algorithm or not. There are significant differences between IETF protocols like PKIX, JOSE, COSE, TLS 1.2, TLS 1.3, and IKEv2. Many of the protocols are also internally inconsistent. The inconsistency has led to a lot of confusion for developers and people writing specifications. > > Looking at IETF protocols with signature algorithm registers: > > - PKIX/X.509 is consistent. There is no duplication of parameters between the public key algorithm and the signature algorithms. > > - TLS 1.2 is consistent. None of the signature algorithms include public key parameters. > > - COSE is inconsistent. COSE largely following PKIX. The exception is the signature algorithm ES256K that includes the public key parameter secp256k1. > > - JOSE is inconsistent. JOSE is mostly doing the opposite as COSE and includes many public key parameters in the signature algorithms. Exceptions are EdDSA that do not include the curve, and the RSA algorithms that do not include the key size. > > - IKEv2 is inconsistent. IKEv2 started its own registry where the ECDSA signature algorithms is bound to a curve, but the RSA signature algorithm does not include the key size. IKEv2 have since specified a way to use PKIX/X.509 registries where signature algorithms do not include any public key parameters. > > - TLS 1.3 is inconsistent. ECDSA, EdDSA, sm2sig_sm3, and gost include the curve, but eccsi_sha256, iso_ibs1, iso_ibs2, and iso_chinese_ibs. RSA does not include the key length. We didn't ask the experts to enforce anything about parameters in SignatureSchemes. Do you think we should? (The ongoing 8446bis would be an okay place to add such guidance, I think.) -Ben > - draft-ietf-httpbis-message-signatures is inconsistent. ECDSA includes curve, but RSA does not include key length and JOSE EdDSA does not include curve. > > I have seen at least the following arguments to include public key parameters in the signature algorithm: > 1. An implementation should know based on the signature algorithm that is support calculating the signature. > 2. The security level should follow from the signature algorithm > 3. Avoid using the same public key with two different algorithms > > My observations and thoughts: > - I think consistency is the most important property here. > - The protocols except PKIX, COSE, and TLS 1.2 seems to try to achieve 1. but fail as they are not consistent. > - None of the protocols above seem to strive for 2. > - Adding public key parameters to the signature algorithm does not seem to achieve 3. A way to achieve 3. would e.g., be to add signature algorithm OIDs to the Extended Key Usage and only use algorithms specified there. > > Cheers, > John > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag From nobody Sun Jul 18 16:02:14 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 796013A1385 for ; Sun, 18 Jul 2021 16:02:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=pkzPqNDn; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=eR1uHtT4 Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eY33MC5-Tp3G for ; Sun, 18 Jul 2021 16:02:06 -0700 (PDT) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3CA893A1383 for ; Sun, 18 Jul 2021 16:02:06 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 73F2F5C0076 for ; Sun, 18 Jul 2021 19:02:04 -0400 (EDT) Received: from imap41 ([10.202.2.91]) by compute5.internal (MEProxy); Sun, 18 Jul 2021 19:02:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=3j0Gzzo4HSMAlO76PSHAWtA2F0KChyB 3VXilLgsZUVk=; b=pkzPqNDnfRuADDpxi6OXWIh+m5JH7ncsbCoK419XsPOedXY GE17sPEW+W4XQpc2nScn4dl/sOXUtajlk69mZiWJ6frXzgpmWtDlrlmAg+EuvYkw kK7VBmOCOvQleI5uSvjOH+6RLBY1nmdDiI4RQ0CwRAX9KvBFYp8SNcbCTrNiu6VJ ek1+G41uAejSXxPnRSb+Qmd+Bdgd0SZ0P4LoC3QxUgw9pyirgVRtmSBQssnJxNwu MSBa/iwJD6qUGWJbegTwT1gVLUiH6ARRiJKaLLJ5lMzYZZW+WofzX6Tt9SO4rxb5 j/nSEqPjWYGi6QIMFxNOC4HKyX40jPabhL+OkvA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=3j0Gzz o4HSMAlO76PSHAWtA2F0KChyB3VXilLgsZUVk=; b=eR1uHtT4D1YyjmXRrTKKuu y7+gXDi/7fOvkC4GdPw5O0qbEcosJ5Y8QjbijW41a4ybAJzxBwYJIMu8j5LX044U c4t5fhhFGZIo0TE/Mb861DNe3vd2Q+mVW0yt23RYaqfjTqAnF4ueqOciGjwU/HXk eqFmab2uuKMtHC4Gz5ukxKjAWV/xLo1vnOxFADG5EM6T01S9iKrqG0a4tw59NcGP SV9bBfiLRL6kMqWOvBDTf6q+qp/woV3sdGLhwknFFrBHgB7NdnEBZB0MWK7pyhvI 8PUbC73usOcd686BISmuRn8RswC08IP+3f+kiuROh1TF65VtyrKaF4Qyn1mPZceg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrvdelgddufecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreerjeenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohif vghnthhrohhphidrnhgvtheqnecuggftrfgrthhtvghrnhepheefteduudduhedtkefhvd fhteelffdujeegjeffheffveekudeigfeuveekfeelnecuvehluhhsthgvrhfuihiivgep tdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvth X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id CCFFE3C0E63; Sun, 18 Jul 2021 19:02:03 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.5.0-alpha0-533-gf73e617b8a-fm-20210712.002-gf73e617b Mime-Version: 1.0 Message-Id: <8f9afb9a-72a4-4478-a1a3-5071533c1384@www.fastmail.com> In-Reply-To: <20210718222849.GA88594@kduck.mit.edu> References: <20210718222849.GA88594@kduck.mit.edu> Date: Mon, 19 Jul 2021 09:01:45 +1000 From: "Martin Thomson" To: saag@ietf.org Content-Type: text/plain Archived-At: Subject: Re: [saag] =?utf-8?q?Public_key_parameters_in_the_signature_algorith?= =?utf-8?q?m_=E2=80=94that_is_the_question?= X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jul 2021 23:02:13 -0000 On Mon, Jul 19, 2021, at 08:28, Benjamin Kaduk wrote: > > - TLS 1.3 is inconsistent. ECDSA, EdDSA, sm2sig_sm3, and gost include the curve, but eccsi_sha256, iso_ibs1, iso_ibs2, and iso_chinese_ibs. RSA does not include the key length. > > We didn't ask the experts to enforce anything about parameters in > SignatureSchemes. Do you think we should? (The ongoing 8446bis would be > an okay place to add such guidance, I think.) So I do think that this is good guidance to give, but we'll need an exception for RSA. That is, a signature scheme should define a singular use of an algorithm that includes all parameters of that algorithm. This works for most of what has been defined in RFC 8446, except RSA. It could work for RSA, but RSA is sufficiently weird that attempting to define RSA 2048 and RSA 3072 and whatever other numbers as discrete schemes would not be backward compatible. Also deciding on which numbers to privilege seems like it would be difficult. Incidentally, RSA 2049 should not be a problem, but I can confirm that it is a real problem in some software (I'd have to go back and check which to be sure, I think it was OpenSSL, but it might have been NSS). As far as the non-recommended options go, informing registrants of this decision might lead them to either reject the advice or ask for a new codepoint, but I don't think it matters. From nobody Tue Jul 27 00:02:50 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FC9B3A11ED for ; Tue, 27 Jul 2021 00:02:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hbdoNWgFF65k for ; Tue, 27 Jul 2021 00:02:44 -0700 (PDT) Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 870483A11DF for ; Tue, 27 Jul 2021 00:02:44 -0700 (PDT) Received: by mail-il1-x12b.google.com with SMTP id y4so11279524ilp.0 for ; Tue, 27 Jul 2021 00:02:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version; bh=vhWahY+cLceUN1o5sUvUwxcIoiwUj0f75bLtegsXns8=; b=UxEIzavvrh/K5eIuYifvxC5TQuABNS+KGUjVoCQC06MR1tNa4DqHzuO3e1XyvmrzVC svDCqJaWYILcxFZ/FZhkisV5Lyd9r1tCgnT1Fut5zrVCblCekBPqleW6ZIF8Sg/DN8V+ vzWmM5z6W65G/YsP+V4qrFCuuajog4IfnNY/iKGNzP7kmBEWMJ/NkflNCnQxfCWPy8ig TUBVduKnnhWwfj9rUyEOO56MvvLD042w4nfydJufqklFssC+0ThzPmS0KVWDTT0VvswG O5zlMzCUR2LOlTTukgA484aIn6nJfqp3emZWK7xhMfGlYeTAmRNokJLxLoHTWQrzUT4d a54A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version; bh=vhWahY+cLceUN1o5sUvUwxcIoiwUj0f75bLtegsXns8=; b=NNdTTUXafm+IfwvY5XQHFhOs6mqncQq1Ae5Ol/6PocezvcQh1WW2pupnv4ySYRoP+2 YF58aj/1nPJTa640xHTJ+i8FJrhQ5LGeGiz5H9bwI/a9EpG5/fpfBsklHNj+HdIvWxCf Dknl1RRXQX5NyY6FFsc4KDyB6rtK1DungQu1AX1Tjzmr+u6n2MWX2YGSIbX1YxjywpUb Onl7NHGggXje8g3H2L0q02UQqELTMzSnSy6ubuyqSFTpaRXUeINgFRlCKyeT/S5RxDe1 ++NoPXIwEDyY20I6GzXmlTUUoj6dktUJSOXnVcCmRtcFX38QkKnPxBWid3GtQnK2DHPr oEiQ== X-Gm-Message-State: AOAM533UuYtvAbUisJqiWnh/Tox+OOfLpKWTDfy606f2qnlYhGV/N+CG iycwJPcN9XdVNOfYVbgqGfmJya8veiI= X-Google-Smtp-Source: ABdhPJyIAupcSqdPBnsr1JF3L+vK8QMCQEq/kx01mHoV/q5R/FOlZDGOsLZswH0F3AQ6rjbWPlC/uA== X-Received: by 2002:a05:6e02:52d:: with SMTP id h13mr16359409ils.119.1627369362461; Tue, 27 Jul 2021 00:02:42 -0700 (PDT) Received: from [192.168.68.110] (bzq-79-181-28-50.red.bezeqint.net. [79.181.28.50]) by smtp.gmail.com with ESMTPSA id j2sm1335380ilr.80.2021.07.27.00.02.41 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Jul 2021 00:02:42 -0700 (PDT) User-Agent: Microsoft-MacOutlook/16.51.21071101 Date: Tue, 27 Jul 2021 10:02:40 +0300 From: Yaron Sheffer To: "saag@ietf.org" Message-ID: <6DD937FE-F87D-44D1-8D07-11860A96D156@gmail.com> Thread-Topic: GNAP WG report Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3710224961_1754899030" Archived-At: Subject: [saag] GNAP WG report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 07:02:49 -0000 > This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --B_3710224961_1754899030 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable GNAP met at the first session of IETF. Since the last IETF, we published tw= o revisions of the core protocol, as well as two revisions of the Resource S= erver draft that was spun out of Core. We received a security attack from an= academic research team and revised the protocol to mitigate it. Despite the= large number of open issues on GitHub, the authors believe that the protoco= l is now much more solid, and we discussed a roadmap to publication. We also= discussed how to encourage implementation, and what needs to happen for bro= ader review across the community. =20 Thanks, =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Leif and Yaron --B_3710224961_1754899030 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

GNAP met at the first session of IETF. Since the last IETF= , we published two revisions of the core protocol, as well as two revisions = of the Resource Server draft that was spun out of Core. We received a securi= ty attack from an academic research team and revised the protocol to mitigat= e it. Despite the large number of open issues on GitHub, the authors believe= that the protocol is now much more solid, and we discussed a roadmap to pub= lication. We also discussed how to encourage implementation, and what needs = to happen for broader review across the community.

 

Thanks,

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0 Leif and Yaron

--B_3710224961_1754899030-- From nobody Tue Jul 27 07:36:46 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75FE33A00D3 for ; Tue, 27 Jul 2021 07:36:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.553 X-Spam-Level: X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QL2K6h5uVH0i for ; Tue, 27 Jul 2021 07:36:40 -0700 (PDT) Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150054.outbound.protection.outlook.com [40.107.15.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A108D3A00C1 for ; Tue, 27 Jul 2021 07:36:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ifZKRGTynJi7mBUhm5g//mwre4zC7pCeMLsgggpyC8eNZd2rKIzghiQ90Ji9XCH5/TngvqBq18kxm5TQhuSfQdRltz0Mq4v94yD6NTIWTWcH+AyGcrHWgllWR+fhd+NNDvjOGtvwOvrrPpnIdviIVbLNoJcW4EbFQIMvxR/h2viZe4BwScGv5jLIEhBmSg9Aq/mguQ88RsLC84ZKF6Q/SnRDO/0h2DOWbOElLkOvW3FaFSDulsnhwpqeRR22tt7ezyGH6FPZBrnl2h/+6qjxhfbq6QxVyIVqtn6J1UMIwcukWDLs5F3mdLBGxFYYRhDfc6P/MI/uo1GPnx4fgW419A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I2fh7M3mYARpywc7QpB50Y3Q2lFdvJvsqbBH+snlvjw=; b=RoxQu5F968Aaw8IVOaKOPxwt3yBbnpR3HzY2KkBr+Yb/4T8NCyESf4HIom3fMCFigO0hT7rjiZQVMqiBOa+dvgbcQLCUOFSMKwFlKOokB9HPUiQ6WulRlFBs8ZVtd4rUj2nf0o7JbxiM9ZM8MJ0EfXgHdE72Y57DMlXasfx2/UrpPyT7WwuJ2f2Dc1SEDQGykiZlHQ8QlKyLLSdskXYHS6MOEKZmIzSFRkpfRQ715Km9T3J3UsR0cVOPMIEK8c1rcbYhbjmUUZgdRrOcQ1phGaLSEBqh4zWP7X51iXiEnFJManXR7i7/wWiovQhSenzRtUJPVgR/LfRX2VBIU35PUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I2fh7M3mYARpywc7QpB50Y3Q2lFdvJvsqbBH+snlvjw=; b=T74JPMdiNtv/wbMw8u0MbNjQoIhcX1/EpzKOvUQsP2ElbcF5Cw0Tsss6bLyHzewcd8wM8gtA2ZuM56+qQ9vM9Rgw9w5GrinuSccw0ctQOAtPAUnFQ0eMhEB1k+tbVXY8NDvFN89EBZKyaH4qBZVNQqtQraKoIlB20nhU4cPjwsI= Received: from HE1PR07MB3436.eurprd07.prod.outlook.com (2603:10a6:7:37::31) by HE1PR0701MB2393.eurprd07.prod.outlook.com (2603:10a6:3:72::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.17; Tue, 27 Jul 2021 14:36:38 +0000 Received: from HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::c04b:9f4f:3494:b84c]) by HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::c04b:9f4f:3494:b84c%7]) with mapi id 15.20.4373.018; Tue, 27 Jul 2021 14:36:37 +0000 From: Mohit Sethi M To: "saag@ietf.org" Thread-Topic: Secdispatch report @ IETF 111 Thread-Index: AQHXgvTOsKVqoWIEnUCIKmpw+yrhqA== Date: Tue, 27 Jul 2021 14:36:37 +0000 Message-ID: <09f5cac4-2079-802f-62ca-72713a3cca04@ericsson.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c4391131-8a7e-4cb7-907c-08d9510bf105 x-ms-traffictypediagnostic: HE1PR0701MB2393: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 863osp7d/qnl10tOqwSL2xhE2SbapiaIF6NTyJZYMjZZiTtBCWFEbNfg67c9PNp29hXS+5AccqTaCbxYMMKTZcaPHQErwnaVMU1sP2yR98ZEd3hH/r7TuYzgQPvEJtfzyGxXbzgd0Do6AkzhbjF6LSvAYUWyVL36m78A3PMUYWbtwZx6N+j3a8nz8Nkki5hFe19VHVz17/aLIZvQYj9FTDdvN1xWk2iYUaPhIhUEqeFDxrUTSAeqdtYN9rghFggfP2b1JpGHFg+AA+e0+P5JFs8vHQoeLYk9oaDcJV52i0QFrRL5Mx2qpLPZf8ZA0Iz7jSRSE4UEi+fMMMty0fkZjbGbVLZfjA1ovcjzcRgi8n1CRcDlDhpPK7PVKJAK4U8KzoDOa14DKbGVjQAsImhbuE10ic78QiBWe0Z9OfbJi6U7aQTazJtX4eMQGm+sjxozo6gLnfeXsDXSOlcCyfPI0ayOPkVaNtrER03HeWYKi9l6EiXJjFSG8O/ago5QddAhy/BWFJBzdtFZ7O31RQOihosPdBINICsw7ejZba4Wm5u695lAavDll49+lQsK/lOsWZK0GxgyahlPCWG/V0hioRbyGf+ru1RcqkMFOdmT1pFtOYHUIxcLLPn2zC0vTYS9yiL7GAnZRppfz86ZnkVaa2NfrET2gZIPbzqJVVwReA2y2TvqW0qBdPosotQoxFmmUcY2sJpGP1XtQzID7N2FMIO1AbfHpXWrJCw38IkJp1rcHnIQWOs7cV/TanVQrzh1JJ/fN3WLhPCzp2urUyoyAajP0I3apO/p81bEEF+wXK8c6w1wGzGx0yqHfVi7GOathUor+YnOOuv7CW5AUKPN/XvEtHuRQOnWxNAInzwzbz4+Kz05XLADh0imQ7AY41dx x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3436.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(5660300002)(86362001)(26005)(2616005)(8936002)(2906002)(76116006)(31686004)(6512007)(36756003)(8676002)(6486002)(508600001)(83380400001)(66946007)(186003)(38100700002)(6916009)(66476007)(64756008)(6506007)(31696002)(66446008)(66556008)(71200400001)(316002)(122000001)(38070700004)(43740500002)(45980500001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?R2lSSE5hbmpTVjk1NVZ0RXlXQmhPS0cwQkdVMlJJYnc5akRub1RUcm1EN0lR?= =?utf-8?B?WVB2VlJOVjM5TEE0RkVxVG9iNm9obVdva1c5VS90aFBlUk9nSFllcnpTVThp?= =?utf-8?B?REx5QmN4QUJJVnFpNitxUzdPbTFvcGduTytnWFFOZHFVWmVvVGZJNWZYdU15?= =?utf-8?B?dWcyMjhrcVY3SEZ0MEJNR0VDMzd6ZkpuU1Z4eVpUU29kR0VPSGFxcVhRYVdI?= =?utf-8?B?eHp4cy9XaSs4MVJMSVZTNGtubGd0ZTliMWJyUm5WYVRXYldmWHJBcFdoMjB1?= =?utf-8?B?a1RreVlIbktONEpwZFdKUWtNVXA2Y3pGTzR3MGVhaHZBM1QzQmxuaGFEOGtW?= =?utf-8?B?NW9YN2xab0ZLS0JEVUZhLzROOFVJbGUwS0t1TTNGckE0TjJWd2k2ODlhUXJu?= =?utf-8?B?YlZQNnNCYThDL0pRTEhNYTZzWkk3NWRaWHpQMWRzMVNxQjFjMXR5cEl6U05X?= =?utf-8?B?a1JzdGltQnBxRyt0bU80M0NkeXNXOVdNc0p2ZGV3TWM2engzUDJobEE3ejlN?= =?utf-8?B?UlFpY1Ixa3RhTzVqUGpVUEVEQ0FhRUMrYzRMbUl3UmFnVXVwbmorbldHbmpm?= =?utf-8?B?NDczazZ3MmtETkdEb1Jzem5lekhIV1pnSm5TdmZuZk1XSzRDMWs3TElsT1U2?= =?utf-8?B?R05Yd3lzQTg1RDhVRWhlcHJxZ1NkR3F5eWQydHlieGQ2Y0tVMEVpZ2tLdXRx?= =?utf-8?B?Z3JKQ014VUhqL2wzY0F4dW5KRTNlcGdTY0ZXb2pRM2JIWHJ2ZDVyUm02bzVm?= =?utf-8?B?L2dCeVkyNE5EQlE4RC9NdWtvd3BEdVlJMmZwYlQ3V21RalJpbG9ONitGQXB5?= =?utf-8?B?ZXJsYUVtcXNWd2N5Z09lVTRGZkgrL0RCdWlFY3ZzRU4rZ1FZUmRRWDBRWVJq?= =?utf-8?B?TVdhUVk5ZUs3NGh0NzVaSkNkYVdoeVA2VDVKRlh5MjhjVGRVNzRSbUhlMzNN?= =?utf-8?B?TThKS1pLbG9ZQVM3cndCRVZSbkNRcy9RdmwwRTZiMkJTTm1iL3RZa1czbXJT?= =?utf-8?B?TXZYVVB2NERkS1BCdTZNWGFGVVRvajlCTXhobEpkN2ZRQ0l2SjdNc0ZVUzlu?= =?utf-8?B?dTV1U3RPdHBmZmZ4ZHNoRkFVWDEvMU1Xc1dMZmloNjcyMUdnK3ZkbldQbG83?= =?utf-8?B?UEQ3cnl2S3k1Rndjb2FqelU3NWcwdGJmbm1TVUtRVVZzSTg4bnlXTnBXV3JP?= =?utf-8?B?VDBzV3FmcUpKYmpaODZpaDVNTDV0bTAycWpralB0ei9IcUhaWUIyeE1DQ00w?= =?utf-8?B?UnpsN3lGZmpVYWVGQ01yVGtrTWNDRVVKaXRBVndNRE03Z0Q1QkgycmdIZWZ1?= =?utf-8?B?N0pKV3QxSVUwaGVlZVBwR1V2T3FPWkNzbFpoWndlQ2pkTlVObVAwYVBnSVpk?= =?utf-8?B?cUVDbFFaeDhjZWhvOUFEN2czV01hYW1RajZGYlU0WEs2UXl3dXlqRFRWeE9G?= =?utf-8?B?NTF0WEZ0S0NxWGxNMDZYeFYrY2ZnaFNqSlRRVTRMaXoybVYxNC9rRW5sZUtT?= =?utf-8?B?WTVWYnVpOWlRSVExaGNXRWh2bldsTVhUWnpWUWZLcVVQckloWE1vUjZQN1Bs?= =?utf-8?B?Qk9nT25UK3Nzc0ZzbFR0YUEwcEJQUDNXY0lYTUxYQ0JTYkUwWjZRd3ZQajBG?= =?utf-8?B?WEJVZHgzQXpJSHBtTXE5NVUvczNMaURvaGtaT3VhOVRVVHdYMXJJSDFmd0hv?= =?utf-8?B?UERSQ3U0ZEdmOUlFUFkxQXc1aDBKK2NQeWxMdTkzKzVITytmSEZORVY4S3dk?= =?utf-8?Q?ZhDAuvf7lzj/x4KhbQ=3D?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="utf-8" Content-ID: <9EA61532718B414EBCD78E1FEE19B076@eurprd07.prod.outlook.com> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: ericsson.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3436.eurprd07.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c4391131-8a7e-4cb7-907c-08d9510bf105 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 14:36:37.7930 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: fgcqK+NUbaB0HPnboPmb1jjpGVSojapF7Z+yVlKFOHtNP61AJbqYVZrLW9jg+9CVr5m32GoV71Ah/QJmBqygNQjkPyzct/3CyjXIIUAWMp8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2393 Archived-At: Subject: [saag] Secdispatch report @ IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 14:36:46 -0000 U2VjZGlzcGF0Y2ggV0cgbWV0IG9uIE1vbmRheSwgSnVseSAyNiwgMjM6MDAtMDE6MDAgKCsxKSBV VEMNCg0KVGhlIGZvbGxvd2luZyBkcmFmdHMgd2VyZSBkaXNjdXNzZWQgYW5kIGRpc3BhdGNoZWQ6 DQoNCjEuIFRMUyAxLjMgdHJhbnNwb3J0IG1vZGVsIGZvciBTTk1QdjMgDQooaHR0cHM6Ly9kYXRh dHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtdmF1Z2huLXRsc3RtLXVwZGF0ZS8pIC0+IFNFQyBB RHMgDQp3aWxsIGNoZWNrIHdpdGggT1BTIEFEcyBmb3IgYXNzaXN0YW5jZSB3aXRoIFNOTVAgZXhw ZXJ0aXNlLiBXaWxsIGJlIA0KZGlzcGF0Y2hlZCB0byBlaXRoZXIgc29tZSBXRyBpbiBPUFMgb3Ig dG8gYSBzbWFsbCBmb2N1c2VkIFNFQyBXRy4NCg0KMi4gRGVmaW5pdGlvbiBvZiBFbmQtdG8tZW5k IEVuY3J5cHRpb24gDQooaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQta25v ZGVsLWUyZWUtZGVmaW5pdGlvbi8pIC0+IFNldCANCnVwIGEgbWFpbGluZyBsaXN0IHRvIGZ1cnRo ZXIgdGhlIGRpc2N1c3Npb24uDQoNCjMuIEZhc3QgVHJhbnNpdGlvbiBmb3IgT3Bwb3J0dW5pc3Rp YyBXaXJlbGVzcyBFbmNyeXB0aW9uIA0KKGh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9j L2RyYWZ0LWhlbnJ5LWZ0LW93ZS8pIC0+IFN0YXJ0IHdpdGggYSANCmxpYWlzb24gc3RhdGVtZW50 IHRvIElFRUUgODAyLjExLg0KDQo0LiBFQ0RTQSBTaWduYXR1cmVzIGluIFZlcmlmaWNhdGlvbi1G cmllbmRseSBGb3JtYXQgDQooaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJhZnQt c3RydWlrLXNlY2Rpc3BhdGNoLXZlcmlmeS1mcmllbmRseS1lY2RzYS8pIA0KLT4gQ0ZSRyByZXZp ZXcgbmVlZGVkIGJlZm9yZSBhbnkgY29kZXBvaW50cyBjYW4gYmUgYXNzaWduZWQuDQoNCjUuIEpX UyBDbGVhciBUZXh0IEpTT04gU2lnbmF0dXJlIE9wdGlvbiANCihodHRwczovL2RhdGF0cmFja2Vy LmlldGYub3JnL2RvYy9kcmFmdC1qb3JkYW4tandzLWN0LykgLT4gSVNFIHN0cmVhbS4NCg0KS2F0 aGxlZW4sIFJpY2hhcmQsIGFuZCBNb2hpdA0KDQo= From nobody Tue Jul 27 07:55:34 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10BEC3A0809 for ; Tue, 27 Jul 2021 07:55:33 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zMKiGjsfrYmz for ; Tue, 27 Jul 2021 07:55:31 -0700 (PDT) Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19C143A080C for ; Tue, 27 Jul 2021 07:55:30 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id C5B04300B36 for ; Tue, 27 Jul 2021 10:55:28 -0400 (EDT) X-Virus-Scanned: amavisd-new at mail.smeinc.net Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id DU-8wNjF3Ovf for ; Tue, 27 Jul 2021 10:55:26 -0400 (EDT) Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id D925C300A0D for ; Tue, 27 Jul 2021 10:55:25 -0400 (EDT) From: Russ Housley Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\)) Message-Id: <49F9DB1B-486C-4421-ADDF-93C00C3E6FCF@vigilsec.com> Date: Tue, 27 Jul 2021 10:55:24 -0400 To: IETF SAAG X-Mailer: Apple Mail (2.3445.104.21) Archived-At: Subject: [saag] LAMPS (first session only) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 14:55:33 -0000 CMP Updates, CMP Algorithms, and Lightweight CMP Profile=20 - draft-ietf-lamps-cmp-updates, draft-ietf-lamps-cmp-algorithms, and = draft-ietf-lamps-lightweight-cmp-profile - All three should proceed to WGLC before IETF 112 Extended Key Usage for General Document Signing - draft-ito-documentsigning-eku - Call for adoption started right after the session Update to RFC7299 - draft-ietf-lamps-rfc7299-update - When putting PKIX OIDs into IANA registry, discovered two are missing - Will go straight to WGLC From nobody Tue Jul 27 08:05:21 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E3CF3A0890 for ; Tue, 27 Jul 2021 08:05:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=smyslov.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dXmJEp07TCH3 for ; Tue, 27 Jul 2021 08:05:12 -0700 (PDT) Received: from direct.host-care.com (direct.host-care.com [198.136.54.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBBB33A088F for ; Tue, 27 Jul 2021 08:05:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smyslov.net ; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID :Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=h/VsiJk0F2bcbwtFvkh1b/1Hd+oYzfdlX31Pp9wdUQY=; b=uyWcYNktfqvy5f80o0NRTx0zrf +gYxNh/qwhMkipNZ1tuuLX1GXgBbJyAcfdnF3ObzFwD7vi7ZEDMCBDZEeRW7ozQkQmWCBoAFJd3gZ b2iUrQcR9tBSRIpO6blQMtB+vgTJmNjYOmb2rNBtfCMXKIKjRIJx3gEOpZxLOeau2qDWWca4M7FBN E6fo+OhF9lZRA/dvc2GXlokHpp/Vhfp0+Ahw1322syOJ+WQFKJUjs1/oCQdBscAi3t5ssNqdXzPqq qF46l0K22EkAVo7D8NAhlZiQ57V3AGptCPQMt7xi3ZXSZLsZ0OIOeNjB4tSE3W4kNvKQ7XPRKjylp N35aj+Cw==; Received: from [93.188.44.204] (port=53784 helo=buildpc) by direct.host-care.com with esmtpsa (TLS1.2) tls TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1m8Odr-0007Gr-95 for saag@ietf.org; Tue, 27 Jul 2021 11:05:11 -0400 From: "Valery Smyslov" To: Date: Tue, 27 Jul 2021 18:05:09 +0300 Message-ID: <196201d782f8$cc95f940$65c1ebc0$@smyslov.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdeC9qCUHoDhk3XSQASef0DcoDtovQ== Content-Language: ru X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - direct.host-care.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - smyslov.net X-Get-Message-Sender-Via: direct.host-care.com: authenticated_id: valery@smyslov.net X-Authenticated-Sender: direct.host-care.com: valery@smyslov.net Archived-At: Subject: [saag] DOTS WG report for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:05:19 -0000 DOTS will meet on Thursday, July the 29th. Since IETF 110 a new RFC 8903 has been published (Use Cases for DDoS Open Threat Signaling). We have 6 working group documents: 1. draft-ietf-dots-rfc8782-bis is in the RFC Editor queue 2. draft-ietf-dots-signal-filter-control is in the RFC Editor queue waiting for missing normative reference to draft-ietf-dots-rfc8782-bis 3. draft-ietf-dots-signal-call-home is being evaluated by IESG for the second time 4. draft-ietf-dots-telemetry has being requested for publication 5. draft-ietf-dots-telemetry-use-cases is close to WGLC 6. draft-ietf-dots-multihoming is waiting for more discussions in WG Regards, Frank & Valery From nobody Tue Jul 27 08:05:56 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8375F3A08B1 for ; Tue, 27 Jul 2021 08:05:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zx7Nk2xfVPUF for ; Tue, 27 Jul 2021 08:05:47 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C5E53A08A9 for ; Tue, 27 Jul 2021 08:05:45 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id B2099625FC; Fri, 1 Jan 2010 22:54:43 -0500 (EST) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Ig5hKBjQlFbu; Fri, 1 Jan 2010 22:54:39 -0500 (EST) Received: from lx140e.htt-consult.com (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 5E682625DA; Fri, 1 Jan 2010 22:54:35 -0500 (EST) To: cfrg@irtf.org, saag@ietf.org From: Robert Moskowitz Message-ID: Date: Tue, 27 Jul 2021 11:05:19 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.10.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Archived-At: Subject: [saag] NIST Leightweight Crypto report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:05:54 -0000 NIST just came out with:  NISTIR 8369 "Status Report on the Second Round of the NIST Lightweight Cryptography Standardization Process" https://csrc.nist.gov/publications/detail/nistir/8369/final I have been working with Xoodyak which is one of the 4 AEAD/hashing finalists.  You can see how I am using it in: https://datatracker.ietf.org/doc/draft-moskowitz-hip-new-crypto/ I "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAKE.  It does not come with the nice standardized calls as in SP800-185, but I think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my draft.  Comments welcome! It has been implemented in openHIP. Bob From nobody Tue Jul 27 08:21:58 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5308F3A0A66; Tue, 27 Jul 2021 08:21:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.895 X-Spam-Level: X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 58notb0yf0Pw; Tue, 27 Jul 2021 08:21:48 -0700 (PDT) Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DC4623A0A5E; Tue, 27 Jul 2021 08:21:47 -0700 (PDT) Received: from LLE2K16-HYBRD02.mitll.ad.local (LLE2K16-HYBRD02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTPS id 16RFLdTi030441; Tue, 27 Jul 2021 11:21:39 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Kdh1G9PWJjBCl2ffgDtGMOHywyQhxfa0OL5/G0EZ+A3QGy4pO9VxSxO+lenUl1ntyuIth2aALVHGbhSUky2jcKeD3RyH7u13BW2VEg/l11U0y4mITsNMOJ21POpxSxPFE+qrAcT5U1AQGGFCWOWGYwswtUF/tVFX1p0R6EJLveARh4GE2TeutkMkdFgw6zluTKGUmFURYQcrh+buFpKx9pekON43L7KQ4ZLBhW8A491ltThuZV6ZGlODdh6vrSY1fot1IuF6d9HjnnNTmM6c/nBi4wZaFE403CmrvtALbhLwpRYZltmrNfzSJlsBktLpT8QF1UGNSnA3qaD5wo9N3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LsTuoQmdXDn6wu8vrXhbKeZgPqTBoG00zaJ4FjBqH8w=; b=rQ0O6W2pjXmVzXy0tAS1eej7hCG7Xj2e5+psgr9ltfptDhIqHjShEIwVYXC9wWt9Q8PAlD2JIvkQ2lk8cg8xh7MDmAlQM8XNaf9hGEYdwcACNa2b/LA3OuiB3BruA3DP6y+E0o9eXNpTLYjeAWDrO3yfYLgJpCO2X8qAfuJ/kqrB3OWz2GAXK71nVfMn0t+bxvLa1gfH59mrgLYUa4lG7bZ/cBBMnkA4piPgt4lrwdI/9zIfyDdiKRW2oiRecfpVF4MxI2v9ZhIVPmeoyrHApVqw6zb3EWTjk5yOITTTbtHmLpJN59dMF6O0JhuR3Jh5poHOqV6qxqPWTBPsBUFaVQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none From: "Blumenthal, Uri - 0553 - MITLL" To: Robert Moskowitz , "cfrg@irtf.org" , "saag@ietf.org" Thread-Topic: [CFRG] NIST Leightweight Crypto report Thread-Index: AQHXgvkH6hYvN5wT6UqyOmEoigz8dKtWrS6A Date: Tue, 27 Jul 2021 15:21:38 +0000 Message-ID: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.50.21061301 authentication-results: htt-consult.com; dkim=none (message not signed) header.d=none; htt-consult.com; dmarc=none action=none header.from=ll.mit.edu; x-originating-ip: [129.55.200.20] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e6e38997-5254-41ed-d94a-08d951123a7a x-ms-traffictypediagnostic: SN5P110MB0415: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7691; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RppecklF88abjIfF5PNzljzf/qdW2RIrwQb0MiFrZf8IrKrXq/ENy3pjQVMi0BnomXtNdWbyTLbemkq1t351CUmR7f0fUpuA4f0dFYNrVKjIEVaNTkeP8WhyHMdYV8R4L5Zq/SkFNyiRibAZR5VGa1meh8Jrnc1RU7vFfPWUFLplihBzW4x3OsKwi7A8M4GYuAIK/cCfTYkdf+hp6XAfH3J67gFQkBGIoDZnShC99OnLJNpOiZzS5RfXWM7a0q2BH7xrAJ1i/SDyDWKCCOfftmetUlZVGRRUcHavri/3/ZJwbaOGr5epDfELUTy3WvV1aWmZre4IzXUiumDfpypWguTEAQpXHO2b2hUBEf7FTJiEv2aKKVTnZNsJqjQFbUyuIVqmu+4sOBbpeHcRAbd4u7yfk5kwe99+z+slf1eqK3WrD/6PsWCIKOF2Ws1Hv2Z8cYKEc98VcEbnzoFVzGIcEcNXMRYI/USpWuPURp8G9BXD9tHWj/LOWBoYHfKZxk02i1WKf6fWTzwI2KcodeV5Ki+2RtpPno+wCiNhK4WHGWqwhMOjCHZID4Q/xwn2w2+ByxK16U8Ke6pXj7+3XJVp1JF93pjfPlNJr7tWFWLbAymv78FyLmPOza5GMK37iludv9GXYWd8SDoqXVXgoCO4Vg== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(136003)(396003)(366004)(346002)(376002)(39850400004)(75432002)(33656002)(38100700002)(122000001)(99936003)(66556008)(2616005)(478600001)(2906002)(64756008)(66616009)(966005)(71200400001)(86362001)(8676002)(6506007)(110136005)(6512007)(5660300002)(8936002)(66946007)(66446008)(66476007)(76116006)(186003)(6486002)(316002)(26005)(45980500001)(38070700004); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: y0TmEgcPwNA0rRMyff5vKmxmXmPOIKWHcjAuhw+gfhyZ0mqeMBQ8LGQhY2NwTqu4dr5q8aFCf6GZBrBYaIBAwhM3xRkHXCArOmPZXNDC0VsxlQgTWKAEk16d5kwXDB7gGE2rtu3tRMokMLXvgo0Duj7HLsWcJvdTG4pcS+dHVFyJENdzDbKp0m4c62gM1oR2bZHbYIxY3gpQIIXh4fQqudSmXNMY3FZeHDZ9/L+avZH0lpOqTv8SDwuv/2PASlmfLQX/EKgYffc7B1aYWrVKE9PVxfYadtQWm7cdLU5LRdCzOz/dJ9aI4mYz48YHqUjt/LnsKQ2jXha5lRwXe1so3YZFqcAqxefPZgg2fMDKEEiMZ+7SRW+QQrDWg71lwttJdw+2xKD6v3rcP/+ZhBfoBv4qQbOUGCmMYvAxbzDKw0/DDTcPlrfvED7+kbftjGiNO2LcRFlxpgC4q5dJ5YP5h0cNStGVlFa9n/oxbQeudKv+z9hxGpcffQYIB1A1Hva9PjHQXAoM1Y9dOSNYWDz0b5Gru5xU1ptg+BFbtiGflUJUX7rf824zCLYSo4ANZfTnnb8asUSNAT62/ylCNbWqstYPGTVZcNTlR3c425cFrB+MY+qgeadoK3Et+99SHiyZgZlgouEKDDTlm1hqDRixe0g2Cl0BVYkG2WTjGzQge70Dl68MhNWZ6REY+INMpfSku8l/2bKDggg6D3bqqFLcQQ== x-ms-exchange-transport-forked: True Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3710229697_570074518" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: e6e38997-5254-41ed-d94a-08d951123a7a X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 15:21:38.0437 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN5P110MB0415 X-OriginatorOrg: ll.mit.edu X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-27_10:2021-07-27, 2021-07-27 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2107270092 Archived-At: Subject: Re: [saag] [CFRG] NIST Leightweight Crypto report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:21:54 -0000 --B_3710229697_570074518 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable I have no comment, but one question: which of the NIST Lightweight Crypto c= andidates provide nonce misuse resistance, at least at the level comparable = with SIV mode? -- Regards, Uri =20 There are two ways to design a system. One is to make is so simple there ar= e obviously no deficiencies. The other is to make it so complex there are no obvious deficiencies. = - C. A. R. Hoare =20 =EF=BB=BFOn 7/27/21, 11:06, "CFRG on behalf of Robert Moskowitz" wrote: NIST just came out with: NISTIR 8369 "Status Report on the Second Round of the NIST Lightweight Cryptography= =20 Standardization Process" https://csrc.nist.gov/publications/detail/nistir/8369/final I have been working with Xoodyak which is one of the 4 AEAD/hashing=20 finalists. You can see how I am using it in: https://datatracker.ietf.org/doc/draft-moskowitz-hip-new-crypto/ I "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAKE. =20 It does not come with the nice standardized calls as in SP800-185, but = I=20 think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my draft. =20 Comments welcome! It has been implemented in openHIP. Bob _______________________________________________ CFRG mailing list CFRG@irtf.org https://www.irtf.org/mailman/listinfo/cfrg --B_3710229697_570074518 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUfQYJKoZIhvcNAQcCoIIUbjCCFGoCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0B BwGgghJDMIIE8zCCA9ugAwIBAgITWQAE/KGDHCQY5NLn7AAAAAT8oTANBgkqhkiG9w0BAQsF ADBRMQswCQYDVQQGEwJVUzEfMB0GA1UECgwWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECwwDUEtJMRMwEQYDVQQDDApNSVRMTCBDQS01MB4XDTIwMTIxMTAwMDQ0OVoXDTI1MTIx MDAwMDQ0OVowYTELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRv cnkxDzANBgNVBAsTBlBlb3BsZTEgMB4GA1UEAxMXQmx1bWVudGhhbC5VcmkuNTAwMTA1ODQw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKE/w5SMRbjqdnzi3xm35MTfqSl/hP NjMbDakZIdbjOM3UKEmPFXc6a6VU/QqOJUi6ndjw0tH7RCVP73bdRPXO/E8WiAaaSYG6Ddqr 02Pv6wThtFuh+ll9IbDRWZCrXdglHg5CdvqpmlsX5UY54/Gb5r+Je3CwHewClS9/KqklAu/M Rj7Cc7g+PM9GcvU63WDVgXiuAplgvA+W5Hvmcnseb97nBuBnZ1kgbFScRNLR8y5QxSrSpXxW YRiH8dlr/LfBSYsgClZ57NhMk6Z4YL3y1Pw6Vq8pXtM7hlSq8/6s/jhxwf6vUDDeBAkoEWxl hqJtjdD+qrucwiRcrt9SNOufAgMBAAGjggGyMIIBrjAdBgNVHQ4EFgQURapIqD1qtfvgIhzU 5deTdhe9DyMwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFC/vu8YNHbvpav6sZ/MHOwh2 9ktZMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXRjcmwvbGxj YTUwZgYIKwYBBQUHAQEEWjBYMC0GCCsGAQUFBzAChiFodHRwOi8vY3JsLmxsLm1pdC5lZHUv Z2V0dG8vbGxjYTUwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmxsLm1pdC5lZHUvb2NzcDA9 BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+K cwIBZAIBCjAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAZBgNVHREEEjAQ gQ51cmlAbGwubWl0LmVkdTAYBgNVHSAEETAPMA0GCyqGSIb3EgIBAwEIMCcGCSsGAQQBgjcU AgQaHhgATABMAFUAcwBlAHIAUwBpAGcALQBTAFcwDQYJKoZIhvcNAQELBQADggEBABAw2S9N p+Aii+rVwD0uTZSRjpL7QD9sWkH1WB1Yd/88m+R6xZtKiD1PJLKXzcumU1V9FAPYZufhCcPV KRgyGbizPBn+f3t13bDieGHLd0DWM4abQiEgiFDsUDzTJ78WwHt/PFMjFe/oFSgghgKcOiBO QdxA7oWgV0cvJmc0hNxV6aPACboXW4qAXKMaMXPrhAXJTkL81uoemEf54gdROFIdVLYOUdba mGmstwRcTn1RsJhIcu2EDSNpyfwfK1NUNQAe199BaNenGrKW9yTHwEY55c9xusIEEaW+FLAi jseXn2gIvlQ0W2P2NMm7YCir0F6PI3DDH8+XmfcrbSfNt9swggTAMIIDqKADAgECAgEGMA0G CSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJv cmF0b3J5MQwwCgYDVQQLEwNQS0kxGDAWBgNVBAMTD01JVExMIFJvb3QgQ0EtMjAeFw0xNzAz MDIxMjAwMDBaFw0yNjAzMDIyMzU5NTlaMFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQg TGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnmoMOvTkfw7nq19mrWazGaa+Q83Uv 0+ATXT3q6kr+WExIMIZ87C74WCcRXpvO7uvx7HvMsYWAFHW93wQwhjytxHIOZgKNJ4VnGVDU l+KI7g0n9+Zjt3hB3HhHbcvbe9+Y4jz+XzCiLl2OaYvICKbxvbBSCLtPEeZQ6x6Tb6EK0ym0 gvYeHO3kuuY+SJHJMltbrLnIVLxjZrNVS77zXKvu6Q3hSdkRIB7kJgEXfL+p/z/2p94bEEZ2 TnQz0TkOjG+Jq7UlXlFRtvsYcDPEQD3UNkZsWcXgC1hXG8TGknUcAhlGxVhlKlFLmNd7342s eGy2s9YxNDnSE+eXTtb0I5LLAgMBAAGjggGcMIIBmDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G A1UdDgQWBBQv77vGDR276Wr+rGfzBzsIdvZLWTAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGu girH7vgy+zAOBgNVHQ8BAf8EBAMCAYYwZwYIKwYBBQUHAQEEWzBZMC4GCCsGAQUFBzAChiJo dHRwOi8vY3JsLmxsLm1pdC5lZHUvZ2V0dG8vTExSQ0EyMCcGCCsGAQUFBzABhhtodHRwOi8v b2NzcC5sbC5taXQuZWR1L29jc3AwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5sbC5t aXQuZWR1L2dldGNybC9MTFJDQTIwgZIGA1UdIASBijCBhzANBgsqhkiG9xICAQMBBjANBgsq hkiG9xICAQMBCDANBgsqhkiG9xICAQMBBzANBgsqhkiG9xICAQMBCTANBgsqhkiG9xICAQMB CjANBgsqhkiG9xICAQMBCzANBgsqhkiG9xICAQMBDjANBgsqhkiG9xICAQMBDzANBgsqhkiG 9xICAQMBEDANBgkqhkiG9w0BAQsFAAOCAQEAMJYRwLPJ91K7e2mA2Nj10W0o5JMHYkaa+ctL 8/xY8QzIHFI5Ij+iydpPN9KCYn/4Sy80T3aNoYkFlS0GRQXhf0nsiY7TWJwAKw4AiO/yJ37/ oRKRgtyRicvaJ6RjlHCXBOalFLw9UtpodP4/idC51lxzsolaQZraBjVe7PL95PhS7D+22Nff InzLdIb1DBf54NwOVfPIgABtxH1fhZrja7EhR9RoUw5E1O6iWaAuP/xWhSTQFWlhyA0/kkIi 9/HXaY0hYnhcjcbPPqjpyfIhSFjjXhjqK7t2wPrSrBFLFUbnLiNlgQHrvNYF5IqgIfnSBWIr m3rfLhpZZJ/xJ7Yf6DCCA4owggJyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UE BhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTEY MBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMB4XDTE2MDQyMDEyMDAwMFoXDTM1MDQxOTIzNTk1 OVowVjELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAK BgNVBAsTA1BLSTEYMBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAv3WoBEGOOJtm4ucvaf6vKIFPs8watCd6Smwq/XeRNo7P3jPIxNPw F398RGDUmPJIXA7idzD6j0opFIW+kLqYye9e788PV0dqaJlX8818fNDbSE+8B6hieqKTR7Vf OI74UVQEUKVRFuRFw6uVYuvgew2Tj/C2dEee37eruQl5nHkbV2OsWnZ7O+yt+etd6HRcaXLl P9q8WKgA3B7vkOVIMCKoAuaWj+BFq7K+WNkiyi/KdOH9JmOpbyRK4jcA7xbLnF8JFUSNg5c4 Y1BJrFaZtkCeG6Nm9p524GllkRFzPgpj8VicV+AK+9rY07dTx02kYotTnKuy0YxBAwsUXxAQ EwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT/ycllTFOA8akMPCGugirH 7vgy+zAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGugirH7vgy+zAOBgNVHQ8BAf8EBAMCAYYw DQYJKoZIhvcNAQELBQADggEBAHqYfEf/3J5aMKhlYQ0PnUAbMB8jZSr9/HvjfOF00crFUCfS rqG8JQwo+S/iq66gcp62FEgJ0fQkDgVg6m+C2ETo1LoWiSxhYCfcSIQECljlXwR8wFSayF82 2S69IqvHhdq4d58jU6gYi6ssjU4vwsvsVLRJKk/m/Cg/w8gW6YHM5ahBD6/5Ccel2fI7oSms kO991+otrC11YfDwCFvz7Am0r+K9iVhSWta4hmIuV0YBia07eZKSO02LPgQ8YOz3ku0Yt+mh 8VWRKux2CcYjMpk+WDV0BMp75tqb6pqBFkcKvEBXqxg+8+G/umjii4H0c5kvJhaQyykbmOKm xO9IcJIwggT2MIID3qADAgECAhNZAAUW1xDL1n3IkFBHAAAABRbXMA0GCSqGSIb3DQEBCwUA MFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYD VQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUwHhcNMjEwNzA2MjM0ODI1WhcNMjYwMzAy MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9y eTEPMA0GA1UECxMGUGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMRXUPN5Fz28jb9GOca2/6HDq5EE4Hu T1enB0TiMEnOTipW88pgPmSZ/AAFyJF7AWX7PYPw94Ed/Bbs7yCCa6WZS7cQzdHOWppx9gRZ AxkR8+TgosxPcHoCMXmI/hXtVdZ7mwZlpBGJvyBe6YRmxOWLl3WiCRi/gBThwEWsiQZOfhEN 7hC2GhgCKetpNlTRPxslLmkStNlnjNAxhet8Vm/KSYJFVPOx3qytdLwnO6sz4AfIJJQkFX26 6oP0F/4bjRGlIZrZpdUPGiydpJl1r5SRcYs1ZE7JHErULWSyiAIzBDHUCTcN2GnFoR+9fz92 q2VIHvNHx7bV1hd0E0zlC9UCAwEAAaOCAbUwggGxMB0GA1UdDgQWBBSQ5IixU+wo9uUYNUB4 G/ea7vuWEjAOBgNVHQ8BAf8EBAMCBSAwHwYDVR0jBBgwFoAUL++7xg0du+lq/qxn8wc7CHb2 S1kwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9sbGNh NTBmBggrBgEFBQcBAQRaMFgwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9n ZXR0by9sbGNhNTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubGwubWl0LmVkdS9vY3NwMD0G CSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCIOD5R2H7Kdmhq2HFYPq8EWFtqEfHYXr0HCD6+0g AgFkAgELMCUGA1UdJQQeMBwGBFUdJQAGCCsGAQUFBwMEBgorBgEEAYI3CgMEMBkGA1UdEQQS MBCBDnVyaUBsbC5taXQuZWR1MBgGA1UdIAQRMA8wDQYLKoZIhvcSAgEDAQgwJwYJKwYBBAGC NxQCBBoeGABMAEwAVQBzAGUAcgBFAG4AYwAtAFMAVzANBgkqhkiG9w0BAQsFAAOCAQEAICZO a7qQQMDGZzRUaX+Mm/3meVo0nTEdNby178MGq6uYGUS4keIkljEoI+KiEMbT8rtCOBZwomnO HdJmLuRUEgrVAos27V4yjvoic8QKsz+qEhxslFg/2EYMAbTsyLqg34R+wG5o6K95ohUrgLud fPxAmcLOFBtIZBr/3DUIlzw4xHKiX2ruex7YOrQccgXb2qGtNB7tG6jAaXqFb+NZTJhj+3pd OiZiZanzpZvPLIH6Xe4awqDrok7q9ImwwSSQorNrJxKKtA3vLUW3DGvom3XDiOjDqpzhmqXC u6Wf7JfrSJRaudU2WyvYfPk7NQlkLR/1G6Xz+zKqO/cBt2aNATGCAf4wggH6AgEBMGgwUTEL MAkGA1UEBhMCVVMxHzAdBgNVBAoMFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsM A1BLSTETMBEGA1UEAwwKTUlUTEwgQ0EtNQITWQAE/KGDHCQY5NLn7AAAAAT8oTANBglghkgB ZQMEAgEFAKBpMC8GCSqGSIb3DQEJBDEiBCAkPQgNUzud1Dj/PMi9jDMYX+/VwlpQzFkFHN5D vI1txTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA3Mjcx NTIxMzdaMA0GCSqGSIb3DQEBAQUABIIBADlxxxvJnJIBxAybUF5SVhhvIdYnv/CrfrJGjrzf bS/gwCLj65S1aTWXGkhVv/uqzkYcVEsUmvephjXe/AyX6+eYwu/4wqxNwyOLruO3tcEyZVGS PojfEbJ9BNG9LG50+rUG265AaNVzbW7kW0jUt38WRMlCANBls1b/ZmmnZwPvaeoetDPKINve G9J0OcjP6WdLOu1cTv2idIFAYcinTskIS8E9afCVf95SjZF+ziNmnPUezCvp3vgBWMmM1hbY TNsYGoqDg5dwjms2+8mypX+EOgorTo1LXg55ub2fN/ZxOHJ2RMYnH+3mMr35IWfFmTse8gHM 2ZLG6B7wyyEnK0Q= --B_3710229697_570074518-- From nobody Tue Jul 27 08:24:20 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 351343A0A87 for ; Tue, 27 Jul 2021 08:24:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ru_cbnVtmKUS for ; Tue, 27 Jul 2021 08:24:14 -0700 (PDT) Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C254A3A0A7E for ; Tue, 27 Jul 2021 08:24:14 -0700 (PDT) Received: by mail-qt1-x832.google.com with SMTP id d2so9774099qto.6 for ; Tue, 27 Jul 2021 08:24:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=oxPBlXfM/vE3fA6A/h662AXI2EzCgQEqpcl0XJmruuQ=; b=KsEXikKfLDt7quUX4mxHQhn8WZ+6GTykGYFGq98T5IRBMo5rxKXGqacFoEBdgRoEC/ +ZSqw/d+0hjYAI61gQhHBllz03gRYKaEKTQSefvIY0N4HEMHxNR4b6CN5zpMBebQkdyJ aKik8FgRmm6gCe0NNrKL+8aCT8jDvXve3LRaK6yKWWplYt/OCerUScLRVwCMy3lOPmVR sxgTSVt+0qsSLFaWGx5Q8GocIlwCFrgXwLNZ8XnUfFJv4B9E8ezUAEin3+5zEamNBQ0Y ve4oYapJsZ7DAgU8ZjSjk0+Azc/5tXLuve1AiskAWnZLujyMexLLHDQ1kclsbWfaejPj /1Iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=oxPBlXfM/vE3fA6A/h662AXI2EzCgQEqpcl0XJmruuQ=; b=CKP4qrkieyZM8XkW0dV3x+Oe2iuMS4P/kMiDTAwDSvCVudGy7Yv/gvxowhbP5wHkNu 2oJYMVXS8TaZtQ8Ly02o88LxvGhYnZ87DGriVDUuJL4aYutCRSWIthu4Gh5iJL1gkaEj NcXuTVBFixVFX+iqHtN52oihaj5DYX5KkmRnxdSeoFeLlb7ABsCcdUsGrO0E3xhH79OV DFBxRaJG8c/C1q/cKikmhldzREBE0IFG6kPOkY5nZSRtlWx/5aWO59dRXCjem8G3cWHL j6SCjohHblC4nQsOlg/soGNo+7FglhYyjpDfRnEQAtt7aWrO9frGOOWCCKF8IeATPgL5 t2EQ== X-Gm-Message-State: AOAM531JyTMND1pBuRZt7DMNoqVkoVa0o1xbg6lVy2mIGK798GvvKvr+ nHm4SFiMCE56oXZTMpvh51/XCcUCseeXqwPZa7/SYL6v5SA= X-Google-Smtp-Source: ABdhPJyEKea6+D3NFNq6LxqUxYLaxR/xK9iNrxRy/nb6w47rmCz9MX/a460GdxdXrEVx+Y3hDel/JnkwPz3+5Lz8Q/4= X-Received: by 2002:ac8:7092:: with SMTP id y18mr19838105qto.36.1627399452728; Tue, 27 Jul 2021 08:24:12 -0700 (PDT) MIME-Version: 1.0 From: Daniel Migault Date: Tue, 27 Jul 2021 11:24:01 -0400 Message-ID: To: saag Content-Type: multipart/alternative; boundary="00000000000049a0da05c81c762e" Archived-At: Subject: [saag] CURDLE WG report for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:24:19 -0000 --00000000000049a0da05c81c762e Content-Type: text/plain; charset="UTF-8" CURDLE did not meet this meeting and the only remaining document is under IESG evaluation -ssh-kex-sha2 . Yours, Rich and Daniel -- Daniel Migault Ericsson --00000000000049a0da05c81c762e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
CURDLE did not meet this meeting and the only remaining do= cument is under IESG evaluation=C2=A0-s= sh-kex-sha2.

Yours,=C2=A0
Rich and Daniel
--
Daniel Migault
Ericsson
--00000000000049a0da05c81c762e-- From nobody Tue Jul 27 08:24:29 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C8863A0AC3 for ; Tue, 27 Jul 2021 08:24:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WaTYMoaqMMmQ for ; Tue, 27 Jul 2021 08:24:17 -0700 (PDT) Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC3263A0A84 for ; Tue, 27 Jul 2021 08:24:17 -0700 (PDT) Received: by mail-qk1-x732.google.com with SMTP id az7so12683607qkb.5 for ; Tue, 27 Jul 2021 08:24:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=zhGlH/ITAjEr0Sr5P+ryc5QXcG4xBUxIpBgifOy5bAw=; b=cD7S/2tJfIJLBYLpjnVAZGmDaihvnD8uQlMl5QJm1rDvxIT5cPmeJMBgF+yA7HAP9d NtPnxhAi7MlJdzdMkiuerUk8tc/R/+Mb2RtWmQ9luN+4tekej3H7CIoFoZWFLpUY7mca SeOpSeb235LaVODE2RYPmLcD1VEC+9fgD6CiERKlzqG3jFNetnknbGXX1xVJ2ue38qW6 9w+Mr3Ioa8b/9F194xa3AZA5HJEOVIQ/eoqGPyWdDW4B8qx7RKTeRlGjJ0UEL0yvMqH4 mqEP6AKrhuN4DnS7vul5PcF5zfSJY3KYd/dbPuAj+T9pf1yWlwV6LV2PB6CX+jd3HIYa qBOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=zhGlH/ITAjEr0Sr5P+ryc5QXcG4xBUxIpBgifOy5bAw=; b=RV1Hr2mKEyf0pzyhiMipZ+8uKSG5Ux0qSnuX04BroDdkDtSInWwRNSd/dTNp8RiWSo B0hmX3qBusF8u/D4aGa+Iy6HYNsWIHvlBwTqHN8DqIGn7x+orH7iApnj+EXmYo6EG9gz HgpUVwcFax5abRfHUr+p5EIDD0MNpVtl8cV7r4aQTL6kP5B/HjbaAJ1K8pWnNVyEKKKK jIRZC1yvTUejIDUgRP/IRiKGUD68TfZka+b69vSaSKM3S7762OAm2s3eTd53ULj8S4GJ aRkJU2wiGNjlqoAc+OrAVfiL+9xlNG9eLHO0YgvisUGcdMhDrDrwOnywcK9bdZOxsbIi Yh/A== X-Gm-Message-State: AOAM533oEgNb9Tzjkca64fr+wWUtUP3vFrBwV0lrZw4ZUCJuyjcMi4xJ nYoWI8ZrTNFjGlLtmXwubzKEvSoh7VYnFlX+yCqfIkLm5v0= X-Google-Smtp-Source: ABdhPJzGaObJULVroPROJsu+W6dNb12UpyPxHrxu0kIBNYw0qnhlh5gW7ondHpqIvsV7ES5HZGEuWSmdddUa8o8olMA= X-Received: by 2002:a37:cd0:: with SMTP id 199mr22643545qkm.69.1627399454893; Tue, 27 Jul 2021 08:24:14 -0700 (PDT) MIME-Version: 1.0 From: Daniel Migault Date: Tue, 27 Jul 2021 11:24:04 -0400 Message-ID: To: saag Content-Type: multipart/alternative; boundary="0000000000006aaa0005c81c76da" Archived-At: Subject: [saag] ACE WG report for IETF 11 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:24:28 -0000 --0000000000006aaa0005c81c76da Content-Type: text/plain; charset="UTF-8" ACE meets on Thursday 2021-07-29 (22:00 UTC). Since last IETF the following documents have been sent to the RFC editor: -dtls-authorize, -oauth-authz, -oauth-params, -oscore-profile. The following documents have been sent to IESG review: -aif, -mqtt-profile The following documents are in WGLC: -wg-coap-eap, -cmpv2-coap-transport The WG is focused on the following documents:-key-groupcomm, -pubsub-profile, -key-groupcomm-oscore, -gm-admin Yours, Logan and Daniel -- Daniel Migault Ericsson --0000000000006aaa0005c81c76da Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
ACE meets on Thursday 2021-07-29 (22:00 UTC).

Since last IETF the following documents have been sent to the RFC ed= itor:=C2=A0-dtls-authorize, -o= auth-authz, -oauth-params, -oscore-profile.

The following=C2=A0documents have been sent to IESG = review:=C2=A0-aif, -mqt= t-profile
The followi= ng documents are in WGLC:=C2=A0-wg-coap-eap,=C2=A0-cmpv2-coap-transp= ort

The WG is focused on the following documents:-= key-groupcomm,=C2=A0-pubsub-profile,=C2=A0-key-groupcomm-oscore,=C2=A0-gm-a= dmin

Yours,=C2=A0
Logan and Daniel
=


<= div>



--
D= aniel Migault
Ericsson
--0000000000006aaa0005c81c76da-- From nobody Tue Jul 27 08:43:30 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C11043A0ED2 for ; Tue, 27 Jul 2021 08:43:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=smyslov.net Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dETycYGvH2Bk for ; Tue, 27 Jul 2021 08:43:17 -0700 (PDT) Received: from direct.host-care.com (direct.host-care.com [198.136.54.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B01503A0F3A for ; Tue, 27 Jul 2021 08:43:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smyslov.net ; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID :Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=SyWIrGSIMoi5fsz+q4WZ/MOCaQz4vRbxfLZvki7OLkg=; b=SB+BNgYAqXWV15OoFBpYM2eXAw Lgesmgk0kwqt3WOwHKd90l2R8vcm29FNbf2dRBPoCiuwaSIBdlHKKeMBoKbNc7q1lYrA1JV3UEp27 wjmbyyOXK76YK9YRRFKywWBTG+iEo0Jp6VTyybEc1MVJrGoZJdXf0iyMtsonXd8may1PnMRgFzMo6 ZP2pPk8GESeop7k/XXv4k7Qq0BhtzYO2/Xlw3yPmlIBv7D/ztmuKWk6Mr9AXvjvVhGEE3XDLB/6MA KSHW1iz1BYo6GH0PTbQt4hnsLtkNpWEiw2uj4qd/02/DXJoeoIDwBhVA4so32bL2cQh1MqeuBYcby puTPyR9w==; Received: from [93.188.44.204] (port=51506 helo=buildpc) by direct.host-care.com with esmtpsa (TLS1.2) tls TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1m8PEY-0007J9-Ik for saag@ietf.org; Tue, 27 Jul 2021 11:43:06 -0400 From: "Valery Smyslov" To: Date: Tue, 27 Jul 2021 18:43:04 +0300 Message-ID: <197b01d782fe$18c44920$4a4cdb60$@smyslov.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdeC+ObZK/7ZCR0BRUiygC+BcMOXfA== Content-Language: ru X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - direct.host-care.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - smyslov.net X-Get-Message-Sender-Via: direct.host-care.com: authenticated_id: valery@smyslov.net X-Authenticated-Sender: direct.host-care.com: valery@smyslov.net Archived-At: Subject: [saag] UTA WG report for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 15:43:29 -0000 UTA will meet on Wednesday, July 28th. We have 3 working documents: 1. draft-ietf-uta-rfc7525bis is close to WGLC, however a bit more discussions on the list are needed 2. draft-ietf-uta-rfc6125bis-01 is being actively discussed and developed 3. draft-ietf-uta-tls13-iot-profile has received not much discussions yet Leif & Valery From nobody Tue Jul 27 09:41:53 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A4A93A094E for ; Tue, 27 Jul 2021 09:41:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ArhEMMs63PR for ; Tue, 27 Jul 2021 09:41:50 -0700 (PDT) Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B58803A094A for ; Tue, 27 Jul 2021 09:41:44 -0700 (PDT) Received: by mail-ej1-x636.google.com with SMTP id nd39so23131949ejc.5 for ; Tue, 27 Jul 2021 09:41:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=eWcGpFVQcjdEg4Th+KY+9Nudx2CtH1m6SKFD3RwJmcw=; b=YskRmFhofJQiMrHz+n9OEr1QnddjUv64rNNzPXNgKPz/eT5xEpJtVDqXlVZOo69SIN nMRiNnwpmmvS3sL3vnfHhC47xls1qYMcGEhWwVuVs4eiSNN/LZmJz3jFx6qEVgCTTHTW Wo4I9M/NE03ZWvXJSq0NZxTW865hbx5hBL5WR+/hmeyCUNkqA7gGviDMqVLLOmywuxdl GtvndP/nUOBzlwVbLUO8Piw3YwqgDJzuWoPgFa+UjA+IICLUE0PTH1YY+IoOJtsefJg9 mfmqpaqWCW7IQYJrPcRIvmHJT4AY3vbHzvlosrL8UTYFnufB+RrW0t9+OkbeBCTYmuU8 ABhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=eWcGpFVQcjdEg4Th+KY+9Nudx2CtH1m6SKFD3RwJmcw=; b=DAKY6LcaXKTwgEdwPVNoUDvYwOQuuWdvlyEKtGhhgYDyuUMdhb+AzCikQ/0sr6mQxj skuhvh7KbpUy32TvPY2Xa2To+eLO7BxKCuW80pkJZKoEDac02lUMBiKDFv06wCjw4Y3p HB6lBGbZ4OK+h4ilP0t9hiNGygDD6JqWqUN7OWXcTu7nIQw4aMLOyyKgFqQPaTYfkEcT ZVFs7q0PaozFbJqMW8zL9f7ZxlFcRLFSiICcMuL0ejqrDV6l8gQbn6r/T13jp6MMICoB FuaC9jBpZBok3VkEV6HXmEnJP6L0BnXqJJA7WdPolFP8Jt2680cGheB02HIrl/w+ovB7 9uiA== X-Gm-Message-State: AOAM531giEv0hMkmkzLUWm7Rn+WM62SZn7sntBIex3iDSHaVc+hp/nVF 4WgD4KN2bPJ6VUrKQ8Vvpj44boUgO2ya5Ou8jBlO8Wmd X-Google-Smtp-Source: ABdhPJydCzBpQG69Lf0NbAWlh787Q7Ruqsc8Hue5/C5zwQO/87+Dg3TOT008VVsceLGsgdIepg/Hg0OQYQPNMfOq9V0= X-Received: by 2002:a17:907:9604:: with SMTP id gb4mr22761977ejc.142.1627404102593; Tue, 27 Jul 2021 09:41:42 -0700 (PDT) MIME-Version: 1.0 From: "Stanislav V. Smyshlyaev" Date: Tue, 27 Jul 2021 19:41:31 +0300 Message-ID: To: "saag@ietf.org" Content-Type: multipart/alternative; boundary="00000000000070f2af05c81d8bc0" Archived-At: Subject: [saag] CFRG report for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 16:41:51 -0000 --00000000000070f2af05c81d8bc0 Content-Type: text/plain; charset="UTF-8" CFRG meets on Friday at Session III. The Research Group will be discussing outstanding issues with the following drafts: * draft-irtf-cfrg-rsa-blind-signatures * draft-irtf-cfrg-cpace * draft-irtf-cfrg-opaque * draft-irtf-cfrg-voprf * draft-irtf-cfrg-aead-limits We have several agenda items related to possible new work in CFRG: * A Duck Test for End-to-End Secure Messaging * New KEMs and AEADs for HPKE Documents in RFC Editor Queue: * draft-irtf-cfrg-argon2 Documents in IRSG review: * draft-irtf-cfrg-hpke * draft-irtf-cfrg-spake2 Active CFRG drafts: * draft-irtf-cfrg-hash-to-curve * draft-irtf-cfrg-vrf * draft-irtf-cfrg-kangarootwelve * draft-irtf-cfrg-voprf * draft-irtf-cfrg-bls-signature * draft-irtf-cfrg-pairing-friendly-curves * draft-irtf-cfrg-ristretto255-decaf448 * draft-irtf-cfrg-aead-limits * draft-irtf-cfrg-opaque * draft-irtf-cfrg-cpace * draft-irtf-cfrg-frost * draft-irtf-cfrg-rsa-blind-signatures Regards, Stanislav (on behalf of CFRG Chairs) --00000000000070f2af05c81d8bc0 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
CFRG meets o= n Friday at Session III.=C2=A0

The Research Group will be discussing outstanding issues = with the following drafts:
* draft-irtf-cfrg-rsa-blind-signatures=
* draft-irtf-cfrg-cpace
* draft-irtf-cfrg-opaque
* draft-irtf-cfrg-voprf
* draft-irtf-cfrg-aead-limits

We have several agenda items related to possible new work in CFRG= :
* A Duck Test for End-to-End Secure Messaging
* New= KEMs and AEADs for HPKE


Documents in RFC Editor Queue:=C2=A0
* draft-irtf-cfrg-argon2

Documents in IRSG review:
* dr= aft-irtf-cfrg-hpke
* draft-irtf-cfrg-spake2

Active = CFRG drafts:
* draft-irtf-cfrg-hash-to-curve
* draft-irtf-cfrg-vrf* draft-irtf-cfrg-kangarootwelve
* draft-irtf-cfrg-voprf
* dr= aft-irtf-cfrg-bls-signature
* draft-irtf-cfrg-pairing-friendly-curves
* draft-irtf-cfrg-ristretto255-decaf448
* draft-irtf-cfrg-aead= -limits
* draft-irtf-cfrg-opaque
* draft-irtf-cfrg-cpace
* draft-i= rtf-cfrg-frost
* draft= -irtf-cfrg-rsa-blind-signatures

Regards,
Stanislav (on behalf of CFRG Chairs)
--00000000000070f2af05c81d8bc0-- From nobody Tue Jul 27 10:04:45 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E448B3A0AEE for ; Tue, 27 Jul 2021 10:04:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.2 X-Spam-Level: X-Spam-Status: No, score=-1.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=0.5, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=isoc.org Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CsDQDEprYNk for ; Tue, 27 Jul 2021 10:04:39 -0700 (PDT) Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2057.outbound.protection.outlook.com [40.107.244.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BC6B3A0AE8 for ; Tue, 27 Jul 2021 10:04:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UEwhCMeefleHtTHRrRGo8NRKLBFi2xRo8z1y8xFDkPmY87kYAKk7Kd2/GwtiNPVP405U7W+FRJuXKhhrXvOOMJkLREjvcqgjO08cxYEHu/qWLS3JDDMKLpUWPiLv/OATg1cIW4w3GFVDOOdQAU2XG5YF349/4Qvo0BNx/fLYqYSu3cWm5XMZywGWQRlvvoR/g3lpw2lUlzl6z9emwhsE0BVz4/45a3IKIb8Zvclf5fClbTc+nU+AThu7Naa9ZlD4c6e/GoPoLdjQ2AmG/mXesJ/EFbN9AnWihmcveqex6/LY1+dtWb9jNKFXMrqsheYl8oPO5sN4Ng44sleE/TZ5Zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nqwPNHu22GFRkb8SoQeu00YsU9jenTeMu4jYyr3GIEw=; b=eIq8+5HUydWs8XYAk5Ep3jqxwr1J/q+gqiYKW6DPoO7Dhg2DLzI0e8HKhpKpl/dNs90bgDkpRlysupIumjHcyUBMYrr04ItfUzA/mRY061RFVOgHGVAHWP+el+I6TqTpjzfbbsuVbe+6VhQr1nkeb6C9ylckyA10HLp3OFD+DCgIRc3zPjkm7LVJLJ6FCYZ3xZjdfY1hOwhjlfsnflcIS0w2pWqFJa+36vw9wQjhS7/YnO+poVvEqzOcRaJLuyOdOkgXCXs2Bp6am+W/Mv5dIF3NO2UG6eNy4HySaEOdMU2k4hfR17OUXp98k7TZEpb7F86mXUsOBnG3Dqu7GWH/dw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=isoc.org; dmarc=pass action=none header.from=isoc.org; dkim=pass header.d=isoc.org; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.org; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nqwPNHu22GFRkb8SoQeu00YsU9jenTeMu4jYyr3GIEw=; b=A89DHv0W9aRU7VSCqPrtpvZn0RKJzld76+tR1bgP03ncqpxMXNPqLA4bkZ+HQoTIhjJ3/743kglRdyjZLOXqgMXR1YK7uz1mtT8h/MKyOmcdYZRUjYZHzj3haK6vIAH30MHckvAOjdvit4FTbk2VEYNKzMCfRV5Adsu20QTRFY0= Received: from CO6PR06MB7058.namprd06.prod.outlook.com (2603:10b6:5:344::10) by MWHPR06MB3502.namprd06.prod.outlook.com (2603:10b6:300:127::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.25; Tue, 27 Jul 2021 17:04:34 +0000 Received: from CO6PR06MB7058.namprd06.prod.outlook.com ([fe80::e80f:8789:c25d:260e]) by CO6PR06MB7058.namprd06.prod.outlook.com ([fe80::e80f:8789:c25d:260e%6]) with mapi id 15.20.4352.031; Tue, 27 Jul 2021 17:04:34 +0000 From: Karen O'Donoghue To: "saag@ietf.org" Thread-Topic: SACM @ IETF 111 Thread-Index: AQHXgwiWnQKysadLI0KmPZSiJ5rirA== Date: Tue, 27 Jul 2021 17:04:34 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=isoc.org; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 81481581-5d47-497e-0033-08d951209be3 x-ms-traffictypediagnostic: MWHPR06MB3502: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7219; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: XS7ROV5t2FdadjB4x8gkYBFnTqWSWwZ5M7JtAvq+KZhdyc2Yqk47f5c6u469lMSh28wpgql3EB2aVCyBKy1kRnDzKCXPZbbZxAEwFIMvlzg3o+pFIETqBtGKLTxe/GGuFjMwZiZh9WR2JSO0jbONFLe32ILpqKF04yrUjam5HENYQmLgncFc4gStJ8r3Jr5hN0RiaG4WQOyr+ZzQNBMxlmVnzk3dJmQrSm72XWX5qciZHGZNk3bSay8fqWmj9qhvfglX6R3lgoQ0GstoyIu/PsgyiWIqwR7BMj1IzISzErisM4xeZWnlPvf7SzB1zYp4riD0mdO8P1Yetsl8Vj/H6abz+X0QvWg2Rnhws+sbhW1KVRMx7hNr2437YcxoetYRsQb3SKny2jH0Z2rDoxYzpt6tqu3OG1JwrpYaW2wLEVOay3kug4zH85AIBj1LsHq2Low5Kyix5WsjjkQJiguO6T67hLZaijsYeWWpm3yIp/05hKTd62kwoK7ya9BAojId/0Z4E4kQKojZW3ux9pGg43DZextvKsh7u43eZKxQXVh7PqdIr+A+KKVSSsUXH8WxbqTDN6JIZ90m/Y249sQpgz0t3y9F+Z+ox5orcIo9iW1DuzuL62C41QEuzYIJQ1pkbXdBvZJZCJSRcxRcW9jl7OsNQdA27gxRAp5ZKhSouXzZ1PwljNDYOhsINGPV0rHwSUXx2K2TmwtM62TYdn4jfw== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR06MB7058.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(366004)(136003)(376002)(346002)(39840400004)(6916009)(91956017)(38100700002)(5660300002)(86362001)(83380400001)(4744005)(122000001)(66446008)(64756008)(66556008)(66476007)(33656002)(76116006)(52536014)(186003)(7696005)(66946007)(316002)(55016002)(9686003)(8936002)(6506007)(2906002)(71200400001)(26005)(8676002)(478600001)(38070700004); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?G9WPnyiK6OhQuCz8mT9E1l6I9lMXVww8OEgWUOhUFhB1auAMNT1D85JdZMlZ?= =?us-ascii?Q?lUz/A+dRigV8JyxGF6zshqqe+1gaI/e5jMcTa+eOtvzU5NY+LxvKYbchaIEJ?= =?us-ascii?Q?ctXBRSJ2lZUuqy259GJCy4GcTGzNbZG0wePGc4JrTnlaJ8KMwyOvplJW/kNn?= =?us-ascii?Q?d9c1+8QCHHYvznZjL6kLxrPhe99iPaS0Cj26IWjQLXRSlC9iZluyVb8/5gq1?= =?us-ascii?Q?LQqOfRniKgNG66yFqW+J3d2FSCBi4BVgI6q1t+aJqlYw0SN6zHqS1BOLk54L?= =?us-ascii?Q?6CMabO9xSCV6487fmAq0vC+4BgKLt5BUXkKRJ8nzY9iHtnbLjRtFD47RWAg3?= =?us-ascii?Q?41lAEx5DDnUjiUwM5+8Tza9WB+fqsjq04Ghl/i48LfJu/ZX2Loab1FYImbZk?= =?us-ascii?Q?Ie0jO+h2Qa8OkzIw39ACQh4r9ksXxXld7Il4Kjul7K1XOXoj6ZPjNf5Q+ivl?= =?us-ascii?Q?96aPQ8OVegy52WpY7fdUUEJ6lViTfOoMmZhd5wlpn2LUhrrYniLOvsTIIf9m?= =?us-ascii?Q?MIQJVmXmwyGVQvk8nobQjyyDMx3SVRM+7C0gdl/Vqke5jp3MiMofIyqpuWZB?= =?us-ascii?Q?FXr5sD2S9bxPXstRSlvjIYTjWXPUxpwXT/7ABXJw+xOBG8Y3n/bEZXzRyseJ?= =?us-ascii?Q?sS1RfwsQn7P6E0bQy+oR2F0Lew9ooLbzn6HZr+0lr2RUMZ5oIwjZX9H6JNXn?= =?us-ascii?Q?U2Wj4DIF2XfyjLEa07U2bT52pJYdbU7NCyljOE4Qc2IU5tEWDvuw92j+qdzq?= =?us-ascii?Q?H9KsuGP6HBojjfY3/FXYnmyJ/02rCztEJtCwrdmi7Zbdpm+bavFy7gSC0174?= =?us-ascii?Q?zAzHnsFWT+JjrsRVa7MO4geoLCORyroZKancBkGaTh4NJArbOyLOE5Kf/+nZ?= =?us-ascii?Q?d+pKRlVgcRjy1/2YNxLjcVTZPZ0a0a0hwhPyDcgPIjmrivQsMQF6+1lca93a?= =?us-ascii?Q?N3MGVM67ZWRdpGv3mIwBdXT648GBMOlsWhg+gh2P0ad5UnAACQCQEqttYPLG?= =?us-ascii?Q?gqfh8hOi/lyhJQZ0+tQPmBk3jg+api/6JgL/Y/UpyhzmQXTzCagyZw58r8d+?= =?us-ascii?Q?XhZ5A+/lFHTm0w/s7v4at4ht8mQ+TIPscIdHrcrbnG35lEILqRDle6Be/gqQ?= =?us-ascii?Q?DlyRhXV3+Dx0p1RdnWPtw3Wud5I9OOz3GHMFkuoQOJSr/cgomXVy57YTstFw?= =?us-ascii?Q?45vIeCz5xVdOUvxG8hJTo15ZNXy4OzI8qL409BVGvK8anxXkTlnmZAAdFP88?= =?us-ascii?Q?tkUdt94qnD3RjvwRu/AZMQaKgS9UpeznQlF+pPj4zNfJ5z3zSoQA879T7sDk?= =?us-ascii?Q?nYrJnyVTPdHm1ZzWZx84F9exBC7uemN+v+mTOcniV6M3hA=3D=3D?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_CO6PR06MB7058277A7EE1D5B72B5D271EC2E99CO6PR06MB7058namp_" MIME-Version: 1.0 X-OriginatorOrg: isoc.org X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR06MB7058.namprd06.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 81481581-5d47-497e-0033-08d951209be3 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 17:04:34.4649 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: lhc2QzNyF6hHw1BRFmTSLyrtU/cPj6b1C4WuhRsJFRgRjLcwGpGamfQoyawe+sxlecSEfuvupVqPpM9hf+hmkA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR06MB3502 Archived-At: Subject: [saag] SACM @ IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 17:04:44 -0000 --_000_CO6PR06MB7058277A7EE1D5B72B5D271EC2E99CO6PR06MB7058namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable SACM met 1900 UTC on Mon 26 July 2021 * The CoSWID authors made all the updates requested by AD review, and the s= hepherding document has been updated after another review. * The architecture draft authors have made good progress (with roughly mont= hly updates). It is supported by a good collaboration of people and may mee= t its milestone target. More help was requested, and Henk B. and Mike R. vo= lunteered to provide it. * Eckert T. gave the SACM group an update on the progress that ANIMA has ma= de. It was a good review of the progress made and protocols developed. Ad= am M, Bill M., and Eckert T. agreed to meet separately to talk about potent= ial synergies between the ongoing SACM architecture effort and the ANIMA ou= tput. * Milestones were discussed, no changes were made, and the meeting was adjo= urned. Karen and Chris SACM Chairs --_000_CO6PR06MB7058277A7EE1D5B72B5D271EC2E99CO6PR06MB7058namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

SACM met 1900 UTC on Mon 26 July 20= 21

 

* The CoSWID authors made all the u= pdates requested by AD review, and the shepherding document has been update= d after another review.
* The architecture draft authors have made good progress (with roughly mont= hly updates). It is supported by a good collaboration of people and may mee= t its milestone target. More help was requested, and Henk B. and Mike R. vo= lunteered to provide it.

* Eckert T. gave the SACM group an = update on the progress that ANIMA has made.  It was a good review of t= he progress made and protocols developed.  Adam M, Bill M., and Eckert T. agreed to meet separately to talk about potential s= ynergies between the ongoing SACM architecture effort and the ANIMA output.

* Milestones were discussed, no cha= nges were made, and the meeting was adjourned.

Karen and Chris
SACM Chairs

 

--_000_CO6PR06MB7058277A7EE1D5B72B5D271EC2E99CO6PR06MB7058namp_-- From nobody Tue Jul 27 10:22:03 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A74E83A0C1A for ; Tue, 27 Jul 2021 10:22:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M1evTi7gZ9XF for ; Tue, 27 Jul 2021 10:21:57 -0700 (PDT) Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id F41D63A0C06 for ; Tue, 27 Jul 2021 10:21:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1627406515; d=isode.com; s=june2016; i=@isode.com; bh=bLqBZYL9kNd4U8eqSQ4EJ6uZsh5Z/8/vyFETq8EUJqQ=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=wpFNAiXZY4Ue1cRcomL0dXtJy9lt+HadZ/i/XpJyuNEyKPmaF23ahV854v43W+k5jv96gB GIUUG9FMd+nxss9wnOoDDaiWz7jKnKup4OhITAtbPdh2FzD2BXPldG1H2fas90KmlzF4ID +MfnqDlZO/tjfiojcOlwOysTsCA/n2o=; Received: from [192.168.0.5] ((unknown) [94.3.228.58]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id ; Tue, 27 Jul 2021 18:21:55 +0100 X-SMTP-Protocol-Errors: NORDNS From: Alexey Melnikov To: saag Cc: Robbie Harwood Message-ID: Date: Tue, 27 Jul 2021 18:21:54 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-GB Archived-At: Subject: [saag] Kitten WG report for IETF 11 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 17:22:02 -0000 Kitten WG is not meeting this week. Since the last IETF meeting we submitted 1 draft for publication: draft-ietf-kitten-tls-channel-bindings-for-tls13 (Channel Bindings for TLS 1.3). draft-ietf-kitten-sasl-saml-ec document has new co-editor to get it over the finish line. draft-ietf-kitten-krb-spake-preauth is waiting for CFRG to progress SPAKE2 draft. CFRG is making slow progress on that. Best Regards, Alexey for the chairs From nobody Tue Jul 27 11:15:13 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E59683A0749 for ; Tue, 27 Jul 2021 11:15:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.553 X-Spam-Level: X-Spam-Status: No, score=-2.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lbMiX9yqgixf for ; Tue, 27 Jul 2021 11:15:04 -0700 (PDT) Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80087.outbound.protection.outlook.com [40.107.8.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43DBF3A0744 for ; Tue, 27 Jul 2021 11:15:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W0Qvlwig8dXLkqtOdpR5+/MmtbLrsynXZvE07D0DpZ52GfGzhziVUSCfrIlguf51HKaln7f3WGzwAXFUzdrYb3xGMHDtU0XBqeGWb2fnQjzMcBAz1fvDaJPCqgcRqfrrUTWsWUVRoSngetsQNxGaBETwu6QB+fqF1SuE/TLZ/1kBB88xm9SOJedqm/utW51AeFNlvY7ftI5W0P8sb6d22Wfhtn9ny+XmK+icPTr4gHfvSSA9mbp70XPGzrqaBM8dD0Ot/rbTR6A/DDpBDYIQrRS1rGlFdO1kQPNdQ1EDvAU/T2tvJr+PlA6FooWoO57WUJbXV7eoK4GI0lNPoc2RvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OdDxa4n7EuXTifJAt3OGhrTM4FaWM14VG001j70Imjk=; b=GyqGVG80WJsYKP3xO6KA04846J1bw3QD8E7zqz8LCsf63n77yUBLXN4mZScMpTWb2tclioUi9Fwc1SnGG9R9yiJUj0czf8wShZhf+MjkOljtpYp91EXMd0aSKCtWUa8TITgHUW6eOmRMd9cuEe3sWe4wwUcg9ZRsohYjAWmfJMnei7R1WVAFOxYXlqfbno9c0tCCPnEUApg/EhLY9robvMcIHE1zDVVvSIwKbgmdMr9hjPo3uFewGMWgLN3hZnIGUKoqvLLtsxqR1X6ibjdC+oLm6WWuA8LWdRO7Rbfd2SqDvzaPpx3Jmlhcz44DJhbvdid3WcskdjLiBLYjhFqHUg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OdDxa4n7EuXTifJAt3OGhrTM4FaWM14VG001j70Imjk=; b=Q38FHzr8fYLDBIi0e5GipS54F6ZaOp4pa5T/4LJhAdACAMsqKWkjhMt1QrI2edxv4o60LoITJhe02TVBU/zOPeMTqqoT5SxUsjtE29i1MCI9OeUzT1MCmKhjc5rIVkLKcNYzTctQOgJ/8Tk1H79apxly5QqSBer0N62HEnQk9KM= Received: from HE1PR07MB3436.eurprd07.prod.outlook.com (2603:10a6:7:37::31) by HE1PR0701MB2507.eurprd07.prod.outlook.com (2603:10a6:3:73::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.10; Tue, 27 Jul 2021 18:14:58 +0000 Received: from HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::c04b:9f4f:3494:b84c]) by HE1PR07MB3436.eurprd07.prod.outlook.com ([fe80::c04b:9f4f:3494:b84c%7]) with mapi id 15.20.4373.018; Tue, 27 Jul 2021 18:14:58 +0000 From: Mohit Sethi M To: "saag@ietf.org" Thread-Topic: EMU status @ IETF 111 Thread-Index: AQHXgxNOtX4JseYMDkmzvqDrq8kfaQ== Date: Tue, 27 Jul 2021 18:14:57 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: dca9f0f3-5743-4b72-262c-08d9512a7152 x-ms-traffictypediagnostic: HE1PR0701MB2507: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4303; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RPAiiUquRBAAT1W+OWKxmjfnBCHGh5CeD+bAnsQEo5g7bldBnp0IGGW6SA2ThZ5Rjvl16EwxJhDpK9a4qZwDjhJHOGtDBtmK3UNEAz10GzyqSAvw0E3YGOm4CazZ36KyeeKICQa0Xg+we7DAUGmRD07tC/SJNAeMik3jbSgWEbl3gPpZTytLWKLbkxS4wEWZGZryGXhFcN8pVJhP2OJWfz/xR3VNUFCwtjQRZpCCUrRZa/heqLVgkb0duOlmZh3d0V2gYPcFS983XJXkPv7AfJ4Cun8H22VMQGszVlcUbfiYeFf7GMEWHuglbtry3RwKf0Bn6che8DMNgjehlU/EZ4XnlQXeyn9L/DleqFbes7ZtywpI8u1ffwSn+63DC7z23Fg4AFj/IvACp1I/1JFOubwrTWnyoPkMmYkooac03XmqOY2BJH5b6FOp11N5kzQDEWNhoTdpNOX0h7Qdgf+aXXPiihYGnFv6SIRSZspskRJWwLuGl+3SdzVT7o4y6BvIuh7d9nIL3ADVufXKOHYGH11OFLPl0W9ZnJdaN5owvupypsXNnq75AAYl7DeKIJ6/PkAm3mzgjtK8CKbSR994wK8KH7r7JgRtF66Nti1miZ1QLp0aPX1zp0XiCzMrby6Z+RouQp5Fj4g9ayiAKqUIOw1csxNI5hQViiKa66S8ebt/Em73OtE+9/yZYkOtuDGEr++LxVYzWRbPvIY88OTlSPTAvDbhKXF3GJvc4/vWaHBEy+MxbMF1Se2x3ubSfCPPB3Pr6viMzuP2DPx2to4+VZWH76yZAE6xlKY5lNxVyAbrMsdOG5rUrJQSC5f5gTWjLWW9X3LOeXF4CGGXTb9ITvgOFmREhAONiTb4DYAenRRXA7gYHSZv7+hFBkVR00uM x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3436.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(396003)(136003)(366004)(39860400002)(346002)(6512007)(38100700002)(122000001)(186003)(26005)(6486002)(66446008)(64756008)(66476007)(6506007)(36756003)(31696002)(71200400001)(86362001)(4744005)(31686004)(6916009)(2616005)(478600001)(8936002)(2906002)(316002)(8676002)(66946007)(5660300002)(76116006)(66556008)(43740500002)(45980500001)(38070700004); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?WERXN2NaZ2x2YXRpRWVoQjdyYzg4MkFOeWM5LzBzV3JOTkpnWm9RRWxHZ09u?= =?utf-8?B?QVZZTkdWbUZFZ2VUa0lSbWJWTGtJTEhXMi9FWTJwMzRRemxIS2tPYVlmblZO?= =?utf-8?B?cEZ4MGc1ZDFyM3kxa1ZRQUl1eVloMFptY3ZucklYbzV3THdid0lpWitXb1Qx?= =?utf-8?B?WE9nOGhEcEkwNENSYksxOUZ5eE5VSWVxOThaQ2N2TzVrOGF1eDRQTit1N0px?= =?utf-8?B?d1BPYXBNYXdDQXN1TkgvclJQWTVmNmFIemZXbUVPSkJRcUo3eXArREViWU11?= =?utf-8?B?bXoxdjV1NDNYSFpSL1dzQ2txQXRGcHIzY08zZXJzaE14VXUwc3c0a3g3WUVJ?= =?utf-8?B?MnZXUTZCMjlCZXFPWHRFVDAvRDVNR05VU09YTHl5VVdXTjYxWis3b29xQ01H?= =?utf-8?B?VlE2VXJLSVNsV29JSllRbzNMWGdEclF2S1l1RFVuNzZ0UE5CaGdyVEQwL3Np?= =?utf-8?B?U1N1OUNoT2hKYWxCZ3pSa0VhSzFTZWtsRzQ0UkR3bk1vaVlzcFFzT0k5WEF5?= =?utf-8?B?UkhCbmUwdXd1MnhDL0ZGek9yZXdaSHlOQVIxMUFMdE9DZEtMcG5lK0tQNUN4?= =?utf-8?B?NDc2UFNMK1lEaTJxL1huZlBHeXRyTjlGZ1RNTWhpQ3VQTTJIVXhmL0NFT000?= =?utf-8?B?N2hBSnhocnc3Q3I3NEJ1Z2tsckUzeHAwdlBncFQ5ZnhDRjZKNzRpcDJBL3hB?= =?utf-8?B?K0hzcmtseS9XNlJHMTFjNmRpZDZzSFM3UEo0b3FWU0hKNFRWODl2Rk0vQWZY?= =?utf-8?B?WlcwcUVYeUU2M3VIR1A3dlkxNVlDTVZvQ20wUnorUkdMUGJNa21md25UZ20r?= =?utf-8?B?OVUrMnZsb0JWTVJIOW1Ic1RYbjVwR1RpTnVreXhUSHVReFVpeTJlSXZwOWRP?= =?utf-8?B?SmJ2clZqNkNIeG5aVGRuZnpOZjRreW8xVVU0bERpMHFIbGlQS1h1ZEtaaXpH?= =?utf-8?B?WXNPQldGQWhmL2cwQ2dYZFNBVGcvZnlza25aUlhXMzIvREM1L2V1RXNnUzEw?= =?utf-8?B?c0dWOEtzNlh3ZlorVGVib09OamszbGkwODdYYWVPRmZHMlV2SEJnc0d6MWVh?= =?utf-8?B?dndPL05EVXpyMkI1VXE5REtXSUpXZWRKZW1aSlM1cUd1U3hUR1FmYVQ0dWUz?= =?utf-8?B?R3grRlFwVW80clhHZEp3RkFrNVgvbWlPeHo3azVISnhuRzZaZ0RYYXhJQlpt?= =?utf-8?B?RnE2bHJHeE53NGxTZG5OTXBLakN5b3ZCVlBHTmNrbGJrZk1qdEhSZEUrU2tQ?= =?utf-8?B?WDJLTWFqdE1NeEpZL1RLM3JPRmphTWM2cmFiaXNaU1lDd3piU0FVeXAvVW56?= =?utf-8?B?Z1VxaHFWNCtNVlJZdHZlU2YyckppS0J0TTFCOUxsOFQxdjZvdmRUazh6YWsx?= =?utf-8?B?WkJmYUZPdkU1QjUydjJZRXNuQy9MbnluczY5dkxLQ0ZwcTZxMlpwY015SmdG?= =?utf-8?B?NUNmNDNJMGNXV1RSK0UwMGUxcWpWb3hrdHpaenNCdi9SSjBodFJaMGk3WUll?= =?utf-8?B?OXB3eHgwZW9iS0d5blMrUzNyWlRMVVZ1WDdSRkpJODZjaHY2SVpaWlZXNzhM?= =?utf-8?B?SXBlRHhOZVFKbk5rZUtNSTFmZDlLQU14QkFoR3Ura3dWWWUrOFBnUnVEQ21q?= =?utf-8?B?UVdwaGVEdVJ0MFE0cTdkc05qZW40RTFJU3ptb2RyTE1JaFlRYVJlUUJoUHNj?= =?utf-8?B?NnFrMnZiR2gyaWtWT1B5Z2pwSHM5L1BUR1kyUXR4QVJSMHhCWDhWRERZKzFT?= =?utf-8?Q?mryRInKLZCvJsBRrqM=3D?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: ericsson.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3436.eurprd07.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: dca9f0f3-5743-4b72-262c-08d9512a7152 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 18:14:57.5184 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Gb2P7LB65zYYl4V7lhiwmrw9KW6cPFjAULQRfRyfnGpR9MCam8ZKAfAYyr9Jw2xXsO2qpOTbu1CpIJmPOJag1DUqearmcj6OavOm6ULdf70= X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2507 Archived-At: Subject: [saag] EMU status @ IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 18:15:10 -0000 RU1VIHdpbGwgbWVldCBvbiBUaHVyc2RheSwgSnVseSAyOSwgMjAyMSwgMjM6MzAtMDA6MzAgKCsx KSBVVEMNCg0KV2Ugd2lsbCBkaXNjdXNzIHRoZSBmb2xsb3dpbmcgd29ya2luZyBncm91cCBkcmFm dHM6DQoNCi0gVExTLWJhc2VkIEVBUCB0eXBlcyBhbmQgVExTIDEuMyANCihodHRwczovL2RhdGF0 cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1pZXRmLWVtdS10bHMtZWFwLXR5cGVzLykNCg0KYW5k IHRoZSBmb2xsb3dpbmcgaW5kaXZpZHVhbCBkcmFmdHM6DQoNCi0gRUFQIFVzYWJpbGl0eSANCiho dHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1kZWtvay1lbXUtZWFwLXVzYWJp bGl0eS8pDQoNCi0gRUFQLURQUCAoaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9kb2MvZHJh ZnQtZnJpZWwtdGxzLWVhcC1kcHAvKQ0KDQotIEVBUC1UTFMtSUJTIChodHRwczovL2RhdGF0cmFj a2VyLmlldGYub3JnL2RvYy9kcmFmdC1jaGVuLWVtdS1lYXAtdGxzLWlicy8pDQoNCkpvZSBhbmQg TW9oaXQNCg0K From nobody Tue Jul 27 11:58:03 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 185D93A0B29 for ; Tue, 27 Jul 2021 11:58:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -11.895 X-Spam-Level: X-Spam-Status: No, score=-11.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Yd83CV3m; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=tpqJ3VDN Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rgZ9QPLzt2LE for ; Tue, 27 Jul 2021 11:57:52 -0700 (PDT) Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 456D33A0B20 for ; Tue, 27 Jul 2021 11:57:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5207; q=dns/txt; s=iport; t=1627412272; x=1628621872; h=from:to:subject:date:message-id:mime-version; bh=1E1ZvhNJ6aI2U/aIbHX+t/vDzvDn4YEbjBoNw+pIIvY=; b=Yd83CV3mhf5j6dICXLZbxSMZzu8P8pCZHBWH7v3Kp8fvhDIacYjPeRz3 4lxkQ/WPYj2aRJkESWmadUO2hDP4sfL5TtsDC+ZoZUFAHGX87TplhA4D6 aRTMVKxnckmnoiLChtW4A6Msudzaz8EgURJq8dHbil4kNCh3g0HXK8euZ w=; IronPort-PHdr: =?us-ascii?q?A9a23=3A7/Sr6B8Tbe58uv9uWDnoyV9kXcBvk7T5IgBT7?= =?us-ascii?q?YAo2PpCcaWmqpLlOkGXpfBgl0TAUoiT7fVYw/HXvKbtVS1lg96BvXkOfYYKW?= =?us-ascii?q?0oDjsMbzA0tHMDDDlf0f7bmaiUgF5FEU1lot3iwLUlSHpP4YFvf6n2/5DIfA?= =?us-ascii?q?FPxLw1wc+/0AYXVyc+w0rPaxg=3D=3D?= IronPort-HdrOrdr: =?us-ascii?q?A9a23=3A0Tf6o6OaAsX6O8BcT3f155DYdb4zR+YMi2?= =?us-ascii?q?TDiHoRdfUFSKKlfp6V88jzjSWE8gr5K0tQ5OxoWZPwDk80kKQU3WB/B8bbYO?= =?us-ascii?q?CLghrMEGgA1/qt/9SDIVyEygc1784JGMISZKySfDpHZK3BkW6F+qMbsaC6Gd?= =?us-ascii?q?eT9IHjJhlWPGVXQpAlyz08JheQE0VwSgUDL4E+DoCg6s1OoCflUWgLb+ygb0?= =?us-ascii?q?N1HtTrlpnurtbLcBQGDxko5E2lljWz8oP3FBCew1M3Ty5P+7E/6mLI+jaJpp?= =?us-ascii?q?lL8svLiSM05VWjqqi+q+GRjuerw/b8zfT9Hw+cyDpAor4RHYFq8gpF+d1Ho2?= =?us-ascii?q?xa7OUk6y1QQPibrUmhJl1cZXDWqlPdOPFE0Q649bbQuwqTnSSyLghKdfZplM?= =?us-ascii?q?ZXdADU5FEnu8w52KVX33iBv54SFh/Ymj/hjuK4HC2Cu3DE6EbKq9Rjx0C3kL?= =?us-ascii?q?FuHYN5vMga5gdYAZ0AFCX15MQuF/RvFtjV4LJTfUmBZ37Us2FzyJj0N05DUy?= =?us-ascii?q?uuUwwHoIiYwjJWlHd2ww8Rw9EehG4J8NY4R4Nf7+rJP6x0nPVFT9MQb6h6GO?= =?us-ascii?q?AdKPHHQFDlUFbJKiafMF7nHKYINzbErIP2+qw84KWwdJkB3PIJ6eL8uZNjxB?= =?us-ascii?q?kPkmfVeIGzNbFwg2PwqVSGLEDQI5tlluhEU5XHNcjWDRE=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BBIABjVgBh/5NdJa1ahAUwUQd3Wjc?= =?us-ascii?q?xhEeDSAOFOZ4ThQCCUwNUCwEBAQ0BATUMBAEBhFgZgmcCJTgTAgQBAQESAQE?= =?us-ascii?q?FAQEBAgEGBHsThWgBDIZbER0BATgRAQwOMAIEMBcQBDWCTwGBflcDLwEOnCk?= =?us-ascii?q?BgToCih96gTKBAYIHAQEGBASBSkFGgm8YgjQDBoE6gnyEDQEBgmiEIhyCDYE?= =?us-ascii?q?VJwwQhAkbgV4CA4IKgmo2gi6EBFIBl2qIOp9QCoMmijeUCQUdCaZjlguMNJN?= =?us-ascii?q?zhGcCBAIEBQIOAQEGgXckgVlwFWUBgj5QGQ6ONoNahRSFSnM4AgYBCgEBAwm?= =?us-ascii?q?KSQEB?= X-IronPort-AV: E=Sophos;i="5.84,274,1620691200"; d="scan'208,217";a="917716814" Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 27 Jul 2021 18:57:51 +0000 Received: from mail.cisco.com (xbe-aln-002.cisco.com [173.36.7.17]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 16RIvpOG010816 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK) for ; Tue, 27 Jul 2021 18:57:51 GMT Received: from xfe-rcd-003.cisco.com (173.37.227.251) by xbe-aln-002.cisco.com (173.36.7.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Tue, 27 Jul 2021 13:57:50 -0500 Received: from xfe-rcd-002.cisco.com (173.37.227.250) by xfe-rcd-003.cisco.com (173.37.227.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15; Tue, 27 Jul 2021 13:57:50 -0500 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-002.cisco.com (173.37.227.250) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.15 via Frontend Transport; Tue, 27 Jul 2021 13:57:50 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OANMYy3fFODLpJsHBfn+hdLxSHDg33RgXGkX3I3+HRTWq3NEKnO59VLnW+CpKKeMk5j15+ApsKZgQ7jcJNpens5l7FauEpBZVnELDu3N4SZUG40PjeoHKh0WnQ2IMLs4dUy6A/98+Hg1HBefbMgs+sQZ72ARqzzY+MjK+BvAKWasehl7Mde6wWoOnsbAyCxkdL79pNP786PB/eOA1HjEf4f5h47JI8uL3Que1HaR9my3wRH2E6GdlgH06jU2I6DbG91Ty5xbHHhqQ+Hn4In7wIf/spgFWnWRjhe2TdYNMDWae6WA0lmKKGP3oOHrg6m4hzZGVPFM5NYBAnMBAGouwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1E1ZvhNJ6aI2U/aIbHX+t/vDzvDn4YEbjBoNw+pIIvY=; b=aJqZM2Kmp8BTXBEGVlC0QiQFgoyMMABaf5JPSp9804W4rMoVGkbXVk5ARJL8urilmVSGCsybPl/GCnh47tUUot6MMJNx5PgeLV+knxF+sytD+QEABIQMQmmdF2+BnAZ5dkTQZM9qg+oQT+XZmE6JCVEvudyyHJ2wGCw5r/OyGR2BUJkMTcYqcfEghLMcaz7t28ejVYTzo1kvdtdueY5GougjU97kl6uypAS0jCKQ2qUF6HjI1DYYKjCzjgzoCFtVvsnHzsER9WyFXFalzwIsJyAPVdj6ZuBJ1VAp14QekinwpH7UCHUig7zF58dh1KwWQb6AumvV65jzA3EM8A6H4Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1E1ZvhNJ6aI2U/aIbHX+t/vDzvDn4YEbjBoNw+pIIvY=; b=tpqJ3VDNxzSF6/FPw/oofysyKBmPGaQyUvTTgpj7oSMf7G545+B8vUVWpSAISKwLbuZ9ojeagfpOhQuKrhl+/TMNMcqjJBe4LNzOFjg0GYmlb79QFOCUXJdkrpMs8VVtKNpxPYbVJZupaH3N95TL5DRqgkneCqdRdmrLo8IG9ks= Received: from MN2PR11MB4078.namprd11.prod.outlook.com (2603:10b6:208:150::32) by BL1PR11MB5447.namprd11.prod.outlook.com (2603:10b6:208:315::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.17; Tue, 27 Jul 2021 18:57:49 +0000 Received: from MN2PR11MB4078.namprd11.prod.outlook.com ([fe80::a539:8aa3:a68b:f44e]) by MN2PR11MB4078.namprd11.prod.outlook.com ([fe80::a539:8aa3:a68b:f44e%7]) with mapi id 15.20.4352.031; Tue, 27 Jul 2021 18:57:49 +0000 From: "Nancy Cam-Winget (ncamwing)" To: "saag@ietf.org" Thread-Topic: TEEP WG report for IETF 111 Thread-Index: AQHXgxlLruTwEqzX20eDlkTGsAgTog== Date: Tue, 27 Jul 2021 18:57:49 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/10.10.1b.201012 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: fabeb81f-34b2-475e-57a2-08d951306de9 x-ms-traffictypediagnostic: BL1PR11MB5447: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2958; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: vo0vGkyWxr4eG5CK3xcky4DWxownudRpA9vWHcbNDEmzYhDbmAs4uKcEKY1Xr/6UhZVfByHJ8W0F13Ry/2hu0bha8HpLs79fzu6sDBr85txhyNlppwVznD9itAnaN8PYN7Y0k3kFoif3kskrzDnqNPEoqX4nckgWziE973PlIa6ehN+lN/CIgN6Zt/k/FGBbsXJ/Lpf2ek602vi0GjPlIDmJMoJX23ThmGBrO+KlxF+OO66IdpuOyxHNIGkuaGiX5BU87bfvAhAI0qkuiShtx3+LWr/3UdINvJBuF78+wWvb34qU61T+yACHdxUkeqg9gY9Itiaz0xgZict9YoiKed2NpN0ZThybccLJc3cb3wjIRrONBghd0PP2MFhdLeBKCxaJBZR3ZUio/wtEzCc21oz7aoQuh9r26aJIkf0W6A7o2HodZ0mV0FuGKAnSDqb2nsv51e7Pro0g7r8xq6qE+Q7s9N0tNepd37B1od5YIyFCPSKqc/CAvr+g266jaq2Smi/8au0Cln0rpWpo9MBTXS5THVR3zxuXFHpLdfEz3YV2ALchnyX2l7L+7e83qtzOIFu0gRbyWMWVtdHT64/guNZh6/PHO+MzlB8HoaZUKCIjz2B9egfJqavxBnXMBCqJW9wXEjvCnTw3/V5cBZJrJkYkpiXVCMo0V59+5HYrUoNDSad8fHGVc6IUkaSVXzHIp0wsloa2JnIHQJJqtzFmkv5RIxtwl3nArDMTt8rSHrkpXm8SZ9Q7hh/7xvnNcN2QbR+aKZce/XzvmIZLuTiIpoMVv7eBDUsUth0CG5VCm2SqTy2WfaIPAh/bd5ukb+xb1ZDJl8kCyspKDwFYjwWsTLfV0rkXCAQe2rbiDGi2TcI= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4078.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(136003)(376002)(39860400002)(366004)(346002)(66556008)(66946007)(66476007)(186003)(66446008)(64756008)(478600001)(26005)(91956017)(36756003)(5660300002)(122000001)(6506007)(6512007)(76116006)(2906002)(38070700005)(86362001)(83380400001)(166002)(8676002)(8936002)(33656002)(316002)(4744005)(2616005)(71200400001)(38100700002)(6916009)(6486002)(45980500001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?OCtYQmt3K2RrMGJhNlNZcXZpemxpVmFMSmc5UC93U3NIMVVXV0NVY01OQVJu?= =?utf-8?B?Nm83dnIxL1VEUVozem03M0JzemxHbCt4aWxLMzE1QWcrTVVqZ3o3a3YzTTgr?= =?utf-8?B?RW1ES3UyMERKbjNQeXlmMklMMzluOHBEV1FTVjh0RTZCcmJsYmJuYXJIKzRM?= =?utf-8?B?ZVZpK3ErV1NtZ2hQemIvdjhuVkc1d2JhM2RVQXV5WnZRMkR0YTk5TkU2LzJx?= =?utf-8?B?SldUT0lDbG15ajl6WHd5RGZZNUlrQmgrRHlIK3pHTWlyNmJGNTgyenNkcUx3?= =?utf-8?B?YTF3SnI4YnVJUU0raWFaT2V0WWg2L0RiWWR5S2tFanFpellEVkVBZlNweUk1?= =?utf-8?B?S29rYTZaejI5REVQKzlpWk9ObkxTclRzc1dRNitlS2xnMk1DbFVIaStVa284?= =?utf-8?B?MTVMZ2Y3NjNlclJ6MjRjYWdWNkxaQU4zS3ZrUXo5QlNZOW5hN1piVE9PKzc1?= =?utf-8?B?eW1id1VDcVl6L2lGWjFoanBCQkh3RVY4V2FhTTVGWTBpamxVM3poS0dMWi9F?= =?utf-8?B?S0JPWkVaazRkYVNVc1oxNkhBeXBjZG1oNExqZkpIc3VOdzdQOEV5YUY5RkFv?= =?utf-8?B?bWloa2k4ZGVjMVg4b05HQ2RTc01lMmxIVmtHMit5cjIwR0JLWFl4Vno1SWJ5?= =?utf-8?B?YlNZcDI4NHhsVHBEZWlvL2lvZVNkSlJqS1o1cDhYVDh0akgwNzJqZUFpanJ2?= =?utf-8?B?SW41aU9scEdCZG9rcGs4MU0va3RFTUw4MkMweklMWTUzMEM1T1h4T0NjZ1BI?= =?utf-8?B?R05BK2pOTkkzMkdVeURaMG93ZUJ2QmNIMXNiUHM4QmlXZThnWUdyTXhBdHRj?= =?utf-8?B?RStkWVZOaHBleTVvOE55MlhwbGh6RmhwVGQrOXo2YTFqSkwyUVFIK0dmMmRQ?= =?utf-8?B?eXhCUDQ4Q3R4Qkk2Kzk4WjRucnBEVTVoai9IWnVoWmdUdDlMa1RtUThCVEpU?= =?utf-8?B?SjExdU5KZEJ3ZjdENGJUaTFqTUgrOHVvalRvZzRJT3VpQUlDWVBhWXd2Yng0?= =?utf-8?B?QitwR3VBdDl1aFdvZllQQ0ZOUWhLTXM2MWQwN01VK0k2c2NQVUh4TmJ6Ymtk?= =?utf-8?B?eVNMaUxpRjdtdWlaNVZTTkV6NmxnaTJOV0VQV05GQWR1SXd5VUt5MWlmUitH?= =?utf-8?B?MDhyVlNkakU1bXdvV29zOTZlTVlVd2w0U0NvQWFjT0FyeHJsaTd2Ylh4bjcz?= =?utf-8?B?eXUwNFVVdmVYM1UzQzB0V2xEeEpReUdrQlRIUnlkZkpuTDAvVmI0NmVNWnkz?= =?utf-8?B?WlRkU3lBTEVuR01Oa3o3emlDcDJidjZkUkNkc3cxUTRqeXNaeC8xblovK3lJ?= =?utf-8?B?MkdSdG5Pc0pDSzVVN3M0NGFlRDdYMmM1b3IvcFgzQUZvWHMwVkhNMmtqd1o5?= =?utf-8?B?enY5UG9GVmVEdjQyaEZFNm95OWY4dkNoc1FiQ01jQ1hhZTZCOEpCUXhTajBj?= =?utf-8?B?dUJGbXpuaUNpQ2VxVmh0NlJNczZDbUQ3VU5xYlBmWGMvVHkrYVV6U0lwM25o?= =?utf-8?B?VXhUYXIvNmRxL1R2QjY0QmJtdnlVZUZ6d2RyZGpNVDJ3T2hZbEkxbUozZHpr?= =?utf-8?B?MlRsMTAyOGk4NDRBUndEL3lKTURicUxXMGxpYjFjblEwd0xVdXlPUHlaSk01?= =?utf-8?B?YUh5T29RTGlyTUNKS0ZQaFZOVk11eXE4N1VTbzcyNHNBQ1hsQUJvOEloU3Z3?= =?utf-8?B?M2xKREhpZ3NrTDhGRVFuOXJoWThXYVVjcjJGS2ErTlVuSFNwYzJjVU9ja2xC?= =?utf-8?B?SUVzcHhaaWczV3dFeGQ2MVpEQWdQMHBvbkJrZzJsSmk4Yng4VGREbEI2NnIr?= =?utf-8?B?Q3RvMkN4NkYzS3hEbEpzdz09?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_E2134C61BED54CF984696F7B01107F58ciscocom_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4078.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: fabeb81f-34b2-475e-57a2-08d951306de9 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 18:57:49.1975 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: eL4rMpZRPYkn/fw0JLpVGKsX4JXV2cAD7jfYUHPv2UhTdS1MSAOiOIuC1ptWxIt3etUsC4uBlKjxZGSaTrSnIg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR11MB5447 X-OriginatorOrg: cisco.com X-Outbound-SMTP-Client: 173.36.7.17, xbe-aln-002.cisco.com X-Outbound-Node: rcdn-core-11.cisco.com Archived-At: Subject: [saag] TEEP WG report for IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 18:58:00 -0000 --_000_E2134C61BED54CF984696F7B01107F58ciscocom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 VEVFUCB3aWxsIG1lZXQgb246DQpKdWx5IDI5LCAyMDIxIFNlc3Npb24gSVYgMTY6MzAtMTc6MzAg IGFuZA0KSnVseSAzMCwgU2Vzc2lvbiBJSUkgMTY6MDAg4oCTIDE4OjAwDQoNCldlIGhhdmUgdHdv IGRyYWZ0cyB0aGF0IGFyZSB1bmRlciBJRVNHIHB1YmxpY2F0aW9uIHJlcXVlc3Q6DQpkcmFmdC1p ZXRmLXRlZXAtYXJjaGl0ZWN0dXJlLTE1PGh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9j L2RyYWZ0LWlldGYtdGVlcC1hcmNoaXRlY3R1cmUvPg0KZHJhZnQtaWV0Zi10ZWVwLW90cnAtb3Zl ci1odHRwLTEyPGh0dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LWlldGYtdGVl cC1vdHJwLW92ZXItaHR0cC8+DQoNCmFuZCBhcmUgc3RpbGwgbWF0dXJpbmcgdGhlIG1haW4gcHJv dG9jb2wgZHJhZnQ6DQpkcmFmdC1pZXRmLXRlZXAtcHJvdG9jb2wtMDY8aHR0cHM6Ly9kYXRhdHJh Y2tlci5pZXRmLm9yZy9kb2MvZHJhZnQtaWV0Zi10ZWVwLXByb3RvY29sLz4NCkJlc3QsIE5hbmN5 DQo= --_000_E2134C61BED54CF984696F7B01107F58ciscocom_ Content-Type: text/html; charset="utf-8" Content-ID: <3420628396C39E44981BDA1337575551@namprd11.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJQVCBTZXJp ZiI7DQoJcGFub3NlLTE6MiAxMCA2IDMgNCA1IDUgMiAyIDQ7fQ0KLyogU3R5bGUgRGVmaW5pdGlv bnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3JtYWwNCgl7bWFyZ2lu OjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250 LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjt9DQphOmxpbmssIHNwYW4uTXNvSHlwZXJsaW5r DQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjojMDU2M0MxOw0KCXRleHQtZGVjb3Jh dGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlua0ZvbGxvd2VkDQoJ e21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjojOTU0RjcyOw0KCXRleHQtZGVjb3JhdGlv bjp1bmRlcmxpbmU7fQ0Kc3Bhbi5FbWFpbFN0eWxlMTcNCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29u YWwtY29tcG9zZTsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjsNCgljb2xvcjp3 aW5kb3d0ZXh0O30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5 Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCkBwYWdlIFdvcmRTZWN0aW9u MQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47 fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPg0K PC9oZWFkPg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxpbms9IiMwNTYzQzEiIHZsaW5rPSIjOTU0Rjcy Ij4NCjxkaXYgY2xhc3M9IldvcmRTZWN0aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjExLjBwdCI+VEVFUCB3aWxsIG1lZXQgb246PG86cD48L286cD48 L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+SnVseSAyOSwgMjAyMSBTZXNzaW9uIElW IDE2OjMwLTE3OjMwICZuYnNwO2FuZDxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQiPkp1bHkgMzAsIFNlc3Npb24gSUlJIDE2 OjAwIOKAkyAxODowMDxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwi PjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdCI+ V2UgaGF2ZSB0d28gZHJhZnRzIHRoYXQgYXJlIHVuZGVyIElFU0cgcHVibGljYXRpb24gcmVxdWVz dDo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48YSBocmVmPSJo dHRwczovL2RhdGF0cmFja2VyLmlldGYub3JnL2RvYy9kcmFmdC1pZXRmLXRlZXAtYXJjaGl0ZWN0 dXJlLyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7UFQg U2VyaWYmcXVvdDssc2VyaWY7Y29sb3I6IzI3MTY3MztiYWNrZ3JvdW5kOiNGOUY5RjkiPmRyYWZ0 LWlldGYtdGVlcC1hcmNoaXRlY3R1cmUtMTU8L3NwYW4+PC9hPjxvOnA+PC9vOnA+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PGEgaHJlZj0iaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9k b2MvZHJhZnQtaWV0Zi10ZWVwLW90cnAtb3Zlci1odHRwLyI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMS41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7UFQgU2VyaWYmcXVvdDssc2VyaWY7Y29sb3I6IzI3 MTY3MztiYWNrZ3JvdW5kOndoaXRlIj5kcmFmdC1pZXRmLXRlZXAtb3RycC1vdmVyLWh0dHAtMTI8 L3NwYW4+PC9hPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImZvbnQtc2l6ZToxMS4wcHQiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tYm90dG9tOjE1Ljc1cHQiPjxzcGFuIHN0eWxl PSJmb250LXNpemU6MTEuMHB0Ij5hbmQgYXJlIHN0aWxsIG1hdHVyaW5nIHRoZSBtYWluIHByb3Rv Y29sIGRyYWZ0Og0KPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuNXB0O2ZvbnQtZmFt aWx5OiZxdW90O1BUIFNlcmlmJnF1b3Q7LHNlcmlmO2NvbG9yOiMyMjIyMjIiPjxhIGhyZWY9Imh0 dHBzOi8vZGF0YXRyYWNrZXIuaWV0Zi5vcmcvZG9jL2RyYWZ0LWlldGYtdGVlcC1wcm90b2NvbC8i PjxzcGFuIHN0eWxlPSJjb2xvcjojMjcxNjczIj48YnI+DQpkcmFmdC1pZXRmLXRlZXAtcHJvdG9j b2wtMDY8L3NwYW4+PC9hPjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0Ij5CZXN0LCBOYW5jeTxvOnA+PC9vOnA+ PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_E2134C61BED54CF984696F7B01107F58ciscocom_-- From nobody Tue Jul 27 12:14:28 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F28A73A0BFD for ; Tue, 27 Jul 2021 12:14:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id spsidTsy25iO for ; Tue, 27 Jul 2021 12:14:22 -0700 (PDT) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50112.outbound.protection.outlook.com [40.107.5.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB1B43A0BF7 for ; Tue, 27 Jul 2021 12:14:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cv33DXO1/P2bR2Zv4cWv0wNyiBwQG/ZXTPvusIpNN+ShnUHOffz3Zemba9IUDdrYyIgj5YO1+khKSlL1pXX8LIAKOjj5tU+7wbBFkYa7hHqXkG3c5kFnuD7kbL4qJhfJYU9ad5i1BvZfJqplyLxYZ/7AY5DJXeOcfPREI3Xoshcjfo4LXeq/BvIoncBw0HNb9wl+eD/A+8tmxxuL98IwlbJIThSuyCowBTPIm9z2kK+jvB8GJ1dR3Ipit1cbnC5cO6b48fTY5Yt1lrEn8vqWg89bKhR9346JfwhKcwU96UzhFsJgmgzySRY4WM83fYMaEJgEMD7piSLPpjWhVptYgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=G+DlEukAuh9UjT6zpeorGNbWDuej2etQSJsuDZkX4iE=; b=jN7dDjXuQWgkER7p/XxGN8mDAFFniJ0F2JOL3VPDMYUTiey5R+fi1VWgVlp7NgFxXkgrZiAkBzAv8ptA8belTS8y8g1jw8PMZcFtnypQH1punWXpMHfnB3b26iLANseEGORLeomQamaFwazFDg9aFXxV98ci+LzQnekfAOMQzW+xJ6Ih6rTdLkfpqEpTmLkVCdwBbwjGte1wirla/0Iw2L3XmxEaKnWdpbyV9zuvxCHEUbO+M7nn+HXuLnBVzZShm5BgwuXhq4x2158flpOxEOLEe/9N7N+buQiGLQU7z1V3fEhprYuZ5TDWzLmIH1usA61YcEzweZXBYbMHoWLO8w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=G+DlEukAuh9UjT6zpeorGNbWDuej2etQSJsuDZkX4iE=; b=YHK+gISF4Xq6X9cKnx3BHz5WIhP6ntLrmO9Vfbnllxu8CIPGJNZMe8t/IoVSJYQVhFpN3mwe/IjPi5fks/+rtq3qaSmgxRdLgdeqqsxfJJ0p1lc4f8cU4WKkY/eJeSKfEmoZxZSKnFbhqYFd3lxtVlFQLnNpw2H2qbyh1tQXFYIXI6bVru5PxrkGdFqnlGq9F8lpLWKV9r8nbnXmC+rJXY48nlGIreH5vE0zbYmqr0mYk9cvpLfjVmPjUN26P5lpUOxDZ+fq8mtw/LaLmvU18IhtFjPKGbdX1A5aI8bwls6JQ85K+uaG8w389bd5huYLYeeVQZRMDwUHo2DLzCO7iQ== Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie; Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DBAPR02MB6390.eurprd02.prod.outlook.com (2603:10a6:10:191::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.28; Tue, 27 Jul 2021 19:14:18 +0000 Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272%3]) with mapi id 15.20.4373.018; Tue, 27 Jul 2021 19:14:18 +0000 To: "saag@ietf.org" From: Stephen Farrell Message-ID: <7f4e3c31-40a3-5709-0b3f-75d5fb0ac602@cs.tcd.ie> Date: Tue, 27 Jul 2021 20:14:17 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="P02qVt34ToRj1UFWWpmUi59fzAhOVazbT" X-ClientProxiedBy: DB6PR07CA0198.eurprd07.prod.outlook.com (2603:10a6:6:42::28) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.244.2.119] (95.45.153.252) by DB6PR07CA0198.eurprd07.prod.outlook.com (2603:10a6:6:42::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.7 via Frontend Transport; Tue, 27 Jul 2021 19:14:18 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 47eb33d9-178e-45e6-2208-08d95132bb91 X-MS-TrafficTypeDiagnostic: DBAPR02MB6390: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-Microsoft-Antispam-PRVS: X-TCD-Routed-via-EOP: Routed via EOP X-TCD-ROUTED: Passed-Transport-Routing-Rules X-MS-Oob-TLC-OOBClassifiers: OLM:605; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xDmO73jz0wNL8Bv4kP7wL3iloKe9LajROA5xwIChdEX032Qy85tagYzP4Da+GDOrI1WwsltbYL6PxTjaU4TXHvs8X8xYvp55EIqa3lCF0GG/2M9Z5HiFnkP1CCG9t0/YJ4Ns2LeM20msY+noVhrgQ1am+AnN0jmwILWFawUq6k8V3Fmz2UuGi6xHyRPkehQU3kmZX1CbXrqGC2brodtfYQPNLJfY1O6+QSjhKjHVPgh1+vvZgkYJbD/jFtMP+5LTHnxqJXZUZ7xknfuTCxs4hz6yba9ZaAnwI5kWOUpGmOA5PtsiULM4qWQz8x1SfqCSKnet4qWmHtgy3itkyXDgQ+x20HbTjC3FJR+0hEwEbfz0n9lr5ZdjzT77eIxEcct/cwfJFD9vUbIJT/pVhjvYBjIlCoMaD0yWZrdXAygwFshWgZyO1p5/s709Dn48IVCHtRBnQTF30Zel2VJ3flFi7yViEZF0om8YRM/5yan1Vn7XGnt8KOn42SNBX5tKo8DS++F1QgONGdXpx1Er6srsgGEqDkBRzHZg2i2nBVVmNWsC+jIdfHGIKSkkYxDDxtFtFL+DZvEjLWR8e0G2l3kGNhFHeTeDv/2kW3P8Nm3/KoVSW9Tt3Qy3JrVtf2F13mhdovc0vK8XZA51g4P5yloAHuy8dbnwJ1c8Fw1oI3JH2mxf2U6fgASZdupqGRds/VGH0p+Gb4R/++AYoFd2E1kDXCOrUObGkTxYAneZk+PS/lXpBavieRmD/zSqSWkUggZD X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(186003)(2906002)(6916009)(38100700002)(21480400003)(235185007)(83380400001)(44832011)(2616005)(5660300002)(508600001)(8936002)(26005)(66946007)(8676002)(31696002)(33964004)(956004)(86362001)(66616009)(16576012)(66476007)(3480700007)(786003)(316002)(31686004)(66556008)(36756003)(6486002)(45980500001)(43740500002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?T1BubjZuMFlWUWdtN3pYWTVxWkV2M1NLRHVKVkt6K01WRUxNUUgvcmludVhS?= =?utf-8?B?ZXhqYzJnSjZzdkRWNG85SUlIYkdKbll0cFFtZ0srZ3RPVm8xMWNMN0NiMERk?= =?utf-8?B?REVBN255cDJhQTVMV3VXM0RsZ0dtOXBNaUtHRkR0YzhkdFZwVWxYZUFwMmxX?= =?utf-8?B?OXRKaVBQam5FalpFMXZjK2VxRVU3VlJFdGFLZTNQTWdqaWJIUlBoU2pIcDBD?= =?utf-8?B?NXExNDB1THhyVUVqblRlaEF4QTFLd01sTXNKKzhNUmQ1ZjJMbWxUZ1ZMcTEx?= =?utf-8?B?Skgza3l0RU1CdmxSb1U0Tk9JazJTMzV3Y0hjTjVIaTZxQ0p3U0RMUFRXVVV2?= =?utf-8?B?aGR1amw2cGhwL093YXhGUmJaVWN5NDl2anZ1Rk5KUGR2YU9HNGxLdFFIU1Iz?= =?utf-8?B?TjVNOUh1NXJrV2szNXBWVm5HM3ZDSU5YMnJvZndmTWhtNjlGYmZGd0R6L1Vs?= =?utf-8?B?KzlaWUVpYSswNENsNUJla2pGcEplWlppU3k3b0ZQTmlqTVhzaHZOWTFKUWNE?= =?utf-8?B?N04xUUtFR2lCa0ZOL1pyWHJ1dUlnZ1V0aEJidHIrSjR2SEV5ak12cjBIc1NW?= =?utf-8?B?NytXNnN3WG13a21rRklrdU1Va1IwNWN1OFRUK3BRRzlidFE3OTE1WmJKZkFV?= =?utf-8?B?bXFMcW4vcDBGMVhudFNGdC8vU3FNbHdWcDJpWEk3WEJqTEpiNVZNUjU4N1Ew?= =?utf-8?B?d3lXWEtBa3lteVUyMkR6L2xwdVU5anBYK3NlY0R0UkhpS0ZOZlhEWnkxN2ZY?= =?utf-8?B?NHNxSk5FTEVhcVoxMkhvL2VWeFlqZERmVWpWVkFQbE1xSmlDd2tJTFZua0VU?= =?utf-8?B?SDJEQk1ITFo2M2xOTDJ2Rmx1N2dJcDV1S0h4L3BZN21wVVRheXMrZVlpV0Iy?= =?utf-8?B?OXRHL2xjdFdJYXdhdkE3dDVpVHdIRnlTNVFmVElyWXhKcXJyL0FvNy9rdGdn?= =?utf-8?B?VHAyNEJkWmlPN2dsQ3BiY3JJdFMzZ0g3cUx0SVFwU1pESCtLUHR2TUhhSWRU?= =?utf-8?B?bmdBWDIwYks0ajYrcnc2dmQ0MnpZOXZRVmlYeVZxb3F6MVdRSGFDdG5vRzRH?= =?utf-8?B?RHRQeHNEZzlEL0h6Yjhncm5VZlJ4eTcvU0N5bGVLTmU5Y09xSGFUcWgwQmNI?= =?utf-8?B?ZytycnI5cVJ1Yms4TEl3YnZoUFVOYllhNWd0UGxRaVRCek1DNWswSWZOYXB5?= =?utf-8?B?UngxcEtoR2ptTkZnSlRSbzlxN3JjWjJ3OFc0TGZHcUdsQWl2cTQzc3N0VTdX?= =?utf-8?B?RzdjMkxYZnB6Ulc5OE0xMnJCN2k2Vm5uc0lwbWpsVVI4ekdySVNjWVZ3aDdm?= =?utf-8?B?ZnNuNk5SLzRqQ0cyRGtRUVd4RHQvK0NpNTkrZGhLU2YyWEFidEJRUStSZGxk?= =?utf-8?B?dGtqRFdqdERITG1tS3Nsa1JkRG9vc2FrV1hGT3p5Y0ZUYys3b3MrN0tpUVdQ?= =?utf-8?B?MzFRTng3VFEyY2F4Ull4WHAzMkFORmJ4TkQ1ZWpCTElrbGRtQ0EzcWticUM2?= =?utf-8?B?KzAwY2tzc3o4MWxwaGMyTm9iM0NoQXFiWGk1N2c2WWI0Ynh3R3YrVWJWOVhz?= =?utf-8?B?N25OSVRDQ2FsYXVJdko3eW5kWmExUzdiT28reEZ5RE1iTGtmekplYXZHV2ZV?= =?utf-8?B?WDd5bmhlRmxERkQ4anhKalhhVG94UTJmdnlBdTNoL0dyNHlEWGVXWkdOYW1o?= =?utf-8?B?SlQzVlorSTk0S1NqTlpyREVjcXlNVUpldG1sTVlXWjlKYnJGaGYxMXJwNXFj?= =?utf-8?Q?Ma+EgAHXcvji8i12y+kyIp73ROB4kJWzWYH4zeG?= X-OriginatorOrg: cs.tcd.ie X-MS-Exchange-CrossTenant-Network-Message-Id: 47eb33d9-178e-45e6-2208-08d95132bb91 X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jul 2021 19:14:18.8040 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Iu8X/akJS4VY1pPc1iZ5oKLu/70gzyt7a+2Kv44Zar+pKxBu1wkQZbQPnIF1E/Vl X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR02MB6390 Archived-At: Subject: [saag] openpgp report for saag X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 19:14:27 -0000 --P02qVt34ToRj1UFWWpmUi59fzAhOVazbT Content-Type: multipart/mixed; boundary="Wgza7hLBlsK1qUJOPKmWJfBljj7fgA77S"; protected-headers="v1" From: Stephen Farrell To: "saag@ietf.org" Message-ID: <7f4e3c31-40a3-5709-0b3f-75d5fb0ac602@cs.tcd.ie> Subject: openpgp report for saag --Wgza7hLBlsK1qUJOPKmWJfBljj7fgA77S Content-Type: multipart/mixed; boundary="------------8EFFB66A3974D28AB5E48FCB" Content-Language: en-US This is a multi-part message in MIME format. --------------8EFFB66A3974D28AB5E48FCB Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable The openpgp WG is not meeting at IETF-111. We recently formed a DT to speed up tackling the "catch-up" issues with the work done in the interregnum between the WG's previous and current incarnations. (Basically, a bunch of stuff was variously discussed on and off the list and we need to check if those putative changes are in charter and garner WG consensus - it's tedious but necessary stuff.) The DT has met twice and seems to be making good progress. S&D --------------8EFFB66A3974D28AB5E48FCB Content-Type: application/pgp-keys; name="OpenPGP_0x5AB2FAF17B172BEA.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0x5AB2FAF17B172BEA.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh5= Cg8 gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+QtaFq= 978 CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKrEMjmL5VGu= D/Q 9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZUbUv0Q+DnQAB/4= tNn cejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqOVz+7L+WiVfxLbeVqB= wV+ 4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJgb097ZaNyuY1ETghVB5Uir= 1GC YChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k4LyM2lp5FmBKjG7cGcpBGmWav= ACY Ea7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK7uB7E7HlVE1IM1zNkVTYYGkKreU8D= VQu 8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5XiHzFPJleXc0ksb9SkJokAfwTSZzTxeQPER= 8la 5lsEEPbU/cDTcwARAQABzSFTdGVwaGVuIEZhcnJlbGwgPHN0ZXBoZW5AamVsbC5pZT7CwX0EE= wEI ACcFAlo9UYwCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQWrL68XsXK+qGC= xAA pYHWYgGOIL3G6/OpkejdAkQoCVQAK8LJUSf6vzwost4iVfxIKcKW/3RqKNKkrRl8beJ7j1CWX= Az9 +VXAOsE9+zNxXIDgGA7HlvJnhffl+qwibVgiHgUcJFhCSbBrsjC+1uULaTU8zYEyET//GOGPL= F+X +degkE/sesh4zcEAjF7fGPnlncdCCH3tvPZZsdTcjwOCRVonKsDgQzBTCMz/RPBfEFX44HZx4= g1U QAcCA4xlucY8QkJEyCrSNGpGnvGK8DcGSmnstl1/a9fnlhpdFxieX3oY2phJ1WKkYTn6Advre= k3U P71CKxpgtPmkd3iUUz/VZa0Cv6YxQXskspRDVEvdCMYSQBtJPQ4y2+5UxVR9GIQXenwYp9AP2= niv Voh+ITsDWWeWnnvYMq07rSDjq0nGdj41MJkNX+Yb2PXVyXItcj5ybE3T2+y3pSBGFEZYJGuaL= 4Nw tBJFMOdOtBmUOPbetS2971EL3Izxb7ibOZWDwexv+8R6SWYfP1wVN3p46RyBQuXqJV8ccE11m= 6vt ZTGSYgnLUUFZMRQYH+0hwuYe0T3AA18xDdSYsa8vovCCd3l5S4UNzIM2PMChqGrEzKapUpZg7= +8A CcxRU3b9Ihd7WYjJ+pQPCoWYKozvtEvenbNpE/govO/ED3B14e+R2yevRPjRrsN7PJzSf15fQ= LvC wFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLrSwf+MIHbFRQ4O5cmLYR5sIByWelN3SuRN/gW8= rpK o9OkCz6An8uV/iCXy5tNMLzzi0BFl8f22DwBcC5qy9qnlIAdogWam1qWoTAoAD8veEqmuKhYr= qJs CcAyNrKYmK0hP3rpHxx1LySDmKYXmw/8qtBXKHTouMm+5tSsznhykRMTAAr2p7PSaHgo+hIVa= W/r KSspHjDhhZS+G9mtOZad1IH29M6G1Q1NCO0Ywe8krKLQIAQlFxtgvOqpPOZNzeKBa/+KbE8TG= gMW rkOhC8OeEM5PVzdDhlhD9kPzB/pCKDF5DofJ/ZRqnDpbKPQ0bsW38AOig3kOc0A27awiBEw3u= rqR 1cLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g1MSBQJbtyScAAoJEBDvedn9g1MSI/oP/= 0A9 J9nrnBMqZpm857lfYWw+rshLK+tyeP4OQeOqnDFvs9jePpcyJLG3DF2r6VbVKPQq+AE6Uf5hc= JBD EN6BjEhRPSbLcqG3A1cz/nNwm8rPmNp+oKhmaBBQGxwciMLmzgynsDydnjPpMyEs04zvsbsl4= vrp 2095o105l8KcrrxQrioFjbwveGwHQK9bxJKhx9D+gIk+MouBur45UDKTZkMZrr9FGrtkyXCGA= xvK dcNC5Oa8z9sj1rcUJfG/OpVAMWhArdlZbFUQyoX6pU2Zb1CR2qpWAVerGSfBhmfCyStjARqaK= xlf tjO+Bj3Jj73Cr5eqej3qB5+V4BCsPjr4RLvVbYUCPsRdxWc+nBLlfVYkRURu21g1hFm5KFPjg= Uky o1s4vjUOY8DyI+xLGF7f/IhUBG6l+Vswhpwu7ydalZkeFiPx5xna5NfbEYxvsIf71DvipGvIO= aHv X4egWoFgm8n/9c3rcMxJtpwHPSsUt5dgLsyu6VE0IbvOAc3dN7CWJ355DVFJq9Zg2YVf0izSp= yyz JeGsgkfjW6xpmdvZxuT2UcN4BTcm6vYqueASGrb3lfhzC5gpeVsc/MoSjTS65vNWbpzONZWMZ= uLE FraxWJzC0JrDK3NCd0VN3kstqGkVbUIiYOnUm8Vu4zoVMLlGWzHLIGoPRG2nRezn1YyNfyb5w= sDc BBABCgAGBQJbxcflAAoJEGo7ETk8pK1gE7QL/ApC5P68W5DrI1787WJVZv1u4t/g39vTr7Xer= 3UM TVQg10vpa7pmqOGhjIDzDMg3Pe3K3M7fVzfAlUA1qw6ne4RCueVoRKpubeF4AlYbMr0K6hNCP= jt5 uAxmbBVuejKTc6pru5rv5gKL0nDbr+Snft5xt7juBLSSimw0/41sZnkjCxo9rF/RA/v6+uWyK= 171 RKmsEYu8fFtw1eqUNt/Xj792TUixE3pxXheNtQtZGk/9P3W83ChhG4Fh5EQsn0pIh9wZIAbMR= Lpg RKyW87fWHZC8/YH8h7afarvn9Thl5pFUldCe22mNJj6KLChn2aEHQd+PdY1GBpZEcmNEUPuov= wza tM0h64hCzTm41eDqRfihZVBT7TbfXQnv8rywa42Mk756RGzzEZcQEhwQXZcMQUfxIQQ2VyJo0= zG3 6VdZTQF7TF/4Lz7/3cJ56jOIm+dwPXtu+C2wAQuD4USOLt4JWPYpqzDfHYJIND/497P9Z9SuQ= eah r2ez3DRBg3qsHEjBV80yU3RlcGhlbiBGYXJyZWxsICgyMDE3KSA8c3RlcGhlbi5mYXJyZWxsQ= GNz LnRjZC5pZT7CwYAEEwEIACoCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AFAlo+o= 3cC GQEACgkQWrL68XsXK+qO0A//ZsfQzyXrZlu/eEV5jU620yeOM3P7SW3C3UQYdCgZ/TlvxGgKo= w5o DSXgjMiUyq9csGqbPBxlDYSxFZHNeDVKYIuP2ZK24tw5k6duTh4+sFwUualTMlcp0zBCIzn3h= Rcs RvuPKHfl5+6oOi0+xqx3jX/s/69L/fvHmdSKet5LIUAxoYaZkTCruFrPWb01tgAl5JExWkhmC= Y98 iD+EeiIMAWBjMw1xV+p0uCwNbN6XDzcToK7wsm+tAIiWUy3DpP60a6WbVwdV0HNt2WZq5U5Jd= h2k 4S+sN2CnYk4tTW7jHjsWarV3FLISCOObADZuB7ljU4kYfdwZ+WzenXY4LGlxGQSlAblGjwZe4= EIk CXAJUtzJhoFUuGaF/PlWjxqV3UFRcgTERZTijguVyREre8GNERNgvDxZvuXssEjvz9X5JfcIZ= DIJ pdzhLiEIj9noUbfx1SzB5KDPQj0O7elMHa1671/rwWcpGr/MfVPTOik4H7F8rcVJelceZTzC4= tvy a7M+jM4fyFWWt8Y4atTixUiP7U9o4uBZCQ0GzvsmFA4XLqn2pA5rVizMXnGbGOjufAP/efEJ4= ul3 qvjYe8ye8DXEDjKAxo/tuHYtk19XCi83QzFhWls5TT+XQeVTMEvVqo9Wek8yoxo67qvLKKqIc= G9g ivQd8MxYNAbNYgSPtkbhZ8TCwFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLzHAgAlWT6NXEGt= w/r 1miKNGcopzvzILQ9oB8rKI9U9EL6tOf/y2V5oYee/GyQDb3ZdoPxxYYcJf+RyiH1nMoqUIZiZ= Jaf 3bJXinDZ5+AdfE++UR2NBvqaNyC6u3r24jo1B/sagKbYtWgsYtRqHLD4IWi37MZrVyjBuF7u1= 4Q0 7+uhjq6mX2O/tHpCYw/Q82tbeTRPyUf1WQOAfD1kfBpW9PvAva5Iw9FWeXpCXRzwxnCZhYfGf= qtu Sw6CPBYLdbikqML6FZ7EDuTBb/8um1wK7Y9bgeIQC+CYjhYB5RXa1tDJRab2Js4luCvSR0w/C= gHw 26293tlve2Q6UTrmHxP5U22DlsLBfQQTAQgAJwUCWj1QMgIbAwUJCZQmAAULCQgHAgYVCAkKC= wIE FgIDAQIeAQIXgAAKCRBasvrxexcr6tJpD/4rrILH+meP07vrx8wW5eYuqCiPGYnh/CXxIF8eL= rfb e5d4QRgtq+w6UeQPMyzKRIRiCoBXB2oJLBZHyxBPxZlg33dTMrEGn8QWKx2iNuz9rZMXyOSWF= etu O01d/aUPd5BnbLbIyK5of8xCQlXM6KH8bc+9gQ7edR9mfLTdvBf2FR522hg8BRBM1imKc3vO8= v39 +qIHHRjuiwxBBCAOhHtHRsZXripS0uFA07dM46Oi/E8osjx6fQt/lH5z/PN+2adxYSrLSAXfr= 1oD 3RxYNhuWgyGFL64/VCQb1YGjf0Z5MBPnWm9jgUoOY5K9eNSS0L83WeJjlF5+Q/WOgB+rb49Pr= m2D Feo9+S9f2V53Llz1WIspXJg6f+n9lmHE94MfQj1GAHCzI0FeL19lvM+LhD8jJSCbhrC3+yoby= y/A UOs5Z3E+njjX1FF/VCVAs6iOa6i+XG+Y1hh3ir2y1kckJ5auT10MSU8GEZu9ayU4M3o3N9yxO= jao P0NuQ4MMLL/n/u4u94AeZaHPNBXn/hVfVRRmpRXtGKvJtFAEppGEYezB+bLKIm6XlpPkhnwYz= leL Z7AMEco2C6QM8QPB3g3JpS3sqRhA5rEP4lL16BmijmF+CHoPE/zwgKZbKpyVDqvIW5IDgvfIC= 2X4 pbZDRvGIUKaGSB4+ksZgUUnNyvfQr2p7jsLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g= 1MS BQJbtySbAAoJEBDvedn9g1MSeKkQAJm44jt1kwHgQgeDBKdjdvl0AjE0xVEQxriZ6lP/l//34= YT0 auFfzsYIrChSpQXAEtobBAr4Ohw1Us+BZe+H5P8vm6LRuPwozC3SjwfX4Iec8+9ot6tIVg4sb= edD Sgb/CCFVjsmIGcQ1P73JLJTBJ6mxYCV/gn3QC6bwDOFo7kD9FDHCjRN8XfhHQ4Q9cYyt06uF3= 1qG /aumgWYC9geCGgAwiHgwxNYb9GoJ0iZjCROwbYvLTcQgsVUW2bTmsVR13UVKDsdl02sRV7qcV= YW6 R0a3Ra8KudX+nt25H5DRGd382KZ5W8pydsy/viTvD9z6v0ulChBYxAedIvGIClrhbxlLEPmIg= 4Im VOLGqsUgVm32J95WOjEkk4PEZ12xSDBtwhSJqmJNboWlfmw43KdIbY8zNhffIO3N6O7FsdGxm= qyH eLoTpqY+ySVUPpbuyW8ujnI/J//+6hdTZ9dQsEJQlWngKuWOQ5ma58MPSN88zllsqhZAFQjNx= qnk SzL6ZQ+v/jvuRRe16B80AeO55DsmbWsMv/YLLD1mSi7+Khy2EtMBhgojWwrGMvdLN6X3mnzNJ= Esc YyLxM9tSk+iySP2sLthK0BVgpAzBSdaf/ezIz60P+neHDzteNFf8Mn7lmgYk1amvZoJ29s5+n= 2Hw xyRL5dVMyMdyQmntubbctfqrZ0tIwsDcBBABCgAGBQJbxcflAAoJEGo7ETk8pK1gnCYMAJY4F= eIY jlIXGghFWzsB4fYwK1+iaFpU3fSto5qcrqVtVPjXpwqczqBWeXGyQxiB0kan4OVAXydIeaP8E= AuF CA7paP3s9STLJBO3KurkwyRkPW5zo0X7xVqaVToRsX2Ul98KVJoHYQD1KdezEtwlvpNwiiBr4= 2AY R751Vm6JBVAbQXuFpB3c8bUV0OkkRxNFtL8/2PieHar58n5dntGkbPlPkztahsFqktgacIgXH= X5v aT+7YeeZ1DWLOYjGO0wNhkOSeroCmxwJUikU7joBp823L7r5KfpqWTPpSCzVstQKZUGmmoE1q= Csw Y/Ud5wvp9SccpIILkRXj0rZRtfnE5MpL3hjmtNzfDd9qIsJtBJlSB2hZwAsVm1l+EWN9hG3tq= yA4 3niUMy2n6q690of3berSiQ+kvY/aC9Hx8I+bKzOV9/J2VUTqfaPZa4Uy2rVX5Q2p69n/PMj7m= Eer 0rCL3j9V16J9c+s0BSkXoKdtYdB0TWVhBgUybd9qtYcwHWvhP80uU3RlcGhlbiBGYXJyZWxsI= Dxz dGVwaGVuQHRvbGVyYW50bmV0d29ya3MuY29tPsLBfQQTAQgAJwUCWj1RWgIbAwUJCZQmAAULC= QgH AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBasvrxexcr6jscEADEcB0WQEZn2AkrzDs1RhL0Lp6cZ= i0B igofkbcGfdhJyMSs19C0dhvncrAFClVI6/Udw3yFtDyYtOCf2W3M3A1K6/RfEizCLzTsdFIhn= i9g OJLlUpXViQtgrlstjk7hqVV3Ooz4BlCqS4cG7rfqf4LQQPpTAuFUEV9I28FBUB2irqC+v4gTy= sIg pMw0bA1yBU9sX5jE/tRkzqnuzZrkwiobDtRFJ9qp+7O2JtcY4EsVtLAsaodJKc5cF8R4OvB1n= 66v xxcgg9Eh4JNWZ47xsaCmAGo1Bcb2jIY35OtgAL7gCGLRSMKTtAaPy1/fEgIqhCljJ9x40Fkn/= 3r2 BX21WC9HFSPFTBz2RluLRzxdgxOrkYK8EiHUPoE5b1AEzZKw2AbeXfr57f5zYsN3IqfbQLUjM= YtU N1wK3Pjb+idD972wyXMWt8uOzlI7b9Ocu+nYm2whBfJv9Pmp3QYTmPz+LB9lH65VNVUSxSXVr= 5iW XO3qx1HtEiGEqkporMQCTh3T5Ud3PvMSRBFFKNs9WhJ/Lxz+SV30WLwG6dr5mQqlzAhb4Phc/= zek ZyXRdS/oDKrBLUucS36O//49JeyRi1QvOfxnfmIqRIAf/k3PoYJmTo5E82//r5Qj3YGlRu78b= a0H Arxs+ACD6AnEHHcbswpbtVEKYzlSu0Ar0Dc7vRWM/IyQdMLAXAQQAQgABgUCWj1SoAAKCRAvP= Ic2 gF+NosIsB/9f/29FNla3BJfGIEIDnhrqGD0i9bSa89SqBd++uG06TQgW5wsqtNcrwn81yZTq6= XE6 i9VtD4GKfqC0d4KZJr9bnbeD81cI64VOdL8zJWJs0vj5EIXCobKyX74Kb4uePUyZqwT2Q74I1= 16u /HwA9/FXsPo5isbh4ZqD4t0VHpWkmfq1FPT9a/JPyX46qKqB2Fce/7Qy+SQP1NfkuUlbhUH/J= G9a SSYvk3lznNiH41x9M+FDlL106itXOubrl3oi2fT3fsSedq7uzt+IV0DQEeNaoQAUuwEhdB8IW= OMq N2woDjGVKJftfsSWY9ilZrnDBNDrp0vRqcx33LUMkIw4d7iBwsFzBBABCAAdFiEEfhcKBFyEz= 0YO K3mgEO952f2DUxIFAlu3JJwACgkQEO952f2DUxJjuw/6ApHSsVTWD4a0H6FJ23A9Ftpy+aXZ4= vYl zkSrfsn2ECrEfK3lXQh/uzwjJUDYZeB1/BQsFZtcYNQOJSSHbQ49BFRLwb1J/wBZG4bbmrkLx= nNb KDKQvzxEpclkMW0Dj0J6o7kGrmzIGGrhB+JJN99AcineHRug8ZSFIERRCmigxdhAKU0BFD7P+= 5HN HltSL3DF1c2fFOf2JrgBKVoE+9RhMZjWNbYetFFLCkjXb5Rpay9zeMm1DxfSTGAnuOwUXW6qq= 4hn l5+VC/48ceDZElLLfu7RQUZv44pkSTOWZs+iQoJiHMFHk9wPqyB2Vok1yJ2a2j27WhXrJlPwn= Zbg JO5RyWDG3p/eVmpl5Uuc2dsfIpR17KnAuWpghK6V+cyFncDoGCl/YG2MvoolsW08FiZh3Ej4d= nJj j25TZkeFG74JJDXLvMYpJfSBGnmETv4Dhcm2xPqVMuFuL1qJlMbVLrMo2GXeo03OzNyvbs+u8= WLI aGm5hC7N1CXY8wZs4jo6OJ/expvnc07dEuws4zT3AiWv3nIouWReRStZy9QkavDocqbyPmilc= dPC Yk4BsOlzpwwO74hNG7iyl0KdAlwTxGQ7y0rJou6HYa1TmRhIEr3vKvlW+JfUUrqtjXgsuacTX= o4+ Ira2JUErL2cYzQMq1j4r1ZyhFnuz93s7Rsx/Nw0+0YvCwNwEEAEKAAYFAlvFx+UACgkQajsRO= Tyk rWCJqwv+NLVPE4sD4sDA2/6Ek7UsRIUkg+S39fhqWsLc4rtw/mDunv8Un61I3K04fZ2Ry4nF9= hZM 0a710UvXFbStvrzRJO3EAAcdJR9LTCd19e8UeruQbIee3YT91U4NkC9JMpecfq62/teOAU2e5= P3f WYaLs5ZX7zCLwWuBcW2l3SyoljQczM85HhJ3XHm+FnwQ6D9xRle+lvWTcuC9d1yAyUb8IOosp= cL2 lJTmy8e3r79R24hPlSB4LDe0wEN8AXbagrcAQZjwyaHyWxjJbTwZ0b43WGdfIqZ1ElOeoffbk= etP GRmWvx5xUvb2ALFBBdETzV270gs5XDJgJ1SIIKOyDADxwvroTe2jD8C/841eEql5QSow3s/U3= zRq k3mttto8Qw/DN71aeh6dmYSsvd2UjsHw/vofOPRBGxZLEkKTEvMnhmMW9hiKPkPia+QgevYE0= 20q pKSxLEdWA8nprHwxmGiDNesCfXSC6vm1qfyj5g8HzxSckq9ZaMhKMCo7vxflUEDuzsFNBFo9U= DIB EAD6DdHQfMav8OXfhjTteoarOrlJTSdci727xiezGPuBHmpvceBRZgRasdbaMc4HJee+R9+5x= /nL PCuy/DxDyIjwIUeJNgc+l7LjI9WfpHTD8U4xxjvR5Mi7+ToQQUOUNuzT0O0pyuxP1uY3RehHE= hOV fBZO59ipSeZL5iQC6T5MsK1SKfs51pLa5ToC1rc8tBJ4zZmxRAyZiYc/AH2uZ/6rYjTTkAn1D= VI9 DYo2D/zE4bGjXdJW5pKphFB2lX3dG4I7ODi+5e1H6A/QpCu6z8/ZkIQ+9T1xcX/YwiFeA7PbT= uW/ eITbMbI1eV3+fyym9aT7Rsflmp31Zxtr+sZwGGZf00ooMBFmqOS//NUQ/Vf3vDUew1h5QU1yD= aWT 3NApvi+XWPH9TPy6TMfZA2FThHf11sX/gDBa5JWQZbptPEcmoazpiKZt91CrFPOaoXDPck/Q6= 1df mr/oPikfByYnASIM3OwEuXqyQ9JDRfKrem5r+oA/wxWb5jELElAhOpnyqMMvOh7uz1foUssL8= MAv 2TGXmxpVJ8Nu4je6wf96Z22fQ0D38zud+CKH3bMP3ayXXJBcdPoENrzFbWP5FTg/4TTDJ3vOA= HZR 5iCunYghx8b7Ffa4UbkwlD+dh8GiIAtvT51Ac0cO0Wc0Zjc57zPUz1zloMbf+zb1Bsn7DuEQo= qj1 gwARAQABwsFlBBgBCAAPBQJaPVAyAhsMBQkJlCYAAAoJEFqy+vF7FyvqrC8P/1tF6TeR83xD6= Mas qXyrBjwcLmziaF0Mlkj8k/YUiZ/knb53n97xQnh9yxPv0TT8Wpfdn3BmvqGyh8+ouHX9jMOxi= RkM dNhIauVYY/8jmRfBSYWcFkfMzdYasvdLtmYJgx252HKTFdeOrszoOjWjEzwmh+tca3AFMu/nB= ++/ KAmi5UJV7zsZ7uYJ5jm97LV5SLjNJIXXM+lHqCDrjDaDhNczmq1LCRlU6/WDjvkuwaVhZG4lX= xMD rvKnXMkjseQ2oKjwrIdfQM86H1z5J31lfhqop+of0cimcIsBgSCPu+h96LHuAzeRBCbDKeqrf= ZtA ZAGsokRina9947fRWxXHh3O66ILmXKNRxxWbDkPvYnQWUat8SbSTDoPWrDIGDRIAypqYo3pcN= 2OE 0C1chqgDZQxkr+9kYZQpupOAN2TR+fM7JvbO9coKI8Uqog8CopoMeDQkd0YjcqlB1E0svODHT= zcS oRzogDBYDqNLP7qVkNXpcOAXSVioBgiSDf7o5RdS/qmUyXBIeq6I5z8xBcd+BQ/n/9Frkm6K7= IKP 3ngUP4wEoiPx5ZE5+fPIScGmVUcZIMhkvMvem9XXh1yyhqN14gfjmLwPGdWbrgG8QUe0s2WeW= Iys s6uTiyF+ZbJSo2XOKVc3YFMVUUfgyudqAV1wWdZinUk+H3pkqOKoHAy/8fST =3D40Nd -----END PGP PUBLIC KEY BLOCK----- --------------8EFFB66A3974D28AB5E48FCB-- --Wgza7hLBlsK1qUJOPKmWJfBljj7fgA77S-- --P02qVt34ToRj1UFWWpmUi59fzAhOVazbT Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEW7Wm6ldl0sWGPK4nWrL68XsXK+oFAmEAWwkFAwAAAAAACgkQWrL68XsXK+rA CA//XLhmKt/wzR4XZx+oGC45/mkGxjkIVnt8aYC/XBv7fnmKtf3vTIT88VuWUkiDTEg/Vd6r2X7g mPQgSfyDjBuIvEMXli6wWxfhwUY7y4PjPZ9ZNv5pWdE42YmeXDybF3Ai/dtRFNcXgcfAXxLmPTMu 6gqjgKs0Twp3fHY1iCqeR7OghfWFjxBsyDP3CGbF8x5jPmChb6sAIM58Uq+Q1aGAAZl7iZe3rhna +6pwA81hG5srC6hQw5+XafuIyGkNnxPM2yrbAR8dAiCAc764YB1vq1we3zB7FZbvgXGbykPhKBwC wPcv1dQ9HNYe+JJk9ft1dLaX4FKU1txpT/9tErpHJAbS+ur1EplSZjurt9tqTZAVZ/eLg9Sxd1wk Pl6RXKzCAxUQOyF4S81Wu5dp00Q+QqmGFOJgx8uVcQ8qy2e4gId4HhCV104Y3lU4WSPf8dR+3orf Ti6E0J+vT5PBMZs26fr0Ou5vtGUWnsNjduiW37y22JFw3cuKOIDCtg0XoVfW/jpyEdeiCvJHvP4n uxnEJb8BkG5dGjPriny47cq0W3VSSUf+Nd+MPXuabNIWq1xtAUpjhDESfkjiiYlSkd5oKBlTUW5y fUIHHf0kEU57OLmFBiYlYrBazboMom8UHndZKc8wetHyb8f/gc2egFICzuPsRger47Hjkg4dqn7N qNE= =Bn0Y -----END PGP SIGNATURE----- --P02qVt34ToRj1UFWWpmUi59fzAhOVazbT-- From nobody Tue Jul 27 12:49:25 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA69A3A0F7F for ; Tue, 27 Jul 2021 12:49:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=intel.onmicrosoft.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6X47ujyAkW24 for ; Tue, 27 Jul 2021 12:49:19 -0700 (PDT) Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C29273A0F4A for ; Tue, 27 Jul 2021 12:49:19 -0700 (PDT) X-IronPort-AV: E=McAfee;i="6200,9189,10058"; a="212551773" X-IronPort-AV: E=Sophos;i="5.84,274,1620716400"; d="scan'208,217";a="212551773" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Jul 2021 12:49:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,274,1620716400"; d="scan'208,217";a="456234732" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga007.jf.intel.com with ESMTP; 27 Jul 2021 12:49:17 -0700 Received: from orsmsx604.amr.corp.intel.com (10.22.229.17) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Tue, 27 Jul 2021 12:49:17 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Tue, 27 Jul 2021 12:49:17 -0700 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.44) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Tue, 27 Jul 2021 12:49:17 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gyYAOG4UqTg5eRDZsaS/HPFaP3cwbgf+pwbSn6zbtewSM3MMUbVv85mc3+6trzyvPG4TxVZHYXr5g5AIAWNwZ30iR1J7PrUqtpUFLlg8wsxIfVN3I0I7wdmAtBaHX5lQBQT8U3/cyvOXyPDfvRbh0YXn1kV7e8mIpIHLAmtFc9Sp4FxNLQjsgeyOi+xGjmNpJ5acG/VJ0L0/eXK+DxRU7E5w21/PHj3q9hZCCmB4Y7jNemQfGxCoNCSk/VgHF4/WKqYkA65eunSexEpzlDe30pCOknU2Jz8Fd2IYUzggaT0xu5QHaz/lkU03jQAFNJmBgFbODTr36FnW/bM/KHqstw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hJKJs9vRZ5mCXm8nJsGqpYo/iX2xnschvC9UusqSH0A=; b=fbmgR7KfeH5arYz/EhBHRMnjDrxPlguWQWKT14CCiLbU+YcMvzq3hsxeRw4LkZ8CLjBmE87/g/CaxMaI9KPgDw1crl8iOdb0Z8ng1+k6L60jUGDn5dfNeiR8ojlhq30WlZ2PerIz2l0G8M/y/CIEVM+gbN8LmPeya75vP0wQDNlMv0yB03FDJGIKxlKeSWIDIZD2rwANpfVdFyJm9fKlYePjquyv1TEdvmiANppq0eXPSl+WqjUZTssztZc8vyHDtwwGXsOBEr+u0P+DDQvWf06CBN2p+vYGApIDV0Tm9nY5eOtqZI//AEHnBHJDdy14OK13l1OmQAvjfK2tpIPEGQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hJKJs9vRZ5mCXm8nJsGqpYo/iX2xnschvC9UusqSH0A=; b=SXRlSCE4c44UR0t0/Thi8hxnvKN0CaRfFRLDtUNnOBG7cNAgX+gYXg7LcEEMDoyAeWcgk3YDmQdH2+MOKqvX5mzAGQ3kHaz1TVDvDTt2gXWdDmiWtQ++NUB6ZP1gtZtkjs8hteXqzIk8AXw5SvsjV5fTGNEnUmqXxTnT0lJeSho= Received: from CO1PR11MB5169.namprd11.prod.outlook.com (2603:10b6:303:95::19) by MW3PR11MB4537.namprd11.prod.outlook.com (2603:10b6:303:5d::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.28; Tue, 27 Jul 2021 19:49:16 +0000 Received: from CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::e9f3:b903:83f2:d244]) by CO1PR11MB5169.namprd11.prod.outlook.com ([fe80::e9f3:b903:83f2:d244%3]) with mapi id 15.20.4352.032; Tue, 27 Jul 2021 19:49:15 +0000 From: "Smith, Ned" To: "saag@ietf.org" Thread-Topic: [saag] RATS @ IETF 111 Thread-Index: AQHXgyB77ZyIDqkL8kG3+nNx5+lzcw== Date: Tue, 27 Jul 2021 19:49:15 +0000 Message-ID: <00C72B7F-931B-4BBC-835F-48B7084CF6BE@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.51.21071101 authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 4bd0e034-96a5-4f6f-c8fe-08d951379da9 x-ms-traffictypediagnostic: MW3PR11MB4537: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7219; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 04aFvnB6we4kVBbLMyNLelMbcSt6CzsGUyYQpGVPXXwqpCyhCAbi9cs8UcfbIMSfcbrK8oUUmI/P9ZeqFmO6iKug3M9PWRivYeY7SeVb2GQTgRU1FZx5r7l80wf91/HDqoAahwb3asKHHxpb7oogvUV1klLi+yD4w+CCtNEzuY6Ldmq9J55E+55xKFL/jjfbXPp/yU0yMNPTmB1erXiHNwVoyegq1x3dKodTX/Oz70/oJo7hNaMlv6xxCbzMT3tNYqVacKIQgMOWNJnmp0S8SqmcJCniyMw6bNkDUtGez35YXFd9iADvW9Xqj3NPBJV1rKKendepKK3cPiHiogI67V48tkmkl3AojCjCFYiFZ7qI57DF+VEya48wp7eOyQgzNisILvr/mVc8APCIqjADpYdjDC/xnXuRzT1Dx9BuQ8GVcHCiPXGssyDBa7nZ2XMMJX9JNamaudXoQqJuez/q5dH1R6EJJKRhgwTQmYrVRqAO8J4dj2qgLRuxo/pKL9bwnW/41+3f0AufelDbOyQWKTT87H++j6PYwIXAjbASy2WSTJpLW6lol0uOAelgBjFVCVilsvS0SiCs6putT+Q3vXGeFlLnM7mvDbpw79xp45IEBAbzH39cUyLrDsw1Q3QZmDItYewcevFBU7Mwd8rxMCAXZ8ugJei6alMzOr4U6v7apEnkF00D1nhijV3kYx36ihBwejQ23LGEXFEyz48vi9WMhspeiNZqQLxRKS06nWj5uikkc0yf+OUErCa/HP5p x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB5169.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(136003)(346002)(366004)(39860400002)(396003)(478600001)(66946007)(38100700002)(71200400001)(66446008)(26005)(66556008)(8676002)(64756008)(66476007)(33656002)(5660300002)(2616005)(8936002)(122000001)(76116006)(186003)(83380400001)(2906002)(316002)(36756003)(6506007)(6486002)(86362001)(6916009)(6512007)(38070700005)(45980500001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?R2pPQ0JEMFhZMWRCeTltOXA3dWFCK2ZlMkVNbHFpc052SVMrVlZ6bEp0R0N0?= =?utf-8?B?Q01rMi9QMnhDNFk1TzdWMnNRU0lZSlhGcmpxQ3YxMldpUkVnMWl2OE44SXFE?= =?utf-8?B?cEVNNWZIZ0l6RVowTzdla0dBbXA0TW1NYTdrUmZOL2sxaGNMSjBKQ3hhT0FD?= =?utf-8?B?cHJ3TkFGcUkvWUdxN2ZuaVJmb25EU29BZ2RpYjdzYnp2Q0FnNk9ONCsxaGJC?= =?utf-8?B?a0pobGZSb1FpQ1AwWVZOSzZ0QWhHL2N3ditqL2pUK0g4UC9Vd2wrUnlaby84?= =?utf-8?B?eHQxbVVKTWduSC9uaGdyVThCU2huQllsZFpROTNscnJQcUU0SDErZk5xMEVV?= =?utf-8?B?cEw4c21Jcnk3Y2FtaDRvZEltdHgrcUJDdk1MQ1BscGxBKzk5aGFiQStEdllS?= =?utf-8?B?R1pjOU5HYmJhZGZ1d01NSkc5RGJvNkpyUVV6WkI3OXB1dTVETTZtVjRsVFVI?= =?utf-8?B?UG5URmpqazd3WFdlWmJqeHBTamNwaGxCT3JOSE1GcE9ZSHhIelhvMHZTTnJw?= =?utf-8?B?c3ZFTzFlOGhSUk1zVFR4eFAxdWtVL2oxWVM2Rnl0Z3Y0UkZLaWNkeXY3bDhU?= =?utf-8?B?T0dEQWR2M3NwWUVZbGoyUEM3UDJqR3VsTHhYMTFBamhFbHNIOFhFdGV6RmVT?= =?utf-8?B?ZW1lQXJIYU5YTER0R2s3bGZLeDNmcXBCS21EcmxuMmdpOVJwNGsxaTlONXlx?= =?utf-8?B?azQ3M0VKb2hEdkFJbnU2NFI0TVFYZ1NQTnV1Y216Y2FOWjM4ZUpvVWJ2b0c3?= =?utf-8?B?VHQwTWFvTlpYcFF2a0FYRU44b1d6TjVaaU5KUzFKL2Y1N0Q0UzhZVGE4WXVK?= =?utf-8?B?ZXpmamkwYXpBc211QVVNY21pcHBOd0wwL0JydDk2dXZqREpzV1ZJTGpWcXo4?= =?utf-8?B?QVRwMTlzcUtmYnM0UFdtUWJUdTREWFdSaXpHNnZWVkRzeUN4aVowQ0Y2bEU2?= =?utf-8?B?Q1A4M3RKbjJ4OGhTUVA4ZDAvaU9UVkkrWFhZU2JUbkdIWnBSSlBLc3RCUEFa?= =?utf-8?B?Vkk2dnIvWXc2OEtHQUgzRFlJeUx6VnFJcTZqd01ZWWtZOFozWW9URlVuNEdJ?= =?utf-8?B?dGFZVUlkUXptcGsyR2JLb3loWFhmdkwyK2dKejlhY21nZWVadjFWMnZ5Ykxi?= =?utf-8?B?MkMvT2h0Vm1raElnZFVSN1liSVZRUFhkYTdtUkRsSktsVzd3QXZtNjBOVks3?= =?utf-8?B?OERENllEUElHN0haOHAzejkxQXovcUhlNnVOc1IxazBpYlVPaG5yVFJPbFlG?= =?utf-8?B?dTlGOVQrM2hQTkNBMVJvSUg1THFTZjJWd3Zqc3g3dU9tRlJvempNSkUwQU9h?= =?utf-8?B?TVlTT1lMWTJkOWFQOTFiMEFCY0VOZ3R1bEsxUlFENWtRRVVuTWtVV2dlRU9M?= =?utf-8?B?b0UvN01GYlU1MTUyS2NEVFFoYXBlUUNIVUtvY1pOalJCVUR5OWhHbXNYZ3JD?= =?utf-8?B?YTd5SHlGTElNV1dkd1dVRDVDL3RjcURBSEhZWWpxRjM4aVd1WUJrdGVLOThi?= =?utf-8?B?VnFMb0huVXlHUmpwZmZLYmhvNmd4d3hTQkFISm1rUVo5R2M1RUpjV2JjYjlT?= =?utf-8?B?Z3pVVWNyRVd0NHpQbHViMVZsYW80TzZwaldKU29YTkMwZGdpWjBZYnIvNFlS?= =?utf-8?B?a0tNN2JKdU9jY1Nyd2w2OU12bEFpMDFDUnZSQkUyTUpnWU1idlk2SllEcXN2?= =?utf-8?B?U0VyWkQwaW1wcVJ3Q05haDVYUmFDMkV0bEw3R0k2QmJSZGQ4NXFOZ1dXVnNX?= =?utf-8?Q?XF0PuB+1oPCTXBf0FdtzpCeTEPZlT0wAPcOWbLd?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_00C72B7F931B4BBC835F48B7084CF6BEintelcom_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5169.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4bd0e034-96a5-4f6f-c8fe-08d951379da9 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 19:49:15.9259 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: FBI3VAifA3aXd9F0ZJP5gGbbOTcNEYoqfSxt+S9/vGTTlEL9ihd75Y2/3auA8b0D9Xrmm9qTr95I3GwstIXJWA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR11MB4537 X-OriginatorOrg: intel.com Archived-At: Subject: [saag] RATS @ IETF 111 X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 19:49:23 -0000 --_000_00C72B7F931B4BBC835F48B7084CF6BEintelcom_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 DQoNClJBVFMgbWV0IE1vbmRheSBKdWx5IDI2dGgsIDE0OjMwIC0gMTU6MzAgKFBEVCkNCg0KDQoN CiogVGhlIFJBVFMgQXJjaGl0ZWN0dXJlIGlzIGluIGZpbmFsIHN0YWdlcyBhd2FpdGluZyBzaGVw aGVyZCByZXZpZXcuDQoNCg0KDQoqIFRoZSBFQVQgKEVudGl0eSBBdHRlc3RhdGlvbiBUb2tlbikg ZHJhZnQgaXMgbmVhcmluZyBXR0xDIGJ1dCBtdXN0IGRpc3Bvc2l0aW9uIHJlbWFpbmluZyBibG9j a2luZyBpc3N1ZXMuIEEgbmV3IGRlYWRsaW5lIG9mIG1pZC1BdWd1c3QgaXMgc3VnZ2VzdGVkIGZv ciBmaW5hbGl6aW5nIGJsb2NraW5nIGlzc3Vlcy4NCg0KDQoNCiogVGhlIENIQVJSQSBhbmQgUklW IGRyYWZ0cyBhcmUgaW4gV0dMQyBhbmQgbmVhcmluZyBjb21wbGV0aW9uLiBUaGUgQ0hBUlJBIGRy YWZ0IG5lZWRzIGEgZmluYWwgcmVzcG9uc2UgZnJvbSB0aGUgWWFuZyBkb2N0b3IgcmV2aWV3IGdp dmluZyBpdCBhIHRodW1icyB1cC4gVGhlIHdvcmtpbmcgZ3JvdXAgd2FudHMgdG8gcHJvZ3Jlc3Mg Q0hBUlJBIGFuZCBSSVYgZHJhZnRzIGluIGxvY2sgc3RlcC4NCg0KDQoNCiogVGhlIFJlZmVyZW5j ZSBJbnRlcmFjdGlvbiBNb2RlbHMgZHJhZnQgaXMgcmVhZHkgZm9yIFdHTEMuIEEgV0dMQyB3aWxs IGJlIHRha2VuIHRvIHRoZSBSQVRTIGxpc3QgaW4gdGhlIG5lYXIgZnV0dXJlLg0KDQoNCg0KKiBB IG5ldyBkcmFmdCB3YXMgZGlzY3Vzc2VkIHRoYXQgdXNlcyBEaXJlY3QgQW5vbnltb3VzIEF0dGVz dGF0aW9uIChEQUEpIC0gYSBncm91cCBzaWduaW5nIGFsZ29yaXRobSAtIGFzIGEgcG9zc2libGUg c29sdXRpb24gZm9yIHByaXZhY3kgcHJlc2VydmluZyBhdHRlc3RhdGlvbi4gVGhlIHdvcmtpbmcg Z3JvdXAgd2FzIGludGVyZXN0ZWQgaW4gbW92aW5nIHRoaXMgZm9yd2FyZCAodG93YXJkIGFkb3B0 aW9uKS4NCg0KDQoNCiogQ29uY2lzZSBSZWZlcmVuY2UgSW50ZWdyaXR5IE1hbmlmZXN0IChDb1JJ TSkgZHJhZnQgd2FzIGRpc2N1c3NlZCB0aGF0IGRlZmluZXMgYSBzY2hlbWEgZm9yIGNhcHR1cmlu ZyBhdHRlc3RhdGlvbiByZWZlcmVuY2UgdmFsdWVzIGFuZCBlbmRvcnNlZCB2YWx1ZXMuIFRoZSBk cmFmdCBhdXRob3JzIGludml0ZSBvdGhlcnMgdG8gcmV2aWV3IGFuZCBjb21tZW50Lg0KDQoNCg0K KiBUaGUgQXR0ZXN0YXRpb24gU2V0cyBkcmFmdCBzdGF0dXMgd2FzIGRpc2N1c3NlZCBhbmQgYSBy ZXF1ZXN0IGZvciBhIGNhbGwgZm9yIGFkb3B0aW9uIHdhcyBtYWRlLiBEdWUgdG8gdGltZSBjb25z dHJhaW50cyB0aGUgY2FsbCBmb3IgYWRvcHRpb24gZGlzY3Vzc2lvbiB3YXMgY3V0IHNob3J0Lg0K DQoNCg0KUkFUUyBtZWV0cyBhZ2FpbiBvbiBUaHVyc2RheSAgSnVseSAyOXRoIGF0IDEyOjAwIC0g MTowMCBhbmQgMTozMCAtIDI6MzAgKFBEVCkuDQoNCg== --_000_00C72B7F931B4BBC835F48B7084CF6BEintelcom_ Content-Type: text/html; charset="utf-8" Content-ID: <4FB561952B34EF4ABB3191915208C5FE@namprd11.prod.outlook.com> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseTpIZWx2ZXRpY2E7DQoJcGFub3NlLTE6MCAwIDAgMCAwIDAgMCAwIDAg MDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJDYW1icmlhIE1hdGgiOw0KCXBhbm9zZS0x OjIgNCA1IDMgNSA0IDYgMyAyIDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpDYWxpYnJp Ow0KCXBhbm9zZS0xOjIgMTUgNSAyIDIgMiA0IDMgMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25z ICovDQpwLk1zb05vcm1hbCwgbGkuTXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjow aW47DQoJZm9udC1zaXplOjExLjBwdDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJp Zjt9DQpzcGFuLkVtYWlsU3R5bGUxNw0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25hbC1jb21wb3Nl Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNvbG9yOndpbmRvd3RleHQ7 fQ0KcC5wMSwgbGkucDEsIGRpdi5wMQ0KCXttc28tc3R5bGUtbmFtZTpwMTsNCgltYXJnaW46MGlu Ow0KCWZvbnQtc2l6ZTo5LjBwdDsNCglmb250LWZhbWlseTpIZWx2ZXRpY2E7fQ0KcC5wMiwgbGku cDIsIGRpdi5wMg0KCXttc28tc3R5bGUtbmFtZTpwMjsNCgltYXJnaW46MGluOw0KCWZvbnQtc2l6 ZTo5LjBwdDsNCglmb250LWZhbWlseTpIZWx2ZXRpY2E7fQ0Kc3Bhbi5zMQ0KCXttc28tc3R5bGUt bmFtZTpzMTsNCglmb250LWZhbWlseTpIZWx2ZXRpY2E7DQoJY29sb3I6YmxhY2s7fQ0Kc3Bhbi5h cHBsZS1jb252ZXJ0ZWQtc3BhY2UNCgl7bXNvLXN0eWxlLW5hbWU6YXBwbGUtY29udmVydGVkLXNw YWNlO30NCi5Nc29DaHBEZWZhdWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZv bnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmO30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtz aXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2 LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPg0KPC9oZWFk Pg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxpbms9IiMwNTYzQzEiIHZsaW5rPSIjOTU0RjcyIiBzdHls ZT0id29yZC13cmFwOmJyZWFrLXdvcmQiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxw IGNsYXNzPSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEiPlJBVFMgbWV0 IE1vbmRheSBKdWx5IDI2dGgsIDE0OjMwIC0gMTU6MzAgKFBEVCk8bzpwPjwvbzpwPjwvcD4NCjxw IGNsYXNzPSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEiPiogVGhlIFJB VFMgQXJjaGl0ZWN0dXJlIGlzIGluIGZpbmFsIHN0YWdlcyBhd2FpdGluZyBzaGVwaGVyZCByZXZp ZXcuPG86cD48L286cD48L3A+DQo8cCBjbGFzcz0icDIiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K PHAgY2xhc3M9InAxIj4qIFRoZSBFQVQgKEVudGl0eSBBdHRlc3RhdGlvbiBUb2tlbikgZHJhZnQg aXMgbmVhcmluZyBXR0xDIGJ1dCBtdXN0IGRpc3Bvc2l0aW9uIHJlbWFpbmluZyBibG9ja2luZyBp c3N1ZXMuIEEgbmV3IGRlYWRsaW5lIG9mIG1pZC1BdWd1c3QgaXMgc3VnZ2VzdGVkIGZvciBmaW5h bGl6aW5nIGJsb2NraW5nIGlzc3Vlcy48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJwMiI+PG86 cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEiPiogVGhlIENIQVJSQSBhbmQgUklWIGRy YWZ0cyBhcmUgaW4gV0dMQyBhbmQgbmVhcmluZyBjb21wbGV0aW9uLiBUaGUgQ0hBUlJBIGRyYWZ0 IG5lZWRzIGEgZmluYWwgcmVzcG9uc2UgZnJvbSB0aGUgWWFuZyBkb2N0b3IgcmV2aWV3IGdpdmlu ZyBpdCBhIHRodW1icyB1cC4gVGhlIHdvcmtpbmcgZ3JvdXAgd2FudHMgdG8gcHJvZ3Jlc3MgQ0hB UlJBIGFuZCBSSVYgZHJhZnRzIGluIGxvY2sgc3RlcC48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNz PSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEiPiogVGhlIFJlZmVyZW5j ZSBJbnRlcmFjdGlvbiBNb2RlbHMgZHJhZnQgaXMgcmVhZHkgZm9yIFdHTEMuIEEgV0dMQyB3aWxs IGJlIHRha2VuIHRvIHRoZSBSQVRTIGxpc3QgaW4gdGhlIG5lYXIgZnV0dXJlLjxzcGFuIGNsYXNz PSJhcHBsZS1jb252ZXJ0ZWQtc3BhY2UiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxw IGNsYXNzPSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEiPiogQSBuZXcg ZHJhZnQgd2FzIGRpc2N1c3NlZCB0aGF0IHVzZXMgRGlyZWN0IEFub255bW91cyBBdHRlc3RhdGlv biAoREFBKSAtIGEgZ3JvdXAgc2lnbmluZyBhbGdvcml0aG0gLSBhcyBhIHBvc3NpYmxlIHNvbHV0 aW9uIGZvciBwcml2YWN5IHByZXNlcnZpbmcgYXR0ZXN0YXRpb24uIFRoZSB3b3JraW5nIGdyb3Vw IHdhcyBpbnRlcmVzdGVkIGluIG1vdmluZyB0aGlzIGZvcndhcmQgKHRvd2FyZCBhZG9wdGlvbiku PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0icDIiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPHAg Y2xhc3M9InAxIj4qIENvbmNpc2UgUmVmZXJlbmNlIEludGVncml0eSBNYW5pZmVzdCAoQ29SSU0p IGRyYWZ0IHdhcyBkaXNjdXNzZWQgdGhhdCBkZWZpbmVzIGEgc2NoZW1hIGZvciBjYXB0dXJpbmcg YXR0ZXN0YXRpb24gcmVmZXJlbmNlIHZhbHVlcyBhbmQgZW5kb3JzZWQgdmFsdWVzLiBUaGUgZHJh ZnQgYXV0aG9ycyBpbnZpdGUgb3RoZXJzIHRvIHJldmlldyBhbmQgY29tbWVudC48bzpwPjwvbzpw PjwvcD4NCjxwIGNsYXNzPSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8cCBjbGFzcz0icDEi PiogVGhlIEF0dGVzdGF0aW9uIFNldHMgZHJhZnQgc3RhdHVzIHdhcyBkaXNjdXNzZWQgYW5kIDxz cGFuIGNsYXNzPSJzMSI+DQo8c3BhbiBzdHlsZT0iZm9udC1zaXplOjguNXB0Ij5hIHJlcXVlc3Qg Zm9yIGEgY2FsbCBmb3IgYWRvcHRpb248L3NwYW4+PC9zcGFuPiB3YXMgbWFkZS4gRHVlIHRvIHRp bWUgY29uc3RyYWludHMgdGhlIGNhbGwgZm9yIGFkb3B0aW9uIGRpc2N1c3Npb24gd2FzIGN1dCBz aG9ydC48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJwMiI+PG86cD4mbmJzcDs8L286cD48L3A+ DQo8cCBjbGFzcz0icDEiPlJBVFMgbWVldHMgYWdhaW4gb24gVGh1cnNkYXkgJm5ic3A7SnVseSAy OTxzdXA+dGg8L3N1cD4gYXQgMTI6MDAgLSAxOjAwIGFuZCAxOjMwIC0gMjozMCAoUERUKS48bzpw PjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0K PC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --_000_00C72B7F931B4BBC835F48B7084CF6BEintelcom_-- From nobody Tue Jul 27 12:55:18 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14A6B3A0FEA for ; Tue, 27 Jul 2021 12:55:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ITF7xQMjKVc6 for ; Tue, 27 Jul 2021 12:55:15 -0700 (PDT) Received: from mail-wr1-x429.google.com (mail-wr1-x429.google.com [IPv6:2a00:1450:4864:20::429]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F7333A0FE6 for ; Tue, 27 Jul 2021 12:55:15 -0700 (PDT) Received: by mail-wr1-x429.google.com with SMTP id n12so12979809wrr.2 for ; Tue, 27 Jul 2021 12:55:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=XrqJSv1AeM0duXn4sYEJYfRz+EErMzToyZQJbim2UlM=; b=bPs0fYGUxHrTfI9p4NA+BBW2CIvLBMKzTpFYRCq/rLCAwlefDG0LE5wvkPom0YuipF dAsAAPMKEnB9uZYpupASua64/MmVhSkRct/9LvG7z7Yu3zlY0ugytdseAa7bGD3B14Yg wOB8FEi2iVycXN6u/Ajwef3PLiwY0m56GvmR7IKn+TyPYzn+153Qw/GM1F4RSj72ahtZ L9lunqAEksazfEy7bve2gvIRLoO4njcxQuzQgJ1oUEANJkdJHU4ftyApwCMXjtEBey/L ldPdGI8APwOpiDc7/ELS4+qjJZYwLTgwH8Z1YCCbFrxQzwyt5ZRHOWUXJgJnEWvOFcu+ nG/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=XrqJSv1AeM0duXn4sYEJYfRz+EErMzToyZQJbim2UlM=; b=Zi9YU+8N1GmhbcS/KrZUJu7BVYKnyzcCnZppZhuKr+eZFDehXwKLZrfKJs5EHkTqXe sQrFH/Bv8EWiTQq+d/VN6b4yClUf1UJJDd4Z/0Yx9q+y8CkoItRk+kBb6RdqKmIwWPdY SSlQIsvydhWnOkHMZgzWJ1ST6rC55CqVYQUWco04LR1TZtHpGnlK2aMxGWfq/m+8+KhS MBsHO0h+IcCWNatmd3dpeFSUcfK0qB6Id4fE5CCp+ygftepJ1h+aArZeuajCQNynuzu+ owMpg6lWT7VldPgalrw4P2S8rBXto2Nz/uDVCUFjtra+dBE4jgxtE2LVpEGsRYZi7btB fWYg== X-Gm-Message-State: AOAM531A8nlSN3+wUHniQ3fTEl1EybNG/WJ0eeaJZtN45j0lbzumiJGA iB3B6acnF5rJTUA/BvamraTvm2sMXmUVI0ap X-Google-Smtp-Source: ABdhPJzT4srRPIXl20uge00eeIFSQW11nm0hby5K1+HomFUddfHZggSMHByhZCJz05dLT47b2RvZTw== X-Received: by 2002:adf:f149:: with SMTP id y9mr8124897wro.413.1627415712456; Tue, 27 Jul 2021 12:55:12 -0700 (PDT) Received: from smtpclient.apple ([46.120.57.183]) by smtp.gmail.com with ESMTPSA id o19sm4087475wmr.18.2021.07.27.12.55.11 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Jul 2021 12:55:11 -0700 (PDT) From: Yoav Nir Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.80.0.2.43\)) Message-Id: Date: Tue, 27 Jul 2021 22:55:09 +0300 To: Security Area Advisory Group X-Mailer: Apple Mail (2.3654.80.0.2.43) Archived-At: Subject: [saag] ACME Report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 19:55:17 -0000 ACME will meet on Friday. Since last IETF we=E2=80=99ve had one draft (mail certificates) = published as RFC, and another (delegation) has gone through IETF LC and = IESG review. It is now in the RFC editor=E2=80=99s queue. A few other drafts are in various stages of IESG processing, and one = still in the WG because it requires more reviews. There are also a few candidate drafts. Deb & Yoav From nobody Tue Jul 27 13:17:03 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C76FE3A10F5 for ; Tue, 27 Jul 2021 13:17:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4vpEMdDIZsHZ for ; Tue, 27 Jul 2021 13:17:00 -0700 (PDT) Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A4973A11FF for ; Tue, 27 Jul 2021 13:16:38 -0700 (PDT) Received: by mail-wm1-x32d.google.com with SMTP id n11so8346786wmd.2 for ; Tue, 27 Jul 2021 13:16:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=fJ4t+PDOCbOd8RZTQw6+PotPZrNpBEe3S9golYXQdzo=; b=SfzL4olCFgSjwlNhE3jQdz37z+RUyPE5rM9lFm5GI6zCBNoEoyvD16FIZ5Z6oxl6t3 WDTua5dQazw9ah7pRjhijy2s1wtYi94GELd1ZDY7RSYRKORlWvP0NFViedMoexOUvSVS 8upxuHzMAJkctL9qQSzyn8kPmRth9+UllxnF+IIH6YMzKaJmrTiPJ6NIUrJagMTLFuPL b2G1ZyV9vqcKxQcHcwjWKtzpIQagf0liYg9Dfs1TrsWZzO9epKBMdISug5II8WY028w0 dGjvFlF+SQRl06+rAA+XZe1ZB0qzrCnJrJ40ejQT95Wn4RvWAwqgnJVgTRf5E/R39xHG TfYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=fJ4t+PDOCbOd8RZTQw6+PotPZrNpBEe3S9golYXQdzo=; b=eMtnzMrpUQ9Di2NgyfAqtjRx0j9QcYIE/pUmHSEvmK/aGG42QV1s4YvJfvd5se/2Cj 9tUC9Oth+doxwllKIN7WmVP5Z3aE/oahQCuuuFm/AgxkNbcGYqHJ0PVgPHpgBjv8FyAm 5hRKM70MdLGk7B+CAZggNMBbK+6i6+Hoowu88bz12a+1PCAHGkw0Rd90rhzFsTuA4cPE D4MT7bts/UGDpp9qoZ0vfD+tRkZNbRiRiOfT+fpCbINsCaon4bF2ut6ar4XxhdALJq5G UCVrNbsdogqvMu5zHpQWUcqfDTDXwhknzYsJDu8YBXtIm0ZR20ujIB79NhKlR7+nEHKV TVOA== X-Gm-Message-State: AOAM533Jos9CR1n1ZkQ/ql22snrMaUaTlbqfwKTLGbveRHfSvicgx1ET 0+bam2VsTxG4Roj9PZ3GPVUYD9HK8Izmcj2Y X-Google-Smtp-Source: ABdhPJw4jTgyRcJic5DOYu2Ddu5jK65guQ390ZzlDlx/7AuqPF+GvnWGYLrxUzfeHDpIhUAsJSQnZA== X-Received: by 2002:a05:600c:4fcd:: with SMTP id o13mr20024499wmq.132.1627416996031; Tue, 27 Jul 2021 13:16:36 -0700 (PDT) Received: from smtpclient.apple ([46.120.57.183]) by smtp.gmail.com with ESMTPSA id z25sm4052435wmf.9.2021.07.27.13.16.34 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Jul 2021 13:16:35 -0700 (PDT) From: Yoav Nir Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.80.0.2.43\)) Message-Id: <1EBE9894-97B8-4FDD-95CB-3BA58E3332B1@gmail.com> Date: Tue, 27 Jul 2021 23:16:32 +0300 To: Security Area Advisory Group X-Mailer: Apple Mail (2.3654.80.0.2.43) Archived-At: Subject: [saag] IPsecME summary X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 20:17:02 -0000 IPsecME met on Monday. We have two drafts waiting for write-up, one in WGLC, and six documents = in the working group. Work is progressing. Tero & Yoav From nobody Tue Jul 27 14:01:21 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A24C3A0529 for ; Tue, 27 Jul 2021 14:01:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iSQxyQE-FJXS for ; Tue, 27 Jul 2021 14:01:14 -0700 (PDT) Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9500C3A045E for ; Tue, 27 Jul 2021 14:01:14 -0700 (PDT) Received: by mail-pj1-x1033.google.com with SMTP id o44-20020a17090a0a2fb0290176ca3e5a2fso1064535pjo.1 for ; Tue, 27 Jul 2021 14:01:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=VXZ16JiEt1EFbiVvXkMKMdTxQQVdxPiRnCSpckMiUBk=; b=FLygZMahrSZTQUHEFnpVJZJGm06b4fmyUSFlcOdsYAUSCEvzprbxSX7rDwP3v8I/RV Jwe8BlPFGPThtRkZhieELXG+/uGBVY71QREt+U5Nr9ubGUxqPnKcAFqQoBA24SGZU/EW 5ncJ23zy7s5UOG1Mcp6EQ60x3mP6aJz6j17lSAO/Aniz5TslyxleqjtGqbWrQC6ycxZe BzUtvNFu74UJ87Snl8QoUPn8rfOnr1nvDMZYNeSx97n61qBq2CncQFfSa7GFqPw5VQ8X uNcVDAclHqSicK2tlqAmeAXyWYVvXvgWtuo/y8gej5ZmIzSxDDCllh7jglIw9HBYyzVx qU3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=VXZ16JiEt1EFbiVvXkMKMdTxQQVdxPiRnCSpckMiUBk=; b=DGdhWr59JW1Z/vTJxbQBg/slzeJrnBzwHm8Iampndjbint9XXzBPunrCSkASe8SyaN yMUEAc01cjqhSRFgctd+sRpYqGK0/fK6t84SYbESHf7FhnsRqg4WnRDDft4uOlMbqTNW 6Kq5oAl3y3q1Tkn1uiB9CASrFoP27LH4+T69cunFoK81HpQv3pm6E1dbEpmN5nJM7mDi WUZfis6zJ/Z6CnK4ARm/ZVBVv7TU+AB27XKqc3jd5zronz9Qj9Ni1di9FxHY6di+0nDD pzq4kxZYcioMMACIBXs/RvmR/nAoz1yf60eFdZC/E7bo2Op9/oHfLcxdtIl5JBtwsqLG yDWA== X-Gm-Message-State: AOAM530RUFuZL6X1K4klUJY1t5gN33amjBRjjsp563IaiYLeUkwS3Hh/ n3kay36nb1SMIDnZ8ZuhmW86LzW6RbffnIisbK4= X-Google-Smtp-Source: ABdhPJxJzr6fJdpXJy5eA46wkdV5AuzsYsQ2vWVl/+HLwh2vSdRyF0hmOxPphpWA77+PxKQCahVlaC5Smuk1Newm5ds= X-Received: by 2002:a63:510d:: with SMTP id f13mr21990613pgb.308.1627419673198; Tue, 27 Jul 2021 14:01:13 -0700 (PDT) MIME-Version: 1.0 References: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> In-Reply-To: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> From: Thomas Peyrin Date: Tue, 27 Jul 2021 23:01:02 +0200 Message-ID: To: "Blumenthal, Uri - 0553 - MITLL" Cc: Robert Moskowitz , "cfrg@irtf.org" , "saag@ietf.org" Content-Type: multipart/alternative; boundary="00000000000085829405c8212beb" Archived-At: Subject: Re: [saag] [CFRG] NIST Leightweight Crypto report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 21:01:20 -0000 --00000000000085829405c8212beb Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear Uri, (full disclosure: I am one of the designers of Romulus) Among the finalists, I believe only Romulus has a version (Romulus-M) that is nonce-misuse resistant, similarly to SIV. Note also that Romulus now includes hashing feature as well (Romulus-H). Regards, Thomas. Le mar. 27 juil. 2021 =C3=A0 17:22, Blumenthal, Uri - 0553 - MITLL < uri@ll.mit.edu> a =C3=A9crit : > I have no comment, but one question: which of the NIST Lightweight Crypto > candidates provide nonce misuse resistance, at least at the level > comparable with SIV mode? > > -- > Regards, > Uri > > There are two ways to design a system. One is to make is so simple there > are obviously no deficiencies. > The other is to make it so complex there are no obvious deficiencies. > > - C. A. R. Ho= are > > > =EF=BB=BFOn 7/27/21, 11:06, "CFRG on behalf of Robert Moskowitz" < > cfrg-bounces@irtf.org on behalf of rgm-sec@htt-consult.com> wrote: > > NIST just came out with: NISTIR 8369 > > > "Status Report on the Second Round of the NIST Lightweight > Cryptography > Standardization Process" > > https://csrc.nist.gov/publications/detail/nistir/8369/final > > I have been working with Xoodyak which is one of the 4 AEAD/hashing > finalists. You can see how I am using it in: > > https://datatracker.ietf.org/doc/draft-moskowitz-hip-new-crypto/ > > I "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAKE. > It does not come with the nice standardized calls as in SP800-185, bu= t > I > think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my draft. > Comments welcome! > > It has been implemented in openHIP. > > Bob > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > --00000000000085829405c8212beb Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Dear Uri,

(full disclosure: I am one of= the designers of Romulus)

Among the finalists, I = believe only Romulus has a version (Romulus-M) that is nonce-misuse resista= nt, similarly to SIV. Note also that Romulus now includes hashing=C2=A0feat= ure as well (Romulus-H).

Regards,

Thomas.


<= div dir=3D"ltr" class=3D"gmail_attr">Le=C2=A0mar. 27 juil. 2021 =C3=A0=C2= =A017:22, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> a =C3=A9crit=C2=A0:
I have no comment, but one question: which= of the NIST Lightweight Crypto candidates provide nonce misuse resistance,= at least at the level comparable with SIV mode?

--
Regards,
Uri

There are two ways to design a system. One is to make is so simple there ar= e obviously no deficiencies.
The other is to make it so complex there are no obvious deficiencies.
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0-=C2=A0 C. A. R. Hoare


=EF=BB=BFOn 7/27/21, 11:06, "CFRG on behalf of Robert Moskowitz" = <cfrg-bounces= @irtf.org on behalf of rgm-sec@htt-consult.com> wrote:

=C2=A0 =C2=A0 NIST just came out with:=C2=A0 NISTIR 8369


=C2=A0 =C2=A0 "Status Report on the Second Round of the NIST Lightweig= ht Cryptography
=C2=A0 =C2=A0 Standardization Process"

=C2=A0 =C2=A0 https://csrc.nist.gov/publi= cations/detail/nistir/8369/final

=C2=A0 =C2=A0 I have been working with Xoodyak which is one of the 4 AEAD/h= ashing
=C2=A0 =C2=A0 finalists.=C2=A0 You can see how I am using it in:

=C2=A0 =C2=A0 https://datatracker.ie= tf.org/doc/draft-moskowitz-hip-new-crypto/

=C2=A0 =C2=A0 I "like" Xoodyak, as I am able to use it much like = Keccak/SHA3/SHAKE.=C2=A0
=C2=A0 =C2=A0 It does not come with the nice standardized calls as in SP800= -185, but I
=C2=A0 =C2=A0 think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my = draft.=C2=A0
=C2=A0 =C2=A0 Comments welcome!

=C2=A0 =C2=A0 It has been implemented in openHIP.

=C2=A0 =C2=A0 Bob

=C2=A0 =C2=A0 _______________________________________________
=C2=A0 =C2=A0 CFRG mailing list
=C2=A0 =C2=A0 CFRG@irtf.= org
=C2=A0 =C2=A0 https://www.irtf.org/mailman/listinfo/cfrg
_______________________________________________
CFRG mailing list
CFRG@irtf.org
https://www.irtf.org/mailman/listinfo/cfrg
--00000000000085829405c8212beb-- From nobody Tue Jul 27 14:23:25 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 822A23A082B for ; Tue, 27 Jul 2021 14:23:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.097 X-Spam-Level: X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8RffpOZaAmFN for ; Tue, 27 Jul 2021 14:23:14 -0700 (PDT) Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EB9C3A0836 for ; Tue, 27 Jul 2021 14:23:13 -0700 (PDT) Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4GZ8sV1R03zD6Q for ; Tue, 27 Jul 2021 23:23:10 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1627420990; bh=MZy8q2dtrMtivCV7TYOjI7WiGMZkki6yLt+VZd/J2V4=; h=Date:From:To:Subject; b=TtVPuDoztc7besvS+hRSEr8nH3W3Vcwb8yeLaGK7vQ5NsXbW+jj5YBt19CRpOi0lP 8VRtg6XmaNl8Bx4Qgo36Alk7vSCdDLVfqFmeTm3xE/r4KRY6GzemoaBwAOetcT54os n1TQQJjLsZMoaAGQ1CCgMBBVVJg6oHRiqAuxtvj8= X-Virus-Scanned: amavisd-new at mx.nohats.ca Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id XHbqIIMs1di7 for ; Tue, 27 Jul 2021 23:23:09 +0200 (CEST) Received: from bofh.nohats.ca (bofh.nohats.ca [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for ; Tue, 27 Jul 2021 23:23:09 +0200 (CEST) Received: by bofh.nohats.ca (Postfix, from userid 1000) id 16457D1ACA; Tue, 27 Jul 2021 17:23:08 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 12B21D1AC9 for ; Tue, 27 Jul 2021 17:23:08 -0400 (EDT) Date: Tue, 27 Jul 2021 17:23:08 -0400 (EDT) From: Paul Wouters To: saag@ietf.org Message-ID: <29cea82a-3a5b-abd3-8e45-84b46df0f519@nohats.ca> MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII Archived-At: Subject: [saag] TRANS update X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 21:23:20 -0000 TRANS had planned to meet, but ended up not meeting as there were no items to discuss. Our only current document (6962bis) is in the RFC Editor queue. This WG is ready to close, Paul (& Melinda) From nobody Tue Jul 27 14:28:00 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 109273A0875 for ; Tue, 27 Jul 2021 14:27:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2wXwoh_QD1R3 for ; Tue, 27 Jul 2021 14:27:54 -0700 (PDT) Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50105.outbound.protection.outlook.com [40.107.5.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBBED3A0872 for ; Tue, 27 Jul 2021 14:27:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dJgPOxlNFvEkH8Q/Tucii53QYMhA8T9bQ5e/ZWRC8RE4UaqaPMgbNHzMrrQeY4dd0g+zB8x7sbLftCzfiK3yjirYpRSUEcwgsS1PdSSTJ2oxNXth1GFKDXJlgOfwFNnkASd1XMHWQojLjMNJ7ozLcVUfND7bMC+0ffjUMPTOXvoY1bPxKLUgBmH8lVjY7XdawY6m85LYOf+z3LoyNuZksHYvTLJRsy1e+pLyvFxuh7P3PTqWJZ1Su9j2nsIGhJah6u3AysZ4aqAsDgoiRra0l/EK3n4j3vTp20zRHHkYubJQCF5PxIK/GfIkzZBwCrktj2yZOqvCz+ez2D7RgCq0jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ja3+av8Jw1q5/Uqxt1/k+BeHByZkQN0SRqV52kwyXIc=; b=a46OlKkgGEzWdIhRBTSjbjv9frUiXb8Pko4wiy7YVtFMmJ0hc92FbqMP7A5zrlJUzgy0LMHc92ixH6TYOqPL/3T7csyscVOeUOM/q8GfvSsLu+YMrQmi+ZpvqwfKeWmi1EWUQzMZpMe22ctzc2HlnHl3BC4OAaF1tFOtPWfB9xbduWiC7p8IWnBNNy8u36bNGWqVXvg1lUXMdbieFZc7X+44A5z/TwfrbQGMUmxYtN+umRiiJBw7KJkez9dKgAsxUXsYAd6R9A/zoR+yRPX6ysRxv2tUj22NkoKha/7k357ewtc/YO588S3zsh5EuaNKprlNXazaSESvYPZmAULgNw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ja3+av8Jw1q5/Uqxt1/k+BeHByZkQN0SRqV52kwyXIc=; b=KVsQjIvEiFaBOAXzh81vGgaUrxCfHgGG9RwMjVUsGm48UXB8lDhBT3ctf5nE3fJ3/M/zdaIM2Y7g6jU80sFZ5jdqOLzSL/NuUwf7XaD1QCLH1DktYF2PPeh+8va/ZG/8TPZNNN3DIxygD1gHUjKpwp29z7e/WIt0QZIZG7+0nEzl9Trz8kMOoJPNHrtjzWZmYA5SymP5qyINX8ilxsVppm0aW9nGK9P0rfDALqIUlyvrTG/a/iBrFws8CdzOghGNiRsTtRe+tYnRBcLeoOAEomne58yAi2kNlKdVCduDgDTCND8kGJqDWOUgw41zdMLnIB3HdE05FbBMO1euZpQBeg== Authentication-Results: inria.fr; dkim=none (message not signed) header.d=none;inria.fr; dmarc=none action=none header.from=cs.tcd.ie; Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB9PR02MB7049.eurprd02.prod.outlook.com (2603:10a6:10:1fd::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.28; Tue, 27 Jul 2021 21:27:50 +0000 Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272%3]) with mapi id 15.20.4373.018; Tue, 27 Jul 2021 21:27:49 +0000 To: "saag@ietf.org" Cc: =?UTF-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= From: Stephen Farrell Message-ID: <577cd4d8-df59-f108-f438-351e17def147@cs.tcd.ie> Date: Tue, 27 Jul 2021 22:27:47 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="9IB6dTst6oZC1RlVLBaZMuJkBO6QED5PP" X-ClientProxiedBy: DB7PR03CA0103.eurprd03.prod.outlook.com (2603:10a6:10:72::44) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [IPv6:2001:bb6:5e5e:b458:f73f:7e95:898d:9433] (2001:bb6:5e5e:b458:f73f:7e95:898d:9433) by DB7PR03CA0103.eurprd03.prod.outlook.com (2603:10a6:10:72::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18 via Frontend Transport; Tue, 27 Jul 2021 21:27:49 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: dceecc19-8646-482b-ee47-08d951456230 X-MS-TrafficTypeDiagnostic: DB9PR02MB7049: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-Microsoft-Antispam-PRVS: X-TCD-Routed-via-EOP: Routed via EOP X-TCD-ROUTED: Passed-Transport-Routing-Rules X-MS-Oob-TLC-OOBClassifiers: OLM:826; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oCbMJrmwJl2I/MQb1/EtE5VnXC4kHJApeUghqzC+zHNqXIIGN4A8syPQnjbv2Fub7wBxfdx8wVL0njhyUrPP+y4sKo76koD/RG+bipYzxzUC67SpJSqedLLoDRBWSZ/BkCW5p6I7Jr1Mrz+PRQm/cKMvEyJRdiliZidVtpsjia4JlxquhYYWsjmQ8qSGLRZHV/vHkcAqDHlpoTre+9CUApKO9zyWVnDH4i/rYhRPkwk05HkhIek49c8Ka2c9lSXmoopz+mx4lzwF9ha0UDsDHA8MzgRyR7Falmfn6qfzaDVU6DDeV3pjxCDJaxvh1/lAyTYD4V+biTD2PyIxZeq/q1YbrFYT+UavzEAgk39B4B7hLTWzsz/vem/0KczuWDfN/ZnDcEZyLIA/MCaMdbA2m09UUYzbEZsOQEb5Io/6bMuJ4JioPa9EJ/9DIdXPAEPUbfubqaLqMTHQGl5oPlHSn3ns9Gy77/pEKYF3Vgft5rcLJd+gzBO+ejVE/LQjzT8ZNczCm/BUa+1kPI0Kd5TnJajb7NgTEvveqZW2uQRcTH1LO8wE1iH6jxa9RaHw4Hv5sCa3oBK16dlRhujV9XiazBvLfhbArH1qZ+uxiRRm38G40u68iWvZc/PkZwlWzxzl0ffNVpiHRBddFpzC3f5sexhytzaNAqyJyi25GWbMSB7S+BNEsTGbIO+NcQyG4qs4ZO9g5y+NVcxkSVY9lq3efgQEgnracg82eimc6KHnOKY= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(39850400004)(396003)(346002)(136003)(366004)(316002)(786003)(478600001)(38100700002)(6486002)(31686004)(4300700001)(33964004)(83380400001)(8676002)(564344004)(4326008)(44832011)(6916009)(86362001)(2616005)(31696002)(5660300002)(186003)(8936002)(21480400003)(3480700007)(36756003)(66556008)(66616009)(66476007)(66946007)(235185007)(2906002)(43740500002)(45980500001); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MWJvYWdQQzFicWxHSmRNWkNSV2pQLzI0OFhKYlhyUnYwZDZPZzBZeHUydVNT?= =?utf-8?B?ajVVNWxFRjBXOHJOcjUwcVkyYjZiMVhmNGREL2VpYlJHTDEyYVdnSnhndFNi?= =?utf-8?B?NGZ5SkEwK2FybkQ5QkFveSswL2d6WFMxUDNKWG43OFBsSkp2dDBqSzRoTzl1?= =?utf-8?B?RFJRM2JWWE9YckhOT3RuS1VzYWFHSnpnbDdtVVJ4akpHcU5pc1AvMHBVMGYx?= =?utf-8?B?SlYwQStzdldXTWpVVmRXNGRkUlA4Q3o5c2wwWDkyZlA0RGNtbXB3MmdVM3Zs?= =?utf-8?B?U051RVFQYnlyY3lIaVBnRXJ3NGs2YysxbGVXeUpva0JpUWhKODV3Yi9XZTh4?= =?utf-8?B?Sm9RUUFXKzg5VENPTDhSTmhiaG9LSEc4RXAxcy9PY1ZiRTBMbzg1ZnFyMWtV?= =?utf-8?B?YXVBb1dkT0QycTJWYXg4d1E0T3JvU2hGNGVzMVkzYVZnbGJHYmNjMTFuSFgv?= =?utf-8?B?QzIzTHNTOXgxQ2hWM002NFdTMDNlMHNwK3RPM3hNRHJ5bVdCbms3dHcvQTIv?= =?utf-8?B?VnB1cjRoem5FSVdqNjBtRFl2STNIWjBRYmY5QVd2cjRrVlE0dE9RTVM5dG0v?= =?utf-8?B?d1B0T2VHa2F2MWxYbmphZVZ5clRCMjc2dHZxKytZSG8vQm96YWtwaFllVFNm?= =?utf-8?B?OURkZmlKMlYzUkZBak1oWUlUODJxVTd5dDZRSUppYzVsUU82L0o3c1ZpNExT?= =?utf-8?B?LzNsdjJSck1HNU9qekU2WlZwK3kzSUJHbGJOdmF6UzUyMTl6NFd1NWRGMkk2?= =?utf-8?B?d0htWTJXY2w5UUZ2WW9HU0xpOEtnZldJOFA0YlUvZloxTVFZRVA2UVBuZ3RW?= =?utf-8?B?LzRKTDc1eVFZellLZmRmcjNWUVJEVFVNYVhSbnVEVkNyZkNpR09CSTI5QStH?= =?utf-8?B?blBSc0o1V0NVeXNYYngvY2RiaWVySFd0ZjlvWE9UdGFYRHFITm5Talp5bkJj?= =?utf-8?B?aGxUaVZ2cTh0WE1COW1HZk52VGZhU3crbkVjTmlMUmVHaHZJdTFnZnQ2NHJa?= =?utf-8?B?OFFMaml6RjFDRnR5MWlkcUNRc044ZmxTK0JNenQ0N3pGTjJhOXB1T3hhSm5v?= =?utf-8?B?U1ZXWHpnUnBGQkhNd2QwMEloZDVRSFFZd0pDbjU3dW5TWCs2SjNjeVNPNW5C?= =?utf-8?B?ZGcwcWpGVFl1ZXhuMXNrVFFKZjY1dGo5NUZiYWY3ZzVBbGR4NzEvdnFKbVhh?= =?utf-8?B?UW9GcWkyVzNYUlFUOE9qWTNmOUNaSVMzdTA3MlNUb2xwR0FYU1FKVUpDQjBn?= =?utf-8?B?UU5WOWpnMzk5TEdSdHhzTVE4SHlad2R5SjFjbGxSTjMvcURkcTQ3UmFrRjcx?= =?utf-8?B?WUUwbjBvNFFSTjdBUmlZR0EydmNwQnBjUTFLM3RkdWZVU2dKQlFDK1FWdnZi?= =?utf-8?B?WW85RlJQK3d5cmRYOG5KTTNSOWF2N0Z0RFRCUnVJQzdTRmdSRi9SbFBjblpX?= =?utf-8?B?VXlwRk0rNDhMaHNOQjBQM2tyY2pkV0VscnpESjJRUEZCTUpFZzNWbCsydHBS?= =?utf-8?B?R21paWVmZS9YTkJxTlpYVTZINm9mL2doTWFuZWlBcjhxRHJpUkYrZ3J0VG5V?= =?utf-8?B?bHFNai9aaFlEN09BV3FsbEpTM2kvcmFFRW02NjVaT2VzVVJka2RqN3RUdVhN?= =?utf-8?B?UEJaMXd1NVFPR1FBVjFCZyszaWRESkhuQU8wNldDcytScVI5aXZBajJQNjJF?= =?utf-8?B?bUo3WlpHbjZ4MmhpTTU4SnJWT3hoS1RWSUUwMFBEVitsaGlTREV2bzZlSHNx?= =?utf-8?B?NDFReE15V1g2a0lHQjNxSXRHNnRoZFVzVG5FQ0haR2V1eDdKbmc1MjV3ZVlH?= =?utf-8?B?VXpOelRseTJRdmtzY3dxZmM5ZGV4QUlzS0h2aGlJYkltUXNqM011QjVXY2pw?= =?utf-8?Q?dLMMmqJ6ZGtzP?= X-OriginatorOrg: cs.tcd.ie X-MS-Exchange-CrossTenant-Network-Message-Id: dceecc19-8646-482b-ee47-08d951456230 X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jul 2021 21:27:49.6979 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: K6u6ryoiC/4E8ZnwNxe8qXebfgLgqrollK98Ml2ZQ+mQKb9JJYesgX4M3CoBp92H X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB7049 Archived-At: Subject: [saag] lake report for saag X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 21:27:59 -0000 --9IB6dTst6oZC1RlVLBaZMuJkBO6QED5PP Content-Type: multipart/mixed; boundary="W96peWy3H7ii7QEEySLtcJ2fcJ0FvNze3"; protected-headers="v1" From: Stephen Farrell To: "saag@ietf.org" Cc: =?UTF-8?B?TWFsacWhYSBWdcSNaW5pxIc=?= Message-ID: <577cd4d8-df59-f108-f438-351e17def147@cs.tcd.ie> Subject: lake report for saag --W96peWy3H7ii7QEEySLtcJ2fcJ0FvNze3 Content-Type: multipart/mixed; boundary="------------BDE9EA6AE0ECEDC32C390257" Content-Language: en-US This is a multi-part message in MIME format. --------------BDE9EA6AE0ECEDC32C390257 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable The LAKE WG meets Thursday. We mostly plan to review the work done at and between interims and catch up with the ongoing interop work. We'll likely cover some of the open issues as well of course. It'll be fun:-) S. --------------BDE9EA6AE0ECEDC32C390257 Content-Type: application/pgp-keys; name="OpenPGP_0x5AB2FAF17B172BEA.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0x5AB2FAF17B172BEA.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh5= Cg8 gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+QtaFq= 978 CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKrEMjmL5VGu= D/Q 9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZUbUv0Q+DnQAB/4= tNn cejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqOVz+7L+WiVfxLbeVqB= wV+ 4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJgb097ZaNyuY1ETghVB5Uir= 1GC YChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k4LyM2lp5FmBKjG7cGcpBGmWav= ACY Ea7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK7uB7E7HlVE1IM1zNkVTYYGkKreU8D= VQu 8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5XiHzFPJleXc0ksb9SkJokAfwTSZzTxeQPER= 8la 5lsEEPbU/cDTcwARAQABzSFTdGVwaGVuIEZhcnJlbGwgPHN0ZXBoZW5AamVsbC5pZT7CwX0EE= wEI ACcFAlo9UYwCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQWrL68XsXK+qGC= xAA pYHWYgGOIL3G6/OpkejdAkQoCVQAK8LJUSf6vzwost4iVfxIKcKW/3RqKNKkrRl8beJ7j1CWX= Az9 +VXAOsE9+zNxXIDgGA7HlvJnhffl+qwibVgiHgUcJFhCSbBrsjC+1uULaTU8zYEyET//GOGPL= F+X +degkE/sesh4zcEAjF7fGPnlncdCCH3tvPZZsdTcjwOCRVonKsDgQzBTCMz/RPBfEFX44HZx4= g1U QAcCA4xlucY8QkJEyCrSNGpGnvGK8DcGSmnstl1/a9fnlhpdFxieX3oY2phJ1WKkYTn6Advre= k3U P71CKxpgtPmkd3iUUz/VZa0Cv6YxQXskspRDVEvdCMYSQBtJPQ4y2+5UxVR9GIQXenwYp9AP2= niv Voh+ITsDWWeWnnvYMq07rSDjq0nGdj41MJkNX+Yb2PXVyXItcj5ybE3T2+y3pSBGFEZYJGuaL= 4Nw tBJFMOdOtBmUOPbetS2971EL3Izxb7ibOZWDwexv+8R6SWYfP1wVN3p46RyBQuXqJV8ccE11m= 6vt ZTGSYgnLUUFZMRQYH+0hwuYe0T3AA18xDdSYsa8vovCCd3l5S4UNzIM2PMChqGrEzKapUpZg7= +8A CcxRU3b9Ihd7WYjJ+pQPCoWYKozvtEvenbNpE/govO/ED3B14e+R2yevRPjRrsN7PJzSf15fQ= LvC wFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLrSwf+MIHbFRQ4O5cmLYR5sIByWelN3SuRN/gW8= rpK o9OkCz6An8uV/iCXy5tNMLzzi0BFl8f22DwBcC5qy9qnlIAdogWam1qWoTAoAD8veEqmuKhYr= qJs CcAyNrKYmK0hP3rpHxx1LySDmKYXmw/8qtBXKHTouMm+5tSsznhykRMTAAr2p7PSaHgo+hIVa= W/r KSspHjDhhZS+G9mtOZad1IH29M6G1Q1NCO0Ywe8krKLQIAQlFxtgvOqpPOZNzeKBa/+KbE8TG= gMW rkOhC8OeEM5PVzdDhlhD9kPzB/pCKDF5DofJ/ZRqnDpbKPQ0bsW38AOig3kOc0A27awiBEw3u= rqR 1cLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g1MSBQJbtyScAAoJEBDvedn9g1MSI/oP/= 0A9 J9nrnBMqZpm857lfYWw+rshLK+tyeP4OQeOqnDFvs9jePpcyJLG3DF2r6VbVKPQq+AE6Uf5hc= JBD EN6BjEhRPSbLcqG3A1cz/nNwm8rPmNp+oKhmaBBQGxwciMLmzgynsDydnjPpMyEs04zvsbsl4= vrp 2095o105l8KcrrxQrioFjbwveGwHQK9bxJKhx9D+gIk+MouBur45UDKTZkMZrr9FGrtkyXCGA= xvK dcNC5Oa8z9sj1rcUJfG/OpVAMWhArdlZbFUQyoX6pU2Zb1CR2qpWAVerGSfBhmfCyStjARqaK= xlf tjO+Bj3Jj73Cr5eqej3qB5+V4BCsPjr4RLvVbYUCPsRdxWc+nBLlfVYkRURu21g1hFm5KFPjg= Uky o1s4vjUOY8DyI+xLGF7f/IhUBG6l+Vswhpwu7ydalZkeFiPx5xna5NfbEYxvsIf71DvipGvIO= aHv X4egWoFgm8n/9c3rcMxJtpwHPSsUt5dgLsyu6VE0IbvOAc3dN7CWJ355DVFJq9Zg2YVf0izSp= yyz JeGsgkfjW6xpmdvZxuT2UcN4BTcm6vYqueASGrb3lfhzC5gpeVsc/MoSjTS65vNWbpzONZWMZ= uLE FraxWJzC0JrDK3NCd0VN3kstqGkVbUIiYOnUm8Vu4zoVMLlGWzHLIGoPRG2nRezn1YyNfyb5w= sDc BBABCgAGBQJbxcflAAoJEGo7ETk8pK1gE7QL/ApC5P68W5DrI1787WJVZv1u4t/g39vTr7Xer= 3UM TVQg10vpa7pmqOGhjIDzDMg3Pe3K3M7fVzfAlUA1qw6ne4RCueVoRKpubeF4AlYbMr0K6hNCP= jt5 uAxmbBVuejKTc6pru5rv5gKL0nDbr+Snft5xt7juBLSSimw0/41sZnkjCxo9rF/RA/v6+uWyK= 171 RKmsEYu8fFtw1eqUNt/Xj792TUixE3pxXheNtQtZGk/9P3W83ChhG4Fh5EQsn0pIh9wZIAbMR= Lpg RKyW87fWHZC8/YH8h7afarvn9Thl5pFUldCe22mNJj6KLChn2aEHQd+PdY1GBpZEcmNEUPuov= wza tM0h64hCzTm41eDqRfihZVBT7TbfXQnv8rywa42Mk756RGzzEZcQEhwQXZcMQUfxIQQ2VyJo0= zG3 6VdZTQF7TF/4Lz7/3cJ56jOIm+dwPXtu+C2wAQuD4USOLt4JWPYpqzDfHYJIND/497P9Z9SuQ= eah r2ez3DRBg3qsHEjBV80yU3RlcGhlbiBGYXJyZWxsICgyMDE3KSA8c3RlcGhlbi5mYXJyZWxsQ= GNz LnRjZC5pZT7CwYAEEwEIACoCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AFAlo+o= 3cC GQEACgkQWrL68XsXK+qO0A//ZsfQzyXrZlu/eEV5jU620yeOM3P7SW3C3UQYdCgZ/TlvxGgKo= w5o DSXgjMiUyq9csGqbPBxlDYSxFZHNeDVKYIuP2ZK24tw5k6duTh4+sFwUualTMlcp0zBCIzn3h= Rcs RvuPKHfl5+6oOi0+xqx3jX/s/69L/fvHmdSKet5LIUAxoYaZkTCruFrPWb01tgAl5JExWkhmC= Y98 iD+EeiIMAWBjMw1xV+p0uCwNbN6XDzcToK7wsm+tAIiWUy3DpP60a6WbVwdV0HNt2WZq5U5Jd= h2k 4S+sN2CnYk4tTW7jHjsWarV3FLISCOObADZuB7ljU4kYfdwZ+WzenXY4LGlxGQSlAblGjwZe4= EIk CXAJUtzJhoFUuGaF/PlWjxqV3UFRcgTERZTijguVyREre8GNERNgvDxZvuXssEjvz9X5JfcIZ= DIJ pdzhLiEIj9noUbfx1SzB5KDPQj0O7elMHa1671/rwWcpGr/MfVPTOik4H7F8rcVJelceZTzC4= tvy a7M+jM4fyFWWt8Y4atTixUiP7U9o4uBZCQ0GzvsmFA4XLqn2pA5rVizMXnGbGOjufAP/efEJ4= ul3 qvjYe8ye8DXEDjKAxo/tuHYtk19XCi83QzFhWls5TT+XQeVTMEvVqo9Wek8yoxo67qvLKKqIc= G9g ivQd8MxYNAbNYgSPtkbhZ8TCwFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLzHAgAlWT6NXEGt= w/r 1miKNGcopzvzILQ9oB8rKI9U9EL6tOf/y2V5oYee/GyQDb3ZdoPxxYYcJf+RyiH1nMoqUIZiZ= Jaf 3bJXinDZ5+AdfE++UR2NBvqaNyC6u3r24jo1B/sagKbYtWgsYtRqHLD4IWi37MZrVyjBuF7u1= 4Q0 7+uhjq6mX2O/tHpCYw/Q82tbeTRPyUf1WQOAfD1kfBpW9PvAva5Iw9FWeXpCXRzwxnCZhYfGf= qtu Sw6CPBYLdbikqML6FZ7EDuTBb/8um1wK7Y9bgeIQC+CYjhYB5RXa1tDJRab2Js4luCvSR0w/C= gHw 26293tlve2Q6UTrmHxP5U22DlsLBfQQTAQgAJwUCWj1QMgIbAwUJCZQmAAULCQgHAgYVCAkKC= wIE FgIDAQIeAQIXgAAKCRBasvrxexcr6tJpD/4rrILH+meP07vrx8wW5eYuqCiPGYnh/CXxIF8eL= rfb e5d4QRgtq+w6UeQPMyzKRIRiCoBXB2oJLBZHyxBPxZlg33dTMrEGn8QWKx2iNuz9rZMXyOSWF= etu O01d/aUPd5BnbLbIyK5of8xCQlXM6KH8bc+9gQ7edR9mfLTdvBf2FR522hg8BRBM1imKc3vO8= v39 +qIHHRjuiwxBBCAOhHtHRsZXripS0uFA07dM46Oi/E8osjx6fQt/lH5z/PN+2adxYSrLSAXfr= 1oD 3RxYNhuWgyGFL64/VCQb1YGjf0Z5MBPnWm9jgUoOY5K9eNSS0L83WeJjlF5+Q/WOgB+rb49Pr= m2D Feo9+S9f2V53Llz1WIspXJg6f+n9lmHE94MfQj1GAHCzI0FeL19lvM+LhD8jJSCbhrC3+yoby= y/A UOs5Z3E+njjX1FF/VCVAs6iOa6i+XG+Y1hh3ir2y1kckJ5auT10MSU8GEZu9ayU4M3o3N9yxO= jao P0NuQ4MMLL/n/u4u94AeZaHPNBXn/hVfVRRmpRXtGKvJtFAEppGEYezB+bLKIm6XlpPkhnwYz= leL Z7AMEco2C6QM8QPB3g3JpS3sqRhA5rEP4lL16BmijmF+CHoPE/zwgKZbKpyVDqvIW5IDgvfIC= 2X4 pbZDRvGIUKaGSB4+ksZgUUnNyvfQr2p7jsLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g= 1MS BQJbtySbAAoJEBDvedn9g1MSeKkQAJm44jt1kwHgQgeDBKdjdvl0AjE0xVEQxriZ6lP/l//34= YT0 auFfzsYIrChSpQXAEtobBAr4Ohw1Us+BZe+H5P8vm6LRuPwozC3SjwfX4Iec8+9ot6tIVg4sb= edD Sgb/CCFVjsmIGcQ1P73JLJTBJ6mxYCV/gn3QC6bwDOFo7kD9FDHCjRN8XfhHQ4Q9cYyt06uF3= 1qG /aumgWYC9geCGgAwiHgwxNYb9GoJ0iZjCROwbYvLTcQgsVUW2bTmsVR13UVKDsdl02sRV7qcV= YW6 R0a3Ra8KudX+nt25H5DRGd382KZ5W8pydsy/viTvD9z6v0ulChBYxAedIvGIClrhbxlLEPmIg= 4Im VOLGqsUgVm32J95WOjEkk4PEZ12xSDBtwhSJqmJNboWlfmw43KdIbY8zNhffIO3N6O7FsdGxm= qyH eLoTpqY+ySVUPpbuyW8ujnI/J//+6hdTZ9dQsEJQlWngKuWOQ5ma58MPSN88zllsqhZAFQjNx= qnk SzL6ZQ+v/jvuRRe16B80AeO55DsmbWsMv/YLLD1mSi7+Khy2EtMBhgojWwrGMvdLN6X3mnzNJ= Esc YyLxM9tSk+iySP2sLthK0BVgpAzBSdaf/ezIz60P+neHDzteNFf8Mn7lmgYk1amvZoJ29s5+n= 2Hw xyRL5dVMyMdyQmntubbctfqrZ0tIwsDcBBABCgAGBQJbxcflAAoJEGo7ETk8pK1gnCYMAJY4F= eIY jlIXGghFWzsB4fYwK1+iaFpU3fSto5qcrqVtVPjXpwqczqBWeXGyQxiB0kan4OVAXydIeaP8E= AuF CA7paP3s9STLJBO3KurkwyRkPW5zo0X7xVqaVToRsX2Ul98KVJoHYQD1KdezEtwlvpNwiiBr4= 2AY R751Vm6JBVAbQXuFpB3c8bUV0OkkRxNFtL8/2PieHar58n5dntGkbPlPkztahsFqktgacIgXH= X5v aT+7YeeZ1DWLOYjGO0wNhkOSeroCmxwJUikU7joBp823L7r5KfpqWTPpSCzVstQKZUGmmoE1q= Csw Y/Ud5wvp9SccpIILkRXj0rZRtfnE5MpL3hjmtNzfDd9qIsJtBJlSB2hZwAsVm1l+EWN9hG3tq= yA4 3niUMy2n6q690of3berSiQ+kvY/aC9Hx8I+bKzOV9/J2VUTqfaPZa4Uy2rVX5Q2p69n/PMj7m= Eer 0rCL3j9V16J9c+s0BSkXoKdtYdB0TWVhBgUybd9qtYcwHWvhP80uU3RlcGhlbiBGYXJyZWxsI= Dxz dGVwaGVuQHRvbGVyYW50bmV0d29ya3MuY29tPsLBfQQTAQgAJwUCWj1RWgIbAwUJCZQmAAULC= QgH AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBasvrxexcr6jscEADEcB0WQEZn2AkrzDs1RhL0Lp6cZ= i0B igofkbcGfdhJyMSs19C0dhvncrAFClVI6/Udw3yFtDyYtOCf2W3M3A1K6/RfEizCLzTsdFIhn= i9g OJLlUpXViQtgrlstjk7hqVV3Ooz4BlCqS4cG7rfqf4LQQPpTAuFUEV9I28FBUB2irqC+v4gTy= sIg pMw0bA1yBU9sX5jE/tRkzqnuzZrkwiobDtRFJ9qp+7O2JtcY4EsVtLAsaodJKc5cF8R4OvB1n= 66v xxcgg9Eh4JNWZ47xsaCmAGo1Bcb2jIY35OtgAL7gCGLRSMKTtAaPy1/fEgIqhCljJ9x40Fkn/= 3r2 BX21WC9HFSPFTBz2RluLRzxdgxOrkYK8EiHUPoE5b1AEzZKw2AbeXfr57f5zYsN3IqfbQLUjM= YtU N1wK3Pjb+idD972wyXMWt8uOzlI7b9Ocu+nYm2whBfJv9Pmp3QYTmPz+LB9lH65VNVUSxSXVr= 5iW XO3qx1HtEiGEqkporMQCTh3T5Ud3PvMSRBFFKNs9WhJ/Lxz+SV30WLwG6dr5mQqlzAhb4Phc/= zek ZyXRdS/oDKrBLUucS36O//49JeyRi1QvOfxnfmIqRIAf/k3PoYJmTo5E82//r5Qj3YGlRu78b= a0H Arxs+ACD6AnEHHcbswpbtVEKYzlSu0Ar0Dc7vRWM/IyQdMLAXAQQAQgABgUCWj1SoAAKCRAvP= Ic2 gF+NosIsB/9f/29FNla3BJfGIEIDnhrqGD0i9bSa89SqBd++uG06TQgW5wsqtNcrwn81yZTq6= XE6 i9VtD4GKfqC0d4KZJr9bnbeD81cI64VOdL8zJWJs0vj5EIXCobKyX74Kb4uePUyZqwT2Q74I1= 16u /HwA9/FXsPo5isbh4ZqD4t0VHpWkmfq1FPT9a/JPyX46qKqB2Fce/7Qy+SQP1NfkuUlbhUH/J= G9a SSYvk3lznNiH41x9M+FDlL106itXOubrl3oi2fT3fsSedq7uzt+IV0DQEeNaoQAUuwEhdB8IW= OMq N2woDjGVKJftfsSWY9ilZrnDBNDrp0vRqcx33LUMkIw4d7iBwsFzBBABCAAdFiEEfhcKBFyEz= 0YO K3mgEO952f2DUxIFAlu3JJwACgkQEO952f2DUxJjuw/6ApHSsVTWD4a0H6FJ23A9Ftpy+aXZ4= vYl zkSrfsn2ECrEfK3lXQh/uzwjJUDYZeB1/BQsFZtcYNQOJSSHbQ49BFRLwb1J/wBZG4bbmrkLx= nNb KDKQvzxEpclkMW0Dj0J6o7kGrmzIGGrhB+JJN99AcineHRug8ZSFIERRCmigxdhAKU0BFD7P+= 5HN HltSL3DF1c2fFOf2JrgBKVoE+9RhMZjWNbYetFFLCkjXb5Rpay9zeMm1DxfSTGAnuOwUXW6qq= 4hn l5+VC/48ceDZElLLfu7RQUZv44pkSTOWZs+iQoJiHMFHk9wPqyB2Vok1yJ2a2j27WhXrJlPwn= Zbg JO5RyWDG3p/eVmpl5Uuc2dsfIpR17KnAuWpghK6V+cyFncDoGCl/YG2MvoolsW08FiZh3Ej4d= nJj j25TZkeFG74JJDXLvMYpJfSBGnmETv4Dhcm2xPqVMuFuL1qJlMbVLrMo2GXeo03OzNyvbs+u8= WLI aGm5hC7N1CXY8wZs4jo6OJ/expvnc07dEuws4zT3AiWv3nIouWReRStZy9QkavDocqbyPmilc= dPC Yk4BsOlzpwwO74hNG7iyl0KdAlwTxGQ7y0rJou6HYa1TmRhIEr3vKvlW+JfUUrqtjXgsuacTX= o4+ Ira2JUErL2cYzQMq1j4r1ZyhFnuz93s7Rsx/Nw0+0YvCwNwEEAEKAAYFAlvFx+UACgkQajsRO= Tyk rWCJqwv+NLVPE4sD4sDA2/6Ek7UsRIUkg+S39fhqWsLc4rtw/mDunv8Un61I3K04fZ2Ry4nF9= hZM 0a710UvXFbStvrzRJO3EAAcdJR9LTCd19e8UeruQbIee3YT91U4NkC9JMpecfq62/teOAU2e5= P3f WYaLs5ZX7zCLwWuBcW2l3SyoljQczM85HhJ3XHm+FnwQ6D9xRle+lvWTcuC9d1yAyUb8IOosp= cL2 lJTmy8e3r79R24hPlSB4LDe0wEN8AXbagrcAQZjwyaHyWxjJbTwZ0b43WGdfIqZ1ElOeoffbk= etP GRmWvx5xUvb2ALFBBdETzV270gs5XDJgJ1SIIKOyDADxwvroTe2jD8C/841eEql5QSow3s/U3= zRq k3mttto8Qw/DN71aeh6dmYSsvd2UjsHw/vofOPRBGxZLEkKTEvMnhmMW9hiKPkPia+QgevYE0= 20q pKSxLEdWA8nprHwxmGiDNesCfXSC6vm1qfyj5g8HzxSckq9ZaMhKMCo7vxflUEDuzsFNBFo9U= DIB EAD6DdHQfMav8OXfhjTteoarOrlJTSdci727xiezGPuBHmpvceBRZgRasdbaMc4HJee+R9+5x= /nL PCuy/DxDyIjwIUeJNgc+l7LjI9WfpHTD8U4xxjvR5Mi7+ToQQUOUNuzT0O0pyuxP1uY3RehHE= hOV fBZO59ipSeZL5iQC6T5MsK1SKfs51pLa5ToC1rc8tBJ4zZmxRAyZiYc/AH2uZ/6rYjTTkAn1D= VI9 DYo2D/zE4bGjXdJW5pKphFB2lX3dG4I7ODi+5e1H6A/QpCu6z8/ZkIQ+9T1xcX/YwiFeA7PbT= uW/ eITbMbI1eV3+fyym9aT7Rsflmp31Zxtr+sZwGGZf00ooMBFmqOS//NUQ/Vf3vDUew1h5QU1yD= aWT 3NApvi+XWPH9TPy6TMfZA2FThHf11sX/gDBa5JWQZbptPEcmoazpiKZt91CrFPOaoXDPck/Q6= 1df mr/oPikfByYnASIM3OwEuXqyQ9JDRfKrem5r+oA/wxWb5jELElAhOpnyqMMvOh7uz1foUssL8= MAv 2TGXmxpVJ8Nu4je6wf96Z22fQ0D38zud+CKH3bMP3ayXXJBcdPoENrzFbWP5FTg/4TTDJ3vOA= HZR 5iCunYghx8b7Ffa4UbkwlD+dh8GiIAtvT51Ac0cO0Wc0Zjc57zPUz1zloMbf+zb1Bsn7DuEQo= qj1 gwARAQABwsFlBBgBCAAPBQJaPVAyAhsMBQkJlCYAAAoJEFqy+vF7FyvqrC8P/1tF6TeR83xD6= Mas qXyrBjwcLmziaF0Mlkj8k/YUiZ/knb53n97xQnh9yxPv0TT8Wpfdn3BmvqGyh8+ouHX9jMOxi= RkM dNhIauVYY/8jmRfBSYWcFkfMzdYasvdLtmYJgx252HKTFdeOrszoOjWjEzwmh+tca3AFMu/nB= ++/ KAmi5UJV7zsZ7uYJ5jm97LV5SLjNJIXXM+lHqCDrjDaDhNczmq1LCRlU6/WDjvkuwaVhZG4lX= xMD rvKnXMkjseQ2oKjwrIdfQM86H1z5J31lfhqop+of0cimcIsBgSCPu+h96LHuAzeRBCbDKeqrf= ZtA ZAGsokRina9947fRWxXHh3O66ILmXKNRxxWbDkPvYnQWUat8SbSTDoPWrDIGDRIAypqYo3pcN= 2OE 0C1chqgDZQxkr+9kYZQpupOAN2TR+fM7JvbO9coKI8Uqog8CopoMeDQkd0YjcqlB1E0svODHT= zcS oRzogDBYDqNLP7qVkNXpcOAXSVioBgiSDf7o5RdS/qmUyXBIeq6I5z8xBcd+BQ/n/9Frkm6K7= IKP 3ngUP4wEoiPx5ZE5+fPIScGmVUcZIMhkvMvem9XXh1yyhqN14gfjmLwPGdWbrgG8QUe0s2WeW= Iys s6uTiyF+ZbJSo2XOKVc3YFMVUUfgyudqAV1wWdZinUk+H3pkqOKoHAy/8fST =3D40Nd -----END PGP PUBLIC KEY BLOCK----- --------------BDE9EA6AE0ECEDC32C390257-- --W96peWy3H7ii7QEEySLtcJ2fcJ0FvNze3-- --9IB6dTst6oZC1RlVLBaZMuJkBO6QED5PP Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEW7Wm6ldl0sWGPK4nWrL68XsXK+oFAmEAelMFAwAAAAAACgkQWrL68XsXK+ra zg//T3CJiH2g5LdZ9AcG4iptxunjx9DKF1AvImZdZkxqwQnBd0AImrQ9k+NvFAXN55f4vpupfDVi 1ef5FfkXFu6o7RS2lKEv/g3UMEIRLgLE6eeFDE12XpDtmD7+G4JlevqeszezoslZWwZjz5BIVQgD HjnpqXnqnUHjpyQQYFW0qR1UvlwkWa/dzH7+B+p9HvB/pbDZQSIR2Xxab4Ft0cRy3kTdxU2Caz0h uLegPK4dvo0r9Q5sZbpbXKL7xD2+6c4Ao9s+0hAWO2HF/1QJignDQOCbC/Q7gkIocOPAC25udGrK 0UZoFvtQMFkVNyWMh4BIRBQ3db2rN9qJfy4+o6n83FjwTq+2OIR9YdLPnNH6fVVXa0bSuS3VViEu Iat4VJxEecRvGUkLr+BUNWgszRVJuMokXHqiwHMs7GrpRTKUUC6dEeqJopHacCCvC80hZDJupw3y ZMSCvVCNI3FzdIy4/N9hylV10CQR4wkn7soLvSSdPYzDUNF/+rG+IFJM4kRv28nIx5ZpcSTzeN3S Uk3BjMrPrnrq5Ixo7SjIiESSxECulfOgikZec4s+Z50PCjfhTssXoC5nW7xygOkWTMRL+3/j5L3X OgORjGEM5l2YoDexBFMKt+JvsCyWZvjGc5sx9uU7iP6RBlOXDRvIZXRTPOHJg/16fjxh0f0r0m44 rFo= =Hyh+ -----END PGP SIGNATURE----- --9IB6dTst6oZC1RlVLBaZMuJkBO6QED5PP-- From nobody Tue Jul 27 14:29:08 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AE6C3A0875 for ; Tue, 27 Jul 2021 14:29:03 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVPQjjw0qYNT for ; Tue, 27 Jul 2021 14:28:59 -0700 (PDT) Received: from mail-qk1-x72a.google.com (mail-qk1-x72a.google.com [IPv6:2607:f8b0:4864:20::72a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D23013A087E for ; Tue, 27 Jul 2021 14:28:58 -0700 (PDT) Received: by mail-qk1-x72a.google.com with SMTP id t68so201624qkf.8 for ; Tue, 27 Jul 2021 14:28:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:message-id:date :cc:to; bh=TsbhyQanzhR1jnNk5ME44qAQVhoBnwdF2qgGoPWPErE=; b=QUxvHLRhFw0E9X1HO4M/kb+3okF9/y7RBEMgP30AOeZjW+VwnhaiJR+TQk82pSfguQ XmSKUHaBqELYvFXNqFMGJN+y+6JwayDyhlxuYOnUB6KbEMeLdcmGRxJ7lquB1/zr0AXG 9DfjAqZFUyyEoXFmoCr9Pu3GtVWypF9EEsMMs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:cc:to; bh=TsbhyQanzhR1jnNk5ME44qAQVhoBnwdF2qgGoPWPErE=; b=CdGyeadbt693JlNVrtse/RzO1IadRhqaXHHBU672ex4YyR2WSFbIRvK8jf3mpdI0FC TBHjuUlOgp/dcivxLF+hnciuetIPDrkWXgivo3hNyACTiPOCGwYe4AwWJNLDPeER2CpA cEAL1vl7q0hLtSZB9QknGb+3JYk75WZ81Aytl4kK+oYVyEnm1dUFpc7oZljNhVzQuwYf 3fK1WygaFS9nkIbs7TW9+D0ZgpkMXBY5BW01agib4ZZljuSJ049Gd6VQdVXysTdn7Fhp HN9hqbw7Pd3Gmu58C5ugZAXAUCH1syot+F8rwTHN/9glCY9BULOCT6oILgDSdwapsWwh VgNw== X-Gm-Message-State: AOAM531iz/8/qsLSGo67s0hdYCKmKmbI2O/AzCajEhauw55JLkZgJAzQ +jRytFI6JBa9lMADvnm68djpNC7jVU/Z5A== X-Google-Smtp-Source: ABdhPJzFJfJzv6cTVjvFNlihV3yTFXQESYTNLG1M6hModeXeqCUy5MNk8jfhAHmk2MMdCx/v5hzBbw== X-Received: by 2002:ae9:e311:: with SMTP id v17mr24700328qkf.283.1627421336941; Tue, 27 Jul 2021 14:28:56 -0700 (PDT) Received: from smtpclient.apple (pool-71-178-177-131.washdc.fios.verizon.net. [71.178.177.131]) by smtp.gmail.com with ESMTPSA id v5sm2298444qkh.39.2021.07.27.14.28.56 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 27 Jul 2021 14:28:56 -0700 (PDT) From: Sean Turner Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Message-Id: <43837BDF-7D19-4FDA-B914-CE4902900D47@sn3rd.com> Date: Tue, 27 Jul 2021 17:28:55 -0400 Cc: MLS List To: IETF SAAG X-Mailer: Apple Mail (2.3654.120.0.1.13) Archived-At: Subject: [saag] mls@ietf11: saag report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 21:29:03 -0000 MLS meeting canceled. Planning and interim sometime late August. spt (for the chairs) From nobody Tue Jul 27 17:58:22 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC6D43A1426; Tue, 27 Jul 2021 17:58:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.195 X-Spam-Level: X-Spam-Status: No, score=-4.195 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZQ0QU8nSL9g; Tue, 27 Jul 2021 17:58:16 -0700 (PDT) Received: from llmx3.ll.mit.edu (LLMX3.LL.MIT.EDU [129.55.12.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D136D3A142F; Tue, 27 Jul 2021 17:58:08 -0700 (PDT) Received: from LLE2K16-HYBRD02.mitll.ad.local (LLE2K16-HYBRD02.mitll.ad.local) by llmx3.ll.mit.edu (unknown) with ESMTPS id 16S0w2mJ046838; Tue, 27 Jul 2021 20:58:02 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=dlDpgm4KkiOZ9Idr2o/gLobJaQlJLIEqxznmObPenTIEBYYF4HFwta1wC6te87MPTzRpggpf2cF7e4ImonqU5brS4EMTAOvNSyQGz+fMVpjOvwrTA834IOT2rBYjPK08h404gKX38lDFLvHQgaNplEmsYJu0yuG1aZWseo1YZEOty8u6oIvj1w/rY23UF9Yx11kYExNmSX3q4NLuqM61B6Qh0lNZYktg6CyG/UIS8LU7hkfNmmQzN48/0vjym5t9FcjK7GDgDL08GBAWhTvj3nI8kjHlzQDsWJPZdXXqulvMU2QqY8GOJzvzgU2q4wT9juBddnj+YN79X7D+CXFMBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dq+K/17FxkudZv4zsC62iRMYQIcKK539Nb/OUHY61Tg=; b=yeJpEOeQxSVc9z1RgOUNvwwrRHilKUGBL/kmlE8ux6j80cv/Ith6Lhl3j8rgzERQPVOux+PIyMCs1RU8RDvlczSf9WdT40gLxLhyKwLnXr4ml73CNLR6rV8EdRUxqObKRe8pdKi45Gz4BJTAkg+zHcrQ4C7uGrwByfTUSZTuii+UhErb2u4H+wrwVwxOkACfMQ07gibAp+K66eGPMt7bPfIoVS3NxCmWjfLt5Aj5T6iiS6Sz8km0xNse2XG1fxtYI7i5EWTV9YVAHVqbb88os8oBwkFHVHV32ihEIhttTkg2CYA0XmTOXDY8wqVSUsHD0zNPElrAk8xBlmB98pVbVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none From: "Blumenthal, Uri - 0553 - MITLL" To: Thomas Peyrin CC: Robert Moskowitz , "cfrg@irtf.org" , "saag@ietf.org" Thread-Topic: [CFRG] NIST Leightweight Crypto report Thread-Index: AQHXgvkH6hYvN5wT6UqyOmEoigz8dKtWrS6AgACh4wD///8jgA== Date: Wed, 28 Jul 2021 00:57:58 +0000 Message-ID: References: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/16.50.21061301 authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ll.mit.edu; x-originating-ip: [129.55.200.20] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 501e80d5-2f47-49d4-6d99-08d95162be2e x-ms-traffictypediagnostic: SN5P110MB0527: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 9w7YQuPa/EdXV64qd/1gEiMWka1QRh0WOsfTOn7SPcr6VAUo1Wyi+ZELTRCh28gpDVjI59azp9WhHNxMiFYeSch7Aacwm4Gm6Q4/rltIASR0RKiI1S4k5ZBpt0Y5KBXwnVNHaYm5ZbKfp+RTqTrU/rFYj+0Y7d9HTJ3brHhXx3esH1IP2qEunt3nUV6ANy6yXB2EkvXLCw3u/0eVJdAX5zOf1jV2P2vVjIzUGa5KfcpCBRe/xYIYKNvWzZ06/MozVmDWpJcbQtwTGHr5MR00cJgfwEwnbdqEvY7t23eGo0px292Q0S36otHQi4ja6NFm2W1RYD63JKgiUczAlOu+aPqB6y+hBpdzeqCXki1hpEIToXTMBbV/dqxoWIxEt1LKYNRuouk1vWAImfN3tnQMexKLohuZw2HqwqJ1ILAy3E5GcLGNZcVjoifVAoIsf/ojjCS7LnvsHkENA7i7lpXAcZY+nnQQkJL9Rs0HMnlxc1VZ32JpjKneZQ0ceHUmEtrdavKWO84CsPFVYISKqWg/0IpQz3UIzzzF/MLrr3edIU4At9aOqKUVWVqlmd91A1U+BY6SrnvvavbsCN+CxjHP5wf50UWljHzZGosrcRQNpW/qv4I1C6ev+FP+jlbSXGn9FE3J3/3jilvczF6oxbX7P5eHusG0shtl1Fy3wo3bDcGkx4MU7plq/ZE21uPY7zXtJ+QhLfsZuqwUuFrxHs3uoZ3PadP7Mr+SZ5qJqgUARHQ= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(2616005)(6916009)(86362001)(2906002)(26005)(8936002)(33656002)(64756008)(186003)(966005)(508600001)(99936003)(66446008)(71200400001)(6506007)(54906003)(8676002)(122000001)(316002)(66556008)(6512007)(5660300002)(66616009)(66476007)(76116006)(66946007)(6486002)(4326008)(38100700002)(83380400001)(75432002)(166002)(38070700005)(45980500001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?Q1Q4TnRhRktoOSt0VmtENVl3cWMyVktTYkt1Nlk5aW1WbmFiUTNVWWxlYWZa?= =?utf-8?B?YkFhN2EyaC9FSjRoNDR4bDJPa3lURGU0NHdwQjgyU2IrUmJ1SUZmQU5UUUtt?= =?utf-8?B?NVJNTGZvbE54RkJDUzkwUzQ5Uk12S0RVclF0bEdocEYweFRET2U2WTBPdWRw?= =?utf-8?B?bkU2YlpVb2twQitDWVFmMGJ0clJsSkpYbUFNRVo5VktmV1pPT1dNSjJKRlV2?= =?utf-8?B?Tm01Nk1XVnBIR0VXaHk4RXFUbHZtVy9WcG83UVFHRXdRR25zendjVzBLNmVx?= =?utf-8?B?ZnVKWmR3cG9YK2FWaHdKMDd5OEhCUXRHTFhlNlNZMHFCMTN1OUwrdHE1LzBI?= =?utf-8?B?dW9kazcyZmhqS0pLV3hQYkZRMjdMaDlqZE5TbzRoY3kxOE1td1gwT0xJMTB6?= =?utf-8?B?Z0MrMnVBYk5uNS9sMXk2bklPTVVpYlRmRzFPdzExM1dDYkRvNHpnc0hCWlBX?= =?utf-8?B?c0pPQkxGZWdkcmMrc1lCdnFkOHErM0RRWDl6WVVnMkFnMHBJTklMNEgvWjN0?= =?utf-8?B?Z3NLK2Y3b3UzN1lFblgzRGUrdWRKanZWQllab0U3R3phTzdZWXMxVXdZTGlj?= =?utf-8?B?cTlrdThDaXEzQmRvbWJmZXU4TGk5OWlPYndRWkpPSTEvNzZsUytmS2M5a25N?= =?utf-8?B?S0xKSjRPRmxocmZtbzFxcUNPMUl5Ykl2WHRDWW8wL0pZY3ZKUExDQ3ZtMHVU?= =?utf-8?B?UzdEdk94SUw5bFRTSy9HRzRXa3hkeVFmbVZCMlorNm53a0NGQ0FJbFduZmVR?= =?utf-8?B?bzB1RHNUd2NZa0FYL3kzdCtiSXVHcXNWQ3hlZytndHkxUzNsQkt6dENOWmJz?= =?utf-8?B?dlo1ZUZJUkJmNlA1YmVEK3Z2cnFVTWQrbStzY2lWY1JyR0gvWEtrc2g5TGpQ?= =?utf-8?B?a0phTUQ1c3RjRzJtMldMYk1pZUVNMFVnUkRZczkwUm5OdDRSWGhRaW13Sy9u?= =?utf-8?B?MEFyc0pQbGY1YmZiWFBwY2ZCNXRCQkN2MndkVXlJRXpYeWRvckxnWGdvbEYz?= =?utf-8?B?aVRldVphWm9vUnVxaWtsZDFjUUxyd1gvZ2JyeERyM0lqRXNiV1BqQno4b3Q2?= =?utf-8?B?VytwQ1NWREI2S0tqM29YZHcwY21WMzU0cWRxK3FWMGE4a1F3L1lFUFVDR0Ri?= =?utf-8?B?RTNpUW9jQ1I3cjBjeUlobjhWdVRaMTFLeUFRWkJZOE1ueW92VlRoWUhaUjdR?= =?utf-8?B?WlQyZk1LaktRUkRpaWF2RlBHa1lLbVdiaHZvTDBieGk0Z2YzMVdDNWRZS21P?= =?utf-8?B?Y01lYUk2ZjFraTI2NmJwZnRiNitXbjJMU2V5blNaNm1keVRCaW1lTUtnSXlC?= =?utf-8?B?WVluSUdLS0tGcGN1ZTZpUFFNYUIyWmtXQ0ZsdDdDM1YzbzA0VkUwU3dzVWx0?= =?utf-8?B?Vk9PcWFUV1AwR2lnODVudlltdTR1MTFHRzFQS0QxanNDV05XNzR1UjNTai9J?= =?utf-8?B?b3NPS2duTllCc3NzVWgrUktGYnllOHN4YSt6WDJvOXNVSG94Smc2Z1IwbXho?= =?utf-8?B?VTlML1ZVaitHWW1jTDlLNUdPd0xoeVFpMkppWEUyY3ZyeWhhL2xFb0oxVFdu?= =?utf-8?B?NVFnSDI2d25qb3kxWENWQkpiY0JxYjc3amxkenMyaW9sUVlTdEhmTk5UWGNT?= =?utf-8?B?bm16SjlEeTVhU3IxMCtTMGFza1hsbXZzcXVJRTJvYlZRb1ZoMmhLREUyWTVm?= =?utf-8?Q?6Ig8WEmbqe0nMKIpqTtv?= x-ms-exchange-transport-forked: True Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3710264277_714450801" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 501e80d5-2f47-49d4-6d99-08d95162be2e X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2021 00:57:58.8474 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN5P110MB0527 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-27_14:2021-07-27, 2021-07-27 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2107280002 Archived-At: Subject: Re: [saag] [CFRG] NIST Leightweight Crypto report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jul 2021 00:58:21 -0000 --B_3710264277_714450801 Content-type: multipart/alternative; boundary="B_3710264277_1194758834" --B_3710264277_1194758834 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable Dear Uri, =20 (full disclosure: I am one of the designers of Romulus) =20 That is fine. ;-) =20 Among the finalists, I believe only Romulus has a version (Romulus-M) that = is nonce-misuse resistant, similarly to SIV. Note also that Romulus now incl= udes hashing feature as well (Romulus-H). =20 Thank you! =20 Let me look into Romulus, and I may have specific questions for you that I=E2= =80=99ll ask offline. =20 Thanks =20 =20 Le mar. 27 juil. 2021 =C3=A0 17:22, Blumenthal, Uri - 0553 - MITLL a =C3=A9crit : I have no comment, but one question: which of the NIST Lightweight Crypto c= andidates provide nonce misuse resistance, at least at the level comparable = with SIV mode? -- Regards, Uri There are two ways to design a system. One is to make is so simple there ar= e obviously no deficiencies. The other is to make it so complex there are no obvious deficiencies. = - C. A. R. Hoare On 7/27/21, 11:06, "CFRG on behalf of Robert Moskowitz" wrote: NIST just came out with: NISTIR 8369 "Status Report on the Second Round of the NIST Lightweight Cryptography= =20 Standardization Process" https://csrc.nist.gov/publications/detail/nistir/8369/final I have been working with Xoodyak which is one of the 4 AEAD/hashing=20 finalists. You can see how I am using it in: https://datatracker.ietf.org/doc/draft-moskowitz-hip-new-crypto/ I "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAKE. =20 It does not come with the nice standardized calls as in SP800-185, but = I=20 think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my draft. =20 Comments welcome! It has been implemented in openHIP. Bob _______________________________________________ CFRG mailing list CFRG@irtf.org https://www.irtf.org/mailman/listinfo/cfrg _______________________________________________ CFRG mailing list CFRG@irtf.org https://www.irtf.org/mailman/listinfo/cfrg --B_3710264277_1194758834 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

Dear Uri,

 

(full disclosure: I am one of the designers of Romulus)

=

 

That is fi= ne. ;-)

 

Among the finalists, I believe only Romulus has a version (Romulus-M= ) that is nonce-misuse resistant, similarly to SIV. Note also that Romulus n= ow includes hashing feature as well (Romulus-H).

 

Thank you!

 <= /o:p>

Let me look into Romulus, and I may have specific questions for you that= I=E2=80=99ll ask offline.

 

Thanks

 

 

<= div>

Le mar. 27 juil. 2= 021 =C3=A0 17:22, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> a =C3=A9crit :

I have no comment, but one question: which of the NIST Lightweight= Crypto candidates provide nonce misuse resistance, at least at the level co= mparable with SIV mode?

--
Regards,
Uri

There are two wa= ys to design a system. One is to make is so simple there are obviously no de= ficiencies.
The other is to make it so complex there are no obvious defic= iencies.
                  &= nbsp;                     =                      =                      = ;                     &nbs= p;                     &nb= sp;      -  C. A. R. Hoare


On 7/27/21, 11:06,= "CFRG on behalf of Robert Moskowitz" <cfrg-bounces@irtf.org on behalf of rgm-sec@htt-consult.com> wrote:

    NIST just came out with:  NISTIR 836= 9


    "Status Report on the Second Round of the NI= ST Lightweight Cryptography
    Standardization Process"<= br>
    https://csrc.nist.gov/publications/detail/nis= tir/8369/final

    I have been working with Xoodyak whi= ch is one of the 4 AEAD/hashing
    finalists.  You can s= ee how I am using it in:

    https://datatra= cker.ietf.org/doc/draft-moskowitz-hip-new-crypto/

    I= "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAK= E. 
    It does not come with the nice standardized calls= as in SP800-185, but I
    think I have duplicated SHAKE/cSHA= KE/KMAC with Xoodyak in my draft. 
    Comments welcome!<= br>
    It has been implemented in openHIP.

   = ; Bob

    _______________________________________________    CFRG mailing list
    CFRG@irtf.org
    https://www.irtf.org/mailm= an/listinfo/cfrg
_______________________________________________
C= FRG mailing list
CFRG@irtf= .org
https://www.irtf.org/mailman/listinfo/cfrg

--B_3710264277_1194758834-- --B_3710264277_714450801 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIIUfQYJKoZIhvcNAQcCoIIUbjCCFGoCAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0B BwGgghJDMIIE8zCCA9ugAwIBAgITWQAE/KGDHCQY5NLn7AAAAAT8oTANBgkqhkiG9w0BAQsF ADBRMQswCQYDVQQGEwJVUzEfMB0GA1UECgwWTUlUIExpbmNvbG4gTGFib3JhdG9yeTEMMAoG A1UECwwDUEtJMRMwEQYDVQQDDApNSVRMTCBDQS01MB4XDTIwMTIxMTAwMDQ0OVoXDTI1MTIx MDAwMDQ0OVowYTELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRv cnkxDzANBgNVBAsTBlBlb3BsZTEgMB4GA1UEAxMXQmx1bWVudGhhbC5VcmkuNTAwMTA1ODQw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKE/w5SMRbjqdnzi3xm35MTfqSl/hP NjMbDakZIdbjOM3UKEmPFXc6a6VU/QqOJUi6ndjw0tH7RCVP73bdRPXO/E8WiAaaSYG6Ddqr 02Pv6wThtFuh+ll9IbDRWZCrXdglHg5CdvqpmlsX5UY54/Gb5r+Je3CwHewClS9/KqklAu/M Rj7Cc7g+PM9GcvU63WDVgXiuAplgvA+W5Hvmcnseb97nBuBnZ1kgbFScRNLR8y5QxSrSpXxW YRiH8dlr/LfBSYsgClZ57NhMk6Z4YL3y1Pw6Vq8pXtM7hlSq8/6s/jhxwf6vUDDeBAkoEWxl hqJtjdD+qrucwiRcrt9SNOufAgMBAAGjggGyMIIBrjAdBgNVHQ4EFgQURapIqD1qtfvgIhzU 5deTdhe9DyMwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFC/vu8YNHbvpav6sZ/MHOwh2 9ktZMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwubGwubWl0LmVkdS9nZXRjcmwvbGxj YTUwZgYIKwYBBQUHAQEEWjBYMC0GCCsGAQUFBzAChiFodHRwOi8vY3JsLmxsLm1pdC5lZHUv Z2V0dG8vbGxjYTUwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmxsLm1pdC5lZHUvb2NzcDA9 BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiDg+Udh+ynZoathxWD6vBFhbahHx2Fy94yh/+K cwIBZAIBCjAiBgNVHSUBAf8EGDAWBggrBgEFBQcDBAYKKwYBBAGCNwoDDDAZBgNVHREEEjAQ gQ51cmlAbGwubWl0LmVkdTAYBgNVHSAEETAPMA0GCyqGSIb3EgIBAwEIMCcGCSsGAQQBgjcU AgQaHhgATABMAFUAcwBlAHIAUwBpAGcALQBTAFcwDQYJKoZIhvcNAQELBQADggEBABAw2S9N p+Aii+rVwD0uTZSRjpL7QD9sWkH1WB1Yd/88m+R6xZtKiD1PJLKXzcumU1V9FAPYZufhCcPV KRgyGbizPBn+f3t13bDieGHLd0DWM4abQiEgiFDsUDzTJ78WwHt/PFMjFe/oFSgghgKcOiBO QdxA7oWgV0cvJmc0hNxV6aPACboXW4qAXKMaMXPrhAXJTkL81uoemEf54gdROFIdVLYOUdba mGmstwRcTn1RsJhIcu2EDSNpyfwfK1NUNQAe199BaNenGrKW9yTHwEY55c9xusIEEaW+FLAi jseXn2gIvlQ0W2P2NMm7YCir0F6PI3DDH8+XmfcrbSfNt9swggTAMIIDqKADAgECAgEGMA0G CSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYTAlVTMR8wHQYDVQQKExZNSVQgTGluY29sbiBMYWJv cmF0b3J5MQwwCgYDVQQLEwNQS0kxGDAWBgNVBAMTD01JVExMIFJvb3QgQ0EtMjAeFw0xNzAz MDIxMjAwMDBaFw0yNjAzMDIyMzU5NTlaMFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQg TGluY29sbiBMYWJvcmF0b3J5MQwwCgYDVQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUw ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnmoMOvTkfw7nq19mrWazGaa+Q83Uv 0+ATXT3q6kr+WExIMIZ87C74WCcRXpvO7uvx7HvMsYWAFHW93wQwhjytxHIOZgKNJ4VnGVDU l+KI7g0n9+Zjt3hB3HhHbcvbe9+Y4jz+XzCiLl2OaYvICKbxvbBSCLtPEeZQ6x6Tb6EK0ym0 gvYeHO3kuuY+SJHJMltbrLnIVLxjZrNVS77zXKvu6Q3hSdkRIB7kJgEXfL+p/z/2p94bEEZ2 TnQz0TkOjG+Jq7UlXlFRtvsYcDPEQD3UNkZsWcXgC1hXG8TGknUcAhlGxVhlKlFLmNd7342s eGy2s9YxNDnSE+eXTtb0I5LLAgMBAAGjggGcMIIBmDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G A1UdDgQWBBQv77vGDR276Wr+rGfzBzsIdvZLWTAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGu girH7vgy+zAOBgNVHQ8BAf8EBAMCAYYwZwYIKwYBBQUHAQEEWzBZMC4GCCsGAQUFBzAChiJo dHRwOi8vY3JsLmxsLm1pdC5lZHUvZ2V0dG8vTExSQ0EyMCcGCCsGAQUFBzABhhtodHRwOi8v b2NzcC5sbC5taXQuZWR1L29jc3AwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC5sbC5t aXQuZWR1L2dldGNybC9MTFJDQTIwgZIGA1UdIASBijCBhzANBgsqhkiG9xICAQMBBjANBgsq hkiG9xICAQMBCDANBgsqhkiG9xICAQMBBzANBgsqhkiG9xICAQMBCTANBgsqhkiG9xICAQMB CjANBgsqhkiG9xICAQMBCzANBgsqhkiG9xICAQMBDjANBgsqhkiG9xICAQMBDzANBgsqhkiG 9xICAQMBEDANBgkqhkiG9w0BAQsFAAOCAQEAMJYRwLPJ91K7e2mA2Nj10W0o5JMHYkaa+ctL 8/xY8QzIHFI5Ij+iydpPN9KCYn/4Sy80T3aNoYkFlS0GRQXhf0nsiY7TWJwAKw4AiO/yJ37/ oRKRgtyRicvaJ6RjlHCXBOalFLw9UtpodP4/idC51lxzsolaQZraBjVe7PL95PhS7D+22Nff InzLdIb1DBf54NwOVfPIgABtxH1fhZrja7EhR9RoUw5E1O6iWaAuP/xWhSTQFWlhyA0/kkIi 9/HXaY0hYnhcjcbPPqjpyfIhSFjjXhjqK7t2wPrSrBFLFUbnLiNlgQHrvNYF5IqgIfnSBWIr m3rfLhpZZJ/xJ7Yf6DCCA4owggJyoAMCAQICAQEwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UE BhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsTA1BLSTEY MBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMB4XDTE2MDQyMDEyMDAwMFoXDTM1MDQxOTIzNTk1 OVowVjELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAK BgNVBAsTA1BLSTEYMBYGA1UEAxMPTUlUTEwgUm9vdCBDQS0yMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAv3WoBEGOOJtm4ucvaf6vKIFPs8watCd6Smwq/XeRNo7P3jPIxNPw F398RGDUmPJIXA7idzD6j0opFIW+kLqYye9e788PV0dqaJlX8818fNDbSE+8B6hieqKTR7Vf OI74UVQEUKVRFuRFw6uVYuvgew2Tj/C2dEee37eruQl5nHkbV2OsWnZ7O+yt+etd6HRcaXLl P9q8WKgA3B7vkOVIMCKoAuaWj+BFq7K+WNkiyi/KdOH9JmOpbyRK4jcA7xbLnF8JFUSNg5c4 Y1BJrFaZtkCeG6Nm9p524GllkRFzPgpj8VicV+AK+9rY07dTx02kYotTnKuy0YxBAwsUXxAQ EwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT/ycllTFOA8akMPCGugirH 7vgy+zAfBgNVHSMEGDAWgBT/ycllTFOA8akMPCGugirH7vgy+zAOBgNVHQ8BAf8EBAMCAYYw DQYJKoZIhvcNAQELBQADggEBAHqYfEf/3J5aMKhlYQ0PnUAbMB8jZSr9/HvjfOF00crFUCfS rqG8JQwo+S/iq66gcp62FEgJ0fQkDgVg6m+C2ETo1LoWiSxhYCfcSIQECljlXwR8wFSayF82 2S69IqvHhdq4d58jU6gYi6ssjU4vwsvsVLRJKk/m/Cg/w8gW6YHM5ahBD6/5Ccel2fI7oSms kO991+otrC11YfDwCFvz7Am0r+K9iVhSWta4hmIuV0YBia07eZKSO02LPgQ8YOz3ku0Yt+mh 8VWRKux2CcYjMpk+WDV0BMp75tqb6pqBFkcKvEBXqxg+8+G/umjii4H0c5kvJhaQyykbmOKm xO9IcJIwggT2MIID3qADAgECAhNZAAUW1xDL1n3IkFBHAAAABRbXMA0GCSqGSIb3DQEBCwUA MFExCzAJBgNVBAYTAlVTMR8wHQYDVQQKDBZNSVQgTGluY29sbiBMYWJvcmF0b3J5MQwwCgYD VQQLDANQS0kxEzARBgNVBAMMCk1JVExMIENBLTUwHhcNMjEwNzA2MjM0ODI1WhcNMjYwMzAy MjM1OTU5WjBhMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWTUlUIExpbmNvbG4gTGFib3JhdG9y eTEPMA0GA1UECxMGUGVvcGxlMSAwHgYDVQQDExdCbHVtZW50aGFsLlVyaS41MDAxMDU4NDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMRXUPN5Fz28jb9GOca2/6HDq5EE4Hu T1enB0TiMEnOTipW88pgPmSZ/AAFyJF7AWX7PYPw94Ed/Bbs7yCCa6WZS7cQzdHOWppx9gRZ AxkR8+TgosxPcHoCMXmI/hXtVdZ7mwZlpBGJvyBe6YRmxOWLl3WiCRi/gBThwEWsiQZOfhEN 7hC2GhgCKetpNlTRPxslLmkStNlnjNAxhet8Vm/KSYJFVPOx3qytdLwnO6sz4AfIJJQkFX26 6oP0F/4bjRGlIZrZpdUPGiydpJl1r5SRcYs1ZE7JHErULWSyiAIzBDHUCTcN2GnFoR+9fz92 q2VIHvNHx7bV1hd0E0zlC9UCAwEAAaOCAbUwggGxMB0GA1UdDgQWBBSQ5IixU+wo9uUYNUB4 G/ea7vuWEjAOBgNVHQ8BAf8EBAMCBSAwHwYDVR0jBBgwFoAUL++7xg0du+lq/qxn8wc7CHb2 S1kwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5sbC5taXQuZWR1L2dldGNybC9sbGNh NTBmBggrBgEFBQcBAQRaMFgwLQYIKwYBBQUHMAKGIWh0dHA6Ly9jcmwubGwubWl0LmVkdS9n ZXR0by9sbGNhNTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubGwubWl0LmVkdS9vY3NwMD0G CSsGAQQBgjcVBwQwMC4GJisGAQQBgjcVCIOD5R2H7Kdmhq2HFYPq8EWFtqEfHYXr0HCD6+0g AgFkAgELMCUGA1UdJQQeMBwGBFUdJQAGCCsGAQUFBwMEBgorBgEEAYI3CgMEMBkGA1UdEQQS MBCBDnVyaUBsbC5taXQuZWR1MBgGA1UdIAQRMA8wDQYLKoZIhvcSAgEDAQgwJwYJKwYBBAGC NxQCBBoeGABMAEwAVQBzAGUAcgBFAG4AYwAtAFMAVzANBgkqhkiG9w0BAQsFAAOCAQEAICZO a7qQQMDGZzRUaX+Mm/3meVo0nTEdNby178MGq6uYGUS4keIkljEoI+KiEMbT8rtCOBZwomnO HdJmLuRUEgrVAos27V4yjvoic8QKsz+qEhxslFg/2EYMAbTsyLqg34R+wG5o6K95ohUrgLud fPxAmcLOFBtIZBr/3DUIlzw4xHKiX2ruex7YOrQccgXb2qGtNB7tG6jAaXqFb+NZTJhj+3pd OiZiZanzpZvPLIH6Xe4awqDrok7q9ImwwSSQorNrJxKKtA3vLUW3DGvom3XDiOjDqpzhmqXC u6Wf7JfrSJRaudU2WyvYfPk7NQlkLR/1G6Xz+zKqO/cBt2aNATGCAf4wggH6AgEBMGgwUTEL MAkGA1UEBhMCVVMxHzAdBgNVBAoMFk1JVCBMaW5jb2xuIExhYm9yYXRvcnkxDDAKBgNVBAsM A1BLSTETMBEGA1UEAwwKTUlUTEwgQ0EtNQITWQAE/KGDHCQY5NLn7AAAAAT8oTANBglghkgB ZQMEAgEFAKBpMC8GCSqGSIb3DQEJBDEiBCALoEDW3Ug+IbVfjNmxfwShVUkeQoSH5JI11ROR VwgNRzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA3Mjgw MDU3NTdaMA0GCSqGSIb3DQEBAQUABIIBAG/xfhaiudBPcsAvGS6VDIm4zbmaznpZoZLM0Egf FgUGutdxEpgZf3JzmDclDqb/COO2rvA9WAilLbF7Og5R4xmNsdXWUBq0fMOBzwTO7ML/GOjU QpA1QHAE8EwnKZ5qymbs4H+rdRu0nRVW2cyemK5X3J3tks/GIZREEJ1M+T+2aDdRwHhS15pQ GnrzZwKy7fpkBbc5wnrcc5WFaiaV5e1fT+pwbJV0I5ubRQTGbegAAEkb1iHl51SdAGOn+RRg Z/IalfaB5WFn43Ys8Ef+dBN1BhU7RBxpugv9Nm0HaaOyvXumegiaEWKwKWHjR6i3ligVXX2e RR7GLwa4dGKdi2o= --B_3710264277_714450801-- From nobody Wed Jul 28 13:03:30 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7FC83A1E0A for ; Wed, 28 Jul 2021 13:03:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xma1c-hmLNG0 for ; Wed, 28 Jul 2021 13:03:23 -0700 (PDT) Received: from FRA01-MR2-obe.outbound.protection.outlook.com (mail-eopbgr90095.outbound.protection.outlook.com [40.107.9.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 792A63A1E09 for ; Wed, 28 Jul 2021 13:03:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CDT02Ks61Nu5lPKwgtSJ2Qj9Yci4XKTzL+8lLOv/aUfcwQJYeyf44Ww1FK+B4nVZyI0Ax2tgVqfZjAw1QMX8wfeStIY9T/d8l21JkZehGUgy34F3R0XrxwiRGgdv67wzzBF6YuwEaeiIJ5A5U7vRiWI03o/vtdRT+WphbXD5BVPMigbbRxoe9ETL6PTCivTwGCQAn5i0TBsyPzlZ637W7WkPCnxXCdcCIlACq3IC9vOQQ1AbQ/PrzwGRSFs6dVN8yi341UolYMSOIZJnboVYiZLxVKD5LIVA2HmEel5e+3v8NUo8TnmHIettE7fm4aIvA7YXbZn+qKBgZaAXTiYq1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LxFeT1vx1CQby6pMkv5x/12jQWRB8V7U5VPGvrbjxaw=; b=f9beLC92OuzySSZmj+k6VRPHA0M033iz20y5lt75kK+4JzhReMWc69eAJAAoJX5tGkDNYLz0evlgQ1l8RN6ENRBQYyi2KXOodsmJtFkPJsNokQ6Dbks2anZgtrypqdnQSGHnzfPx8FqLyEpQdXzTX9+UQrVfKzVMms/tH+a0yq9z0EbRRNdTjNt05+AX3x8wc8RqlibAAXm+gmJ4iy6LJVqRa81Ri/08wQHhup8WaDz4kIS8lprl2vdGP+izwSFjOTDDoY3eh0+FdF1GZlsNTq7kKhxtMpQfojhF/YzxkjbjfAYN5CweFkJMUNWP/MpFZRHppXXkvBJOXeZFkmWSOw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cryptonext-security.com; dmarc=pass action=none header.from=cryptonext-security.com; dkim=pass header.d=cryptonext-security.com; arc=none Received: from PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:16b::5) by PR0P264MB2258.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:16a::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18; Wed, 28 Jul 2021 20:03:13 +0000 Received: from PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM ([fe80::ccbe:f345:2ee7:f9bc]) by PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM ([fe80::ccbe:f345:2ee7:f9bc%4]) with mapi id 15.20.4373.021; Wed, 28 Jul 2021 20:03:13 +0000 From: Ludovic Perret To: "saag@ietf.org" Thread-Topic: About the "Draft text for a PQ Maintenance WG" Thread-Index: AQHXg+uYd2SPaUVHQES998yOMmOr+A== Date: Wed, 28 Jul 2021 20:03:13 +0000 Message-ID: Reply-To: Ludovic Perret Accept-Language: fr-FR, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cryptonext-security.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f69f1d0e-1f17-4075-c064-08d95202bb88 x-ms-traffictypediagnostic: PR0P264MB2258: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: TwMY9J0TJchfgVIdP5nOSuFbjBgWLcQGhTwRV34LAKlnJ43NggoM4+bvJocZ/+xBUG4d19T7bcjOQ8V0gqGnNHA5xy3wB/66TjHDNdJSYrJzszhQ24TPao7FtOyKr82hCFAW0kP2Mzxii9vr2G+ZUaPR206BgxpvV3N1TuAnJwj7dgnjb9/7IWim68aSemeggc07T+jFbsLWzYGRHQxfLwXCLi4+foDwSLgF2tRAFY/qap03SIpmkxA0yZrk7bk9Xtw5+cALhY65eCKc5Z8TzZE9MFJAVdRPUJcClqvX1YJRmC9XM/uch1f1uYa+9DBgoqGXba8IF7t6762dxKIR9UV1FjJXKcPlgpP9kuKZEloQVGHtH5K15Ufw/yO1PC6VaydF9RhFeDKsLH+8/f04Ok9VoMlpppTHO/noy9XZzGDQCNhYnwNSF1FYNCcidAgv5twuCjeBvqsI+E1D0sQlY4aN0v4orQGuDg3h1vVIRvuwqKT7MDPFRSR5JFnRpprrhBwZlBHKOb9JhyVbggAPg9aYjqg2CnvVe8bn5MxeuLHBy5G64csSRPaRyOWlgZyLkindfXtoL5BsGo4LcQkFbCRYiSAG9t+AbtjdOZdFUpTHPQQbWG8ZeE0hkCdisnERAGZXQ+HKZZ92jdQaySIfgLBbYnNhGtIDTQWrq3m0mYMFo9mbkmuSZSH6uP+8ANWstu7JSmwT4yEHpH9Di6yOSJhElq+w5N+F/aBC+GmG6rrMUoCnpry8VO6Evakse5YDk9aDyQmwxxfuM9FDfZdy2PE9Bm1+hOj3rrBNg3g4cOs= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(346002)(376002)(396003)(39830400003)(136003)(366004)(478600001)(3450700001)(2906002)(6486002)(6512007)(186003)(9686003)(6506007)(86362001)(44832011)(5660300002)(166002)(71200400001)(966005)(4744005)(8676002)(83380400001)(76116006)(33716001)(66556008)(66476007)(66946007)(64756008)(316002)(6916009)(66446008)(122000001)(8936002)(38070700005)(38100700002); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?WFZHekQrak9vcHMxRTFwdFpFTVVMdGhrQTZSRTBFdlVHQ0lrVndIczcxRS93?= =?utf-8?B?dEFiVGpjeEJ2RG9uWHR1bTdmUEQvOU9MZjI3UmxtZEE2ZEpUV2FhMVJhWUpF?= =?utf-8?B?UGczVGNBNWFIRmhSL3dkWnRzNHFuNUFiSldoa3oxUGtOM09kdmlZS2Zna0Zh?= =?utf-8?B?NmlLOWJXV3JpOGE1cituOTZ6ZXRxNTZDUEVzYjVzNHV3dVFuVktORkxHU2M4?= =?utf-8?B?Z1gwOXRnZ1ExSEs4bEVXa3JPN3N1dHVuYmJOTXhpVnhPRlMxMFI2SncrTis2?= =?utf-8?B?dVNGc3lmQVZqUDQ1NFF1a3NpY0NybGlOVzdleGRYYTE0N1BtOEk4Ky9QaHRx?= =?utf-8?B?SEt0K2dSNUF0ZmpWMW1WdXg2UGNRS0ZENkM5bW12WTQ1a0IyK2pNMFNkcnNm?= =?utf-8?B?TkZPVEwvUHRSZHRpcHcycVVMdHlzNnBuNjJ5bHkvcnM3MGRvZkJqUlN4Mnlk?= =?utf-8?B?N0hHUjVXQ2VNNklLVlRoWXRDNmdjQ0JBYTBISC9oQi84K1FFUE91ZnlpQ294?= =?utf-8?B?VjNUb0hYaFZrd0llSGhBbmNuM281SlZ4ZUxIL1NuSVNyT3RkRGtHSTZnRWdH?= =?utf-8?B?VGZUNHhwUktuQmFBVUszeWx0TldJNTBiTHYxYTFYelpmMkJPNHN6UTJDUHdw?= =?utf-8?B?eGc5Q2VRK1hPMDIxKzNvYmR5MkJIK1k0Q05sQm5pN2lWd3dBSStveFVoSThP?= =?utf-8?B?T0V4L3VDU1dOeHFlUGt2Qzc2bFNnRjhKN1RLWUJVVTl6dE5EaC95eXNMeDJq?= =?utf-8?B?NVpGMk94enQwclIyeVB1eEQ5NkI1YmYwVURlc3VGVUpNWWdGK3ZIL3BTbnVH?= =?utf-8?B?ZjA3V1JUUEtoZjBnQU8vcnVxZzEveFlkL2NvQ3ZYSDNURmI0QkdpbXhMVzBa?= =?utf-8?B?ekVydEczaGxsd2ErU21BYVMyMTBwUnFmQlZ4Rld5OUw2eE5yUHJrc0ZuOTRo?= =?utf-8?B?QzM5REpaazRJMFFVZ3V3OW13MUp1OGdCN3Bmc2NSL1hDMWpVMlpMMGtudXhW?= =?utf-8?B?eGdYTW9YdkJDNVc5eTBiRktsZC93MkVUOVZwbzZhMk5aRjFBZ0hpb2VtUDRG?= =?utf-8?B?WGltdVpqZkFUcXJWME5Mc0diN2VuU25rcHBUdHJUc1lkSXl4TFcydTNnb2E1?= =?utf-8?B?QzJXV2R5OGlVdzVjNDZYRzZkZ1ZGTjkvalBTQlU5dTFuVDQ4K2docnd2bWtV?= =?utf-8?B?WEtnakFKK2NMeU1mWHBKQlc4c0EyelFqZ013K0hJR2xwdzRTU1pDb2d4d2Rl?= =?utf-8?B?b3cwVk9lZkZjQ3hIQ2tPd0ZvSW9wbDhyZFlKRllPN0Q1bTB3Mm1oMWt6b09N?= =?utf-8?B?clo3c2pRMzlqNllmc1Z6RmEyV3EyUkZVcVkybHNBanAxSVYzMGpYS3lQeXRh?= =?utf-8?B?NnJ1bzdicGRxd3JjazhFMXZSN3ZJekpxQkRqSUZjN2d5RWRiNzI4ODM4NlJa?= =?utf-8?B?T0tTdHB5OURnMWtsR21oOHErd0dIQmNjeWpnVVB0MThhNmFWNzFESUlqdFlV?= =?utf-8?B?cU1yUHJVR09pRkV3SlZ0NTJNM2N5cEU5Slk5V1Ewcmwxdmcvbk1VbDdkdXZz?= =?utf-8?B?QmU1M1Q1cmk1ck53amd3b3A1Y1NJbTQyeEVVOFhMTFJXeXdHKzl1bWhZZ2FX?= =?utf-8?B?MEs4RkdvNW8yK1FhSEVjQXpQclFBNGxUU2dpcnJCR0RrUnEwRVphNnVPTnFV?= =?utf-8?B?dlJiMDNkN3UybDJ2bW0wWEJYU2xtcStBR1FVSGtMTkFwSGV3ZkVvWDdGbTJT?= =?utf-8?B?WTVhVHhYMHhtMU9SZjlabmNnRmViZURIKzBwYThxNnhlandVMGVWMmVTaUUv?= =?utf-8?B?QjNtSWU5K2tkOEV1czQ5UUtRL3ZpaU5tdjVFUEIzbUVMOU53bnpxQ1RiMlBv?= =?utf-8?B?UUV0Mkp1WUtxcnNqclJHaE1nZ2FCTmY0emRLY1dYQ1R1SFE9PQ==?= x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_emda776da03cae450e8ee7530040d4bc6ddesktop8g465ua_" MIME-Version: 1.0 X-OriginatorOrg: cryptonext-security.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: f69f1d0e-1f17-4075-c064-08d95202bb88 X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2021 20:03:13.8304 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: da4a2df1-4b1b-489d-a7f4-224b58fd4200 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: yyoiP97Bvs3y/xoSd1/oC07AyDOfFPKWYUS0on3AUfuS9GQT94WFneU3LR9UXOhtI2FsshOx6XFf6UXIcsfGsL0082z4gLhKCAtLJD2Qa7L2SNCUZ7HSUA6MABsMGu2B X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR0P264MB2258 Archived-At: Subject: [saag] About the "Draft text for a PQ Maintenance WG" X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jul 2021 20:03:29 -0000 --_000_emda776da03cae450e8ee7530040d4bc6ddesktop8g465ua_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 RGVhciwNCg0KRm9sbG93aW5nIHRoZSBtZWV0aW5nIG9mIHllc3RlcmRheSBhbmQgdGhlIGRpc2N1 c3Npb24gb24gcG9zdC1xdWFudHVtLCBJIGhhdmUgZmV3IGNvbW1lbnRzIG9uIHRoZSAgZHJhZnQg dGV4dCBmb3IgYSBQUSBNYWludGVuYW5jZSBXRyA6DQpodHRwczovL2RhdGF0cmFja2VyLmlldGYu b3JnL21lZXRpbmcvMTExL21hdGVyaWFscy9zbGlkZXMtMTExLXNhYWctY29tcGFuaW9uLXRvLWhv dy1zaG91bGQtdGhlLWlldGYtYXBwcm9hY2gtcHEtc2VjdXJpdHktZHJhZnQtcHEtbWFpbnRlbmFu Y2UtY2hhcnRlci0wMA0KDQogICogICAgW1Bvc3QgUXVhbnR1bSB3b3JrIGNvbGxhYm9yYXRvcnNd IC0tPiB3aGF0IGlzIGV4YWN0bHkgdGhlIHNlbWFudGljIGJlaGluZCB0aGF0ID8gRG8geW91IGV4 cGVjdCBhIGNvbW1pdG1lbnQgZnJvbSBwcSBwZW9wbGUgPw0KICAqICAgVGhlIFtQbGFubmVkIFdH IEFjcm9ueW1dIFdHIHdpbGwgbm90IGRlZmluZSBuZXcgUFEgYWxnb3JpdGhtcyBhbmQgbWV0aG9k cyAtLT4gV2hhdCBkbyB5b3UgbWVhbiBieSBtZXRob2QgPw0KICAgICAqICAgSSB3b3VsZCBzdWdn ZXN0ICJUaGUgW1BsYW5uZWQgV0cgQWNyb255bV0gV0cgd2lsbCByZWx5IG9uIGZ1dHVyZSBOSVNU IG9yIGludGVybmF0aW9uYWwgcHEgIHN0YW5kYXJkcyINCg0KQmVzdCBSZWdhcmRzLA0KDQpMdWRv dmljIFBlcnJldCwNCg0KQ1BPLCBjby1mb3VuZGVyLCBDcnlwdG9OZXh0IFNlY3VyaXR5DQpodHRw czovL2NyeXB0b25leHQtc2VjdXJpdHkuY29tLw0KDQo= --_000_emda776da03cae450e8ee7530040d4bc6ddesktop8g465ua_ Content-Type: text/html; charset="utf-8" Content-ID: <9BA3633DF1192249A136BE0297FEDF62@FRAP264.PROD.OUTLOOK.COM> Content-Transfer-Encoding: base64 PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxzdHlsZSBpZD0iY3NzX3N0eWxlcyI+IA0KYmxv Y2txdW90ZS5jaXRlIHsgbWFyZ2luLWxlZnQ6IDVweDsgbWFyZ2luLXJpZ2h0OiAwcHg7IHBhZGRp bmctbGVmdDogMTBweDsgcGFkZGluZy1yaWdodDowcHg7IGJvcmRlci1sZWZ0OiAxcHggc29saWQg I2NjY2NjYyB9DQpibG9ja3F1b3RlLmNpdGUyIHttYXJnaW4tbGVmdDogNXB4OyBtYXJnaW4tcmln aHQ6IDBweDsgcGFkZGluZy1sZWZ0OiAxMHB4OyBwYWRkaW5nLXJpZ2h0OjBweDsgYm9yZGVyLWxl ZnQ6IDFweCBzb2xpZCAjY2NjY2NjOyBtYXJnaW4tdG9wOiAzcHg7IHBhZGRpbmctdG9wOiAwcHg7 IH0NCmEgaW1nIHsgYm9yZGVyOiAwcHg7IH0NCmxpW3N0eWxlPSd0ZXh0LWFsaWduOiBjZW50ZXI7 J10sIGxpW3N0eWxlPSd0ZXh0LWFsaWduOiBjZW50ZXI7ICddLCBsaVtzdHlsZT0ndGV4dC1hbGln bjogcmlnaHQ7J10sIGxpW3N0eWxlPSd0ZXh0LWFsaWduOiByaWdodDsgJ10geyAgbGlzdC1zdHls ZS1wb3NpdGlvbjogaW5zaWRlO30NCmJvZHkgeyBmb250LWZhbWlseTogU2Vnb2UgVUk7IGZvbnQt c2l6ZTogMTJwdDsgICB9IA0KLnF1b3RlIHsgbWFyZ2luLWxlZnQ6IDFlbTsgbWFyZ2luLXJpZ2h0 OiAxZW07IGJvcmRlci1sZWZ0OiA1cHggI2ViZWJlYiBzb2xpZDsgcGFkZGluZy1sZWZ0OiAwLjNl bTsgfQ0KIDwvc3R5bGU+DQo8L2hlYWQ+DQo8Ym9keT4NCkRlYXIsJm5ic3A7DQo8ZGl2Pjxicj4N CjwvZGl2Pg0KPGRpdj5Gb2xsb3dpbmcgdGhlIG1lZXRpbmcgb2YgeWVzdGVyZGF5IGFuZCB0aGUg ZGlzY3Vzc2lvbiBvbiBwb3N0LXF1YW50dW0sIEkgaGF2ZSBmZXcgY29tbWVudHMgb24gdGhlJm5i c3A7IGQ8c3Bhbj5yYWZ0IHRleHQgZm9yIGEgUFEgTWFpbnRlbmFuY2UgV0cgOiZuYnNwOzwvc3Bh bj48c3Bhbj4mbmJzcDs8L3NwYW4+PC9kaXY+DQo8ZGl2PjxhIGhyZWY9Imh0dHBzOi8vZGF0YXRy YWNrZXIuaWV0Zi5vcmcvbWVldGluZy8xMTEvbWF0ZXJpYWxzL3NsaWRlcy0xMTEtc2FhZy1jb21w YW5pb24tdG8taG93LXNob3VsZC10aGUtaWV0Zi1hcHByb2FjaC1wcS1zZWN1cml0eS1kcmFmdC1w cS1tYWludGVuYW5jZS1jaGFydGVyLTAwIiBzdHlsZT0iZm9udC1zaXplOiAxMnB0OyI+aHR0cHM6 Ly9kYXRhdHJhY2tlci5pZXRmLm9yZy9tZWV0aW5nLzExMS9tYXRlcmlhbHMvc2xpZGVzLTExMS1z YWFnLWNvbXBhbmlvbi10by1ob3ctc2hvdWxkLXRoZS1pZXRmLWFwcHJvYWNoLXBxLXNlY3VyaXR5 LWRyYWZ0LXBxLW1haW50ZW5hbmNlLWNoYXJ0ZXItMDA8L2E+PC9kaXY+DQo8ZGl2Pg0KPHVsIHN0 eWxlPSJsaXN0LXN0eWxlLXR5cGU6IGRpc2M7Ij4NCjxsaT4mbmJzcDtbUG9zdCBRdWFudHVtIHdv cmsgY29sbGFib3JhdG9yc10gLS0mZ3Q7IHdoYXQgaXMgZXhhY3RseSB0aGUgc2VtYW50aWMgYmVo aW5kIHRoYXQgPyBEbyB5b3UgZXhwZWN0IGEgY29tbWl0bWVudCBmcm9tIHBxIHBlb3BsZSA/Jm5i c3A7Jm5ic3A7PC9saT48bGk+VGhlIFtQbGFubmVkIFdHIEFjcm9ueW1dIFdHIHdpbGwgbm90IGRl ZmluZSBuZXcgUFEgYWxnb3JpdGhtcyBhbmQgbWV0aG9kcyAtLSZndDsgV2hhdCBkbyB5b3UgbWVh biBieSBtZXRob2QgPyZuYnNwOyZuYnNwOzwvbGk+PHVsPg0KPGxpPkkgd291bGQgc3VnZ2VzdCAm cXVvdDtUaGUgW1BsYW5uZWQgV0cgQWNyb255bV0gV0cgd2lsbCByZWx5IG9uIGZ1dHVyZSBOSVNU IG9yIGludGVybmF0aW9uYWwgcHEmbmJzcDsgc3RhbmRhcmRzJnF1b3Q7Jm5ic3A7PC9saT48L3Vs Pg0KPC91bD4NCjxkaXY+QmVzdCBSZWdhcmRzLCZuYnNwOzwvZGl2Pg0KPC9kaXY+DQo8ZGl2Pjxi cj4NCjwvZGl2Pg0KPGRpdj5MdWRvdmljIFBlcnJldCwmbmJzcDs8L2Rpdj4NCjxkaXY+PGJyPg0K PC9kaXY+DQo8ZGl2PjxzcGFuPkNQTywgY28tZm91bmRlciwgQ3J5cHRvTmV4dCBTZWN1cml0eTwv c3Bhbj48L2Rpdj4NCjxkaXY+DQo8ZGl2IGlkPSJzaWduYXR1cmVfb2xkIj4NCjxkaXY+DQo8ZGl2 Pg0KPGRpdj48YSBocmVmPSJodHRwczovL2NyeXB0b25leHQtc2VjdXJpdHkuY29tLyIgc3R5bGU9 ImJhY2tncm91bmQtY29sb3I6cmdiYSgwLDAsMCwwKTsiPmh0dHBzOi8vY3J5cHRvbmV4dC1zZWN1 cml0eS5jb20vPC9hPjxiciBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjpyZ2JhKDAsMCwwLDApOyI+ DQo8L2Rpdj4NCjxkaXY+PGJyPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rp dj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_emda776da03cae450e8ee7530040d4bc6ddesktop8g465ua_-- From nobody Thu Jul 29 13:51:36 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E0663A0B58 for ; Thu, 29 Jul 2021 13:51:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.096 X-Spam-Level: X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pT-uk5DzY2oT for ; Thu, 29 Jul 2021 13:51:29 -0700 (PDT) Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DAA83A0B56 for ; Thu, 29 Jul 2021 13:51:29 -0700 (PDT) Received: by mail-pj1-x102c.google.com with SMTP id j1so12018477pjv.3 for ; Thu, 29 Jul 2021 13:51:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version; bh=QQ4/3t19+FjK1Xy6RdL9Vte9JBw8CRJA4ErDHILxuTg=; b=D3OqEveNvs0LJLTrVQvyYqxE2hln1lP2T91SzGYzw7xXP0u/2yUYJDTqyDNOSpzAgg UtJ6Hui9li/AcujdT2+k+lQk4VqVIGW2YzwfdLEnuLnC2uYRnepg6nJWDw/OSYbZ9TGi w/diCmjqz0duNfe3gmiXGyxa+X+Dey1aqXVNc/8dHDQg8iBmRDSAzRfwokSD9zrB9nGo cxJTwY933P7OgXyF2fZEsq6QRiWzVjdSaXGal8sQRgRddrEYXPFNX+d6WybQM8R340Cd LSEG2vRlXvoVoJGEtTrFtYvV2hMzIe7sumxznTJ0Yn1ul5PcGlhHJVHNZtQJJd4K4xl9 9Kew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version; bh=QQ4/3t19+FjK1Xy6RdL9Vte9JBw8CRJA4ErDHILxuTg=; b=JGUudYaa8CC/0XC6FLJiUXJJ7q/pXCopg+yZVKgj64YWdYkr/h1Pi6GTydp8a1bv5j V5ThcxUhHfLBmIZ+iLO9btRhy6SK7QvEJ9OhaT383tc7WldWHZJFJ90m7So/lqBaYWo0 /xl0gJxbApwSXFiTpatNeOTgIUFjNtT0pQLroG6Wk+oRIXKokP2FPpWTWiPhG1QYSemW Ahy/B6od+c+ELNEZhkbg1JTJBMw7nc3WtRIuRjLUTjBrGmQ2qQmOwfhKhfHLIjGb0/52 vPkPItYBCH95HUpEXCGSsurTBYKGHlm6SesgSMBmpV1gu6Xh4RJDgOY0pW4YW1c6dDG7 SP2A== X-Gm-Message-State: AOAM531WcvUe3bUShoe22hZGF89NgY6blFwql4brTK5gJwS/guexOONr 1SicI49G7cSC1/YF2ZjVrc1PvON0Mls= X-Google-Smtp-Source: ABdhPJxv5W6ra3dn2ly3EDmQX2yK8h0hmwu2M4QMkYGFN8838gnlsyL4AboSYDShCtpkoV9Usd51dw== X-Received: by 2002:a17:902:6905:b029:12b:8f6a:7c60 with SMTP id j5-20020a1709026905b029012b8f6a7c60mr6210040plk.24.1627591887985; Thu, 29 Jul 2021 13:51:27 -0700 (PDT) Received: from [192.168.68.110] (bzq-79-181-28-50.red.bezeqint.net. [79.181.28.50]) by smtp.gmail.com with ESMTPSA id j10sm4984388pfd.200.2021.07.29.13.51.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Jul 2021 13:51:27 -0700 (PDT) User-Agent: Microsoft-MacOutlook/16.51.21071101 Date: Thu, 29 Jul 2021 23:51:23 +0300 From: Yaron Sheffer To: Ludovic Perret , "saag@ietf.org" Message-ID: <66A20135-5437-43E4-9F74-AE1D1FDB3A59@gmail.com> Thread-Topic: [saag] About the "Draft text for a PQ Maintenance WG" Mime-version: 1.0 Content-type: multipart/alternative; boundary="B_3710447486_753620707" Archived-At: Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG" X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Jul 2021 20:51:34 -0000 > This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --B_3710447486_753620707 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: quoted-printable I support Ludovic=E2=80=99s second point. Also: =20 * "Maintenance" is not a great name, because of course we're not doing any = maintenance on PQ algorithms/protocols. Maybe "PQ Ops"? * "And the WG may propose deprecation of such algorithms" - can be read as = "the WG will deprecate algorithms" which IMO should be left to the per-proto= col working groups. Even where such WGs do not exist, it is *still* not a go= od idea for this WG to deprecate algorithms in specific protocols since it d= oesn't have the operational experience required to do that. =20 Thanks, =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron =20 =20 From: saag on behalf of Ludovic Perret Reply-To: Ludovic Perret Date: Wednesday, July 28, 2021 at 23:03 To: "saag@ietf.org" Subject: [saag] About the "Draft text for a PQ Maintenance WG" =20 Dear, =20 =20 Following the meeting of yesterday and the discussion on post-quantum, I ha= ve few comments on the draft text for a PQ Maintenance WG : =20 https://datatracker.ietf.org/meeting/111/materials/slides-111-saag-companio= n-to-how-should-the-ietf-approach-pq-security-draft-pq-maintenance-charter-0= 0 =C2=B7 [Post Quantum work collaborators] --> what is exactly the seman= tic behind that ? Do you expect a commitment from pq people ? =20 =C2=B7 The [Planned WG Acronym] WG will not define new PQ algorithms an= d methods --> What do you mean by method ? =20 =C2=B7 I would suggest "The [Planned WG Acronym] WG will rely on future= NIST or international pq standards"=20 Best Regards,=20 =20 Ludovic Perret,=20 =20 CPO, co-founder, CryptoNext Security https://cryptonext-security.com/ =20 _______________________________________________ saag mailing list saag@ietf= .org https://www.ietf.org/mailman/listinfo/saag=20 --B_3710447486_753620707 Content-type: text/html; charset="UTF-8" Content-transfer-encoding: quoted-printable

I support Ludovic=E2=80=99s= second point. Also:

 

<= p class=3DMsoNormal>* "Maintenance" is not a great name, because of = course we're not doing any maintenance on PQ algorithms/protocols. Maybe &qu= ot;PQ Ops"?

* "And the WG may pro= pose deprecation of such algorithms" - can be read as "the WG will= deprecate algorithms" which IMO should be left to the per-protocol wor= king groups. Even where such WGs do not exist, it is *still* not a good idea= for this WG to deprecate algorithms in specific protocols since it doesn't = have the operational experience required to do that.

 

Thanks,

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 Yaron

 

 

=

From: sa= ag <saag-bounces@ietf.org> on behalf of Ludovic Perret <ludovic.per= ret@cryptonext-security.com>
Reply-To: Ludovic Perret <ludov= ic.perret@cryptonext-security.com>
Date: Wednesday, July 28, 20= 21 at 23:03
To: "saag@ietf.org" <saag@ietf.org>Subject: [saag] About the "Draft text for a PQ Maintenance WG&q= uot;

&= nbsp;

Dear, 

 

Following the meeting o= f yesterday and the discussion on post-quantum, I have few comments on the&n= bsp; draft text for a PQ Maintenance WG :  

<= /div>

=C2=B7&nbs= p;        =  [Post Quantum work collaborators] --> what is exactly the= semantic behind that ? Do you expect a commitment from pq people ? &nb= sp;

=C2=B7         = The [Planned WG Acronym] WG will not define new PQ algor= ithms and methods --> What do you mean by method ?  =

=C2=B7 &n= bsp;       I would suggest "The [Planned WG Acronym] WG will rely on future = NIST or international pq  standards" 

Best Regards, 

 <= /p>

Ludovic Perret, 

 <= /span>

CPO, co-founder, Crypt= oNext Security

______________= _________________________________ saag mailing list saag@ietf.org https://ww= w.ietf.org/mailman/listinfo/saag

--B_3710447486_753620707-- From nobody Fri Jul 30 09:47:39 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD0E43A02DC for ; Tue, 27 Jul 2021 09:12:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mhw9ECry7ljJ for ; Tue, 27 Jul 2021 09:12:39 -0700 (PDT) Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0380A3A02BB for ; Tue, 27 Jul 2021 09:12:38 -0700 (PDT) Received: by mail-wr1-x42e.google.com with SMTP id b9so15006240wrx.12 for ; Tue, 27 Jul 2021 09:12:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=V7JOXnGAAuHANmbJVDbmgOjov5CoFlgI1Dio7Iotq/M=; b=YGqj0ceJqmIuEwUPd6TIThLzLfG+dRIGvLyX4UgEqNV+Rqn0psohE/tbbn59A1DQpv tlpePCp0n2F0KJ2aVLm6QFkeIlAbdjPYxLv5e0fHg73Utq32ZQGBOChOQVfy6trVF8+l 1WJ7Ata2/cxClrdFG7vvAr+x18dJZahdeFiNLOeKi/kgzow/OcstNRFqg/5pA62FxoZj t8x1Hy2hgZWC/Qc0wJZ2nN0vyIBok/id94+1ubXgCxS20Bgl19ujnKymDizFNXr/TMNV 64KoUeSRTe0R+SQ2ouxD8aomhuvFVJD1kCNEvVx/r6zJk8CyFz+RJUOpV213bCkKQrBd CL+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=V7JOXnGAAuHANmbJVDbmgOjov5CoFlgI1Dio7Iotq/M=; b=qz15pQvVlaUkD7+5PWya/yy2YLsp5Eum6wnIDkP5K4bJN1B1o7Rc60/wj4Yv7SxZ42 sbhaum3RalrwxKzM9dcy7NLb0IQilgDPVN3ZhjOmty7rOPdoLFPhDsudxPNjDX3xFQvw jElS5zYvyVddtlPsBF4mrOUEO8JOycFqazltfXYSg+YALHm4leLPWEk4KG1M+ihkA1Vx mxZgi5N+rifjTja4oDoiS1Hx88vugpW4AVcTe5EK84LEsIslKfuS+K47L/eHz0PI8het R8IRPSHMWmNcGxAtZaB2KvHKugX4+m/ijgzJRQ6xZ/k1m7wnRiAXFnDH9bopzQFQJeU/ dcmA== X-Gm-Message-State: AOAM531Rslkw9tLezD3wJ6ayUtnMZzVl7S4StDjyEf/8p0/VLFun6Bv8 CTdqRkOOS7noskla7XNThwVlg3/BxqcmvcthXhA= X-Google-Smtp-Source: ABdhPJyhmcWDON20s29U+N2iNRNHQOcFoMjj9mPqNUV2P/qQ6RogFVUFCgW6Bn9IMtj4foRciUhf2XlDw9mgVVo79cs= X-Received: by 2002:a5d:51d2:: with SMTP id n18mr25876132wrv.72.1627402355850; Tue, 27 Jul 2021 09:12:35 -0700 (PDT) MIME-Version: 1.0 References: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> In-Reply-To: <7ABA9FFF-0C44-4010-940E-2C31C0B345D5@ll.mit.edu> From: Matt Sicker Date: Tue, 27 Jul 2021 11:12:24 -0500 Message-ID: To: "Blumenthal, Uri - 0553 - MITLL" Cc: Robert Moskowitz , "cfrg@irtf.org" , "saag@ietf.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: X-Mailman-Approved-At: Fri, 30 Jul 2021 09:47:37 -0700 Subject: Re: [saag] [CFRG] NIST Leightweight Crypto report X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jul 2021 16:12:44 -0000 Also a fan of Xoodyak here. I ported some of the LWC algorithms to Java as an experiment back during the first or second round, and my top choices were Xoodyak for its super useful Cyclist mode along with Ascon for speed and simplicity (and ISAP looked promising, but it's essentially a different mode of operation on Keccak or Ascon permutations). Really, all the sponge function algorithms have a ton of promise for improving the developer experience of actually using cryptography in practice. On Tue, Jul 27, 2021 at 10:22 AM Blumenthal, Uri - 0553 - MITLL wrote: > > I have no comment, but one question: which of the NIST Lightweight Crypto= candidates provide nonce misuse resistance, at least at the level comparab= le with SIV mode? > > -- > Regards, > Uri > > There are two ways to design a system. One is to make is so simple there = are obviously no deficiencies. > The other is to make it so complex there are no obvious deficiencies. > = - C. A. R. Hoa= re > > > =EF=BB=BFOn 7/27/21, 11:06, "CFRG on behalf of Robert Moskowitz" wrote: > > NIST just came out with: NISTIR 8369 > > > "Status Report on the Second Round of the NIST Lightweight Cryptograp= hy > Standardization Process" > > https://csrc.nist.gov/publications/detail/nistir/8369/final > > I have been working with Xoodyak which is one of the 4 AEAD/hashing > finalists. You can see how I am using it in: > > https://datatracker.ietf.org/doc/draft-moskowitz-hip-new-crypto/ > > I "like" Xoodyak, as I am able to use it much like Keccak/SHA3/SHAKE. > It does not come with the nice standardized calls as in SP800-185, bu= t I > think I have duplicated SHAKE/cSHAKE/KMAC with Xoodyak in my draft. > Comments welcome! > > It has been implemented in openHIP. > > Bob > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg From nobody Fri Jul 30 11:17:41 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93D503A0935 for ; Fri, 30 Jul 2021 11:17:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ibiblio-org.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zg7T85abs3bx for ; Fri, 30 Jul 2021 11:17:35 -0700 (PDT) Received: from mail-ed1-x542.google.com (mail-ed1-x542.google.com [IPv6:2a00:1450:4864:20::542]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D37033A0933 for ; Fri, 30 Jul 2021 11:17:34 -0700 (PDT) Received: by mail-ed1-x542.google.com with SMTP id ec13so13886834edb.0 for ; Fri, 30 Jul 2021 11:17:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibiblio-org.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=y5jZAN5VI8THrT2ybsvKDdwM+b6WId5Jul1t1ewkwPk=; b=OqItnYc6bxFSyXAlQvzfnn1oBDKSwzcTdtI9DFQHAxR+iz9dJBdnycI1POSRNLNDVs tBN82MLH41OvRDRO2y2C+T7D4vEh1DTN3dSpkfiqR4QpjE7v0vdiV2zPXN798d15YoDG CpJtjQJWeoxM7xHJlJnwB9XdqsKFDR2Qau/VwkLhP6GdTWbrEBga3tDqo2VGUFw2a57j H2/6kQp3KgEKSyIpOwdoaOWk10304vF+XTLqQcwViyqbmjjXieBEVba8KhUq14Qa/vEC CkB2GzqBeUl5e83/T9WCGKI2lEi1VYfkyGHI+EYiLfLQeTe+GXV87l6tk/wIt4lp4EuD SyTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=y5jZAN5VI8THrT2ybsvKDdwM+b6WId5Jul1t1ewkwPk=; b=uSq6yxaQjgeJWKkYGYePndSfnpRfCFB0SkSw528pxMViNc703Nju80vHJ4NjTEYI5F MeSU45zrCV1/dm+Rno6AQPe62ya5dQUxC945LNDC8XwOhwNcoap9XQvpH2wlpuGoyP78 Sd0NrrzQWInzrE8c91YuK+qjqzK2vyn1SG4YsxTS8J099mNqM+PNVYyDFyNdmbkFcnYk ADBnJZWYeQI62RIxwhscy1iuSVo9oDGiTvoFU57g9nL+IMMxRoIvf+T52beluGcfIZH1 XdUCjL0lI11ujIDR0crxGLY9niKtLE3RruVt3q1WXaYxWrvisoHkDAWQzLYdOC7edp8a pBoA== X-Gm-Message-State: AOAM5316pEDlR8IZ72W9vafKOH8zbbT7JlOjI8ehFoKdDLG1MwmSE4Or npl0H3m6o+Cmp+wagra+znF9cX5CdfB/ZD/bFT+xo04dzAOpfoti7wA= X-Google-Smtp-Source: ABdhPJyXhldg9qzNfp+5QW4uqFN/u5rXwKiFR2vxlxb6VSH8ayr0CK+OpnoAyHAIaRk5C63Yczt1Vfs/OL1s3FqXF2w= X-Received: by 2002:a05:6402:1d22:: with SMTP id dh2mr4378577edb.180.1627669051801; Fri, 30 Jul 2021 11:17:31 -0700 (PDT) MIME-Version: 1.0 From: Harry Halpin Date: Fri, 30 Jul 2021 20:17:21 +0200 Message-ID: To: saag@ietf.org Content-Type: multipart/alternative; boundary="000000000000a5197c05c85b3bad" Archived-At: Subject: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 18:17:40 -0000 --000000000000a5197c05c85b3bad Content-Type: text/plain; charset="UTF-8" Everyone [and apologies if you already got this message on CFRG or SECDISPATCH], While the research community and industry was very quick to work on privacy-enhanced contact tracing, I've seen very few people taking the much more pressing issue of COVID-19 passports. If this IETF111 was in person, we could have done an informal BoF, but as its' not, I'm sending out an email to gauge interest. I've earlier seen some very badly done academic work using W3C "Verified Credentials" and W3C Decentralized Identifier (DID) standards [1]. However, while a bunch of sketchy blockchain technology has not been adopted (so far, although I believe IATA and WHO are still being heavily lobbied in this direction), there has been the release of the EU "Green" Digital Credentials that actually uses digital signatures. However, there's a number of problems: * No revocation in case of compromise * Privacy issues, i.e. leaking metadata * Limited key management (booster shots might require) * No use of standards for cross-app interoperability Furthermore, there appears to be differences between countries, and some countries do not use cryptography at all (the US). Therefore, as an American in France who flew home ASAP to get vaccinated in the US, as a consequence of this lack of interoperability I can't travel on trains or eat at restaurants easily, despite being vaccinated. I imagine this will become a larger problem. I have a report I'm willing to share, but I'd first like to know if there's any interest in standardization on this front at the IETF despite this topic being, I suspect, a bit of astretch of our remit. However, we live in interesting times. I don't think the W3C (or the ITU, etc.) has the security expertise, and while the crypto and security/privacy here is pretty simple, I think it should happen somewhere. While I originally polled it by CFRG IRTF to see if there was any interest whatsoever, Benjamin Kaduk pointed out SAAG and SECDISPATCH would be better places to start. I'd like to know what others think. yours, harry [1] https://arxiv.org/abs/2012.00136 --000000000000a5197c05c85b3bad Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Everyone [and apolo= gies if you already got this message on CFRG or SECDISPATCH],

While the=20 research community and industry was very quick to work on=20 privacy-enhanced contact tracing, I've seen very few people taking the= =20 much more pressing issue of COVID-19 passports.

If= this IETF111 was in person, we could have done an informal BoF, but as its= ' not, I'm sending out an email to gauge interest.
<= br>
I've earlier seen some very badly done academic work using W3C "Verified= =20 Credentials" and W3C Decentralized Identifier (DID) standards [1].=20 However, while a bunch of sketchy blockchain technology has not been=20 adopted (so far, although I believe IATA and WHO are still being heavily lobbied in this direction), there has been the release of the EU=20 "Green" Digital Credentials that actually uses digital signatures= .

However, there's a number of problems:
<= /div>

* No revocation in case of compromise
* Privacy issues, i.e. leaking metadata
* Limited key managemen= t (booster shots might require)
* No use of standards for cross-a= pp interoperability

Furthermore, there appears to be differences between countries, and some countries=20 do not use cryptography at all (the US). Therefore, as an American in=20 France who flew home ASAP to get vaccinated in the US, as a consequence=20 of this lack of interoperability I can't travel on trains or eat at=20 restaurants easily, despite being vaccinated. I imagine this will become a larger problem.

I have a report I'm=20 willing to share, but I'd first like to know if there's any interes= t in=20 standardization on this front at the IETF despite this topic being, I=20 suspect, a bit of=C2=A0 astretch of our remit. However, we live in=20 interesting times.

I don't think the W3C= =20 (or the ITU, etc.) has the security expertise, and while the crypto and=20 security/privacy here is pretty simple, I think it should happen=20 somewhere.

While I originally polled it by CF= RG IRTF to see if there was any interest whatsoever, Benjamin Kaduk pointed= out SAAG and SECDISPATCH would be better places to start. I'd like to = know what others think.

=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 yours,
=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 harry

=
--000000000000a5197c05c85b3bad-- From nobody Fri Jul 30 11:30:43 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B33B3A09A8 for ; Fri, 30 Jul 2021 11:30:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iee-Y_jNdTVV for ; Fri, 30 Jul 2021 11:30:35 -0700 (PDT) Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA4D53A09C6 for ; Fri, 30 Jul 2021 11:30:27 -0700 (PDT) Received: by mail-il1-x12b.google.com with SMTP id k3so10380827ilu.2 for ; Fri, 30 Jul 2021 11:30:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GTHiU9lP47PQb4DtuPH4rbQdUsH712ryEJnPbbnjzyA=; b=afAClasfPyvB9koiqqZDkOB8CmiBiL+TWHSjiDGY6MDoBaSPRc2myxQGCH4YppP8v7 73NVLNN39P8UZQ+8ML5aqdy0VmLEse1oWB9CA2nbZ0aYnpRoBJsXltbOkiYKMaVDWO77 Q+hPzgMu/vNGBYnCLBInD1t5TBEOLoPuUBs6ocqWfqNG68eTybHu2qdjLXR1vF6WYbkG QLi2GRlkwfWwky+qhqhgVOVeFnYXmv1qw7KFaAWnrbDA6oAiJUMmFwgsWR16msRFJtsk 5fccRfN5IuzFf8ybW4N4aF/fDkqy0pvccwsMUCJ9I45zF8NkBZMCk379a0SyKVNZrEp0 9OfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GTHiU9lP47PQb4DtuPH4rbQdUsH712ryEJnPbbnjzyA=; b=pAKgZRaRm9JkZuKEaXkXiDKF9g6gDmyxyaTyLezeYPiDHodAZgJYK+tYx2hvFW8RyI 5kr5aTF6+Mm7jD5ai//iTNzWLW5SHAlf87hN/qfJ1xUeEekgoYxBqIu1iJMYZaxoolVm 9/5/FQI3J0/gMRcv5R830sSfNs4mQbHBp6MtN+uBQIIihN9FCTRggvDCftQfWaiWq+v9 OCnwmSJ0lFO3cr9YGx/9exJghJbCrv0zdKqfv/jyT9zj1bTHr5x7XLwT5ys44BoavFgW BryeAT5M0nrLtJKn1YCeLHbAluYEGjiXstCtl6xpUTRBoXaC/xBoR8nWW0PrlrHWcK4I OKOA== X-Gm-Message-State: AOAM533uGD2oZlxgZK3eJ04gSGJ59Ro9RsmY9s1yPqTCQHm0RHITX3l4 iJ+yUWdqZBfBtXPG0IgSgiez2uLr9gW3J2JUQ1R36Q== X-Google-Smtp-Source: ABdhPJzyypIDrINSfAxxoqZ3t58i4+MRpNU7eMGzpfwJwoiIW/ybRdOODJMugIOhndXr9Xq6zlAAgz685zPdm4l6P24= X-Received: by 2002:a05:6e02:f54:: with SMTP id y20mr2045146ilj.56.1627669826137; Fri, 30 Jul 2021 11:30:26 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Eric Rescorla Date: Fri, 30 Jul 2021 11:29:49 -0700 Message-ID: To: Harry Halpin , IETF SecDispatch Cc: IETF SAAG Content-Type: multipart/alternative; boundary="000000000000cc883605c85b6973" Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 18:30:42 -0000 --000000000000cc883605c85b6973 Content-Type: text/plain; charset="UTF-8" To recap my comments on CFRG: There seems to be a lot of enthusiasm for this in various forums, and it's largely not well coordinated, with each group (the EU, VCI, etc.) doing their own thing, and producing work of various levels of quality. Before the IETF got involved, I'd want to see some evidence that the various players are interested in a common standard and want to do one here, lest we end up with XKCD 927. FWIW, I've spent a bunch of time looking at the various proposals. If people are interested they can find it at: https://educatedguesswork.org/tags/vaccine%20passports/ -Ekr On Fri, Jul 30, 2021 at 11:18 AM Harry Halpin wrote: > Everyone [and apologies if you already got this message on CFRG or > SECDISPATCH], > > While the research community and industry was very quick to work on > privacy-enhanced contact tracing, I've seen very few people taking the much > more pressing issue of COVID-19 passports. > > If this IETF111 was in person, we could have done an informal BoF, but as > its' not, I'm sending out an email to gauge interest. > > I've earlier seen some very badly done academic work using W3C "Verified > Credentials" and W3C Decentralized Identifier (DID) standards [1]. However, > while a bunch of sketchy blockchain technology has not been adopted (so > far, although I believe IATA and WHO are still being heavily lobbied in > this direction), there has been the release of the EU "Green" Digital > Credentials that actually uses digital signatures. > > However, there's a number of problems: > > * No revocation in case of compromise > * Privacy issues, i.e. leaking metadata > * Limited key management (booster shots might require) > * No use of standards for cross-app interoperability > > Furthermore, there appears to be differences between countries, and some > countries do not use cryptography at all (the US). Therefore, as an > American in France who flew home ASAP to get vaccinated in the US, as a > consequence of this lack of interoperability I can't travel on trains or > eat at restaurants easily, despite being vaccinated. I imagine this will > become a larger problem. > > I have a report I'm willing to share, but I'd first like to know if > there's any interest in standardization on this front at the IETF despite > this topic being, I suspect, a bit of astretch of our remit. However, we > live in interesting times. > > I don't think the W3C (or the ITU, etc.) has the security expertise, and > while the crypto and security/privacy here is pretty simple, I think it > should happen somewhere. > > While I originally polled it by CFRG IRTF to see if there was any interest > whatsoever, Benjamin Kaduk pointed out SAAG and SECDISPATCH would be better > places to start. I'd like to know what others think. > > yours, > harry > > [1] https://arxiv.org/abs/2012.00136 > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > --000000000000cc883605c85b6973 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
To recap my comments on CFRG:
There seems t= o be a lot of enthusiasm for this in various forums, and it's largely n= ot well coordinated, with each group (the EU, VCI, etc.) doing their own th= ing, and producing work of various levels of quality. Before the IETF got i= nvolved, I'd want to see some evidence that the various players are int= erested in a common standard and want to do one here, lest we end up with X= KCD 927.

FWIW, I've spent a bunch of time look= ing at the various proposals. If people are interested they can find it at:=

-Ekr




On Fri, Jul 30, 2021 at 11:18 AM Harry Halpin <hhalpin@ibiblio.org> wro= te:
Everyone [and apologies if you = already got this message on CFRG or SECDISPATCH],

<= div>While the=20 research community and industry was very quick to work on=20 privacy-enhanced contact tracing, I've seen very few people taking the= =20 much more pressing issue of COVID-19 passports.

If= this IETF111 was in person, we could have done an informal BoF, but as its= ' not, I'm sending out an email to gauge interest.
<= br>
I've earlier seen some very badly done academic work using W3C "Verified= =20 Credentials" and W3C Decentralized Identifier (DID) standards [1].=20 However, while a bunch of sketchy blockchain technology has not been=20 adopted (so far, although I believe IATA and WHO are still being heavily lobbied in this direction), there has been the release of the EU=20 "Green" Digital Credentials that actually uses digital signatures= .

However, there's a number of problems:
<= /div>

* No revocation in case of compromise
* Privacy issues, i.e. leaking metadata
* Limited key managemen= t (booster shots might require)
* No use of standards for cross-a= pp interoperability

Furthermore, there appears to be differences between countries, and some countries=20 do not use cryptography at all (the US). Therefore, as an American in=20 France who flew home ASAP to get vaccinated in the US, as a consequence=20 of this lack of interoperability I can't travel on trains or eat at=20 restaurants easily, despite being vaccinated. I imagine this will become a larger problem.

I have a report I'm=20 willing to share, but I'd first like to know if there's any interes= t in=20 standardization on this front at the IETF despite this topic being, I=20 suspect, a bit of=C2=A0 astretch of our remit. However, we live in=20 interesting times.

I don't think the W3C= =20 (or the ITU, etc.) has the security expertise, and while the crypto and=20 security/privacy here is pretty simple, I think it should happen=20 somewhere.

While I originally polled it by CF= RG IRTF to see if there was any interest whatsoever, Benjamin Kaduk pointed= out SAAG and SECDISPATCH would be better places to start. I'd like to = know what others think.

=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 yours,
=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 harry

=
_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinfo/saag
--000000000000cc883605c85b6973-- From vb@pibit.ch Fri Jul 30 11:58:02 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F3213A0B91 for ; Fri, 30 Jul 2021 11:58:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d0vwY2-EHzJK for ; Fri, 30 Jul 2021 11:57:58 -0700 (PDT) Received: from dragon.pibit.ch (dragon.pibit.ch [185.203.114.4]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B00EF3A0B65 for ; Fri, 30 Jul 2021 11:57:51 -0700 (PDT) Received: by dragon.pibit.ch (Postfix, from userid 1000) id 4B0BA21404E9; Fri, 30 Jul 2021 20:57:49 +0200 (CEST) Date: Fri, 30 Jul 2021 20:57:49 +0200 From: Volker Birk To: saag@ietf.org Message-ID: <20210730185749.GA21724@dragon.pibit.ch> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 18:59:03 -0000 On Fri, Jul 30, 2021 at 08:17:21PM +0200, Harry Halpin wrote: > While the research community and industry was very quick to work on > privacy-enhanced contact tracing, I've seen very few people taking the much > more pressing issue of COVID-19 passports. Hi, is it really needed to support something evil like the end of all freedom? It is bad enough having to deal with this pandemic. But supporting the people trying to make the maximum profit out of it and at the same time enslaving all others is disgusting. Yours, VB. -- Volker Birk, p≡p project mailto:vb@pep-project.org https://pep.software From nobody Fri Jul 30 13:40:37 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 503713A0F74 for ; Fri, 30 Jul 2021 13:40:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ibiblio-org.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bj2hx4d37byS for ; Fri, 30 Jul 2021 13:40:31 -0700 (PDT) Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F7293A0F4D for ; Fri, 30 Jul 2021 13:40:30 -0700 (PDT) Received: by mail-ej1-x630.google.com with SMTP id gs8so18941139ejc.13 for ; Fri, 30 Jul 2021 13:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibiblio-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yTCgPi0XGPlWTfHk3pHIwcx/3UVG1lCOwEO5N3H1c60=; b=EKb/rmTICw3MPg3TB/9BGyb5qUv8pkQO+moUUZm5GQPWnVyFz4d0X2HxLI25hY9vAQ m84zqx5cZddOL9Z4Q8j7s45gvnDLWdlhhROFYZ8mDxAIUZ9+560Zdzp8olBDZIdyn6x/ H63qo/hBlYGqLCQKp49qSt/sZntB4lN8a9HIQGiiXVyKhjjLqeomIeTY2MSTbV5Gi1qQ ePEwuKk48SJ5DoH0+Mp4C2YvdaYubue3MBKbER15VPTVUdzruROVrxb1p1mAK391GqUn lJOHJvLOexmLxz2b/OgGvNSJSG/lMj08gjeURyTZSY7Hsb6spTfPY5AE/Ili2AeF8C01 8f+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yTCgPi0XGPlWTfHk3pHIwcx/3UVG1lCOwEO5N3H1c60=; b=r27AowkgY4dofNLF9SBp8Ajc4Teu/d36iQU0NVwPDakYW98T79u4I4G5i3WOlCdQoH kErHWEnzi6X3cCd9tpwoZ6I1NoHwKNg3WGW+vIJ02gsExOBQvgBGybAEvLunQVlUlZH7 XjEJOvJFSsd0Ow4ftnvwA0Y3fYHfsmLrHMxPkyWCK3J3JVcSydTmXP7xTyx3eCLzo7UB 4gjNBhgB18Pxkv9aGSE+9jO4S50NBnJt5KjM7Y1TyPoDOD+SzSUemmGJnkT49hZFn7VZ T0H5jamkcMxqrMq/ABOtOMlxo0h960Af8VJxAZIjlBrbkzNlG5pTdE5/EKEaH1ffKdJS DvCQ== X-Gm-Message-State: AOAM532KPXWO5t5LuE+IwKTEVX4rEpo3ErPjKQQWj6KAtJryx8M9R+CI NfMYxp3vTzedkeR0HAb/rVQ52MRPnH3jNrFt3xatKw== X-Google-Smtp-Source: ABdhPJxYFnEVHQmarmTGStP3Qhg5OlyeGMYtfwiG3N9l18snH9T6lSYbYae5Aqcz+EsVWgkXDUdGd8N9hBP1gAEgil8= X-Received: by 2002:a17:906:4784:: with SMTP id cw4mr4525918ejc.160.1627677623981; Fri, 30 Jul 2021 13:40:23 -0700 (PDT) MIME-Version: 1.0 References: <20210730185749.GA21724@dragon.pibit.ch> In-Reply-To: <20210730185749.GA21724@dragon.pibit.ch> From: Harry Halpin Date: Fri, 30 Jul 2021 22:40:13 +0200 Message-ID: To: Volker Birk Cc: saag@ietf.org Content-Type: multipart/alternative; boundary="0000000000009636b005c85d3a07" Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 20:40:36 -0000 --0000000000009636b005c85d3a07 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Jul 30, 2021 at 8:59 PM Volker Birk wrote: > On Fri, Jul 30, 2021 at 08:17:21PM +0200, Harry Halpin wrote: > > While the research community and industry was very quick to work on > > privacy-enhanced contact tracing, I've seen very few people taking the > much > > more pressing issue of COVID-19 passports. > > Hi, > > is it really needed to support something evil like the end of all > freedom? > > It is bad enough having to deal with this pandemic. But supporting the > people trying to make the maximum profit out of it and at the same time > enslaving all others is disgusting Volker, While I support your sentiments (in fact, I warned against the persistence and abuse of COVID-19 related infrastructure as soon as the pandemic hit [1]) and do note that the COVID-19 passports have already happened in most countries, particularly in the EU. If they were built with open source and open international standards, with actual privacy and security, then it would be harm minimization. So I'd like to keep this discussion to the technical level if possible, to see if there is any technical interest. Wish we could be doing this as an actual BarBOF in IETF 111! yours, harry [1] https://cointelegraph.com/news/this-is-our-last-chance-to-protect-our-priva= cy-amid-the-covid-19-crisis > . > > Yours, > VB. > -- > Volker Birk, p=E2=89=A1p project > mailto:vb@pep-project.org > https://pep.software > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > --0000000000009636b005c85d3a07 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Fri, Jul 30, 2021 at 8:59 PM Volker Bi= rk <vb@pep-project.org> wro= te:
On Fri, Jul 30, 2021 at 08:17:21PM +0200, Harry Halpin wrote= :
> While the research community and industry was very quick to work on > privacy-enhanced contact tracing, I've seen very few people taking= the much
> more pressing issue of COVID-19 passports.

Hi,

is it really needed to support something evil like the end of all
freedom?

It is bad enough having to deal with this pandemic. But supporting the
people trying to make the maximum profit out of it and at the same time
enslaving all others is disgusting

Volker,<= /div>

While I support your sentiments (in fact, I warned= against the persistence and abuse of COVID-19 related infrastructure as so= on as the pandemic hit [1]) and do note that the COVID-19 passports have al= ready happened in most countries, particularly in the EU. If they were buil= t with open source and open international standards, with actual privacy an= d security, then it would be harm minimization.

So I'd like to keep this discussion to the technical level if possib= le, to see if there is any technical interest. Wish we could be doing this = as an actual BarBOF in IETF 111!

=C2=A0 yours,
=C2=A0=C2=A0=C2=A0=C2=A0 harry

= =C2=A0=C2=A0=C2=A0
.

Yours,
VB.
--
Volker Birk, p=E2=89=A1p project
mailto:vb@pep-proje= ct.org
https= ://pep.software

_______________________________________________
saag mailing list
saag@ietf.org
https://www.ietf.org/mailman/listinfo/saag
--0000000000009636b005c85d3a07-- From nobody Fri Jul 30 13:48:59 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EB3F3A1001; Fri, 30 Jul 2021 13:48:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LYiEaeuYloXq; Fri, 30 Jul 2021 13:48:50 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 010513A0FFD; Fri, 30 Jul 2021 13:48:49 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id CBE58389BC; Fri, 30 Jul 2021 16:52:46 -0400 (EDT) Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 3_RAvp123uyH; Fri, 30 Jul 2021 16:52:44 -0400 (EDT) Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id E2FF3389B0; Fri, 30 Jul 2021 16:52:43 -0400 (EDT) Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id E0A60FC; Fri, 30 Jul 2021 16:48:45 -0400 (EDT) From: Michael Richardson To: "saag\@ietf.org" , danish@ietf.org X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Archived-At: Subject: [saag] danish report for saag X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 20:48:55 -0000 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable The DANISH BOF met on Tuesday morning at IETF-111. This was a WG-forming BOF, and there was a lot more discussion about the charter and the goals for the WG. Many noted that the IETF-110 BOF seemed way too quiet, and the BOF chairs hypothesized that scheduling conflicts meant that we did not have enough opinions in the room. We have captured a lot of notes into the codimd, which is now posted on github, and will be uploaded. Turning the comments into revisions to the charter is now the hard part. =2D- Michael Richardson . o O ( IPv6 I=C3=B8T consulti= ng ) Sandelman Software Works Inc, Ottawa and Worldwide --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEbsyLEzg/qUTA43uogItw+93Q3WUFAmEEZa0ACgkQgItw+93Q 3WUEygf9H57Ef7fglvE44KiRX7UytqJ75JHQNF4EuWNFrx2H+VKnJ7+15kGbIY1H e43mj/+CnpjlJgA301A/BCn8HGEoVkdtkKinJbZkwIcMsJ3+3hLqkAL7acEj+irU iAtypu731ogSsE8k0l0SU7SNUei6se8WzFclvAf6xVPLuB0oz5jvdxkqEW1b1gKG xMQhSXTrGERqYRw3C1WEkmLF3g04lOJGmNyZBKtFC1NiVbfp7aRbZQvrhoCXP71O eURUHW8LZaZB38Rvd/p8PzszYbWhShYUzV2yaq0BjueaHkztFkYvAWA8rshPw0t+ IbnqphdlWYZ7ZTEPicSKUtqVUuN6FQ== =Pf10 -----END PGP SIGNATURE----- --=-=-=-- From nobody Fri Jul 30 13:57:27 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF8EB3A104E for ; Fri, 30 Jul 2021 13:57:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G6hY7YORORhx for ; Fri, 30 Jul 2021 13:57:21 -0700 (PDT) Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [134.102.50.15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E40BE3A104D for ; Fri, 30 Jul 2021 13:57:20 -0700 (PDT) Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4Gc08F5wtwz31Td; Fri, 30 Jul 2021 22:57:17 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) From: Carsten Bormann In-Reply-To: Date: Fri, 30 Jul 2021 22:57:17 +0200 Cc: Volker Birk , saag@ietf.org X-Mao-Original-Outgoing-Id: 649371437.3422019-99e5b6aa781e106420961e179b696ab8 Content-Transfer-Encoding: quoted-printable Message-Id: <7465EFBA-A37A-4CCD-BD0F-63BD202C7AEF@tzi.org> References: <20210730185749.GA21724@dragon.pibit.ch> To: Harry Halpin X-Mailer: Apple Mail (2.3608.120.23.2.7) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 20:57:26 -0000 On 2021-07-30, at 22:40, Harry Halpin wrote: >=20 > While I support your sentiments (in fact, I warned against the = persistence and abuse of COVID-19 related infrastructure as soon as the = pandemic hit [1]) and do note that the COVID-19 passports have already = happened in most countries, particularly in the EU. If they were built = with open source and open international standards, with actual privacy = and security, then it would be harm minimization.=20 There are some components in the EU DGC that we might want to extract = and properly specify. Gr=C3=BC=C3=9Fe, Carsten From nobody Fri Jul 30 14:19:16 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8AC23A1150; Fri, 30 Jul 2021 14:19:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t4i08zK8l3FE; Fri, 30 Jul 2021 14:19:06 -0700 (PDT) Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B72DE3A114B; Fri, 30 Jul 2021 14:19:05 -0700 (PDT) Received: by mail-wm1-x32f.google.com with SMTP id n11so6768911wmd.2; Fri, 30 Jul 2021 14:19:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=YM39zn9eBMKwJ/7I1RrxKDJ7F4VpKrbmQ9686GWEt44=; b=NHJgnOVOCNcO07IEWU9cyNzKgLhrIRSnHwTp5bdMEx2lhX52xXFKxScoKHL/8XYn6Y 3QGf9uaZUr60KL3McTdD0mFqJasyIlCvzNnOYnQBc4UbdJ4dloG7SB5IkkEg+T3c1nIu TtDDolwmgaB4sxzWBu4RAK0FWt7HPAQBN2Jbu7tkMnZq4EJuiRnYKQctQ5K/aR0CCKbD 7OdwB+qUkNv090Idln6JVsqYIN/wprlFq0cIR+YNhF8RerSDzLGrogog9VF/GVFZU1F8 fBAJly4alb53gEnEYORSqW2nbphX+A780R4cfcU1ADv6c+bgV5z7+/Jt0VnJPGYX8Kz6 bylQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=YM39zn9eBMKwJ/7I1RrxKDJ7F4VpKrbmQ9686GWEt44=; b=stLU677ADnmIkU+riulmb4ogxY62S7J87igg7Wh8G9mrlTZLusyAbuoQqndIcbGbUn EDBxzbnun5UK7+DtZ4+Ut+x7PqewrPlQcS0v5PlO9WWcEJ3NeOPRVOXz/esFcfxqA5gF 901f1sHrrP9kth3Kqg96mvvIDaHcLCjYWXKQUrHgCIGukmUQwcDWc4vTrNQM1PbR8INI YTY+0m8egTpN9pIFHQNjpglZAgnNe8jz//ITp9NDe9lIaQwyeLF0p86TaC951qmH7JFg HRPiLMqUIRaBKQIGrnyEfp9D2UftjESFBkcARVjC+HTeVOqv9ryeNP16R6zDPCI5HeTo CZzg== X-Gm-Message-State: AOAM532QMhKz49x2sISpqdeZnfFYBl4KKn7CToNFT+1AkgKx0Dy5UVYD WfaiKVWxOsiVqVYmphbNYuk= X-Google-Smtp-Source: ABdhPJxvTMl6kCsZkHGIzwO/caEp6r6AyqhckTpxE2yK2TF2XBjEdMrDCaeZ2MM+DTw1pNBlhfvOBQ== X-Received: by 2002:a05:600c:2181:: with SMTP id e1mr5330816wme.112.1627679943476; Fri, 30 Jul 2021 14:19:03 -0700 (PDT) Received: from smtpclient.apple (p200300cf1706260094ff9c7bbf6e9ada.dip0.t-ipconnect.de. [2003:cf:1706:2600:94ff:9c7b:bf6e:9ada]) by smtp.gmail.com with ESMTPSA id n4sm2706262wmq.1.2021.07.30.14.19.02 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 Jul 2021 14:19:02 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3686.0.1.2.1\)) From: Henry Story In-Reply-To: Date: Fri, 30 Jul 2021 23:19:01 +0200 Cc: IETF SecDispatch , IETF SAAG Content-Transfer-Encoding: quoted-printable Message-Id: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> References: To: Eric Rescorla X-Mailer: Apple Mail (2.3686.0.1.2.1) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:19:11 -0000 I doubt that the problem with Covid credentials has to do with the=20 format of the credentials, or even the signature technology used to=20 sign them. The knowledge about the virus and the responses to it are evolving very quickly, and so the flexibility of W3C Verifiable Credentials=20 comes in very handy here, as it is built on semantic web standards built on top of first order logic, hypergraphs, and designed for=20 decentralisation, and evolvability.=20 This flexibility is particularly important in a geo-political reality=20 that covers many nations, with many different languages, different laws=20= and no center of control.=20 =20 The verifiable Credentials standards do provide one important element of the puzzle, but it does not solve help to tell which institutions=20 are authorized by a country to give out such credentials. That is = something each=20 country can only decide for itself, each differently as each country=20 has different health systems, regulations, policing, etc=E2=80=A6=20 So what is needed is a way to link these countries together so that=20 a verifying software can tell at any time if the institution that signed a credential is entitled to make such claims by its country, and a way to allow different vocabularies to evolve in a way that makes = convergence possible. This requires a Web of Nations (WoN), which I wrote up here: https://co-operating.systems/2020/06/01/ Technologically we have all the pieces to build such a system. But it requires many different parties to come together to get it to = work. Henry Story > On 30. Jul 2021, at 20:29, Eric Rescorla wrote: >=20 > To recap my comments on CFRG: > There seems to be a lot of enthusiasm for this in various forums, and = it's largely not well coordinated, with each group (the EU, VCI, etc.) = doing their own thing, and producing work of various levels of quality. = Before the IETF got involved, I'd want to see some evidence that the = various players are interested in a common standard and want to do one = here, lest we end up with XKCD 927. >=20 > FWIW, I've spent a bunch of time looking at the various proposals. If = people are interested they can find it at: > https://educatedguesswork.org/tags/vaccine%20passports/ >=20 > -Ekr >=20 >=20 >=20 >=20 > On Fri, Jul 30, 2021 at 11:18 AM Harry Halpin = wrote: > Everyone [and apologies if you already got this message on CFRG or = SECDISPATCH], >=20 > While the research community and industry was very quick to work on = privacy-enhanced contact tracing, I've seen very few people taking the = much more pressing issue of COVID-19 passports. >=20 > If this IETF111 was in person, we could have done an informal BoF, but = as its' not, I'm sending out an email to gauge interest.=20 >=20 > I've earlier seen some very badly done academic work using W3C = "Verified Credentials" and W3C Decentralized Identifier (DID) standards = [1]. However, while a bunch of sketchy blockchain technology has not = been adopted (so far, although I believe IATA and WHO are still being = heavily lobbied in this direction), there has been the release of the EU = "Green" Digital Credentials that actually uses digital signatures. >=20 > However, there's a number of problems:=20 >=20 > * No revocation in case of compromise > * Privacy issues, i.e. leaking metadata > * Limited key management (booster shots might require) > * No use of standards for cross-app interoperability >=20 > Furthermore, there appears to be differences between countries, and = some countries do not use cryptography at all (the US). Therefore, as an = American in France who flew home ASAP to get vaccinated in the US, as a = consequence of this lack of interoperability I can't travel on trains or = eat at restaurants easily, despite being vaccinated. I imagine this will = become a larger problem.=20 >=20 > I have a report I'm willing to share, but I'd first like to know if = there's any interest in standardization on this front at the IETF = despite this topic being, I suspect, a bit of astretch of our remit. = However, we live in interesting times.=20 >=20 > I don't think the W3C (or the ITU, etc.) has the security expertise, = and while the crypto and security/privacy here is pretty simple, I think = it should happen somewhere.=20 >=20 > While I originally polled it by CFRG IRTF to see if there was any = interest whatsoever, Benjamin Kaduk pointed out SAAG and SECDISPATCH = would be better places to start. I'd like to know what others think. >=20 > yours, > harry >=20 > [1] https://arxiv.org/abs/2012.00136 > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag From nobody Fri Jul 30 14:23:55 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68C423A1176 for ; Fri, 30 Jul 2021 14:23:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u6nq9UfRdxHa for ; Fri, 30 Jul 2021 14:23:47 -0700 (PDT) Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com [IPv6:2607:f8b0:4864:20::12e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E81453A1175 for ; Fri, 30 Jul 2021 14:23:46 -0700 (PDT) Received: by mail-il1-x12e.google.com with SMTP id x7so7450483ilh.10 for ; Fri, 30 Jul 2021 14:23:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gpYBwL9WY9RCzWvqEHP0frc7Wt6GKEJYMnFnsjd/foI=; b=qn/FTVWG5NKdSh6G+1B7xdPy6vjuCGiThPvapBkAlgQMc+l8OWkfx/PXnrPoaEivpC kAdwfOMLLja26WfhhinUrXJz9zeT6ovMpWQrVwRcKxugvYWkft05cb+4xIbGmkYEqQCt KxGsOIausdc+1Z5earZizGfv9gThSX4vowl7UtAYFCKlL/ooc7Tjd5cfLAspPqZj2rNr vgL9NGzHPw+zPJCFkASL4Y7MYAcy9oOhgiXy/uOn7P68OZPIeh96wYkXeydh7CLU43bs jqPBw0D162ABmTBqBu/NwBbIVGRh/LYQO8QXqIjnX+FciapVtJRfMLettmrD2Ucj2aWa c4CA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gpYBwL9WY9RCzWvqEHP0frc7Wt6GKEJYMnFnsjd/foI=; b=LpfImr3qHjkYC90UNAwSj9OGv95fYBFDS2/DccxT81poCgPIJIkEvv6zxIW+DpIvDg oyGfmkM24+T2wesyQ6VfYAWo7yJ1oodTzjrxr0gjmwbQh+aBodJm1q1TancYsapuVNU5 /GRNp5O/WoGpW2zV4aCePhv0VHfQXzTaZwbtPTg9cLdmsgQPfmJ0Ns57n196nL1+KJSh eNL/bN6sMDCKcQMA2h3Lqa+KhOCtdGZ/ZdzBTPgK9AZaStFySjFSCHj0LosacdvTXebg ftwFgabb4M0JGwnLQ6FErEJYvUA431u/nQdA0vwKXdSuFsKQDUkiPUXZhJc8108PePS7 Dywg== X-Gm-Message-State: AOAM5333agF4h+2qWM0dvcrEEjCyrGPJUNnIkrq28BUi6MVCDUQ4Zv1x ZET5ebllZO/N/HrLN7V7lZ6PCTQEGjUW4awlTCpUTw== X-Google-Smtp-Source: ABdhPJxh62p2h2MQ8UgNoK42H/xGyDi8cmGPzQXx5NdWrO3+wm/KHp2AqE+VUuH25DyE0xStrO/HId0k7FX6ayGSg2M= X-Received: by 2002:a05:6e02:1aae:: with SMTP id l14mr1520095ilv.35.1627680225735; Fri, 30 Jul 2021 14:23:45 -0700 (PDT) MIME-Version: 1.0 References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> In-Reply-To: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> From: Eric Rescorla Date: Fri, 30 Jul 2021 14:23:09 -0700 Message-ID: To: Henry Story Cc: IETF SecDispatch , IETF SAAG Content-Type: multipart/alternative; boundary="000000000000a9d3b005c85dd585" Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:23:50 -0000 --000000000000a9d3b005c85dd585 Content-Type: text/plain; charset="UTF-8" On Fri, Jul 30, 2021 at 2:19 PM Henry Story wrote: > The knowledge about the virus and the responses to it are evolving > very quickly, and so the flexibility of W3C Verifiable Credentials > comes in very handy here, as it is built on semantic web standards > built on top of first order logic, hypergraphs, and designed for > decentralisation, and evolvability. > I don't really agree with this claim. Some of the proposals here use VC and some do not, but they all seem roughly equally capable and flexible to me. -Ekr > --000000000000a9d3b005c85dd585 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Fri, Jul 30, 2021 at 2:19 PM Henry= Story <henry= .story@gmail.com> wrote:
The knowledge about the virus and the responses to it are e= volving
very quickly, and so the flexibility of W3C Verifiable Credentials
comes in very handy here, as it is built on semantic web standards
built on top of first order logic, hypergraphs, and designed for
decentralisation, and evolvability.

I = don't really agree with this claim. Some of the proposals here use
VC and some do not, but they all seem roughly equally capable and
flexible to me.

-Ekr





--000000000000a9d3b005c85dd585-- From nobody Fri Jul 30 14:27:46 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90B863A11A0 for ; Fri, 30 Jul 2021 14:27:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZnIlxjl_N7TL for ; Fri, 30 Jul 2021 14:27:39 -0700 (PDT) Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D3B43A119D for ; Fri, 30 Jul 2021 14:27:39 -0700 (PDT) Received: from smtpclient.apple (77-63-38-235.mobile.kpn.net [77.63.38.235]) (authenticated bits=0) by weser.webweaving.org (8.16.1/8.16.1) with ESMTPSA id 16ULOqCb033615 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 30 Jul 2021 23:24:52 +0200 (CEST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: weser.webweaving.org: Host 77-63-38-235.mobile.kpn.net [77.63.38.235] claimed to be smtpclient.apple Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) From: Dirk-Willem van Gulik In-Reply-To: <7465EFBA-A37A-4CCD-BD0F-63BD202C7AEF@tzi.org> Date: Fri, 30 Jul 2021 23:23:46 +0200 Cc: Harry Halpin , Volker Birk , saag@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <20210730185749.GA21724@dragon.pibit.ch> <7465EFBA-A37A-4CCD-BD0F-63BD202C7AEF@tzi.org> To: Carsten Bormann X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Fri, 30 Jul 2021 23:24:58 +0200 (CEST) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:27:45 -0000 On 30 Jul 2021, at 22:57, Carsten Bormann wrote: > On 2021-07-30, at 22:40, Harry Halpin wrote: >>=20 >> While I support your sentiments (in fact, I warned against the = persistence and abuse of COVID-19 related infrastructure as soon as the = pandemic hit [1]) and do note that the COVID-19 passports have already = happened in most countries, particularly in the EU. If they were built = with open source and open international standards, with actual privacy = and security, then it would be harm minimization.=20 >=20 > There are some components in the EU DGC that we might want to extract = and properly specify. First - a word of caution - these standards were developed as the = pandemic evolved - and are very narrowly tailored to a very specific = compromise w.r.t to time, scope and what was legally possible quick = enough. Secondly be also aware that the EU DCC has a very specific and narrow = use case - cross border travel; and is used in a setting where a = traveler is generally also required to carry a passport or similar. As = they are crossing borders.=20 With that caveat - privacy impact is minimised in that setting - but by = design it still reveals identity and some medical details to the = verifier[1]. As that is core to that use case. Conversely domestic implementations (like the one in the Netherlands) = that are designed for use in the private sector (e.g. by a bouncer in = the bar) are designed against different use cases.=20 And, taking NL as an example again, may use selective disclosure, ZKP = and other techniques to frustrate or prevent surveilance or tracking = (i.e. not being able to recognise a person as they move around and see = scanners at different bars).[2] Most of this is quite akin to verifiable credentials - or borrows = heavily from it.=20 However both the EU and domestic approach allows for fully off-line use = (i.e dynamically generated Qrs and verifiers with a static trust list). = With absolutely no need to verify something =E2=80=98on line=E2=80=99 = =E2=80=94 not even something like an OCSP-ish revocation at Qr level. = This is to minimise surveillance.=20 Both approaches have been heavily optimised for size - as Qr are = challenging in the field if they contain more than 1200 8-bit byte = equivalent or so. Standards can be found at https://github.com/ehn-dcc-development If you are curious - most countries opensource their code (also to help = with trust in society) - and joint European effort (by something called = the eHealthNetwork) base implementations are also open source[3]. With kind regards, Dw. =E2=80=94=20 Dirk-Willem van Gulik (currently helping the Ministry of Public Health = in the Netherlands out as their CTO). 1: For the technology see: = https://ec.europa.eu/health/ehealth/key_documents_en#anchor0 and = specially = https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green= -certificates_v3_en.pdf. =20 In short; it is an Qr code that can verified fully offline (both for = scanner and citizen) that consists of a JSON payload, CBOR packaged, = COSE signed, zlib-defalte compressed and base45 transport protected with = the prefix =E2=80=98hc1=E2=80=99. The JSON payload consists of the persons name and DoB and a medical = block - that contains things like the vaccination used, the date, = manufacturer and medically/responsibly entity. It does not have things = like a passport or citizen number; the name and DoB is all that ties it = to some other identity document. The signature is verified against a trustlist of public keys; the latter = is much alike to the ICAO masterlist commonly used for passports; a per = country CA signing shorter lived digital signing certificates (ECC is = mostly used). Use this tool to decode your own: = https://github.com/ehn-dcc-development/ehn-sign-verify-python-trivial 2: e.g for the Netherlands = (https://github.com/minvws/nl-covid19-coronacheck-app-coordination) this = is Idemix ZKP based approach; with a Qr code that changes every few = minutes - with identity binding limited to just a few initials of the = persons last or first name and the day/month of birth (the exact mix = coded depends on the prevalence). 3: Joint standard development: https://github.com/ehn-dcc-development, = code NLhttps://github.com/minvws code eHealth Network collaboration: = https://github.com/eu-digital-green-certificates= From nobody Fri Jul 30 14:33:29 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A07403A11D1 for ; Fri, 30 Jul 2021 14:33:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uzcZp0LGquIv for ; Fri, 30 Jul 2021 14:33:20 -0700 (PDT) Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24DF23A11D0 for ; Fri, 30 Jul 2021 14:33:19 -0700 (PDT) Received: from smtpclient.apple (77-63-38-235.mobile.kpn.net [77.63.38.235]) (authenticated bits=0) by weser.webweaving.org (8.16.1/8.16.1) with ESMTPSA id 16ULUfkg033796 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 30 Jul 2021 23:30:43 +0200 (CEST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: weser.webweaving.org: Host 77-63-38-235.mobile.kpn.net [77.63.38.235] claimed to be smtpclient.apple Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) From: Dirk-Willem van Gulik In-Reply-To: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> Date: Fri, 30 Jul 2021 23:29:40 +0200 Cc: Eric Rescorla , IETF SecDispatch , IETF SAAG Content-Transfer-Encoding: quoted-printable Message-Id: <6E36F759-3840-423D-B946-A9B5FF991056@webweaving.org> References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> To: Henry Story X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Fri, 30 Jul 2021 23:30:44 +0200 (CEST) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:33:25 -0000 On 30 Jul 2021, at 23:19, Henry Story wrote: > So what is needed is a way to link these countries together so that=20 > a verifying software can tell at any time if the institution that = signed ..snip.. >=20 > This requires a Web of Nations (WoN), which I wrote up here: > https://co-operating.systems/2020/06/01/ >=20 > Technologically we have all the pieces to build such a system. Indeed. > But it requires many different parties to come together to get it to = work. The DCC / European system (well, eHealth Network to be precise) consists = of a technical system (code at = https://github.com/eu-digital-green-certificates/dgc-gateway) that = collects =E2=80=98root certificates=E2=80=99 of each countries within = the context of the pandemic. These sign document signer certificates - = which in turn sign the Qr codes. This is very similar to the ICAO master = lists used for electronic cross board passports. Joining this network is a technical and legal/governance process:=20 = https://ec.europa.eu/health/sites/default/files/ehealth/docs/covid-certifi= cate_equivalence-decision_en.pdf > a credential is entitled to make such claims by its country, and a way > to allow different vocabularies to evolve in a way that makes = convergence > possible. And this is handled by the technical working groups; with the = vocabulary, schema and similar kept at: https://github.com/ehn-dcc-development/ehn-dcc-valuesets https://github.com/ehn-dcc-development/ehn-dcc-schema https://github.com/ehn-dcc-development/dgc-business-rules And changing/evolving almost as rapidly as the pandemic response. Dw= From nobody Fri Jul 30 14:39:51 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CE123A1216 for ; Fri, 30 Jul 2021 14:39:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iSm2IGEWKycW for ; Fri, 30 Jul 2021 14:39:37 -0700 (PDT) Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B25C3A120B for ; Fri, 30 Jul 2021 14:39:35 -0700 (PDT) Received: from smtpclient.apple (77-63-38-235.mobile.kpn.net [77.63.38.235]) (authenticated bits=0) by weser.webweaving.org (8.16.1/8.16.1) with ESMTPSA id 16ULav39033922 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 30 Jul 2021 23:36:58 +0200 (CEST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: weser.webweaving.org: Host 77-63-38-235.mobile.kpn.net [77.63.38.235] claimed to be smtpclient.apple From: Dirk-Willem van Gulik Message-Id: <66D90DC4-9BCF-4279-868E-61D5731EC2A4@webweaving.org> Content-Type: multipart/alternative; boundary="Apple-Mail=_8494C909-B4CF-48B7-A22E-9DDEDD023388" Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) Date: Fri, 30 Jul 2021 23:35:57 +0200 In-Reply-To: Cc: Henry Story , IETF SecDispatch , IETF SAAG To: Eric Rescorla References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Fri, 30 Jul 2021 23:36:59 +0200 (CEST) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:39:50 -0000 --Apple-Mail=_8494C909-B4CF-48B7-A22E-9DDEDD023388 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 On 30 Jul 2021, at 23:23, Eric Rescorla wrote: > On Fri, Jul 30, 2021 at 2:19 PM Henry Story > wrote: > The knowledge about the virus and the responses to it are evolving > very quickly, and so the flexibility of W3C Verifiable Credentials=20 > comes in very handy here, as it is built on semantic web standards > built on top of first order logic, hypergraphs, and designed for=20 > decentralisation, and evolvability.=20 >=20 > I don't really agree with this claim. Some of the proposals here use > VC and some do not, but they all seem roughly equally capable and=20 > flexible to me. =46rom an implementor/designing perspective (both the NL domestic = version -and- the EU DCC version) =E2=80=94 and although we tried very = very hard - the absolute need for totally off-line use & preventing = surveillance*, also, or especially by the issuing entities (or blind = trust in) combined with the inflexible state of the available = semi-usable VC implementations and the very strong desire to have = nothing =E2=80=98central=E2=80=99 and no =E2=80=98central trust=E2=80=99 = - had us gradually evolve to something not quite VC. Despite this being = the stated goal. So I think we have some useful lessons learned w.r.t. the importance of = off-line / totally local validation. Dw *: e.g. spiked certificates with something unlikely to be cached or = requiring a very unique lookup/OCSP, etc.= --Apple-Mail=_8494C909-B4CF-48B7-A22E-9DDEDD023388 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 On = 30 Jul 2021, at 23:23, Eric Rescorla <ekr@rtfm.com> wrote:
On Fri, Jul = 30, 2021 at 2:19 PM Henry Story <henry.story@gmail.com> wrote:
The knowledge about the virus and the = responses to it are evolving
very quickly, and so the flexibility of W3C Verifiable Credentials
comes in very handy here, as it is built on semantic web standards
built on top of first order logic, hypergraphs, and designed for
decentralisation, and evolvability.

I don't really agree = with this claim. Some of the proposals here use
VC = and some do not, but they all seem roughly equally capable and
flexible to = me.

=46rom = an implementor/designing perspective (both the NL domestic version -and- = the EU DCC version)  =E2=80=94 and although we tried very very hard = - the absolute need for totally off-line use & preventing = surveillance*, also, or especially by the issuing entities  (or = blind trust in) combined with the inflexible state of the available = semi-usable VC implementations and the very strong desire to have = nothing =E2=80=98central=E2=80=99 and no =E2=80=98central trust=E2=80=99 = - had us gradually evolve to something not quite VC. Despite this being = the stated goal.

So I think we have = some useful lessons learned w.r.t. the importance of off-line / totally = local validation.

Dw

*:  e.g. spiked certificates with = something unlikely to be cached or requiring a very unique lookup/OCSP, = etc.
= --Apple-Mail=_8494C909-B4CF-48B7-A22E-9DDEDD023388-- From nobody Fri Jul 30 14:46:08 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4119C3A1259 for ; Fri, 30 Jul 2021 14:45:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZZIq_D6BTYA7 for ; Fri, 30 Jul 2021 14:45:53 -0700 (PDT) Received: from dragon.pibit.ch (dragon.pibit.ch [185.203.114.4]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDB843A122D for ; Fri, 30 Jul 2021 14:45:53 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id 8B78421415E9 for ; Fri, 30 Jul 2021 23:45:51 +0200 (CEST) Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xwpCbiJZidqI for ; Fri, 30 Jul 2021 23:45:51 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTPSA id 62C4A214034E for ; Fri, 30 Jul 2021 23:45:51 +0200 (CEST) Date: Fri, 30 Jul 2021 23:45:51 +0200 From: Volker Birk To: saag@ietf.org Message-ID: <20210730214551.54usdahtucaxrmoi@pep-project.org> Mail-Followup-To: saag@ietf.org X-PGP-Key: https://fdik.org/vb.asc References: <20210730185749.GA21724@dragon.pibit.ch> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="6t2fuhkshfyrnddc" Content-Disposition: inline In-Reply-To: Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 21:46:07 -0000 --6t2fuhkshfyrnddc Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 30, 2021 at 10:40:13PM +0200, Harry Halpin wrote: > While I support your sentiments (in fact, I warned against the persistence > and abuse of COVID-19 related infrastructure as soon as the pandemic hit > [1]) and do note that the COVID-19 passports have already happened in most > countries, particularly in the EU. If they were built with open source and > open international standards, with actual privacy and security, then it > would be harm minimization. Dear Harry, thank you for taking this serious! But I fear you're mistaken. Let me explain: The major problem is not the passport itself. It is who checks it in which situation: commercial enterprises checking access to cultural events, but as we saw in Israel while the test also to food supply and education. So it will be a corporation deciding if you get education for your kids and if you're qualified to buy food. Let's illustrate this with a live example: Even if you're willing to take your vaccine and you're compliant with all government rules, what if you're rejected at the gate in spite of this? Then you can go to court and sue a commercial enterprise for doing this mistake =E2=80=93 or for abusing their power, because you may be just a per= son the owners dislike. Then you can sue them over years. And while this time you cannot bring your kids to school and you cannot go to a supermarket and buy food. Sorry, this is way too much power to the wrong people. While the pandemic the super rich became so much richer. And the corporations' shares went through the roof. It must be enough feeding them now. We need to take care of all those people, who lost their business and who lost their loved ones in the pandemic. Creating a power tool to suppress all resistance to the government and handing over this tool to the corporate world will not help here. And unfortunately, it does not matter how much good will and intentions will be spend on this. Yours, VB. --=20 Volker Birk, p=E2=89=A1p project mailto:vb@pep-project.org https://pep.software --6t2fuhkshfyrnddc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEqrl4qIK5pueTlgsHGt/IKsNYbBQFAmEEcw8ACgkQGt/IKsNY bBQgSAf/YTqwvNT3MDlFTNUzxYDOlxjJoUCM6l9QM1/m6qC7noGT14uzxSR5mzLg sOKuvCoIZjEgj5dviXhKfMhy2XOXH5EFS27T3Rv4dMgWMKOpoFgnPlIoGnYcmUoJ FlL9vO2JhOvhIaxwmaAEd0/KFQjSp7BI3ZT2B5uoP7o+/kpzn4clYRSoKq0b8c36 bsFGcvxK4EC4v7yF/i4TVaL1qkryPZYthgOX0Td2dnA0yfU5Fn6kuK6F3Tv6wNOg OCjV4lD/UHDF/Scr+4itSqvNCxkB4rO5HbRa96DVLFFw88aRFdpKDJp6yFDQqDb8 DSpNoIxPk8fU/ymBiilgJvBrWFHNiw== =e5Uj -----END PGP SIGNATURE----- --6t2fuhkshfyrnddc-- From nobody Fri Jul 30 15:09:43 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B65FB3A1338 for ; Fri, 30 Jul 2021 15:09:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ibiblio-org.20150623.gappssmtp.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WaBOnmontb81 for ; Fri, 30 Jul 2021 15:09:29 -0700 (PDT) Received: from mail-ed1-x530.google.com (mail-ed1-x530.google.com [IPv6:2a00:1450:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EF873A1324 for ; Fri, 30 Jul 2021 15:09:29 -0700 (PDT) Received: by mail-ed1-x530.google.com with SMTP id x90so15156737ede.8 for ; Fri, 30 Jul 2021 15:09:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibiblio-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HrIh+RcS2eTIh6l4IrDym/kQzORY5J7tvcL0WCGmmxI=; b=p1igT820tEQEshXxLEVgOERSJDpKNAoexJXjP+7FB0sN8YQN2qtgfxV4Jbh6HVdU4f fH5eOoVJUe1V3xRPpVzDjeVQNzLAB0QFobMtoOeq4DYEdcumyy9jCTrGBxBVrm2JRhGi W9fWcWr6e5YFQ9fYaq0Y4Or4KElR0uy5htEbLubAGvQtnyJW5j3GW62xgOhsKROfNpcr gpuqIee+W3dCpXKBlKVytH027u1EeXcL5qvVGm7vRIRO8jr2CPj/GbI0u4dLfnQEdMhA VaDw5vc1zv90zZ8iPWJvTBgYr7hVFEcaOBYHsZUGN90YkXfXzNWX1SRD4uMCpg+DZDBx 16+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HrIh+RcS2eTIh6l4IrDym/kQzORY5J7tvcL0WCGmmxI=; b=rjSU1AZ113To7SWbYcgvd1nNtwBRk2elC0UuDNwh8dFlaWpjWVrWh8n7ViMZNkEZBo KaEzhTV/JerU73BwH2H2w1uZdd1KJ9u8Zblum6lg7GeWu4wKXu3SZ7UCuXc2Bk76oVsh ESw24zDVpn1FLE/Su83dQvl3ffUf4NceUzPXUfrSjrtRcQNnZqQrqQsMX5x/kzzk89gX LIgmB7sjQtV7AiJEKYmJrhmql1IMkTn0GHBI17nsCmvC0w6g948iOxC+I6+ENIrcMuO2 nkmiZro392+ZDQdZXpT5Nrz2XTob9w/EXxyBIu7knltMqMOy+PHCfeQ7x8BROBd00Jpn G1bQ== X-Gm-Message-State: AOAM531oKbKYrp1JfbhKSB/x/lhahEpDORBJ0FGAX+t+8c3KlOws8SC3 gt0XCSPw4EyshrbDV5wlAt1UCVDJGAConVwJxpyq0w== X-Google-Smtp-Source: ABdhPJy3pTmS/u9QLGy/ENKYag0PJArs/KGaCoEjDOqOJNWNz96aMagxVekR00d1WIKBEf6jtvmU4Jc7IFJPF7L8YHc= X-Received: by 2002:aa7:c857:: with SMTP id g23mr5682970edt.100.1627682962541; Fri, 30 Jul 2021 15:09:22 -0700 (PDT) MIME-Version: 1.0 References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> <66D90DC4-9BCF-4279-868E-61D5731EC2A4@webweaving.org> In-Reply-To: <66D90DC4-9BCF-4279-868E-61D5731EC2A4@webweaving.org> From: Harry Halpin Date: Sat, 31 Jul 2021 00:09:11 +0200 Message-ID: To: Dirk-Willem van Gulik Cc: Eric Rescorla , IETF SecDispatch , Henry Story , IETF SAAG Content-Type: multipart/alternative; boundary="000000000000ca1e1d05c85e7811" Archived-At: Subject: Re: [saag] [Secdispatch] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Jul 2021 22:09:42 -0000 --000000000000ca1e1d05c85e7811 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Everyone, Good to see this conversation, and the contributions from Dirk have been exceptionally relevant. In particular, I would put out of scope requiring any verifier to be online and I would also put out of scope data formats with limited real-world uptake, like W3C RDF and Verified Credentials. I would focus on widely deployed standards, such as JOSE/COSE and TLS. In this regard, the EU DGC has done well. I'd like to see international comparison though, as I can imagine many other "proposals" or even working systems are not using modern cryptography. I suspect there is definitely a need for a privacy analysis that is more thorough than DGC has done (surprised to see linkable signatures, centralized databases, and so on and so forth) when we know how to build better and more in the EU GDPR-compliant standards - although I suspect COVID-19 falls under a national security derogation and so GDPR does not apply. Not sure how many people are actually interested in chartering something and the scope, but I'd be happy to host a meeting if someone is attending IETF 111. Although it may be rather late for some, I will be hosting a "side meeting" virtually at the IETF 111 meeting today right after the CFRG IRTF meeting ends. See the wiki for the link: https://trac.ietf.org/trac/ietf/meeting/wiki/111sidemeetings yours, harry On Fri, Jul 30, 2021 at 11:39 PM Dirk-Willem van Gulik wrote: > On 30 Jul 2021, at 23:23, Eric Rescorla wrote: > > On Fri, Jul 30, 2021 at 2:19 PM Henry Story wrote= : > >> The knowledge about the virus and the responses to it are evolving >> very quickly, and so the flexibility of W3C Verifiable Credentials >> comes in very handy here, as it is built on semantic web standards >> built on top of first order logic, hypergraphs, and designed for >> decentralisation, and evolvability. >> > > I don't really agree with this claim. Some of the proposals here use > VC and some do not, but they all seem roughly equally capable and > flexible to me. > > > From an implementor/designing perspective (both the NL domestic version > -and- the EU DCC version) =E2=80=94 and although we tried very very hard= - the > absolute need for totally off-line use & preventing surveillance*, also, = or > especially by the issuing entities (or blind trust in) combined with the > inflexible state of the available semi-usable VC implementations and the > very strong desire to have nothing =E2=80=98central=E2=80=99 and no =E2= =80=98central trust=E2=80=99 - had > us gradually evolve to something not quite VC. Despite this being the > stated goal. > > So I think we have some useful lessons learned w.r.t. the importance of > off-line / totally local validation. > > Dw > > *: e.g. spiked certificates with something unlikely to be cached or > requiring a very unique lookup/OCSP, etc. > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch > --000000000000ca1e1d05c85e7811 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Everyone,

Good to see this c= onversation, and the contributions from Dirk have been exceptionally releva= nt. In particular, I would put out of scope requiring any verifier to be on= line and I would also put out of scope data formats with limited real-world= uptake, like W3C RDF and Verified Credentials. I would focus on widely dep= loyed standards, such as JOSE/COSE and TLS. In this regard, the EU DGC has = done well. I'd like to see international comparison though, as I can im= agine many other "proposals" or even working systems are not usin= g modern cryptography. I suspect there is definitely a need for a privacy a= nalysis that is more thorough than DGC has done (surprised to see linkable = signatures, centralized databases, and so on and so forth) when we know how= to build better and more in the EU GDPR-compliant standards - although I s= uspect COVID-19 falls under a national security derogation and so GDPR does= not apply.

Not sure how many people are actu= ally interested in chartering something and the scope, but I'd be happy= to host a meeting if someone is attending IETF 111.

Although it may be rather late for some, I will be hosting a "side = meeting" virtually at the IETF 111 meeting today right after the CFRG = IRTF meeting ends. See the wiki for the link: https://trac.ietf.org/trac/ietf= /meeting/wiki/111sidemeetings

=C2=A0 yours,
=C2=A0=C2=A0=C2=A0 harry


On Fri, Jul 30, 2021= at 11:39 PM Dirk-Willem van Gulik <dirkx@webweaving.org> wrote:
On 30 Jul= 2021, at 23:23, Eric Rescorla <ekr@rtfm.com> wrote:
<= div>
On Fri, Jul 30, 2021 at 2:19 PM Henry Story <henry.story@gmail.com> wr= ote:
The knowled= ge about the virus and the responses to it are evolving
very quickly, and so the flexibility of W3C Verifiable Credentials
comes in very handy here, as it is built on semantic web standards
built on top of first order logic, hypergraphs, and designed for
decentralisation, and evolvability.

I = don't really agree with this claim. Some of the proposals here use
VC and some do not, but they all seem roughly equally capable and
flexible to me.

<= div>From an implementor/designing perspective (both the NL domestic version= -and- the EU DCC version) =C2=A0=E2=80=94 and although we tried very very = hard - the absolute need for totally off-line use & preventing surveill= ance*, also, or especially by the issuing entities =C2=A0(or blind trust in= ) combined with the inflexible state of the available semi-usable VC implem= entations and the very strong desire to have nothing =E2=80=98central=E2=80= =99 and no =E2=80=98central trust=E2=80=99 - had us gradually evolve to som= ething not quite VC. Despite this being the stated goal.

So I think we have some useful lessons learned w.r.t. the importance= of off-line / totally local validation.

Dw
<= br>
*: =C2=A0e.g. spiked certificates with something unlikely to be cac= hed or requiring a very unique lookup/OCSP, etc.
_______________= ________________________________
Secdispatch mailing list
Secdispatch@ietf.= org
https://www.ietf.org/mailman/listinfo/secdispatch
--000000000000ca1e1d05c85e7811-- From nobody Sat Jul 31 03:07:50 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CEE43A2062 for ; Sat, 31 Jul 2021 03:07:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HnDuTewjNcXf for ; Sat, 31 Jul 2021 03:07:41 -0700 (PDT) Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EB683A2064 for ; Sat, 31 Jul 2021 03:07:40 -0700 (PDT) Received: from smtpclient.apple (77-63-50-29.mobile.kpn.net [77.63.50.29]) (authenticated bits=0) by weser.webweaving.org (8.16.1/8.16.1) with ESMTPSA id 16VA3PHj062515 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 31 Jul 2021 12:03:26 +0200 (CEST) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: weser.webweaving.org: Host 77-63-50-29.mobile.kpn.net [77.63.50.29] claimed to be smtpclient.apple From: Dirk-Willem van Gulik Message-Id: <7D1A5E18-4369-47DC-9FC6-A88AF1876AA9@webweaving.org> Content-Type: multipart/alternative; boundary="Apple-Mail=_9A6F9668-00DE-4FFD-BE88-9956B89EC056" Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\)) Date: Sat, 31 Jul 2021 12:02:22 +0200 In-Reply-To: Cc: Eric Rescorla , IETF SecDispatch , Henry Story , IETF SAAG To: Harry Halpin References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> <66D90DC4-9BCF-4279-868E-61D5731EC2A4@webweaving.org> X-Mailer: Apple Mail (2.3654.100.0.2.22) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Sat, 31 Jul 2021 12:03:31 +0200 (CEST) Archived-At: Subject: Re: [saag] [Secdispatch] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 10:07:46 -0000 --Apple-Mail=_9A6F9668-00DE-4FFD-BE88-9956B89EC056 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 On 31 Jul 2021, at 00:09, Harry Halpin wrote: > working systems are not using modern cryptography. I suspect there is = definitely a need for a privacy analysis that is more thorough than DGC = has done Fully agreed -and with the worst of the crisis over - this is a good = time. Also as it is very likely that this is the time for changes/fixes.=20= We are getting the first from the field experience, mis-implementations = (e.g. the UK got the KeyIdentifier wrong, some countries have URNs that = are not valid URIs, etc), the type of fraud that makes economic or = political sense and start to see where the trust model is hard from a = national governance perspective (e.g. due to delegation of sovereignty = of overseas territories). But also as the DCC system is now pushed = beyond its design - from a governance perspective (the majority of = countries using it may soon well be non EU/EC & EEA /), from a = technical perspective (as countries are now considering boosters & = similar) and from a use case perspective - - domestic / private sector = scanning is now becoming a thing.=20 So the timing is right to address this. And the IETF would be a good & = neutral place - as this is first and foremost a standards exercise = (actual code is almost laughably trivial[1] - so it is not a essential = to start own the open source / code side). > (surprised to see linkable signatures, centralized databases, and so = on and so forth) when we know how to build better and Note tha the DCC does not have a centralised database (and in fact, a = lot of countries do not have any central database either - but rely on = very distributed, delegate and often offline/non-API approachable data = holdings in the country. Nor is the trust list centralised - each member = state manages this essentially itself. The main central elements are the = design, the joint list of =E2=80=98valid=E2=80=99 (that include = =E2=80=9Cvalids=E2=80=9D that are not generally accepted; e.g. the codes = for Sinovac en Sputnik) that is jointly maintained and a convenience = =E2=80=99trust list=E2=80=99 that is jointly managed for countries that = are under the (privacy) regulation or have some adequacy/equivalence = regulation or law in place. > more in the EU GDPR-compliant standards - although I suspect COVID-19 = falls under a national security derogation and so GDPR does not apply. Currently - the engineering design assumption is that the GDPR fully = applies - and both EUPD and the various national privacy regulators are = heavily involved/heavily influenced the design. The final regulation = actually goes quite a few steps further than the GDPR - and disallows = certain things (around PII handling, revocation lists and especially the = retention of any data post scan) that could conceivable be reasonable = and proportional under the GDPR for certain goals. > Not sure how many people are actually interested in chartering = something and the scope, but I'd be happy to host a meeting if someone = is attending IETF 111. Happy to help out / provide information on what was done & why. As I = realise that both speed and the international collaboration processes = used were not that easy to follow from afar. With kind regards, Dw 1: Basically line 126 in = https://github.com/ehn-dcc-development/ehn-sign-verify-python-trivial/blob= /main/hc1_sign.py =E2=80=94 CBOR package your JSON, COSE sign it; = Zlib-deflate compress and put it into Base45[2] so it becomes Qr = friendly (QRs then have a a 5.5bit efficient mode that is more scanner = in the field-resistant than a raw 8bit Qr - yet is almost the same # of = pixels). 2: https://datatracker.ietf.org/doc/draft-faltstrom-base45/ --Apple-Mail=_9A6F9668-00DE-4FFD-BE88-9956B89EC056 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 On = 31 Jul 2021, at 00:09, Harry Halpin <hhalpin@ibiblio.org>= wrote:

working systems are not using modern = cryptography. I suspect there is definitely a need for a privacy = analysis that is more thorough than DGC has = done

Fully = agreed -and with the worst of the crisis over - this is a good time. = Also as it is very likely that this is the time for = changes/fixes. 

We are getting = the first from the field experience, mis-implementations (e.g. the UK = got the KeyIdentifier wrong, some countries have URNs that are not valid = URIs, etc), the type of fraud that makes economic or political sense and = start to see where the trust model is hard from a national governance = perspective (e.g. due to delegation of sovereignty of overseas = territories). But also as the DCC system is now pushed beyond its design = - from a governance perspective (the majority of countries using it may = soon well be non EU/EC & EEA /), from a  technical perspective = (as countries are now considering boosters & similar) and from a use = case perspective - - domestic / private sector scanning is now becoming = a thing. 

So the timing is = right to address this. And the IETF would be a good & neutral place = - as this is first and foremost a standards exercise (actual code is = almost laughably trivial[1] - so it is not a essential to start own the = open source / code side).

(surprised to see = linkable signatures, centralized databases, and so on and so forth) when = we know how to build better and

Note tha the DCC does not have a centralised database = (and in fact, a lot of countries do not have any central database either = - but rely on very distributed, delegate and often offline/non-API = approachable data holdings in the country. Nor is the trust list = centralised - each member state manages this essentially itself. The = main central elements are the design, the joint list of =E2=80=98valid=E2=80= =99 (that include =E2=80=9Cvalids=E2=80=9D that are not generally = accepted; e.g. the codes for Sinovac en Sputnik) that is jointly = maintained and a convenience =E2=80=99trust list=E2=80=99 that is = jointly managed for countries that are under the (privacy) regulation or = have some adequacy/equivalence regulation or law in place.

more in the EU = GDPR-compliant standards - although I suspect COVID-19 falls under a = national security derogation and so GDPR does not = apply.

Currently - the engineering design assumption is = that the GDPR fully applies - and both EUPD and the various national = privacy regulators are heavily involved/heavily influenced the design. = The final regulation actually goes quite a few steps further than the = GDPR - and disallows certain things (around PII handling, revocation = lists and especially the retention of any data post scan) that could = conceivable be reasonable and proportional under the GDPR for certain = goals.

Not sure how many = people are actually interested in chartering something and the scope, = but I'd be happy to host a meeting if someone is attending IETF = 111.

Happy to = help out / provide information on what was done & why. As I realise = that both speed and the international collaboration processes used were = not that easy to follow from afar.

With kind regards,

Dw


1: Basically line 126 in https://github.com/ehn-dcc-development/ehn-sign-verify-python-t= rivial/blob/main/hc1_sign.py =E2=80=94 CBOR package your JSON, COSE = sign it; Zlib-deflate compress and put it into Base45[2] so it becomes = Qr friendly (QRs then have a a 5.5bit efficient mode that is more = scanner in the field-resistant than a raw 8bit Qr - yet is almost the = same # of pixels).

2: https://datatracker.ietf.org/doc/draft-faltstrom-base45/




= --Apple-Mail=_9A6F9668-00DE-4FFD-BE88-9956B89EC056-- From nobody Sat Jul 31 03:29:31 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7D523A2104 for ; Sat, 31 Jul 2021 03:29:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LG4TfE4pIOSd for ; Sat, 31 Jul 2021 03:29:24 -0700 (PDT) Received: from dragon.pibit.ch (dragon.pibit.ch [185.203.114.4]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC7803A2102 for ; Sat, 31 Jul 2021 03:29:23 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id C479B21404E9 for ; Sat, 31 Jul 2021 12:29:20 +0200 (CEST) Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ve-OeybbkLOo for ; Sat, 31 Jul 2021 12:29:20 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTPSA id 9F3E7214019D for ; Sat, 31 Jul 2021 12:29:20 +0200 (CEST) Date: Sat, 31 Jul 2021 12:29:20 +0200 From: Volker Birk To: saag@ietf.org Message-ID: <20210731102920.hq5knlz26diunq42@pep-project.org> Mail-Followup-To: saag@ietf.org X-PGP-Key: https://fdik.org/vb.asc References: <7F5A47B0-4E26-4C51-AA21-6A6038A80A95@gmail.com> <66D90DC4-9BCF-4279-868E-61D5731EC2A4@webweaving.org> <7D1A5E18-4369-47DC-9FC6-A88AF1876AA9@webweaving.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="4e7vnaqpoicob2ys" Content-Disposition: inline In-Reply-To: <7D1A5E18-4369-47DC-9FC6-A88AF1876AA9@webweaving.org> Archived-At: Subject: Re: [saag] [Secdispatch] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 10:29:29 -0000 --4e7vnaqpoicob2ys Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 31, 2021 at 12:02:22PM +0200, Dirk-Willem van Gulik wrote: > Note tha the DCC does not have a centralised database (and in fact, a > lot of countries do not have any central database either No, they don't. But there is zero chance that the enterprises, which do the checks, haven't. Founders of id2020: https://id2020.org/alliance Microsoft, Accenture, GAVI Alliance (Bill & Melinda Gates Foundation), Rockefeller Foundation. See their invests. Among General Partners: Mastercard Who could be the profiteers? Microsoft and Mastercard are already at the Point of Sale. And the =E2=80=9CCovid Pass=E2=80=9D is useless without iden= tifying the person who's showing it. This will be a gateway tracking of world's population, giving the gatekeeper role to the corporate world. BTW: having a central database will be perfectly legal for the enterprises. =E2=80=9CIt is needed to do the identification of the person w= ho is showing the Covid Pass=E2=80=9D is excuse enough in most if not in all legal systems. You're building dystopia. Yours, VB. --=20 Volker Birk, p=E2=89=A1p project mailto:vb@pep-project.org https://pep.software --4e7vnaqpoicob2ys Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEqrl4qIK5pueTlgsHGt/IKsNYbBQFAmEFJgAACgkQGt/IKsNY bBTz/Af9HTXnN/pgMrgWfPYF1L8ENFO5slj3oPUQySVq8LhDGskZ9w97nsCWCuWF lN0XSJ6t7UhPem7l7N93RL7nf9SHNNL/3J2yTW8ShMKBlKM2VfXqbPMpMe++3XUH 4TUd/GxYyYI1aP2Pk0aRlSrkDVROVGby1ha+9PIgbziQE6XQ67YlGsQ50Dk052wG ZvgH1z/wKBl/1GzmViDsVD6B9hRyIW3gn00VbjdEqQwrat4RrbIhu+Zs/B9h1m8K W0zZPJqXufuBLpcSZ7Eakp8sylt/Z++k+u+ex7wRPXU54LIxmNdJaXk18aS3LOcF hT5VcWrk3ALpMj7wsPk3/E8XR4PzHw== =N6zm -----END PGP SIGNATURE----- --4e7vnaqpoicob2ys-- From nobody Sat Jul 31 03:50:37 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 510493A2191 for ; Sat, 31 Jul 2021 03:50:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cncV0FQxQoXj for ; Sat, 31 Jul 2021 03:50:31 -0700 (PDT) Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 762673A218F for ; Sat, 31 Jul 2021 03:50:31 -0700 (PDT) Received: by mail-qk1-x732.google.com with SMTP id c9so11945796qkc.13 for ; Sat, 31 Jul 2021 03:50:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=7GYRUBccmmJcg/xQio+veoQgNLUDKVBV0fJjA70E6N4=; b=CXiUWyY34SXfhQdp4zBYDg54xxPXFMyj55QnPTF2I3vgTeU+6Ed+GXtubN28LQW/Ng T2gL9r/n55SeTRUrV4Vr7c//nDchdlUtyvSYZcLT6UkoqXOKiyTW5YADtZpZe8lsk7vQ dUIID/azsEaUqY5eRY0RiA5qIvi6lZRorB07hgcdvw8VQxIxyNzvx9BTVpwGggQVnHig oqI34mE3jl9NLi7D77KtgZ/voX/sceAerjP0w3llOmfOt7RwvFgepFmgXm/yYijkZVwp O14s7zQDv2Ifp9H7OGaVcHbX4TDb+1oBUS8YzsJvYruks8gIq6MbdHOXPkCWBW6gj4Zz 0N/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=7GYRUBccmmJcg/xQio+veoQgNLUDKVBV0fJjA70E6N4=; b=slbBh43RjAj+YTqUn/02SmhzUIqs4IXlXEP3B8ov4YnxwfPC3nnDv4JB4ACycslnM1 Nh/uRtaX6adh27UfHQDMru8shBB9/1XdsXoFp2BBMsMm7rz9Lu/g5LYfwkugsPCh4bcM XpuimaHu9oip4CC8uL8f1sa4ThdT4gqWiy76S7poJhP231D0BwccHRUtTwHE89oEWUoE 8OX9OLdraV+MR6LYw3lnfLlel0AH9mA897qNXrA38QbalvgLven8b+p94K0JLsVnG2jJ sFrX6jckWeqi/podWlAl4LoIjitIvr7kwZAgYLM6cNdlJK9C1X4Xvcv5WsiGfnpJf5Uh AB5w== X-Gm-Message-State: AOAM53355OjDd8zNRInh1sPWSSPYGWqlHRv8ZAad8U2Nu9GKXqqDuE6X Oe9Y5MaivYwSTRf749dePVuxsRGfdvqRqg== X-Google-Smtp-Source: ABdhPJw6D8K34IgbRN1YNpILxwUghZgryZmNQFXnPiAbspmN21TddBuvAZiZhr3mHpY8NVxU9Eh1Iw== X-Received: by 2002:a37:9401:: with SMTP id w1mr6347329qkd.166.1627728629492; Sat, 31 Jul 2021 03:50:29 -0700 (PDT) Received: from smtpclient.apple (146-115-101-80.s7246.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [146.115.101.80]) by smtp.gmail.com with ESMTPSA id y10sm1775264qta.16.2021.07.31.03.50.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 31 Jul 2021 03:50:29 -0700 (PDT) From: Kathleen Moriarty X-Google-Original-From: Kathleen Moriarty Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Date: Sat, 31 Jul 2021 06:50:27 -0400 Message-Id: <584D4593-1785-4E1F-ADCE-9F16A0F81DE7@gmail.com> References: <20210731102920.hq5knlz26diunq42@pep-project.org> Cc: saag@ietf.org In-Reply-To: <20210731102920.hq5knlz26diunq42@pep-project.org> To: Volker Birk X-Mailer: iPhone Mail (18F72) Archived-At: Subject: Re: [saag] [Secdispatch] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 10:50:36 -0000 While a standard may very well emerge and the IETF is more than capable of e= nsuring the security and privacy are specified to high standards, this feels= like overall it would be helping use cases similar to ones in RFC2804. I th= ink we=E2=80=99d have a hard time ensuring the uses of a specified format an= d protocol to avoid falling into privacy violations. At some point, how it=E2= =80=99s used would be out of our hands.=20 I=E2=80=99m not sure the IETF would be able to constrain what is shared with= whom as that will go beyond on the wire communications. While we could spec= ify object level encryption, I=E2=80=99m not sure this type of protocol is a= fit for the IETF given RFC2804 and other similar agreements.=20 Best regards, Kathleen=20 Sent from my mobile device > On Jul 31, 2021, at 6:29 AM, Volker Birk wrote: >=20 > =EF=BB=BFOn Sat, Jul 31, 2021 at 12:02:22PM +0200, Dirk-Willem van Gulik w= rote: >> Note tha the DCC does not have a centralised database (and in fact, a >> lot of countries do not have any central database either >=20 > No, they don't. >=20 > But there is zero chance that the enterprises, which do the checks, > haven't. Founders of id2020: >=20 > https://id2020.org/alliance >=20 > Microsoft, Accenture, GAVI Alliance (Bill & Melinda Gates Foundation), > Rockefeller Foundation. See their invests. >=20 > Among General Partners: >=20 > Mastercard >=20 > Who could be the profiteers? Microsoft and Mastercard are already at the > Point of Sale. And the =E2=80=9CCovid Pass=E2=80=9D is useless without ide= ntifying the > person who's showing it. >=20 > This will be a gateway tracking of world's population, giving the > gatekeeper role to the corporate world. >=20 > BTW: having a central database will be perfectly legal for the > enterprises. =E2=80=9CIt is needed to do the identification of the person w= ho is > showing the Covid Pass=E2=80=9D is excuse enough in most if not in all leg= al > systems. >=20 > You're building dystopia. >=20 > Yours, > VB. > --=20 > Volker Birk, p=E2=89=A1p project > mailto:vb@pep-project.org > https://pep.software > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag From nobody Sat Jul 31 04:08:19 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 203193A2218 for ; Sat, 31 Jul 2021 04:08:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.896 X-Spam-Level: X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o2RRNetQ88xM for ; Sat, 31 Jul 2021 04:08:12 -0700 (PDT) Received: from dragon.pibit.ch (dragon.pibit.ch [185.203.114.4]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 983603A2215 for ; Sat, 31 Jul 2021 04:08:12 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id 94F9521404E9 for ; Sat, 31 Jul 2021 13:08:09 +0200 (CEST) Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tp6ExVW8rA88 for ; Sat, 31 Jul 2021 13:08:09 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTPSA id 6CF2E214019D for ; Sat, 31 Jul 2021 13:08:09 +0200 (CEST) Date: Sat, 31 Jul 2021 13:08:09 +0200 From: Volker Birk To: saag@ietf.org Message-ID: <20210731110809.xaxfhd6ssuw2gkwj@pep-project.org> Mail-Followup-To: saag@ietf.org X-PGP-Key: https://fdik.org/vb.asc References: <20210731102920.hq5knlz26diunq42@pep-project.org> <584D4593-1785-4E1F-ADCE-9F16A0F81DE7@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="y4lijugozhgoq3wh" Content-Disposition: inline In-Reply-To: <584D4593-1785-4E1F-ADCE-9F16A0F81DE7@gmail.com> Archived-At: Subject: Re: [saag] [Secdispatch] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 11:08:17 -0000 --y4lijugozhgoq3wh Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 31, 2021 at 06:50:27AM -0400, Kathleen Moriarty wrote: > how it=E2=80=99s used would be out of our hands.=20 You named the problem in a nutshell. I will stop now. I made my point. I have no power to stop you. Yours, VB. --=20 Volker Birk, p=E2=89=A1p project mailto:vb@pep-project.org https://pep.software --y4lijugozhgoq3wh Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEqrl4qIK5pueTlgsHGt/IKsNYbBQFAmEFLxkACgkQGt/IKsNY bBQE7AgAwESMEZSoigv6sRLzEsNLC/FVkVCmpUaOfmTeS6CTJpnM8ACzUQ+LAkTe mf5oKSxGradPeCmQiLSYPeD0/oi6KF3uPK/t/5/yxaDrcQ2xAyAcwhv1bGfORTJs I3Fx+7S59v89xmzHdEfXMVdegu+zv2piIZBiunPUySdv0jTg4UPt9qGkobqcFRP4 nJlMzHjA1IUR/1LzvfMb4Fg4wgNen8OsW24aC20Cfri92B949Lih+tKlENbgC+Fm XyDCgBPPFc/D3G853sqm90Tb10+Sn7VoH5yim72axbrF9NRF+ilumlanR3WMOcFy kBMyzAdzX3898UlcpQz0KIFbpDtyDg== =1xJS -----END PGP SIGNATURE----- --y4lijugozhgoq3wh-- From nobody Sat Jul 31 07:44:22 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F2063A28E4 for ; Sat, 31 Jul 2021 07:44:20 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YrLk695bGgRz for ; Sat, 31 Jul 2021 07:44:14 -0700 (PDT) Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20122.outbound.protection.outlook.com [40.107.2.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 474523A28E2 for ; Sat, 31 Jul 2021 07:44:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eCfXXedrU/lFnOSdG8Ke/grV5biRo0wmHFeHvEU/AEHqipoh+YE0DlGHAjIt7qhDCNXyy0GA1J57G8nMTVwLorvKWE8lHGfnmmXA3wdvx1bBdBPQ9b98LjqNjOSFHWOlYbB0uR3q4tvC/o3W2jJij2c18VIkZhCoLhcmfgWzCJpTvfW1jX3vqMI6OqgoEjipVHSzlua4WiZA/2ayNWrdFTcQ+FlZe22gVEqzy6pVl2C/c9xX3V3AJe5muaMtqX1REn7HttPxqTY9hAD3SaqeiquWHK6EwW17mD8EM5Oo2jvLrJcfVip/H13AeIu2YrLoZEDH5zbaw44Ta+CJHb+vMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RXy+L+ygc6REgj9W5dXdDXI8MTSohsGd6YPEEDKxx0U=; b=iclPpj7QeZZugoEj643iLQmG/IOdh+oKz4zUSrfQhSeB8S03l9fqJw8gvUZDHLQMCU4gnZjIQp8t5Pa50HF6U1SWAkdjw/0Eh891XoqztcFY3VlOvmH8mWeYqYSjHPoPNFGZQzRkP+5Om2wLGmzNpn6brhdSRUOSCMEHcggZZ6cFsbHxUgPbZPFcp8q8lTVdD7pralgS4PiSKPa6KTnFvBMYn06SoA4op1wdM0M8zOTE62iEFWyWROf4AwlZ4fKevmaoLGeoxLMGjUNvA/NX+E1fVyd5QumfTD6mo8UG60yWtE+JpoRAS6hCeUt5XuJnDFlgM5+e3/y/wtXVHg5x/g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RXy+L+ygc6REgj9W5dXdDXI8MTSohsGd6YPEEDKxx0U=; b=ITmiBzWCTLjL4sh+ruJd0Y/1SeYEo/riXgZx0J7tZDEsUyNLkQk7NltaEPFFfeJpLuNP652U5qY+rITP8NXizdIK3dydalriK6BRRERVsrS30EzjxwLOx/i5Utz8fa4iA/8Gq2pWbdics1FpjjXDtTaZxcX7Z5AbzkUd5Ib+UTTWXoTmJegBzHZBuusQJGSkX7KZq19E72+Z8zE6e1ZdaOeHwSHnPjdT6wsaOtbJUeyLa+B7AcGHwD9K1Tus/aGdLLsMbhJmQn83Pyce7knbDeThqrWljW7UY7lgzQ8N2oFUUM5eQhIQU9B89lzwPiPN+8wz8LZB/bMttB61mW8yYw== Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie; Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB6PR0201MB2375.eurprd02.prod.outlook.com (2603:10a6:4:35::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.25; Sat, 31 Jul 2021 14:44:10 +0000 Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272%3]) with mapi id 15.20.4373.026; Sat, 31 Jul 2021 14:44:10 +0000 To: Harry Halpin , saag@ietf.org References: From: Stephen Farrell Message-ID: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> Date: Sat, 31 Jul 2021 15:44:07 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="vc72UNIUlaF5uMFUrWxL5As7TYw6OgGdy" X-ClientProxiedBy: DB6PR0801CA0050.eurprd08.prod.outlook.com (2603:10a6:4:2b::18) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.244.2.119] (95.45.153.252) by DB6PR0801CA0050.eurprd08.prod.outlook.com (2603:10a6:4:2b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.17 via Frontend Transport; Sat, 31 Jul 2021 14:44:10 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8e466e77-cd96-4e77-900d-08d95431a826 X-MS-TrafficTypeDiagnostic: DB6PR0201MB2375: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-Microsoft-Antispam-PRVS: X-TCD-Routed-via-EOP: Routed via EOP X-TCD-ROUTED: Passed-Transport-Routing-Rules X-MS-Oob-TLC-OOBClassifiers: OLM:669; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3/G8yfpEHUPqjiAkTVeY4SJQUZ1zSCR0dDrliQYR9Ldew4kJ/WfhK7ydfHE497lUl/53StPvpa3EhLba5PNAvVMmkMgD898xblXb2zApEZK8pgdvVTDYCTXuZaf0gCsftg1lC6SCJe6sjKsDLhyBgN6eWuWxBMtUqvNAKIgk1TwKIa2IbMfrex6G3vmj0GtMqD++33DZCTw+Vk/GEBtjt5c56qk7YD86W7vhZ/uCyhWFVeXacAaPv+M+ft18SjPeaUYH2gznbdgJBhbwUU+m2N75hSmTtpvBbzX1lufUw5c57a65U/R9+O3UTYmG47lFLkOYZ/vC7SWo1JmXMnraStYb4myHNTRsFPMxG9UBcSj8k/wmIqbBSKYTkv/slwukSBjP83yrMjfM8p91oGMgipXd1UYWv+YrFKIk5xnOxO5InymA95hOWhlky7nAFXCCwckGdky815a/m+4OinSDO6OET5hwqWKXKhbtCvPQkMxrpqYOowKEVFiahXALcfRGBnsr/6iHrNEroRYDfHnLufHDqh0XrtJzAO4W/8ghSTRfB1N1Q2QmM/XGox/+OQTi6U/dQOLULDn/+ip5whALLG502kCUJZjO4aNVAbAGX7GPyJr4PQEQHqzsS3xdVZ6bQEi/UvOmNRQksg1d8OsrZe7DApWxA1gt4U2gnVy+WYGJKqZ/Cg6mSjBig4PS/We1ET907f821CJMKkK8sWuAWDvb6A4nL3Wi0m/aoIIBWeFJ3ok/A/PMGjVxXczz/xPhy5JRiWLkEn6f8pzzSg++NL7NMb5jWVXcXRCHv4wfok8Mdke6JHNfy3NwySHfwGY0 X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(39860400002)(396003)(376002)(366004)(235185007)(44832011)(31686004)(21480400003)(38100700002)(31696002)(5660300002)(36756003)(2906002)(2616005)(786003)(316002)(86362001)(956004)(16576012)(83380400001)(8676002)(6666004)(478600001)(33964004)(26005)(8936002)(186003)(66556008)(6486002)(53546011)(966005)(66476007)(66946007)(66616009)(43740500002)(45980500001); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?dldMSkgzUDd4b3AzaS85cWgzYUZOVEpoSGlweTc3S1BZNGh0KzJvZk1OdWRO?= =?utf-8?B?QnJDaHFvUFMvNGEwZXl1eW5BcVFOQlluVy9SWkpNcUJwZlFoMDB4TWlJNnN1?= =?utf-8?B?TDhhYXd5ZEV1aE1aVXc5WXc0bkFRSzV1UWpCN1p4U3p4TGVBYnl3YTMvZVg2?= =?utf-8?B?dVpmeE5Tb3NqVkZVU0RKUWV6b0xYODFQWklrL0lTOW00UE5wciszZkNwcWNP?= =?utf-8?B?RkhHd2ttL2NBeUhPc09BNTVVUFlMQVh6cEprMGtwWStndTNkU2p0ZzNJeDMx?= =?utf-8?B?THBaZnZWeE00UndrQXEvMEZMaFllSHVZczl1SjZiVnFLZ25zL0ZGaXlzUDNu?= =?utf-8?B?by9mN2t3L0F0Tm1xZUM0QklFZ0xha09Dd1lMcWV4MzlRUXVaTE5JZ2R2NEI3?= =?utf-8?B?QTdMRTVtbzB1ekY3TG9BV1E0VTNpcTJvOVd3SXNQN2h1dVBVTkhyN28zTUlI?= =?utf-8?B?V04zdUVLK2xPTnNCeEV1aEw1VGdTMU55NXJXUWo0djBpdEhKU0RkT2JDaXdt?= =?utf-8?B?dC9BNndleUxhWTc2ajVTNkVqbXROT3RpZlpXK0ZudDRUTXQ0bkp4WjcwcHZF?= =?utf-8?B?QWI4YUM5NEUwNWkvRkYxYlBxSHdCNWFJbUcrN2J0S2VwcklEazhVcXRlYjJq?= =?utf-8?B?cXFVeXBkSHRFT3VOdlBpWW4yelA2blJkejRaOTJVMEdCTUhveDd3bWZ1RVRE?= =?utf-8?B?QmV0MEFGTTVZN0ZHaFNmMmVQSXZ2V0VNaXR3TzRidEtFS0NqZFZuVmJ0cys3?= =?utf-8?B?SENBV1BNLzNVRnp6T2NEcy94U2tyaWJhUzEvZ2xlc0VNVDY2U1BvZGczTmtM?= =?utf-8?B?aDQyalA5RGdqU2tybm9rVXp6UGZpekxtL201aTBwRm9ZRDhIM1JlenF3SzJl?= =?utf-8?B?U21Wd2FQRmNIMTZnWUhLWVM2bys4MHpORTloUjhWeEdjd0dvbjdMMXlXQXZ3?= =?utf-8?B?OWo2Sys5QlFDc2FkdG83cm9ySWNMallVbzFuOHFSYVFjTnlFNUVNSDhMRWEr?= =?utf-8?B?M1czMzZLV3duTXZxUHFwV2l0V0xINHU2RzdlNjVMc09wbGtyOExGSHZjWTE1?= =?utf-8?B?TDFFWWtqRVBTVzhHZUlyakQ3WGtiWXcvS21zdXg2Z2czTHBLQWptSHdOd1R0?= =?utf-8?B?bWRreEllbFhDTE1ZZThLdWdMdmk5M1ZudFhvbUo0YVJOYnhHT3VDZU5raEZE?= =?utf-8?B?ejd6dGdReGhMRlkrWWtPdmxHNnpSSXJ6MHZ6RWx2aWJRSHREbHlYTVZmV0ox?= =?utf-8?B?bTlCanlReEdMY1lvSkthYVNJaWdiSEgwNnVoUEhVZzNjNnYrc0laVzdnUlZj?= =?utf-8?B?VFlUK2l2aGhpa1pTbDJVODNNYVNTSzgxaUpGNXArWW1lbnQ3N2hIeHM1bUMx?= =?utf-8?B?WTM3L1dCcE1EaGdqeSs1cmxmN29qeW16MStWVzZ3b0QxekIzWXZpVEsxaG9r?= =?utf-8?B?cmYvdmJYYm90YjFrTU8rNy9tT0k0MENmYlZWbkc5Snk2MzhGOFlkQ0M0VzI2?= =?utf-8?B?Sm1xeVplMDJBMnFTVDMzMElNRlh1ZzJRdm00enUxbFZBVzh4M0VnMWVFbGhF?= =?utf-8?B?UE80SFNLV3A4cEIzcDhLaHdJTS9tWGYxcWl3ZTEyQkVIb0o2ZG5BS3g0NFNI?= =?utf-8?B?TWlCdkhKZEo1MzRqVUVOMlBHaDFIdzRhVys2SzZaWjNVL3h4Z0Q4TGVLcEpy?= =?utf-8?B?c2lDODRCZVUzSjUrS244eE1SZTZoTzV2ZkdsM0RXc1prQk8zdDdQdVlzRC9E?= =?utf-8?Q?NZUVcyxI40WPyffhtBQMXvRo3th+ibp3N1ChauY?= X-OriginatorOrg: cs.tcd.ie X-MS-Exchange-CrossTenant-Network-Message-Id: 8e466e77-cd96-4e77-900d-08d95431a826 X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jul 2021 14:44:10.2535 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: oceLsgxcpXRCbSOITKOqB2wfcIMU80/0DvY/46l/6Y9IN5btru2j7CBoJsS7EtUL X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0201MB2375 Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 14:44:21 -0000 --vc72UNIUlaF5uMFUrWxL5As7TYw6OgGdy Content-Type: multipart/mixed; boundary="S17DhSYPjdwC0gjzxCcdPlxKepCeUElu0"; protected-headers="v1" From: Stephen Farrell To: Harry Halpin , saag@ietf.org Message-ID: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> Subject: Re: [saag] Interest COVID-19 'passport' standardization? References: In-Reply-To: --S17DhSYPjdwC0gjzxCcdPlxKepCeUElu0 Content-Type: multipart/mixed; boundary="------------0038009A11145CB2050B1EC1" Content-Language: en-US This is a multi-part message in MIME format. --------------0038009A11145CB2050B1EC1 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable I don't believe the IETF ought be active in this space. For their originally designed purpose (cross border travel), these systems seem mostly ok as traditional passports will also be shown at the same time. I don't see that the travel authorities need help from the IETF for that. We are seeing significant feature-creep e.g. these QR codes are now being required for indoor dining here in Ireland at the moment. The scanning technology offered to venues by the Irish govt at the moment is an awful online web page [1] to which all the QR code data is sent (so govt servers get to see who enters where, when, even though they say they don't store any of that). That system is likely (IMO) to be widely ignored within weeks of it's unwise introduction. We'd be far better to stay uninvolved there too IMO. Cheers, S. [1] https://app.digitalcovidcertchecker.gov.ie On 30/07/2021 19:17, Harry Halpin wrote: > Everyone [and apologies if you already got this message on CFRG or > SECDISPATCH], >=20 > While the research community and industry was very quick to work on > privacy-enhanced contact tracing, I've seen very few people taking the = much > more pressing issue of COVID-19 passports. >=20 > If this IETF111 was in person, we could have done an informal BoF, but = as > its' not, I'm sending out an email to gauge interest. >=20 > I've earlier seen some very badly done academic work using W3C "Verifie= d > Credentials" and W3C Decentralized Identifier (DID) standards [1]. Howe= ver, > while a bunch of sketchy blockchain technology has not been adopted (so= > far, although I believe IATA and WHO are still being heavily lobbied in= > this direction), there has been the release of the EU "Green" Digital > Credentials that actually uses digital signatures. >=20 > However, there's a number of problems: >=20 > * No revocation in case of compromise > * Privacy issues, i.e. leaking metadata > * Limited key management (booster shots might require) > * No use of standards for cross-app interoperability >=20 > Furthermore, there appears to be differences between countries, and som= e > countries do not use cryptography at all (the US). Therefore, as an > American in France who flew home ASAP to get vaccinated in the US, as a= > consequence of this lack of interoperability I can't travel on trains o= r > eat at restaurants easily, despite being vaccinated. I imagine this wil= l > become a larger problem. >=20 > I have a report I'm willing to share, but I'd first like to know if the= re's > any interest in standardization on this front at the IETF despite this > topic being, I suspect, a bit of astretch of our remit. However, we li= ve > in interesting times. >=20 > I don't think the W3C (or the ITU, etc.) has the security expertise, an= d > while the crypto and security/privacy here is pretty simple, I think it= > should happen somewhere. >=20 > While I originally polled it by CFRG IRTF to see if there was any inter= est > whatsoever, Benjamin Kaduk pointed out SAAG and SECDISPATCH would be be= tter > places to start. I'd like to know what others think. >=20 > yours, > harry >=20 > [1] https://arxiv.org/abs/2012.00136 >=20 >=20 > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag >=20 --------------0038009A11145CB2050B1EC1 Content-Type: application/pgp-keys; name="OpenPGP_0x5AB2FAF17B172BEA.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0x5AB2FAF17B172BEA.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh5= Cg8 gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+QtaFq= 978 CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKrEMjmL5VGu= D/Q 9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZUbUv0Q+DnQAB/4= tNn cejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqOVz+7L+WiVfxLbeVqB= wV+ 4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJgb097ZaNyuY1ETghVB5Uir= 1GC YChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k4LyM2lp5FmBKjG7cGcpBGmWav= ACY Ea7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK7uB7E7HlVE1IM1zNkVTYYGkKreU8D= VQu 8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5XiHzFPJleXc0ksb9SkJokAfwTSZzTxeQPER= 8la 5lsEEPbU/cDTcwARAQABzSFTdGVwaGVuIEZhcnJlbGwgPHN0ZXBoZW5AamVsbC5pZT7CwX0EE= wEI ACcFAlo9UYwCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQWrL68XsXK+qGC= xAA pYHWYgGOIL3G6/OpkejdAkQoCVQAK8LJUSf6vzwost4iVfxIKcKW/3RqKNKkrRl8beJ7j1CWX= Az9 +VXAOsE9+zNxXIDgGA7HlvJnhffl+qwibVgiHgUcJFhCSbBrsjC+1uULaTU8zYEyET//GOGPL= F+X +degkE/sesh4zcEAjF7fGPnlncdCCH3tvPZZsdTcjwOCRVonKsDgQzBTCMz/RPBfEFX44HZx4= g1U QAcCA4xlucY8QkJEyCrSNGpGnvGK8DcGSmnstl1/a9fnlhpdFxieX3oY2phJ1WKkYTn6Advre= k3U P71CKxpgtPmkd3iUUz/VZa0Cv6YxQXskspRDVEvdCMYSQBtJPQ4y2+5UxVR9GIQXenwYp9AP2= niv Voh+ITsDWWeWnnvYMq07rSDjq0nGdj41MJkNX+Yb2PXVyXItcj5ybE3T2+y3pSBGFEZYJGuaL= 4Nw tBJFMOdOtBmUOPbetS2971EL3Izxb7ibOZWDwexv+8R6SWYfP1wVN3p46RyBQuXqJV8ccE11m= 6vt ZTGSYgnLUUFZMRQYH+0hwuYe0T3AA18xDdSYsa8vovCCd3l5S4UNzIM2PMChqGrEzKapUpZg7= +8A CcxRU3b9Ihd7WYjJ+pQPCoWYKozvtEvenbNpE/govO/ED3B14e+R2yevRPjRrsN7PJzSf15fQ= LvC wFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLrSwf+MIHbFRQ4O5cmLYR5sIByWelN3SuRN/gW8= rpK o9OkCz6An8uV/iCXy5tNMLzzi0BFl8f22DwBcC5qy9qnlIAdogWam1qWoTAoAD8veEqmuKhYr= qJs CcAyNrKYmK0hP3rpHxx1LySDmKYXmw/8qtBXKHTouMm+5tSsznhykRMTAAr2p7PSaHgo+hIVa= W/r KSspHjDhhZS+G9mtOZad1IH29M6G1Q1NCO0Ywe8krKLQIAQlFxtgvOqpPOZNzeKBa/+KbE8TG= gMW rkOhC8OeEM5PVzdDhlhD9kPzB/pCKDF5DofJ/ZRqnDpbKPQ0bsW38AOig3kOc0A27awiBEw3u= rqR 1cLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g1MSBQJbtyScAAoJEBDvedn9g1MSI/oP/= 0A9 J9nrnBMqZpm857lfYWw+rshLK+tyeP4OQeOqnDFvs9jePpcyJLG3DF2r6VbVKPQq+AE6Uf5hc= JBD EN6BjEhRPSbLcqG3A1cz/nNwm8rPmNp+oKhmaBBQGxwciMLmzgynsDydnjPpMyEs04zvsbsl4= vrp 2095o105l8KcrrxQrioFjbwveGwHQK9bxJKhx9D+gIk+MouBur45UDKTZkMZrr9FGrtkyXCGA= xvK dcNC5Oa8z9sj1rcUJfG/OpVAMWhArdlZbFUQyoX6pU2Zb1CR2qpWAVerGSfBhmfCyStjARqaK= xlf tjO+Bj3Jj73Cr5eqej3qB5+V4BCsPjr4RLvVbYUCPsRdxWc+nBLlfVYkRURu21g1hFm5KFPjg= Uky o1s4vjUOY8DyI+xLGF7f/IhUBG6l+Vswhpwu7ydalZkeFiPx5xna5NfbEYxvsIf71DvipGvIO= aHv X4egWoFgm8n/9c3rcMxJtpwHPSsUt5dgLsyu6VE0IbvOAc3dN7CWJ355DVFJq9Zg2YVf0izSp= yyz JeGsgkfjW6xpmdvZxuT2UcN4BTcm6vYqueASGrb3lfhzC5gpeVsc/MoSjTS65vNWbpzONZWMZ= uLE FraxWJzC0JrDK3NCd0VN3kstqGkVbUIiYOnUm8Vu4zoVMLlGWzHLIGoPRG2nRezn1YyNfyb5w= sDc BBABCgAGBQJbxcflAAoJEGo7ETk8pK1gE7QL/ApC5P68W5DrI1787WJVZv1u4t/g39vTr7Xer= 3UM TVQg10vpa7pmqOGhjIDzDMg3Pe3K3M7fVzfAlUA1qw6ne4RCueVoRKpubeF4AlYbMr0K6hNCP= jt5 uAxmbBVuejKTc6pru5rv5gKL0nDbr+Snft5xt7juBLSSimw0/41sZnkjCxo9rF/RA/v6+uWyK= 171 RKmsEYu8fFtw1eqUNt/Xj792TUixE3pxXheNtQtZGk/9P3W83ChhG4Fh5EQsn0pIh9wZIAbMR= Lpg RKyW87fWHZC8/YH8h7afarvn9Thl5pFUldCe22mNJj6KLChn2aEHQd+PdY1GBpZEcmNEUPuov= wza tM0h64hCzTm41eDqRfihZVBT7TbfXQnv8rywa42Mk756RGzzEZcQEhwQXZcMQUfxIQQ2VyJo0= zG3 6VdZTQF7TF/4Lz7/3cJ56jOIm+dwPXtu+C2wAQuD4USOLt4JWPYpqzDfHYJIND/497P9Z9SuQ= eah r2ez3DRBg3qsHEjBV80yU3RlcGhlbiBGYXJyZWxsICgyMDE3KSA8c3RlcGhlbi5mYXJyZWxsQ= GNz LnRjZC5pZT7CwYAEEwEIACoCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AFAlo+o= 3cC GQEACgkQWrL68XsXK+qO0A//ZsfQzyXrZlu/eEV5jU620yeOM3P7SW3C3UQYdCgZ/TlvxGgKo= w5o DSXgjMiUyq9csGqbPBxlDYSxFZHNeDVKYIuP2ZK24tw5k6duTh4+sFwUualTMlcp0zBCIzn3h= Rcs RvuPKHfl5+6oOi0+xqx3jX/s/69L/fvHmdSKet5LIUAxoYaZkTCruFrPWb01tgAl5JExWkhmC= Y98 iD+EeiIMAWBjMw1xV+p0uCwNbN6XDzcToK7wsm+tAIiWUy3DpP60a6WbVwdV0HNt2WZq5U5Jd= h2k 4S+sN2CnYk4tTW7jHjsWarV3FLISCOObADZuB7ljU4kYfdwZ+WzenXY4LGlxGQSlAblGjwZe4= EIk CXAJUtzJhoFUuGaF/PlWjxqV3UFRcgTERZTijguVyREre8GNERNgvDxZvuXssEjvz9X5JfcIZ= DIJ pdzhLiEIj9noUbfx1SzB5KDPQj0O7elMHa1671/rwWcpGr/MfVPTOik4H7F8rcVJelceZTzC4= tvy a7M+jM4fyFWWt8Y4atTixUiP7U9o4uBZCQ0GzvsmFA4XLqn2pA5rVizMXnGbGOjufAP/efEJ4= ul3 qvjYe8ye8DXEDjKAxo/tuHYtk19XCi83QzFhWls5TT+XQeVTMEvVqo9Wek8yoxo67qvLKKqIc= G9g ivQd8MxYNAbNYgSPtkbhZ8TCwFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLzHAgAlWT6NXEGt= w/r 1miKNGcopzvzILQ9oB8rKI9U9EL6tOf/y2V5oYee/GyQDb3ZdoPxxYYcJf+RyiH1nMoqUIZiZ= Jaf 3bJXinDZ5+AdfE++UR2NBvqaNyC6u3r24jo1B/sagKbYtWgsYtRqHLD4IWi37MZrVyjBuF7u1= 4Q0 7+uhjq6mX2O/tHpCYw/Q82tbeTRPyUf1WQOAfD1kfBpW9PvAva5Iw9FWeXpCXRzwxnCZhYfGf= qtu Sw6CPBYLdbikqML6FZ7EDuTBb/8um1wK7Y9bgeIQC+CYjhYB5RXa1tDJRab2Js4luCvSR0w/C= gHw 26293tlve2Q6UTrmHxP5U22DlsLBfQQTAQgAJwUCWj1QMgIbAwUJCZQmAAULCQgHAgYVCAkKC= wIE FgIDAQIeAQIXgAAKCRBasvrxexcr6tJpD/4rrILH+meP07vrx8wW5eYuqCiPGYnh/CXxIF8eL= rfb e5d4QRgtq+w6UeQPMyzKRIRiCoBXB2oJLBZHyxBPxZlg33dTMrEGn8QWKx2iNuz9rZMXyOSWF= etu O01d/aUPd5BnbLbIyK5of8xCQlXM6KH8bc+9gQ7edR9mfLTdvBf2FR522hg8BRBM1imKc3vO8= v39 +qIHHRjuiwxBBCAOhHtHRsZXripS0uFA07dM46Oi/E8osjx6fQt/lH5z/PN+2adxYSrLSAXfr= 1oD 3RxYNhuWgyGFL64/VCQb1YGjf0Z5MBPnWm9jgUoOY5K9eNSS0L83WeJjlF5+Q/WOgB+rb49Pr= m2D Feo9+S9f2V53Llz1WIspXJg6f+n9lmHE94MfQj1GAHCzI0FeL19lvM+LhD8jJSCbhrC3+yoby= y/A UOs5Z3E+njjX1FF/VCVAs6iOa6i+XG+Y1hh3ir2y1kckJ5auT10MSU8GEZu9ayU4M3o3N9yxO= jao P0NuQ4MMLL/n/u4u94AeZaHPNBXn/hVfVRRmpRXtGKvJtFAEppGEYezB+bLKIm6XlpPkhnwYz= leL Z7AMEco2C6QM8QPB3g3JpS3sqRhA5rEP4lL16BmijmF+CHoPE/zwgKZbKpyVDqvIW5IDgvfIC= 2X4 pbZDRvGIUKaGSB4+ksZgUUnNyvfQr2p7jsLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g= 1MS BQJbtySbAAoJEBDvedn9g1MSeKkQAJm44jt1kwHgQgeDBKdjdvl0AjE0xVEQxriZ6lP/l//34= YT0 auFfzsYIrChSpQXAEtobBAr4Ohw1Us+BZe+H5P8vm6LRuPwozC3SjwfX4Iec8+9ot6tIVg4sb= edD Sgb/CCFVjsmIGcQ1P73JLJTBJ6mxYCV/gn3QC6bwDOFo7kD9FDHCjRN8XfhHQ4Q9cYyt06uF3= 1qG /aumgWYC9geCGgAwiHgwxNYb9GoJ0iZjCROwbYvLTcQgsVUW2bTmsVR13UVKDsdl02sRV7qcV= YW6 R0a3Ra8KudX+nt25H5DRGd382KZ5W8pydsy/viTvD9z6v0ulChBYxAedIvGIClrhbxlLEPmIg= 4Im VOLGqsUgVm32J95WOjEkk4PEZ12xSDBtwhSJqmJNboWlfmw43KdIbY8zNhffIO3N6O7FsdGxm= qyH eLoTpqY+ySVUPpbuyW8ujnI/J//+6hdTZ9dQsEJQlWngKuWOQ5ma58MPSN88zllsqhZAFQjNx= qnk SzL6ZQ+v/jvuRRe16B80AeO55DsmbWsMv/YLLD1mSi7+Khy2EtMBhgojWwrGMvdLN6X3mnzNJ= Esc YyLxM9tSk+iySP2sLthK0BVgpAzBSdaf/ezIz60P+neHDzteNFf8Mn7lmgYk1amvZoJ29s5+n= 2Hw xyRL5dVMyMdyQmntubbctfqrZ0tIwsDcBBABCgAGBQJbxcflAAoJEGo7ETk8pK1gnCYMAJY4F= eIY jlIXGghFWzsB4fYwK1+iaFpU3fSto5qcrqVtVPjXpwqczqBWeXGyQxiB0kan4OVAXydIeaP8E= AuF CA7paP3s9STLJBO3KurkwyRkPW5zo0X7xVqaVToRsX2Ul98KVJoHYQD1KdezEtwlvpNwiiBr4= 2AY R751Vm6JBVAbQXuFpB3c8bUV0OkkRxNFtL8/2PieHar58n5dntGkbPlPkztahsFqktgacIgXH= X5v aT+7YeeZ1DWLOYjGO0wNhkOSeroCmxwJUikU7joBp823L7r5KfpqWTPpSCzVstQKZUGmmoE1q= Csw Y/Ud5wvp9SccpIILkRXj0rZRtfnE5MpL3hjmtNzfDd9qIsJtBJlSB2hZwAsVm1l+EWN9hG3tq= yA4 3niUMy2n6q690of3berSiQ+kvY/aC9Hx8I+bKzOV9/J2VUTqfaPZa4Uy2rVX5Q2p69n/PMj7m= Eer 0rCL3j9V16J9c+s0BSkXoKdtYdB0TWVhBgUybd9qtYcwHWvhP80uU3RlcGhlbiBGYXJyZWxsI= Dxz dGVwaGVuQHRvbGVyYW50bmV0d29ya3MuY29tPsLBfQQTAQgAJwUCWj1RWgIbAwUJCZQmAAULC= QgH AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBasvrxexcr6jscEADEcB0WQEZn2AkrzDs1RhL0Lp6cZ= i0B igofkbcGfdhJyMSs19C0dhvncrAFClVI6/Udw3yFtDyYtOCf2W3M3A1K6/RfEizCLzTsdFIhn= i9g OJLlUpXViQtgrlstjk7hqVV3Ooz4BlCqS4cG7rfqf4LQQPpTAuFUEV9I28FBUB2irqC+v4gTy= sIg pMw0bA1yBU9sX5jE/tRkzqnuzZrkwiobDtRFJ9qp+7O2JtcY4EsVtLAsaodJKc5cF8R4OvB1n= 66v xxcgg9Eh4JNWZ47xsaCmAGo1Bcb2jIY35OtgAL7gCGLRSMKTtAaPy1/fEgIqhCljJ9x40Fkn/= 3r2 BX21WC9HFSPFTBz2RluLRzxdgxOrkYK8EiHUPoE5b1AEzZKw2AbeXfr57f5zYsN3IqfbQLUjM= YtU N1wK3Pjb+idD972wyXMWt8uOzlI7b9Ocu+nYm2whBfJv9Pmp3QYTmPz+LB9lH65VNVUSxSXVr= 5iW XO3qx1HtEiGEqkporMQCTh3T5Ud3PvMSRBFFKNs9WhJ/Lxz+SV30WLwG6dr5mQqlzAhb4Phc/= zek ZyXRdS/oDKrBLUucS36O//49JeyRi1QvOfxnfmIqRIAf/k3PoYJmTo5E82//r5Qj3YGlRu78b= a0H Arxs+ACD6AnEHHcbswpbtVEKYzlSu0Ar0Dc7vRWM/IyQdMLAXAQQAQgABgUCWj1SoAAKCRAvP= Ic2 gF+NosIsB/9f/29FNla3BJfGIEIDnhrqGD0i9bSa89SqBd++uG06TQgW5wsqtNcrwn81yZTq6= XE6 i9VtD4GKfqC0d4KZJr9bnbeD81cI64VOdL8zJWJs0vj5EIXCobKyX74Kb4uePUyZqwT2Q74I1= 16u /HwA9/FXsPo5isbh4ZqD4t0VHpWkmfq1FPT9a/JPyX46qKqB2Fce/7Qy+SQP1NfkuUlbhUH/J= G9a SSYvk3lznNiH41x9M+FDlL106itXOubrl3oi2fT3fsSedq7uzt+IV0DQEeNaoQAUuwEhdB8IW= OMq N2woDjGVKJftfsSWY9ilZrnDBNDrp0vRqcx33LUMkIw4d7iBwsFzBBABCAAdFiEEfhcKBFyEz= 0YO K3mgEO952f2DUxIFAlu3JJwACgkQEO952f2DUxJjuw/6ApHSsVTWD4a0H6FJ23A9Ftpy+aXZ4= vYl zkSrfsn2ECrEfK3lXQh/uzwjJUDYZeB1/BQsFZtcYNQOJSSHbQ49BFRLwb1J/wBZG4bbmrkLx= nNb KDKQvzxEpclkMW0Dj0J6o7kGrmzIGGrhB+JJN99AcineHRug8ZSFIERRCmigxdhAKU0BFD7P+= 5HN HltSL3DF1c2fFOf2JrgBKVoE+9RhMZjWNbYetFFLCkjXb5Rpay9zeMm1DxfSTGAnuOwUXW6qq= 4hn l5+VC/48ceDZElLLfu7RQUZv44pkSTOWZs+iQoJiHMFHk9wPqyB2Vok1yJ2a2j27WhXrJlPwn= Zbg JO5RyWDG3p/eVmpl5Uuc2dsfIpR17KnAuWpghK6V+cyFncDoGCl/YG2MvoolsW08FiZh3Ej4d= nJj j25TZkeFG74JJDXLvMYpJfSBGnmETv4Dhcm2xPqVMuFuL1qJlMbVLrMo2GXeo03OzNyvbs+u8= WLI aGm5hC7N1CXY8wZs4jo6OJ/expvnc07dEuws4zT3AiWv3nIouWReRStZy9QkavDocqbyPmilc= dPC Yk4BsOlzpwwO74hNG7iyl0KdAlwTxGQ7y0rJou6HYa1TmRhIEr3vKvlW+JfUUrqtjXgsuacTX= o4+ Ira2JUErL2cYzQMq1j4r1ZyhFnuz93s7Rsx/Nw0+0YvCwNwEEAEKAAYFAlvFx+UACgkQajsRO= Tyk rWCJqwv+NLVPE4sD4sDA2/6Ek7UsRIUkg+S39fhqWsLc4rtw/mDunv8Un61I3K04fZ2Ry4nF9= hZM 0a710UvXFbStvrzRJO3EAAcdJR9LTCd19e8UeruQbIee3YT91U4NkC9JMpecfq62/teOAU2e5= P3f WYaLs5ZX7zCLwWuBcW2l3SyoljQczM85HhJ3XHm+FnwQ6D9xRle+lvWTcuC9d1yAyUb8IOosp= cL2 lJTmy8e3r79R24hPlSB4LDe0wEN8AXbagrcAQZjwyaHyWxjJbTwZ0b43WGdfIqZ1ElOeoffbk= etP GRmWvx5xUvb2ALFBBdETzV270gs5XDJgJ1SIIKOyDADxwvroTe2jD8C/841eEql5QSow3s/U3= zRq k3mttto8Qw/DN71aeh6dmYSsvd2UjsHw/vofOPRBGxZLEkKTEvMnhmMW9hiKPkPia+QgevYE0= 20q pKSxLEdWA8nprHwxmGiDNesCfXSC6vm1qfyj5g8HzxSckq9ZaMhKMCo7vxflUEDuzsFNBFo9U= DIB EAD6DdHQfMav8OXfhjTteoarOrlJTSdci727xiezGPuBHmpvceBRZgRasdbaMc4HJee+R9+5x= /nL PCuy/DxDyIjwIUeJNgc+l7LjI9WfpHTD8U4xxjvR5Mi7+ToQQUOUNuzT0O0pyuxP1uY3RehHE= hOV fBZO59ipSeZL5iQC6T5MsK1SKfs51pLa5ToC1rc8tBJ4zZmxRAyZiYc/AH2uZ/6rYjTTkAn1D= VI9 DYo2D/zE4bGjXdJW5pKphFB2lX3dG4I7ODi+5e1H6A/QpCu6z8/ZkIQ+9T1xcX/YwiFeA7PbT= uW/ eITbMbI1eV3+fyym9aT7Rsflmp31Zxtr+sZwGGZf00ooMBFmqOS//NUQ/Vf3vDUew1h5QU1yD= aWT 3NApvi+XWPH9TPy6TMfZA2FThHf11sX/gDBa5JWQZbptPEcmoazpiKZt91CrFPOaoXDPck/Q6= 1df mr/oPikfByYnASIM3OwEuXqyQ9JDRfKrem5r+oA/wxWb5jELElAhOpnyqMMvOh7uz1foUssL8= MAv 2TGXmxpVJ8Nu4je6wf96Z22fQ0D38zud+CKH3bMP3ayXXJBcdPoENrzFbWP5FTg/4TTDJ3vOA= HZR 5iCunYghx8b7Ffa4UbkwlD+dh8GiIAtvT51Ac0cO0Wc0Zjc57zPUz1zloMbf+zb1Bsn7DuEQo= qj1 gwARAQABwsFlBBgBCAAPBQJaPVAyAhsMBQkJlCYAAAoJEFqy+vF7FyvqrC8P/1tF6TeR83xD6= Mas qXyrBjwcLmziaF0Mlkj8k/YUiZ/knb53n97xQnh9yxPv0TT8Wpfdn3BmvqGyh8+ouHX9jMOxi= RkM dNhIauVYY/8jmRfBSYWcFkfMzdYasvdLtmYJgx252HKTFdeOrszoOjWjEzwmh+tca3AFMu/nB= ++/ KAmi5UJV7zsZ7uYJ5jm97LV5SLjNJIXXM+lHqCDrjDaDhNczmq1LCRlU6/WDjvkuwaVhZG4lX= xMD rvKnXMkjseQ2oKjwrIdfQM86H1z5J31lfhqop+of0cimcIsBgSCPu+h96LHuAzeRBCbDKeqrf= ZtA ZAGsokRina9947fRWxXHh3O66ILmXKNRxxWbDkPvYnQWUat8SbSTDoPWrDIGDRIAypqYo3pcN= 2OE 0C1chqgDZQxkr+9kYZQpupOAN2TR+fM7JvbO9coKI8Uqog8CopoMeDQkd0YjcqlB1E0svODHT= zcS oRzogDBYDqNLP7qVkNXpcOAXSVioBgiSDf7o5RdS/qmUyXBIeq6I5z8xBcd+BQ/n/9Frkm6K7= IKP 3ngUP4wEoiPx5ZE5+fPIScGmVUcZIMhkvMvem9XXh1yyhqN14gfjmLwPGdWbrgG8QUe0s2WeW= Iys s6uTiyF+ZbJSo2XOKVc3YFMVUUfgyudqAV1wWdZinUk+H3pkqOKoHAy/8fST =3D40Nd -----END PGP PUBLIC KEY BLOCK----- --------------0038009A11145CB2050B1EC1-- --S17DhSYPjdwC0gjzxCcdPlxKepCeUElu0-- --vc72UNIUlaF5uMFUrWxL5As7TYw6OgGdy Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEW7Wm6ldl0sWGPK4nWrL68XsXK+oFAmEFYbcFAwAAAAAACgkQWrL68XsXK+rH VRAAsd5Fmm3cGCxJEOqDAXB6NpKf7JTv6GoOMfrhM9/Filo3qgytcQjbOZ7yWpAw02ySfoRWQYA8 2xv67wPiuk26FWieskg7fhMR4BSXVQDsO0Cn99JzstGIMi7/3TvGVz9X8iv8QjOMUF7rE0ruBSZ2 HTqGJBBWdh2Hf/jIvuykrR4iYgAcIza6txVwGJFA64nOg1JSLBWuFrcvSySTUck8PBO15jrZmveQ m7Nc9BMQHgeM7C/RuoSjily7bAkSlPug4s2RrmIvlzaNKtiZhERG/nhTUiSt6NkSCR7n71bnZY9P RAOeVOphyHZs1viEgInOvvQBCUnykT6zPcTG3ssCeB+OVZ1KbRIwKBO4y+IaKQ/SU/LvG8X4VBtk GRVwpvRUCfEEvRvTe4EqYjjqaQMC+wmERFXZ4uQe1x30vQM3Gd4pqahXRbsXtuA0lnJtmq+UfoEF OYiCNLmbf6AkH47T3kFSDRXxHfkYRfbDm56St8qFl7bL+JWjL1kcMNpSQzMZZgtQEVbT9jTqr2es rkizchdGRGDrMtF6TYmAUvCniG9jP3qKfxnG2YuhRUYFr9XMkEwI9jGgMUW9Qsj7XF58TqZWbQ1v Pa69AmE5EjewIeKvYsNzBwaFjZZGpWCXfnMpUspF3vQGpdIsOT4aJDlzZ0kCSArTfpYIC2mMKyt3 uro= =cjt0 -----END PGP SIGNATURE----- --vc72UNIUlaF5uMFUrWxL5As7TYw6OgGdy-- From nobody Sat Jul 31 08:18:10 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FD1A3A0795 for ; Sat, 31 Jul 2021 08:18:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.899 X-Spam-Level: X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tEtqb6KJ9u5w for ; Sat, 31 Jul 2021 08:18:04 -0700 (PDT) Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [IPv6:2001:638:708:32::15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6F043A078E for ; Sat, 31 Jul 2021 08:18:03 -0700 (PDT) Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4GcSZG5YyCz31W4; Sat, 31 Jul 2021 17:17:58 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) From: Carsten Bormann In-Reply-To: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> Date: Sat, 31 Jul 2021 17:17:55 +0200 Cc: Harry Halpin , saag@ietf.org X-Mao-Original-Outgoing-Id: 649437475.527734-fcd29c36eab51ad7f7347aa321e26eda Content-Transfer-Encoding: quoted-printable Message-Id: <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> References: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> To: Stephen Farrell X-Mailer: Apple Mail (2.3608.120.23.2.7) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 15:18:09 -0000 On 2021-07-31, at 16:44, Stephen Farrell = wrote: >=20 > I don't believe the IETF ought be active in this space. >=20 > For their originally designed purpose (cross border travel), > these systems seem mostly ok as traditional passports will > also be shown at the same time. I don't see that the travel > authorities need help from the IETF for that. >=20 > We are seeing significant feature-creep e.g. these QR codes > are now being required for indoor dining here in Ireland at > the moment. The scanning technology offered to venues by the > Irish govt at the moment is an awful online web page [1] to > which all the QR code data is sent (so govt servers get to > see who enters where, when, even though they say they don't > store any of that). That system is likely (IMO) to be widely > ignored within weeks of it's unwise introduction. We'd be far > better to stay uninvolved there too IMO. I don=E2=80=99t understand why the fact that governments buy inane = applications (*) should prevent us from thinking about this space. = Patrik=E2=80=99s base45 draft is a nice example where we knew from the = outset that the spec was suboptimal (in deployability, fortunately not = in security). Just because, er, foobook.com is reached via TLS doesn=E2=80=99t mean we = have to stop supporting TLS :-) Gr=C3=BC=C3=9Fe, Carsten (*) here in Germany we have the =E2=80=9CLuca=E2=80=9D app with an = abysmal privacy design, which is often called =E2=80=9CLuca-schenko=E2=80=9D= (schenken =3D giving a gift to someone) because some federal states = paid huge amounts of money for no good reason to the instigators, which = include a hip-hop star; you couldn=E2=80=99t make this up. From nobody Sat Jul 31 08:42:42 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 339DD3A0964 for ; Sat, 31 Jul 2021 08:42:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.001 X-Spam-Level: X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXQ3renpRIXL for ; Sat, 31 Jul 2021 08:42:34 -0700 (PDT) Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2109.outbound.protection.outlook.com [40.107.20.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C873D3A0962 for ; Sat, 31 Jul 2021 08:42:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KGzjHrO4oCJWR2XFIBRnMMCDx7IcG8ZjgZA0OuRrHod4Nvx1houz2Wx6sUjmTQT+kEuFRAAMwi0DPs38fs0GUk8TXx9yi0Nhg81ZORF3pIdcMA5vNbqAmwhWAZ/ZxKLYvYUUXvHy6r6/xMd2pvXY47mCDpCQb/rXfMuOf44yRMbMzVoWjgBjOArsuHMMCqyG69vEXqjZUi+uZFhq7V3bI+gMO62hUL6zrjq2dGrvwlEG/33jjc3czZu47r00Z8ZiNW3Q4a4V9lOodIFb28yAJEIOo5q1KF7sUU2+9iDqGi8K+2frPqKtVrWplKyx0cutTjs0BECcM26Al/majLg1uQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8KAoqzFJknhA51mVKgnF8ySLqr0/VM5/niSXKQaJCg8=; b=AbITybtC7gWsF0uGUn5N3xTOonWWARYn64ZnQc4eN/MShWIw8PMQldI7Kf80aEK8r4OyIIvpx8kNWLevVRgP3RZLn29DRE7Ovc6wqacO7muq8S0wMRyvDyzuhVOtMG8fEGGH5rKrJrzLXClDiRswlxjyRP23+BQ69xTDy1rG6ZaTr0UY3Ndrouv9TNXDoTBSks62BPQ7SRKeWaupunTpU+E14bAEwf0xt4kRukkD/jAMq6Myv1vz5+3cglBvhpPfZKFQYt5/yXk8pPZ1UurFWS47vqAfOoE1e0MqIe8+AXsP9qOGZDD8MW10mof8CqS0k5CFLvFajvCsObJwff0DXA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8KAoqzFJknhA51mVKgnF8ySLqr0/VM5/niSXKQaJCg8=; b=WMXE8hHxloSJKV2mU8vWoKrkhXzJwUsLNeBJf7PTD6e9KRgUH1bZxrklvMt3zFZSOiJ3jcPm6Mepr9S9I70gQcg7vvnDWz5h08CKwyl2GJyzXNbfGbCgJvsQBbHIYw+LEh+nllR+s4jRc3WAHCRSHslQEkrFPKLTxNJY7oTMZeiGQkvN7Pdd0Nei1G7ldCChjrSJBy071tOwqASKUgmNYBxgff3VbajArxP11jygcTYSSXtWTbp4LokjbOMNLdONSeCwGNcifreVcOrZBg79IRueGt0x2sbZmwE2vUpGCC2rr3z+ss5PHJuTlxixi9Z9/FHQ21yYsgUPiksaUveBVQ== Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie; Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DBAPR02MB6391.eurprd02.prod.outlook.com (2603:10a6:10:194::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18; Sat, 31 Jul 2021 15:42:23 +0000 Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272%3]) with mapi id 15.20.4373.026; Sat, 31 Jul 2021 15:42:23 +0000 To: Carsten Bormann Cc: Harry Halpin , saag@ietf.org References: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> From: Stephen Farrell Message-ID: <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> Date: Sat, 31 Jul 2021 16:42:22 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="AtQzk93mYeANeiZuJ6MDyQ7J822z4D6ts" X-ClientProxiedBy: DB6PR0202CA0025.eurprd02.prod.outlook.com (2603:10a6:4:a5::11) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.244.2.119] (95.45.153.252) by DB6PR0202CA0025.eurprd02.prod.outlook.com (2603:10a6:4:a5::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18 via Frontend Transport; Sat, 31 Jul 2021 15:42:23 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7da62208-0184-4b32-2222-08d95439ca5c X-MS-TrafficTypeDiagnostic: DBAPR02MB6391: X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True X-Microsoft-Antispam-PRVS: X-TCD-Routed-via-EOP: Routed via EOP X-TCD-ROUTED: Passed-Transport-Routing-Rules X-MS-Oob-TLC-OOBClassifiers: OLM:338; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /vHz2w+E1n+HFoVaNlDn6ILPJGCdKoBfrRS+fOgffFCCnuJIys5KM5eL2s22ISaPKjH+01XhqWzgmvO8mq+YRp98KZvGGWWOOoObMcPvCf0JXoCZaIErTX2ZnmPyHZJAbtdLBZHbkVYE69HomNSUq0se/MODPXTTyNjxb62Bhz8W0j/bcFcTKmaz4N0Se34aC6iahLZccLGlLev7BnlRaW7LhjFp3pd0WSuqcTv05bNqPo9vbfuITV6Gr2crtXp8N3vmvmAnNNttGZ9G3eqy8qxOmaHu9nWfk+HJNqcDiSMzOeSvTbItH+rQI9P2WkJ1MB+1Yu+x3EJxe2X4l0QjvHjCMl245WG7LeYjpd+B8M/XIkGEHvS39fDtyssbFfWhH7YS/RpPriDjQDPtxWThAePsA0Nh26mSYLppuT/6BLvw/GASIagLnTWQBHXUA/xbJFhyAPD5LrVkAK7VS8Lph+PlXZDzMjMMPG5XSiJnPYQH8iID+Qsd/hWNikGiou9ggcvXKIFCrzkWWGZSNr9B3du0b6pmZopUTgRYs2DuVH5u8PchnpyWdPqzjCuwj80ccgsRMlLkG44/0vd6V8T2o5ALsMgr+rqPqMP0L3+TK0cLi6EPDOcFsZg8Aql4kIXw2sb9ZSQHrc/s4MNcaxHFfD5kojR5bmHTv9ut7DrG4b0Z/uyY5NL15sB8LNKcMaj5hr9dntcGoufgPCD6Uj00l/nuG34tuEfPId4ekzzao/4= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(39860400002)(366004)(136003)(396003)(346002)(26005)(33964004)(53546011)(36756003)(66556008)(316002)(235185007)(31696002)(21480400003)(956004)(2906002)(16576012)(786003)(66476007)(4326008)(6916009)(8936002)(8676002)(66616009)(66946007)(38100700002)(5660300002)(83380400001)(478600001)(31686004)(44832011)(86362001)(2616005)(186003)(6486002)(43740500002)(45980500001); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?VnpvUytjbnM4bHBOeGlCc2tldDcwbEovZ2hvOXBINS90RituN3UvUTUyNlpV?= =?utf-8?B?UzJuZ2x2aEZsZUY2WnJ1OU5tWW5ZYzBMUWZJMWFJb3ZUanNlVGs1L0JWcTN1?= =?utf-8?B?MlExNUVUR203STJxaEVBaXA0N2pOWk5aRUwvNWFDUUFwS0c2bWtnYXNIbGRy?= =?utf-8?B?UkhxNkxlN3hQcXVQd2ZkV3dJejFsTndodGw5VDR0dzZuWFY3ZFdQWHd3dE0x?= =?utf-8?B?RU9EK005WDlOUlRsRnp3Q0F0Z0NsbUI0U3R0YlNnVGRqd3dqb3NWWXFqaWgw?= =?utf-8?B?dlNBUmhrcXoxQS9oTFFyN2tTYmRLRm1Xdzh4OGVmSnBoKy9GT3lleXhJMUpE?= =?utf-8?B?ZU9Zck5wdEtMaXl4T2g2WlJoQms4MWlGaXk2VDVCSmJRc1lkTFZNMnFMOGFh?= =?utf-8?B?c3FiZG04SEo0RExEc0ZmbzN0c0pEc0Uyd3ZFclZDQ20vMG9BTFo5MzBiS3VS?= =?utf-8?B?ZDhBRFd6Wm1qK2R4UVhsSW8zMTVzLzNXV25WRG5LcmRyVTRPcVpOTXZsV0Rn?= =?utf-8?B?U29teVJoWkNlYVdNS3gvN1dLU2pVSE9UTTRtUEpadjNlYzFwT0EzOFJReDVO?= =?utf-8?B?OThacktYQ0g1ckc1bld0MmsvdXVnODFWd2wxYzIxa0pIczNySkNYOUNqeHRj?= =?utf-8?B?YmVjeWJFd3YvWHdEZElwVGFIVnF5clJZb2pnQ1ZjSXRDTnBWaUtrMkxKRC9q?= =?utf-8?B?cFFYbUlrTGtKUy9TL2VGSk5ySE9WOGhxemYzaW1GME44UVFGVWE0dldKWVlL?= =?utf-8?B?Y2VpaUEyV2dBcTllRklpWmo3ZjFjc3crY2Vybk5EMWN0MDRQRDBrVVRVM3Vq?= =?utf-8?B?QjNqdDFqV0ZpOFE1UGpWYVFKcDF4a3lMVDB1RlpLdFJGc2Y2WU1heW5LY1Vo?= =?utf-8?B?UGkwZS9leW5qVFZGbGhUMjZnR2pyYS9WbWtSdzl5Z09WMGQrVWd0dldBUXdJ?= =?utf-8?B?TERWS24wSTJzSTNWS2R3RDBBT2tDNGp4T1ZpT3lVWGZ2TFBrSjUxYlQ4TnlV?= =?utf-8?B?VkdCRWQ1TG9PZ0hDTk1OTEJPbW4yQ2tydGF0NHMzUDNRUlUwTkJOVkcyWXZJ?= =?utf-8?B?Z3BLV0s1dTdRM1hYSEVPbVJtZElpQnFodkE3TTVTUWY3b2lYTnNMb0cxRyty?= =?utf-8?B?U3poYUFXeVpKUGVqQ29jZGxWTmRFSC9WS0ZTVk1MazNNTEd0WTBqZjhaM05F?= =?utf-8?B?eFAzYThOMFhodDJhUUFtTG14OWlrM1VhODRXVXMxVytsUHIyUnQ2UXJUNmo4?= =?utf-8?B?allRelVaWXBZcURSSVJDT0dhN1hSSWxsbytiNjNFRUFtY25MN3NMVW03Um5Z?= =?utf-8?B?THFtamMyRThBKzhzcUphRWpacytFODdCRGhMQ2RZRi90RWJBVHRCdXFYZEdJ?= =?utf-8?B?ck1DK21mRi9sTEJZRGZma1Z4dzUrOUNBemM5VkVwbjRiZ09DMjgwVkxWcHhs?= =?utf-8?B?R2l4OXBKaVpsRkVJUUVneXRTMWpHWnFhR1oySGxncW1TR21sbFZ6VTYvMS9M?= =?utf-8?B?NHdQUGFjQ3hqVVl6N1lYZjl2QUUwbmFlRkZ1alY5LzcvcWdOVnVGdmduSWxx?= =?utf-8?B?NmdSTS94bkRWZ0JhbTF1TityQXJqNGk4MThsRVB1eGJiOCtxbmxoazROUzJG?= =?utf-8?B?ay8wZ2lyZjhydXhrUE94TFM1c09zcWMwQ0F3U2NRTCtMTFpnTHdVWkdiN2Ex?= =?utf-8?B?N2NiaGd5Qk1Vc09HTmtmN1RhejZpcU56ZUptaGVLeDRib2srKzl1MjQrbXY3?= =?utf-8?Q?SH6p9ZE0rZ7Gc/E46YYSy8Pp0Ws+E8c1Vi8VaFz?= X-OriginatorOrg: cs.tcd.ie X-MS-Exchange-CrossTenant-Network-Message-Id: 7da62208-0184-4b32-2222-08d95439ca5c X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jul 2021 15:42:23.7059 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: H8RYjrE9a4D4xaNk5JNDmYZvW4ZSzFYBlr9e/0WZjZkBXqUxAqImdHy64u3uN6u0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR02MB6391 Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 15:42:40 -0000 --AtQzk93mYeANeiZuJ6MDyQ7J822z4D6ts Content-Type: multipart/mixed; boundary="R7tRVQiGlyotL5UKUy5Ft9Fv4Wp6mSPY9"; protected-headers="v1" From: Stephen Farrell To: Carsten Bormann Cc: Harry Halpin , saag@ietf.org Message-ID: <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> Subject: Re: [saag] Interest COVID-19 'passport' standardization? References: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> In-Reply-To: <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> --R7tRVQiGlyotL5UKUy5Ft9Fv4Wp6mSPY9 Content-Type: multipart/mixed; boundary="------------D81444080B8AA866B997E0EF" Content-Language: en-US This is a multi-part message in MIME format. --------------D81444080B8AA866B997E0EF Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable On 31/07/2021 16:17, Carsten Bormann wrote: > I don=E2=80=99t understand why the fact that governments buy inane > applications (*) should prevent us from thinking about this space. Nor would I. Luckily that wasn't my argument. For international travel: we're not needed. WRT feature creep: we shouldn't help. For those reasons, IMO the IETF shouldn't touch this topic with a barge-pole. WRT incompetent implementation: it's slightly useful to name and shame. S. --------------D81444080B8AA866B997E0EF Content-Type: application/pgp-keys; name="OpenPGP_0x5AB2FAF17B172BEA.asc" Content-Transfer-Encoding: quoted-printable Content-Description: OpenPGP public key Content-Disposition: attachment; filename="OpenPGP_0x5AB2FAF17B172BEA.asc" -----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh5= Cg8 gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+QtaFq= 978 CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKrEMjmL5VGu= D/Q 9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZUbUv0Q+DnQAB/4= tNn cejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqOVz+7L+WiVfxLbeVqB= wV+ 4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJgb097ZaNyuY1ETghVB5Uir= 1GC YChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k4LyM2lp5FmBKjG7cGcpBGmWav= ACY Ea7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK7uB7E7HlVE1IM1zNkVTYYGkKreU8D= VQu 8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5XiHzFPJleXc0ksb9SkJokAfwTSZzTxeQPER= 8la 5lsEEPbU/cDTcwARAQABzSFTdGVwaGVuIEZhcnJlbGwgPHN0ZXBoZW5AamVsbC5pZT7CwX0EE= wEI ACcFAlo9UYwCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQWrL68XsXK+qGC= xAA pYHWYgGOIL3G6/OpkejdAkQoCVQAK8LJUSf6vzwost4iVfxIKcKW/3RqKNKkrRl8beJ7j1CWX= Az9 +VXAOsE9+zNxXIDgGA7HlvJnhffl+qwibVgiHgUcJFhCSbBrsjC+1uULaTU8zYEyET//GOGPL= F+X +degkE/sesh4zcEAjF7fGPnlncdCCH3tvPZZsdTcjwOCRVonKsDgQzBTCMz/RPBfEFX44HZx4= g1U QAcCA4xlucY8QkJEyCrSNGpGnvGK8DcGSmnstl1/a9fnlhpdFxieX3oY2phJ1WKkYTn6Advre= k3U P71CKxpgtPmkd3iUUz/VZa0Cv6YxQXskspRDVEvdCMYSQBtJPQ4y2+5UxVR9GIQXenwYp9AP2= niv Voh+ITsDWWeWnnvYMq07rSDjq0nGdj41MJkNX+Yb2PXVyXItcj5ybE3T2+y3pSBGFEZYJGuaL= 4Nw tBJFMOdOtBmUOPbetS2971EL3Izxb7ibOZWDwexv+8R6SWYfP1wVN3p46RyBQuXqJV8ccE11m= 6vt ZTGSYgnLUUFZMRQYH+0hwuYe0T3AA18xDdSYsa8vovCCd3l5S4UNzIM2PMChqGrEzKapUpZg7= +8A CcxRU3b9Ihd7WYjJ+pQPCoWYKozvtEvenbNpE/govO/ED3B14e+R2yevRPjRrsN7PJzSf15fQ= LvC wFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLrSwf+MIHbFRQ4O5cmLYR5sIByWelN3SuRN/gW8= rpK o9OkCz6An8uV/iCXy5tNMLzzi0BFl8f22DwBcC5qy9qnlIAdogWam1qWoTAoAD8veEqmuKhYr= qJs CcAyNrKYmK0hP3rpHxx1LySDmKYXmw/8qtBXKHTouMm+5tSsznhykRMTAAr2p7PSaHgo+hIVa= W/r KSspHjDhhZS+G9mtOZad1IH29M6G1Q1NCO0Ywe8krKLQIAQlFxtgvOqpPOZNzeKBa/+KbE8TG= gMW rkOhC8OeEM5PVzdDhlhD9kPzB/pCKDF5DofJ/ZRqnDpbKPQ0bsW38AOig3kOc0A27awiBEw3u= rqR 1cLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g1MSBQJbtyScAAoJEBDvedn9g1MSI/oP/= 0A9 J9nrnBMqZpm857lfYWw+rshLK+tyeP4OQeOqnDFvs9jePpcyJLG3DF2r6VbVKPQq+AE6Uf5hc= JBD EN6BjEhRPSbLcqG3A1cz/nNwm8rPmNp+oKhmaBBQGxwciMLmzgynsDydnjPpMyEs04zvsbsl4= vrp 2095o105l8KcrrxQrioFjbwveGwHQK9bxJKhx9D+gIk+MouBur45UDKTZkMZrr9FGrtkyXCGA= xvK dcNC5Oa8z9sj1rcUJfG/OpVAMWhArdlZbFUQyoX6pU2Zb1CR2qpWAVerGSfBhmfCyStjARqaK= xlf tjO+Bj3Jj73Cr5eqej3qB5+V4BCsPjr4RLvVbYUCPsRdxWc+nBLlfVYkRURu21g1hFm5KFPjg= Uky o1s4vjUOY8DyI+xLGF7f/IhUBG6l+Vswhpwu7ydalZkeFiPx5xna5NfbEYxvsIf71DvipGvIO= aHv X4egWoFgm8n/9c3rcMxJtpwHPSsUt5dgLsyu6VE0IbvOAc3dN7CWJ355DVFJq9Zg2YVf0izSp= yyz JeGsgkfjW6xpmdvZxuT2UcN4BTcm6vYqueASGrb3lfhzC5gpeVsc/MoSjTS65vNWbpzONZWMZ= uLE FraxWJzC0JrDK3NCd0VN3kstqGkVbUIiYOnUm8Vu4zoVMLlGWzHLIGoPRG2nRezn1YyNfyb5w= sDc BBABCgAGBQJbxcflAAoJEGo7ETk8pK1gE7QL/ApC5P68W5DrI1787WJVZv1u4t/g39vTr7Xer= 3UM TVQg10vpa7pmqOGhjIDzDMg3Pe3K3M7fVzfAlUA1qw6ne4RCueVoRKpubeF4AlYbMr0K6hNCP= jt5 uAxmbBVuejKTc6pru5rv5gKL0nDbr+Snft5xt7juBLSSimw0/41sZnkjCxo9rF/RA/v6+uWyK= 171 RKmsEYu8fFtw1eqUNt/Xj792TUixE3pxXheNtQtZGk/9P3W83ChhG4Fh5EQsn0pIh9wZIAbMR= Lpg RKyW87fWHZC8/YH8h7afarvn9Thl5pFUldCe22mNJj6KLChn2aEHQd+PdY1GBpZEcmNEUPuov= wza tM0h64hCzTm41eDqRfihZVBT7TbfXQnv8rywa42Mk756RGzzEZcQEhwQXZcMQUfxIQQ2VyJo0= zG3 6VdZTQF7TF/4Lz7/3cJ56jOIm+dwPXtu+C2wAQuD4USOLt4JWPYpqzDfHYJIND/497P9Z9SuQ= eah r2ez3DRBg3qsHEjBV80yU3RlcGhlbiBGYXJyZWxsICgyMDE3KSA8c3RlcGhlbi5mYXJyZWxsQ= GNz LnRjZC5pZT7CwYAEEwEIACoCGwMFCQmUJgAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AFAlo+o= 3cC GQEACgkQWrL68XsXK+qO0A//ZsfQzyXrZlu/eEV5jU620yeOM3P7SW3C3UQYdCgZ/TlvxGgKo= w5o DSXgjMiUyq9csGqbPBxlDYSxFZHNeDVKYIuP2ZK24tw5k6duTh4+sFwUualTMlcp0zBCIzn3h= Rcs RvuPKHfl5+6oOi0+xqx3jX/s/69L/fvHmdSKet5LIUAxoYaZkTCruFrPWb01tgAl5JExWkhmC= Y98 iD+EeiIMAWBjMw1xV+p0uCwNbN6XDzcToK7wsm+tAIiWUy3DpP60a6WbVwdV0HNt2WZq5U5Jd= h2k 4S+sN2CnYk4tTW7jHjsWarV3FLISCOObADZuB7ljU4kYfdwZ+WzenXY4LGlxGQSlAblGjwZe4= EIk CXAJUtzJhoFUuGaF/PlWjxqV3UFRcgTERZTijguVyREre8GNERNgvDxZvuXssEjvz9X5JfcIZ= DIJ pdzhLiEIj9noUbfx1SzB5KDPQj0O7elMHa1671/rwWcpGr/MfVPTOik4H7F8rcVJelceZTzC4= tvy a7M+jM4fyFWWt8Y4atTixUiP7U9o4uBZCQ0GzvsmFA4XLqn2pA5rVizMXnGbGOjufAP/efEJ4= ul3 qvjYe8ye8DXEDjKAxo/tuHYtk19XCi83QzFhWls5TT+XQeVTMEvVqo9Wek8yoxo67qvLKKqIc= G9g ivQd8MxYNAbNYgSPtkbhZ8TCwFwEEAEIAAYFAlo9UqAACgkQLzyHNoBfjaLzHAgAlWT6NXEGt= w/r 1miKNGcopzvzILQ9oB8rKI9U9EL6tOf/y2V5oYee/GyQDb3ZdoPxxYYcJf+RyiH1nMoqUIZiZ= Jaf 3bJXinDZ5+AdfE++UR2NBvqaNyC6u3r24jo1B/sagKbYtWgsYtRqHLD4IWi37MZrVyjBuF7u1= 4Q0 7+uhjq6mX2O/tHpCYw/Q82tbeTRPyUf1WQOAfD1kfBpW9PvAva5Iw9FWeXpCXRzwxnCZhYfGf= qtu Sw6CPBYLdbikqML6FZ7EDuTBb/8um1wK7Y9bgeIQC+CYjhYB5RXa1tDJRab2Js4luCvSR0w/C= gHw 26293tlve2Q6UTrmHxP5U22DlsLBfQQTAQgAJwUCWj1QMgIbAwUJCZQmAAULCQgHAgYVCAkKC= wIE FgIDAQIeAQIXgAAKCRBasvrxexcr6tJpD/4rrILH+meP07vrx8wW5eYuqCiPGYnh/CXxIF8eL= rfb e5d4QRgtq+w6UeQPMyzKRIRiCoBXB2oJLBZHyxBPxZlg33dTMrEGn8QWKx2iNuz9rZMXyOSWF= etu O01d/aUPd5BnbLbIyK5of8xCQlXM6KH8bc+9gQ7edR9mfLTdvBf2FR522hg8BRBM1imKc3vO8= v39 +qIHHRjuiwxBBCAOhHtHRsZXripS0uFA07dM46Oi/E8osjx6fQt/lH5z/PN+2adxYSrLSAXfr= 1oD 3RxYNhuWgyGFL64/VCQb1YGjf0Z5MBPnWm9jgUoOY5K9eNSS0L83WeJjlF5+Q/WOgB+rb49Pr= m2D Feo9+S9f2V53Llz1WIspXJg6f+n9lmHE94MfQj1GAHCzI0FeL19lvM+LhD8jJSCbhrC3+yoby= y/A UOs5Z3E+njjX1FF/VCVAs6iOa6i+XG+Y1hh3ir2y1kckJ5auT10MSU8GEZu9ayU4M3o3N9yxO= jao P0NuQ4MMLL/n/u4u94AeZaHPNBXn/hVfVRRmpRXtGKvJtFAEppGEYezB+bLKIm6XlpPkhnwYz= leL Z7AMEco2C6QM8QPB3g3JpS3sqRhA5rEP4lL16BmijmF+CHoPE/zwgKZbKpyVDqvIW5IDgvfIC= 2X4 pbZDRvGIUKaGSB4+ksZgUUnNyvfQr2p7jsLBcwQQAQgAHRYhBH4XCgRchM9GDit5oBDvedn9g= 1MS BQJbtySbAAoJEBDvedn9g1MSeKkQAJm44jt1kwHgQgeDBKdjdvl0AjE0xVEQxriZ6lP/l//34= YT0 auFfzsYIrChSpQXAEtobBAr4Ohw1Us+BZe+H5P8vm6LRuPwozC3SjwfX4Iec8+9ot6tIVg4sb= edD Sgb/CCFVjsmIGcQ1P73JLJTBJ6mxYCV/gn3QC6bwDOFo7kD9FDHCjRN8XfhHQ4Q9cYyt06uF3= 1qG /aumgWYC9geCGgAwiHgwxNYb9GoJ0iZjCROwbYvLTcQgsVUW2bTmsVR13UVKDsdl02sRV7qcV= YW6 R0a3Ra8KudX+nt25H5DRGd382KZ5W8pydsy/viTvD9z6v0ulChBYxAedIvGIClrhbxlLEPmIg= 4Im VOLGqsUgVm32J95WOjEkk4PEZ12xSDBtwhSJqmJNboWlfmw43KdIbY8zNhffIO3N6O7FsdGxm= qyH eLoTpqY+ySVUPpbuyW8ujnI/J//+6hdTZ9dQsEJQlWngKuWOQ5ma58MPSN88zllsqhZAFQjNx= qnk SzL6ZQ+v/jvuRRe16B80AeO55DsmbWsMv/YLLD1mSi7+Khy2EtMBhgojWwrGMvdLN6X3mnzNJ= Esc YyLxM9tSk+iySP2sLthK0BVgpAzBSdaf/ezIz60P+neHDzteNFf8Mn7lmgYk1amvZoJ29s5+n= 2Hw xyRL5dVMyMdyQmntubbctfqrZ0tIwsDcBBABCgAGBQJbxcflAAoJEGo7ETk8pK1gnCYMAJY4F= eIY jlIXGghFWzsB4fYwK1+iaFpU3fSto5qcrqVtVPjXpwqczqBWeXGyQxiB0kan4OVAXydIeaP8E= AuF CA7paP3s9STLJBO3KurkwyRkPW5zo0X7xVqaVToRsX2Ul98KVJoHYQD1KdezEtwlvpNwiiBr4= 2AY R751Vm6JBVAbQXuFpB3c8bUV0OkkRxNFtL8/2PieHar58n5dntGkbPlPkztahsFqktgacIgXH= X5v aT+7YeeZ1DWLOYjGO0wNhkOSeroCmxwJUikU7joBp823L7r5KfpqWTPpSCzVstQKZUGmmoE1q= Csw Y/Ud5wvp9SccpIILkRXj0rZRtfnE5MpL3hjmtNzfDd9qIsJtBJlSB2hZwAsVm1l+EWN9hG3tq= yA4 3niUMy2n6q690of3berSiQ+kvY/aC9Hx8I+bKzOV9/J2VUTqfaPZa4Uy2rVX5Q2p69n/PMj7m= Eer 0rCL3j9V16J9c+s0BSkXoKdtYdB0TWVhBgUybd9qtYcwHWvhP80uU3RlcGhlbiBGYXJyZWxsI= Dxz dGVwaGVuQHRvbGVyYW50bmV0d29ya3MuY29tPsLBfQQTAQgAJwUCWj1RWgIbAwUJCZQmAAULC= QgH AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBasvrxexcr6jscEADEcB0WQEZn2AkrzDs1RhL0Lp6cZ= i0B igofkbcGfdhJyMSs19C0dhvncrAFClVI6/Udw3yFtDyYtOCf2W3M3A1K6/RfEizCLzTsdFIhn= i9g OJLlUpXViQtgrlstjk7hqVV3Ooz4BlCqS4cG7rfqf4LQQPpTAuFUEV9I28FBUB2irqC+v4gTy= sIg pMw0bA1yBU9sX5jE/tRkzqnuzZrkwiobDtRFJ9qp+7O2JtcY4EsVtLAsaodJKc5cF8R4OvB1n= 66v xxcgg9Eh4JNWZ47xsaCmAGo1Bcb2jIY35OtgAL7gCGLRSMKTtAaPy1/fEgIqhCljJ9x40Fkn/= 3r2 BX21WC9HFSPFTBz2RluLRzxdgxOrkYK8EiHUPoE5b1AEzZKw2AbeXfr57f5zYsN3IqfbQLUjM= YtU N1wK3Pjb+idD972wyXMWt8uOzlI7b9Ocu+nYm2whBfJv9Pmp3QYTmPz+LB9lH65VNVUSxSXVr= 5iW XO3qx1HtEiGEqkporMQCTh3T5Ud3PvMSRBFFKNs9WhJ/Lxz+SV30WLwG6dr5mQqlzAhb4Phc/= zek ZyXRdS/oDKrBLUucS36O//49JeyRi1QvOfxnfmIqRIAf/k3PoYJmTo5E82//r5Qj3YGlRu78b= a0H Arxs+ACD6AnEHHcbswpbtVEKYzlSu0Ar0Dc7vRWM/IyQdMLAXAQQAQgABgUCWj1SoAAKCRAvP= Ic2 gF+NosIsB/9f/29FNla3BJfGIEIDnhrqGD0i9bSa89SqBd++uG06TQgW5wsqtNcrwn81yZTq6= XE6 i9VtD4GKfqC0d4KZJr9bnbeD81cI64VOdL8zJWJs0vj5EIXCobKyX74Kb4uePUyZqwT2Q74I1= 16u /HwA9/FXsPo5isbh4ZqD4t0VHpWkmfq1FPT9a/JPyX46qKqB2Fce/7Qy+SQP1NfkuUlbhUH/J= G9a SSYvk3lznNiH41x9M+FDlL106itXOubrl3oi2fT3fsSedq7uzt+IV0DQEeNaoQAUuwEhdB8IW= OMq N2woDjGVKJftfsSWY9ilZrnDBNDrp0vRqcx33LUMkIw4d7iBwsFzBBABCAAdFiEEfhcKBFyEz= 0YO K3mgEO952f2DUxIFAlu3JJwACgkQEO952f2DUxJjuw/6ApHSsVTWD4a0H6FJ23A9Ftpy+aXZ4= vYl zkSrfsn2ECrEfK3lXQh/uzwjJUDYZeB1/BQsFZtcYNQOJSSHbQ49BFRLwb1J/wBZG4bbmrkLx= nNb KDKQvzxEpclkMW0Dj0J6o7kGrmzIGGrhB+JJN99AcineHRug8ZSFIERRCmigxdhAKU0BFD7P+= 5HN HltSL3DF1c2fFOf2JrgBKVoE+9RhMZjWNbYetFFLCkjXb5Rpay9zeMm1DxfSTGAnuOwUXW6qq= 4hn l5+VC/48ceDZElLLfu7RQUZv44pkSTOWZs+iQoJiHMFHk9wPqyB2Vok1yJ2a2j27WhXrJlPwn= Zbg JO5RyWDG3p/eVmpl5Uuc2dsfIpR17KnAuWpghK6V+cyFncDoGCl/YG2MvoolsW08FiZh3Ej4d= nJj j25TZkeFG74JJDXLvMYpJfSBGnmETv4Dhcm2xPqVMuFuL1qJlMbVLrMo2GXeo03OzNyvbs+u8= WLI aGm5hC7N1CXY8wZs4jo6OJ/expvnc07dEuws4zT3AiWv3nIouWReRStZy9QkavDocqbyPmilc= dPC Yk4BsOlzpwwO74hNG7iyl0KdAlwTxGQ7y0rJou6HYa1TmRhIEr3vKvlW+JfUUrqtjXgsuacTX= o4+ Ira2JUErL2cYzQMq1j4r1ZyhFnuz93s7Rsx/Nw0+0YvCwNwEEAEKAAYFAlvFx+UACgkQajsRO= Tyk rWCJqwv+NLVPE4sD4sDA2/6Ek7UsRIUkg+S39fhqWsLc4rtw/mDunv8Un61I3K04fZ2Ry4nF9= hZM 0a710UvXFbStvrzRJO3EAAcdJR9LTCd19e8UeruQbIee3YT91U4NkC9JMpecfq62/teOAU2e5= P3f WYaLs5ZX7zCLwWuBcW2l3SyoljQczM85HhJ3XHm+FnwQ6D9xRle+lvWTcuC9d1yAyUb8IOosp= cL2 lJTmy8e3r79R24hPlSB4LDe0wEN8AXbagrcAQZjwyaHyWxjJbTwZ0b43WGdfIqZ1ElOeoffbk= etP GRmWvx5xUvb2ALFBBdETzV270gs5XDJgJ1SIIKOyDADxwvroTe2jD8C/841eEql5QSow3s/U3= zRq k3mttto8Qw/DN71aeh6dmYSsvd2UjsHw/vofOPRBGxZLEkKTEvMnhmMW9hiKPkPia+QgevYE0= 20q pKSxLEdWA8nprHwxmGiDNesCfXSC6vm1qfyj5g8HzxSckq9ZaMhKMCo7vxflUEDuzsFNBFo9U= DIB EAD6DdHQfMav8OXfhjTteoarOrlJTSdci727xiezGPuBHmpvceBRZgRasdbaMc4HJee+R9+5x= /nL PCuy/DxDyIjwIUeJNgc+l7LjI9WfpHTD8U4xxjvR5Mi7+ToQQUOUNuzT0O0pyuxP1uY3RehHE= hOV fBZO59ipSeZL5iQC6T5MsK1SKfs51pLa5ToC1rc8tBJ4zZmxRAyZiYc/AH2uZ/6rYjTTkAn1D= VI9 DYo2D/zE4bGjXdJW5pKphFB2lX3dG4I7ODi+5e1H6A/QpCu6z8/ZkIQ+9T1xcX/YwiFeA7PbT= uW/ eITbMbI1eV3+fyym9aT7Rsflmp31Zxtr+sZwGGZf00ooMBFmqOS//NUQ/Vf3vDUew1h5QU1yD= aWT 3NApvi+XWPH9TPy6TMfZA2FThHf11sX/gDBa5JWQZbptPEcmoazpiKZt91CrFPOaoXDPck/Q6= 1df mr/oPikfByYnASIM3OwEuXqyQ9JDRfKrem5r+oA/wxWb5jELElAhOpnyqMMvOh7uz1foUssL8= MAv 2TGXmxpVJ8Nu4je6wf96Z22fQ0D38zud+CKH3bMP3ayXXJBcdPoENrzFbWP5FTg/4TTDJ3vOA= HZR 5iCunYghx8b7Ffa4UbkwlD+dh8GiIAtvT51Ac0cO0Wc0Zjc57zPUz1zloMbf+zb1Bsn7DuEQo= qj1 gwARAQABwsFlBBgBCAAPBQJaPVAyAhsMBQkJlCYAAAoJEFqy+vF7FyvqrC8P/1tF6TeR83xD6= Mas qXyrBjwcLmziaF0Mlkj8k/YUiZ/knb53n97xQnh9yxPv0TT8Wpfdn3BmvqGyh8+ouHX9jMOxi= RkM dNhIauVYY/8jmRfBSYWcFkfMzdYasvdLtmYJgx252HKTFdeOrszoOjWjEzwmh+tca3AFMu/nB= ++/ KAmi5UJV7zsZ7uYJ5jm97LV5SLjNJIXXM+lHqCDrjDaDhNczmq1LCRlU6/WDjvkuwaVhZG4lX= xMD rvKnXMkjseQ2oKjwrIdfQM86H1z5J31lfhqop+of0cimcIsBgSCPu+h96LHuAzeRBCbDKeqrf= ZtA ZAGsokRina9947fRWxXHh3O66ILmXKNRxxWbDkPvYnQWUat8SbSTDoPWrDIGDRIAypqYo3pcN= 2OE 0C1chqgDZQxkr+9kYZQpupOAN2TR+fM7JvbO9coKI8Uqog8CopoMeDQkd0YjcqlB1E0svODHT= zcS oRzogDBYDqNLP7qVkNXpcOAXSVioBgiSDf7o5RdS/qmUyXBIeq6I5z8xBcd+BQ/n/9Frkm6K7= IKP 3ngUP4wEoiPx5ZE5+fPIScGmVUcZIMhkvMvem9XXh1yyhqN14gfjmLwPGdWbrgG8QUe0s2WeW= Iys s6uTiyF+ZbJSo2XOKVc3YFMVUUfgyudqAV1wWdZinUk+H3pkqOKoHAy/8fST =3D40Nd -----END PGP PUBLIC KEY BLOCK----- --------------D81444080B8AA866B997E0EF-- --R7tRVQiGlyotL5UKUy5Ft9Fv4Wp6mSPY9-- --AtQzk93mYeANeiZuJ6MDyQ7J822z4D6ts Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEEW7Wm6ldl0sWGPK4nWrL68XsXK+oFAmEFb14FAwAAAAAACgkQWrL68XsXK+pW +g//YpcXlsbL3BDhHK74nbEmaoLJ/q+c3ckNtYTD9LJDZXXTEFkbaCmqGieZWE0lkAXPZMwnNoYA YL5/UevBUEWjaT4jnChTxg80gkH2NgEFr6h+0Jp4diRsql1rUxRovhtWEOyfwmZfgHz/jjWCHDu6 WMm6kdpGXWX71DMRhOaXV/sG8RrYFqP4Dtf1ANJJa/AYSdnPrcnyQmG6mWocZZj9FXsFpaGNEdKa vaiNOQQ7ijsTtW2iPVNzeXTLZpwj7Cxjv8dq/oy2LHqP1SfH/p6tEfEpMGN1FgVKLGaAHv99dNTS 3PPAEMMNUOFgpJ2khyeVEU4kJLKyAgiSnmxOXREoMmjYP2l2s8qNe5TbD8w5AKSAGOp/dVofHxQH W3wumpQ0Vz1nc/Ep4wU/3IjlUodQp45s0xBzeqWe073UtFWz4mSFKRLWkKLCqMf97ipIrN0aUzZp CD10DzoBL2jS/iHMGRfbhG6YGuFLZBwe83vE2oA2yuI+hReGuuz4kjN9mHBlu+h5eU6F9jI1INxp +wj/7Kkslwc8qVZRHKdyHuoAl2N8HVdaUPNsYT+vqvoQgRuiwAR0iN/JMuzVkn8E0pUtLDExTFT+ DCGStsPoHJLys6pRpszvbhhm8sEv8l8MfiVn2ToFdxAfnIt18QxDfIjVnd775inRaQTOQcMfdzMq Cjk= =ryEx -----END PGP SIGNATURE----- --AtQzk93mYeANeiZuJ6MDyQ7J822z4D6ts-- From nobody Sat Jul 31 09:15:15 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C74AF3A0B7A for ; Sat, 31 Jul 2021 09:15:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.498 X-Spam-Level: X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_SBL=0.5, URIBL_SBL_A=0.1] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=metapolymath.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PppHd_BaZZc8 for ; Sat, 31 Jul 2021 09:15:09 -0700 (PDT) Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF0103A0B79 for ; Sat, 31 Jul 2021 09:15:08 -0700 (PDT) Received: by mail-lj1-x22e.google.com with SMTP id h11so17310506ljo.12 for ; Sat, 31 Jul 2021 09:15:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=metapolymath.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=hqpqj1unDVISn9H1U0SqZhu9rTb6zgkUmpRxKQ80UaA=; b=MhQACnSZVw6nZINDIynu1gfIgF7r5Im+BvEsTPvALPN3f38+J0RauMnhAsrOYRbPsU nI6Zk08SCtvb8mG/ya//WKu/C4VPa8sLm4I9pWDXKwqFJTmAm0V3ixmeqwkd3Wb0qDN/ +dsix80kELLbuQSoZsVpeaRlOHAWZI03QfKJcB3w4FpATlFrEHVwVTZ0zQQNGZj+c+4n 4+yXxVUA60AEW1mgByCzkLikM0AG9L1WYCxzznm/SGr8uy+an0q61zHTHIB/CfWkCY5I +KJnTDp+MAH//oD9XMUW+0VS678SkCmLQcWarruUOMKf0iXWgXSQpsIMivai0jbPfxhP 1n8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=hqpqj1unDVISn9H1U0SqZhu9rTb6zgkUmpRxKQ80UaA=; b=nSv7GhAjS5t4ePRhy05UosStGsAjZP47ImZIsXs3pK4ebuulCsofkDJrxGV1YS1OfX 1iVb9QB8j6MRzz5/XMoZcnsB2ZdkL/CE2x7eFbWKmJgx3r7aa/71yytUJuZ01unLqcFr di3adlpoFsK1HIxX98fjKH2KyZhHCIeF4cRw1wzFt0LvtcLj5TSAO+WflGzYuaNgsYaM XxvrKOgdUXSkJ6sLX8Cd8deEkVoLLUzdsIjs+42QS0YV7UEDmDHvPPaomNd9mH4QbjLx d40ORwOh6UjUg0ZSTVWUdyVr3I9fCjjrAswuLyPxC3p1vOnWVziuAuDq5wWikF9RT+YT MQtw== X-Gm-Message-State: AOAM531gsJHZ9zcpVnlJLVMZTjyQBdD4/pFAXEnKYOMwurk5rTZdegAK TZ5RUux0njX55HQZc4JcMxMMmmVYl/ZN4INqP+sQ9fj7VpQ= X-Google-Smtp-Source: ABdhPJyg5jr9rJiEd7p4nIhdf+4WRLQzVxPUSLwIKD/ZcwJuvBxGvc+4clCK2xcbj9iNIiY/4o42iG+P2YADAm1e8g0= X-Received: by 2002:a2e:b4b8:: with SMTP id q24mr5577598ljm.253.1627748104292; Sat, 31 Jul 2021 09:15:04 -0700 (PDT) MIME-Version: 1.0 References: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> In-Reply-To: <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> From: Metapolymath Majordomo Date: Sat, 31 Jul 2021 11:14:51 -0500 Message-ID: To: IETF SAAG Content-Type: multipart/alternative; boundary="0000000000008a65a305c86da388" Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 16:15:14 -0000 --0000000000008a65a305c86da388 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi All, Standardization of specific disease Electronic Medical Record (EMR) secure clearinghouses is Out of Scope for the IETF. Vendors must be at liberty to develop their own method if required by their sponsor or government and if a solution becomes adopted which uses open source, then widely accepted by other vendors /and/ is utilizing a non-standard method which proves successful, then and only then should that Method should be discussed as allocating a standard for the method, never the specific disease. We would need more than one use case (more than COVID-19 vaccination EMR) to have a balanced discussion about what's working and what's not. We should not be steering into conversations about what policy companies and governments should be allowed to make as it is not an Engineering topic. I am interested in EMR in general, but as I'm actively working in this space, I suggest we focus on broader security applications. When I look at my alerts from USCERT a larger issue affecting the entire Enterprise infrastructure is phishing and zero day issues. I'd rather see more examination on what existing standards are in need of review given the current rate of penetration. With Regard, Kronah Wood, CPhT Metapolymath, LLC PO Box 19236 Lenexa, KS 66219-9236 +1.2139158297 Sent from Mobile On Sat, Jul 31, 2021, 10:43 AM Stephen Farrell wrote: > > > On 31/07/2021 16:17, Carsten Bormann wrote: > > I don=E2=80=99t understand why the fact that governments buy inane > > applications (*) should prevent us from thinking about this space. > Nor would I. Luckily that wasn't my argument. > > For international travel: we're not needed. > > WRT feature creep: we shouldn't help. > > For those reasons, IMO the IETF shouldn't touch this topic > with a barge-pole. > > WRT incompetent implementation: it's slightly useful to name > and shame. > > S. > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > --0000000000008a65a305c86da388 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi All,

Stan= dardization of specific disease Electronic Medical Record (EMR) secure clea= ringhouses is Out of Scope for the IETF. Vendors must be at liberty to deve= lop their own method if required by their sponsor or government and if a so= lution becomes adopted which uses open source, then widely accepted by othe= r vendors /and/ is utilizing a non-standard method which proves successful,= then and only then should that Method should be discussed as allocating a = standard for the method, never the specific disease. We would need more tha= n one use case (more than COVID-19 vaccination EMR) to have a balanced disc= ussion about what's working and what's not. We should not be steeri= ng into conversations about what policy companies and governments should be= allowed to make as it is not an Engineering topic.

I am interested in EMR in general, but as I= 'm actively working in this space, I suggest we focus on broader securi= ty applications. When I look at my alerts from USCERT a larger issue affect= ing the entire Enterprise infrastructure is phishing and zero day issues. I= 'd rather see more examination on what existing standards are in need o= f review given the current rate of penetration.

=

With Regard,
Kronah Wood, CPhT
Metapolymath, LLC
PO Box 19236
Lenexa, KS 6621= 9-9236
+1.2139158297

Sent from Mobile




=C2=A0= =C2=A0=C2=A0

On Sat, Jul 31, 2021, 10:43 AM Stephen Farrell <= ;stephen.farrell@cs.tcd.ie= > wrote:


On 31/07/2021 16:17, Carsten Bormann wrote:
> I don=E2=80=99t understand why the fact that governments buy inane
> applications (*) should prevent us from thinking about this space.
Nor would I. Luckily that wasn't my argument.

For international travel: we're not needed.

WRT feature creep: we shouldn't help.

For those reasons, IMO the IETF shouldn't touch this topic
with a barge-pole.

WRT incompetent implementation: it's slightly useful to name
and shame.

S.
_______________________________________________
saag mailing list
saag@= ietf.org
https://www.ietf.org/mailman/listinfo/saag<= br>
--0000000000008a65a305c86da388-- From nobody Sat Jul 31 09:28:15 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D4A03A0C47 for ; Sat, 31 Jul 2021 09:28:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.897 X-Spam-Level: X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ernBej4fMKNA for ; Sat, 31 Jul 2021 09:28:09 -0700 (PDT) Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [134.102.50.15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 219233A0C42 for ; Sat, 31 Jul 2021 09:28:09 -0700 (PDT) Received: from [192.168.217.118] (p548dcc89.dip0.t-ipconnect.de [84.141.204.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4GcV783x8Yz31RQ; Sat, 31 Jul 2021 18:28:03 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\)) From: Carsten Bormann In-Reply-To: <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> Date: Sat, 31 Jul 2021 18:28:00 +0200 Cc: Harry Halpin , saag@ietf.org X-Mao-Original-Outgoing-Id: 649441680.902925-d8417fd3fc18698d28355a1749eeda28 Content-Transfer-Encoding: quoted-printable Message-Id: <565DD50B-88AC-4F43-BF76-8A85CC5C1BA7@tzi.org> References: <09d0a050-781b-a4cc-47bf-d1e652e4c982@cs.tcd.ie> <266B969A-CBC1-473B-8F5F-D7A31B66DA2C@tzi.org> <33cbcf8d-ed18-860f-912b-93a5ad5ea177@cs.tcd.ie> To: Stephen Farrell X-Mailer: Apple Mail (2.3608.120.23.2.7) Archived-At: Subject: Re: [saag] Interest COVID-19 'passport' standardization? X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 16:28:14 -0000 On 2021-07-31, at 17:42, Stephen Farrell = wrote: Hi Stephen, probably we are agreeing but just talking about different parts of the = elephant. > On 31/07/2021 16:17, Carsten Bormann wrote: >> I don=E2=80=99t understand why the fact that governments buy inane >> applications (*) should prevent us from thinking about this space. > Nor would I. Luckily that wasn't my argument. >=20 > For international travel: we're not needed. Apparently we were =E2=80=94 there is lots of tech in there that the = IETF standardized. (If that tech works well and solves the problems, we = are indeed not needed any further.) > WRT feature creep: we shouldn't help. Maybe unless the features actually are about areas where the tech also = needs features, e.g., for privacy. > For those reasons, IMO the IETF shouldn't touch this topic > with a barge-pole. Most certainly we don=E2=80=99t want to be the entity that standardizes = the actual system (DGC/ehealth or whatever) or how to decide who gets to = be trust anchors, etc. But I still don=E2=80=99t understand why a topic that comes up in such a = system (e.g., how to interface QR-Codes with our representation formats) = can=E2=80=99t get IETF attention, in particular if it already came up in = other contexts (e.g., IoT initial security setup (=E2=80=9Conboarding=E2=80= =9D)). Of course, the current systems are a done deal. But we should listen = attentively what will be needed for any 2.0 (or 1.1) =E2=80=94 in the = end we don=E2=80=99t want limitations in our tech to be the reason the = upgrades don=E2=80=99t exhibit properties that one would want to have = (data minimization etc.). Establishing communication is a good step in that direction. > WRT incompetent implementation: it's slightly useful to name > and shame. Which each of us can do but the IETF as an org can=E2=80=99t really. Gr=C3=BC=C3=9Fe, Carsten From nobody Sat Jul 31 12:51:25 2021 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 505533A1810 for ; Sat, 31 Jul 2021 12:51:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ctQBg7TdBPHk for ; Sat, 31 Jul 2021 12:51:19 -0700 (PDT) Received: from FRA01-PR2-obe.outbound.protection.outlook.com (mail-eopbgr120092.outbound.protection.outlook.com [40.107.12.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C5483A1805 for ; Sat, 31 Jul 2021 12:51:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mzk5aISsz+UkjR8w7wIpHYhkFWJvhpxHoz4cmkwps2HY93tGpH/KPWHRwMBkQZ12TYMoOi3vMUhZmF5vYbBersl/I8aZ/1wEFERvRSDxRG+OAHOxHdhoVpAtormQPC9gZQK46v+EZIUzGwM5RIo0MTnfSJYejAetgIqVnsyNzVEC6SdDMZPkw6htCbWuV2Psm2pmBsRgY5YEnexFahAPjFW5TWqHBOJvGt5LoTiRAULeCPXuZ/y4rnRsMTVTu/4ub/4D41MZicHkbLUJbtt5I52fftte/yT1kMKdNbGOZTcGqHcZ1NuwWGcJYc64bLFl1Gk2opemEXxWTy4i7/pFAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4EBMutnQHbeYbI9LLotQeEMuGGuTVDyHIohucIt5wZw=; b=FartPB4Wy4F3Fww2Lk5IlqfuxMZcUXGIt1zx1V3NBsJLdIL9acPi74z+Rr5uvqubiWVedb/ru9BRafhODyllgK4NNlA7AW4ohCQIyoIrpGrUcKEi4qaOl0HjYXQaLbi7LKRENm1PbF+suFzI4pzdu2Qp5FoJJaCrPIStVBBhVFIL3i7feYtWULHbO5uzrEEAjRNfkquwqd2eRRWKQboZ1R/Xh2PSsr3RMcPgUo6fyg7WHNV97RWmrhWH7BXIZkSKedr+5W29JA2q565ES5z2KQg50nU0prGAFwgaaksZTATh8DKj0Uha00yL7fbS1MPb5fIJqvr51RpjFoy3b8dW4g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cryptonext-security.com; dmarc=pass action=none header.from=cryptonext-security.com; dkim=pass header.d=cryptonext-security.com; arc=none Received: from PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:16b::5) by PR1P264MB1232.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:180::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.21; Sat, 31 Jul 2021 19:51:13 +0000 Received: from PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM ([fe80::ccbe:f345:2ee7:f9bc]) by PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM ([fe80::ccbe:f345:2ee7:f9bc%4]) with mapi id 15.20.4373.026; Sat, 31 Jul 2021 19:51:13 +0000 From: Ludovic Perret To: "saag@ietf.org" CC: Michael Richardson Thread-Topic: [saag] danish report for saag Thread-Index: AQHXhYRbPH9ZnvleaEuuSq3fEmbVeqtdf8sA Date: Sat, 31 Jul 2021 19:51:13 +0000 Message-ID: References: <20381.1627678125@localhost> In-Reply-To: <20381.1627678125@localhost> Reply-To: Ludovic Perret Accept-Language: fr-FR, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cryptonext-security.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 7cc4dddb-c529-4264-0820-08d9545c8d57 x-ms-traffictypediagnostic: PR1P264MB1232: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8882; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RhlToe1AC8BAzsWVQKJuccFx+46mX/5Bt/cyCJ6ZOBEiIneppxMdSW2qi/0OP2W+ZvEw+WsV/SkAaNvNGSdyy9r0excvftFQ1xLeIjjoD4IoKRYOBaFkwrEPD4oMGqD2pJI4NuTE5Li6jgGDAYq8R/mW/wEQZ42s+G2YyELbSk0bcHfVbDE7ErTsgaGTR2IfFVFpCCrarJWo5/od5AqWSyE9bTT+sUXHFGzrWoaLUgAIILBgNklprz9JWN6RYPo8W0m4uz+e2YhHa1sSMb7R6XQY5PH+bU6DRGQX2YzjsoEy5lopRi8Mi2nQAgfhOmrWHV0Nsr4Kh8Lf6SdgFeyjgDIWQzmjc2IDXgaRt8/sPNMKIM89zqwinrErqY9Fn5o6CE+kqttNjcvW1aqnUWBglpqj0c54WzValiuytsSM97CJulmE0cUbnB2AsQ+NkkIHx9W291VUPinyUB7SzqmBObP95wofxc20H3+FhsatVrMKwo9AO7bcSeGJ9viAi0zguGSPuvDTknzzXDr58HidlFLfn2Kb2RETwGPHmYa2K05kpZlDJT9TFNYex6DZPMz0FUtaOZTf90KIoBu8aDB7mORJSMdQEPwICipIZxmXJyOxNyGDO3dwLJnoPdwUDs0s8XbXbOOyDL86B51A0vkAKekIP85g3N7/9W1Cbyf1+KyF82R6+mKTqo9Il/v5LwummfMHd3UJDDEVvnjJ/9pFbA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(136003)(39830400003)(376002)(366004)(396003)(346002)(5660300002)(4744005)(316002)(2906002)(6506007)(66946007)(186003)(76116006)(91956017)(33716001)(478600001)(83380400001)(6916009)(6486002)(38070700005)(64756008)(71200400001)(8936002)(38100700002)(9686003)(66476007)(122000001)(44832011)(8676002)(6512007)(66556008)(66446008)(86362001)(3450700001)(4326008); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?B?WHVlNXhnUm5acWlaQWduWWhZQkVwbndMdTBKd2JERmRvajZ4REJxWUZMRHRz?= =?utf-8?B?THl6ZTd5NzRBNnJ1S3dLSTJwVWRyaUYzdUV4YTRzS0VKa1Y1a1Bwbkk5T2lZ?= =?utf-8?B?aW4ySzk3L3pra0pxR3JXcFFEcjJvbXJkQmVsQnZyaG1WaWpxOUJicDFTNkly?= =?utf-8?B?cnJhVTdnNklZcnVCMW8rMHp5dkJRajR0U1VYZlJKUmhpUDR2cFRCYWVoTThI?= =?utf-8?B?NnU0QVhTTTR5YnlkLzFsRXBpRnJWZUsvOXJnV1U3aVZwNjEyeExhZy9oOE95?= =?utf-8?B?ZXRSdXRtRCs5WFlBaXBmMTRaeWZqWGY1eW54blJOVGVFUTJyanNQckRYblZB?= =?utf-8?B?REdndmJyVnRQV0wySVBNbWRnK0hNdkYzdmMrN2t1ZzZxdmhuQjlHcjZNeHMr?= =?utf-8?B?eDBIMlhYR3ROVXB0SVhCL2ZGUy9MZzZpWXgzZ2VyVHBidi9UdGtCanAxeC9q?= =?utf-8?B?cjhTNitNc3I5b1dreHlDSkJPOS9TRUpOVFY1MlN1RVBrUy9ETGNUeDU5NUJY?= =?utf-8?B?OHVLb2JldE1mTDZGK1U3NmlFK1BDczFuQ1dsNzJrMk5pWWJqMzRyMnJIcjdB?= =?utf-8?B?c3dSSG5RUmdVZ0FuZUh1cVpVbGJrd3hZWEZTRGpDKzhvUjZYS2hkSEZ3aU4r?= =?utf-8?B?VGJaUVZpWHM1eWlHWkFYUy9nT2xlRFMrY1lITFRHSGd4Yk13VEYyV0Q5MmJ6?= =?utf-8?B?WlhERm9qNEZTWVlNc3pwcXdEb2dzVDU3bG9WbXoxR2o1LzFHbGFDT0hrZnhx?= =?utf-8?B?ZzljSWp3aGJWUlpZU0VNdndrNlNCMHNraFVUNy9DSkxMS09vNnk3NVBicUVk?= =?utf-8?B?OVh4VVRrcGQwb21CQkFDRkZtcURMeldkN0ZvUHNwcmNPTnFnTWpZa0N6S0hh?= =?utf-8?B?amJwMFY4ZVFPQzVMZ0J1VFNTcEdPc0lIK2RPV1FaNm5YOVlwbmRyMldiTDhK?= =?utf-8?B?ZVh3cGEzbDh0RklrUXZVQkZESFN0dXNYaGtCSTduZ1pNbWQwWU9VZlZFbGNz?= =?utf-8?B?cHo0QzQ4YlpRUXE4bFFEUkk4ZjQ4Nm9KdUtmNG1wZ0xWNHNWY3ZSTXl3YjYv?= =?utf-8?B?QmNabE5QbkFabkhrWUFGT2krblhqMUo5eEpram5yUjJ5NUJlTU8vRnJJSU5a?= =?utf-8?B?V2NYb3I3SUpDODFHQnoyUEJWcVh6cytGZTdPK0cycm0wS1pGMkdHYXRhTjRQ?= =?utf-8?B?bnAvdWNicFZqbW5DMEN1aDNQM2hvRHdKTW9kUEIybG5LYkRPaENERHhoUDg5?= =?utf-8?B?cXBhQ2lSOWZORWNTYVNsYlJKZmpiRDllWS9vdDAvaUdMbkZCTFg1d2wvQ2M1?= =?utf-8?B?WEJvbjVOUDMwVVArUkQ1MXp6OE1pZmJTMVY1cEUvRmo0RjY2TWRkU1BFTHRJ?= =?utf-8?B?Qng0Sk9jVUZtNVNZTlI2dW4xS0ZFSU1DaVNOR2pxMStYTFczUkxmSlltZkEr?= =?utf-8?B?VW4zWTRYOXR0VUcxSnRUOEpZTlBqd3VQdWlEdVJxVXd6cmdsblRESDcyNEJy?= =?utf-8?B?K2x2M2FqWDV5NWw0eUl3SkpKNkJ4cUpKYURNYzgrVER6anJwOHRGTVBrOEUx?= =?utf-8?B?OG1sTE1RYlNiRVUydU5FV2Q5UVZMSTZZbTlWZTlab0VWZU52dGo3azBxSmE2?= =?utf-8?B?OUVYY3VCZ3BiWWFZamk3NkdxdHROWXFoMTlHbUwyNnUxQWM4MHBkT2tRWDJZ?= =?utf-8?B?bVJHSTRlTzJHdHBidXFOemVFcU1HdG9uZHFadVptUlNHU09FL2thSmZvS29Z?= =?utf-8?B?WGJxL2NJWWszaTdsd0VYblhJVUJxUUovNTVNc2tYTE95cm10dzZQZ01JdmQ4?= =?utf-8?B?RG9RMWZLNFZCdUt3RHhiRVYyMTVMZFJpMmN1L1JBeWhFRUU0UVlhbmgreVlw?= =?utf-8?B?N2Rld0creW9xN0kyV2pMWnA1MjNWWC9Jb2p3b0dHMVJEU3c9PQ==?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="utf-8" Content-ID: <66CEE197B2221943AEAC5AB89E1A48F0@FRAP264.PROD.OUTLOOK.COM> Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: cryptonext-security.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PR0P264MB1945.FRAP264.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 7cc4dddb-c529-4264-0820-08d9545c8d57 X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jul 2021 19:51:13.4253 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: da4a2df1-4b1b-489d-a7f4-224b58fd4200 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: CUwAC6euxalsvmNKJg4BVNjhOP+mfe5QeHTZ6Ahpwi45Iubpbb6YqRRoi1SW+Q5REYo9ybsRt+/RSsquciZg41+DDXSnvxNKoJ5wKc7AqmBHAV7LXMuY1b8frrR9j1KT X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR1P264MB1232 Archived-At: Subject: Re: [saag] danish report for saag X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jul 2021 19:51:23 -0000 SGksDQoNCkkgYW0gbmV3IGhlcmU7ICB3aGVyZSBpcyB0aGUgZ2l0aHViID8NCg0KQmVzdCBSZWdh cmRzLA0KDQpMdWRvdmljLA0KDQoNCi0tLS0tLSBNZXNzYWdlIGQnb3JpZ2luZSAtLS0tLS0NCkRl OiAiTWljaGFlbCBSaWNoYXJkc29uIiA8bWNyK2lldGZAc2FuZGVsbWFuLmNhPg0Kw4A6ICJzYWFn QGlldGYub3JnIiA8c2FhZ0BpZXRmLm9yZz47ICJkYW5pc2hAaWV0Zi5vcmciIDxkYW5pc2hAaWV0 Zi5vcmc+DQpFbnZvecOpIDogMzAvMDcvMjAyMSAyMjo0ODo0NQ0KT2JqZXQgOiBbc2FhZ10gZGFu aXNoIHJlcG9ydCBmb3Igc2FhZw0KDQo+DQo+VGhlIERBTklTSCBCT0YgbWV0IG9uIFR1ZXNkYXkg bW9ybmluZyBhdCBJRVRGLTExMS4NCj5UaGlzIHdhcyBhIFdHLWZvcm1pbmcgQk9GLCBhbmQgdGhl cmUgd2FzIGEgbG90IG1vcmUgZGlzY3Vzc2lvbiBhYm91dCB0aGUNCj5jaGFydGVyIGFuZCB0aGUg Z29hbHMgZm9yIHRoZSBXRy4gIE1hbnkgbm90ZWQgdGhhdCB0aGUgSUVURi0xMTAgQk9GIHNlZW1l ZA0KPndheSB0b28gcXVpZXQsIGFuZCB0aGUgQk9GIGNoYWlycyBoeXBvdGhlc2l6ZWQgdGhhdCBz Y2hlZHVsaW5nIGNvbmZsaWN0cw0KPm1lYW50IHRoYXQgd2UgZGlkIG5vdCBoYXZlIGVub3VnaCBv cGluaW9ucyBpbiB0aGUgcm9vbS4NCj4NCj5XZSBoYXZlIGNhcHR1cmVkIGEgbG90IG9mIG5vdGVz IGludG8gdGhlIGNvZGltZCwgd2hpY2ggaXMgbm93IHBvc3RlZCBvbg0KPmdpdGh1YiwgYW5kIHdp bGwgYmUgdXBsb2FkZWQuICAgVHVybmluZyB0aGUgY29tbWVudHMgaW50byByZXZpc2lvbnMNCj50 byB0aGUgY2hhcnRlciBpcyBub3cgdGhlIGhhcmQgcGFydC4NCj4NCj4tLQ0KPk1pY2hhZWwgUmlj aGFyZHNvbiA8bWNyK0lFVEZAc2FuZGVsbWFuLmNhPiAgIC4gbyBPICggSVB2NiBJw7hUIGNvbnN1 bHRpbmcgKQ0KPiAgICAgICAgICAgIFNhbmRlbG1hbiBTb2Z0d2FyZSBXb3JrcyBJbmMsIE90dGF3 YSBhbmQgV29ybGR3aWRlDQo+DQo+DQo+DQo+