IETF Security Area Advisory Group

Sean Turner | 2 Mar 2011 19:26

Re: Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS)

Well this draft is in the RFC editor queue:

http://datatracker.ietf.org/doc/draft-turner-sha0-sha1-seccon/

spt

On 3/2/11 12:20 PM, Phillip Hallam-Baker wrote:
> What is the SAAG view as to what crypto algorithms are appropriate for
> use at present?
>
> The reason I am asking is that this is being discussed in DANE and I
> am seeing a lot of argument by analogy. The assumption seems to be
> that since the legacy TLS infrastructure uses SHA1 and we cannot
> currently change that because there is a huge amount of legacy that
> DANE can also use SHA1 as it is 'plenty'.
>
> My view is that the Security Area Directorate should send a pretty
> clear message that use of SHA1 is now deprecated and that:
>
> 1) Support for SHA1 should not be approved in future protocols without
> a very compelling use case
>
> 2) New protocols should require support for SHA2-256 at the least.
>
> 3) Existing protocols should plan for a transition from SHA1 to a
> stronger hash in a manner that is downwards compatible.
>
>
> I don't think any of these is particularly controversial in the
> security area. Although it must be pointed out that at present we do

(Continue reading)

Paul Hoffman | 2 Mar 2011 20:36

Re: Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS)

On 3/2/11 12:20 PM, Phillip Hallam-Baker wrote:
> The reason I am asking is that this is being discussed in DANE and I
> am seeing a lot of argument by analogy. The assumption seems to be
> that since the legacy TLS infrastructure uses SHA1 and we cannot
> currently change that because there is a huge amount of legacy that
> DANE can also use SHA1 as it is 'plenty'.

This is a complete mischaracterization of the recent discussion on DANE. 
People should look at the archives 
(<http://www.ietf.org/mail-archive/web/keyassure/current/maillist.html>) 
for the past two days instead of believing Phill's description.

In specific, one person (Martin Rex) said that SHA-256, not SHA-1, was 
"plenty". No one has made any statements that back up Phill's supposed 
"assumption" other than to note that SHA-1 is still specified in recent 
RFCs.

FWIW, I believe that Martin said that SHA-256 was plenty was responding 
to Phill's earlier message on the thread that said "We really do need 
SHA2 in here as a MUST" without specifying which algorithms of SHA2 
needed to be mandated. That is, I think Martin was saying that SHA-256 
was plenty, and we did not need to mandate SHA-384 or SHA-512.

--Paul Hoffman

Phillip Hallam-Baker | 2 Mar 2011 18:20

Picon

Re: Fwd: NIST releases Draft FIPS 180-4, Secure Hash Standard (SHS)

What is the SAAG view as to what crypto algorithms are appropriate for
use at present?

The reason I am asking is that this is being discussed in DANE and I
am seeing a lot of argument by analogy. The assumption seems to be
that since the legacy TLS infrastructure uses SHA1 and we cannot
currently change that because there is a huge amount of legacy that
DANE can also use SHA1 as it is 'plenty'.

My view is that the Security Area Directorate should send a pretty
clear message that use of SHA1 is now deprecated and that:

1) Support for SHA1 should not be approved in future protocols without
a very compelling use case

2) New protocols should require support for SHA2-256 at the least.

3) Existing protocols should plan for a transition from SHA1 to a
stronger hash in a manner that is downwards compatible.

I don't think any of these is particularly controversial in the
security area. Although it must be pointed out that at present we do
not have a viable strategy for transitioning from SHA1 to SHA2.

None of my customers is going to buy a certificate for SHA2 unless the
protocols allow a server to also support legacy browsers without SHA2
support. Similarly, there is no value to introducing support for SHA2
in new browsers, the only way to get value is by withdrawing SHA1
support.

(Continue reading)

Thomas Roessler | 7 Mar 2011 14:16

Picon

W3C Candidate Recommendations for XML Signature, Encryption 1.1

For your information, W3C has announced Candidate Recommendations for XML Signature and Encryption 1.1
last Friday:

	http://www.w3.org/News/2011#entry-9027
	http://www.w3.org/TR/2011/CR-xmldsig-core1-20110303/
	http://www.w3.org/TR/2011/CR-xmlenc-core1-20110303/

If you have any questions, please let me know.

Thanks,
--
Thomas Roessler, W3C  <tlr <at> w3.org>  ( <at> roessler)

Stephen Farrell | 17 Mar 2011 19:06

Picon

Picon

SEC-AD changes for WGs


Hi all,

Since Tim is stepping down and I'll be taking over we needed
to redistribute WG duties. The list below is where we ended
up.

Sean: dkim, emu, isms, msec, pkix, tls, ltans, ipsecme
Stephen: abfab, dane, hokey, kitten, krb, nea

I guess this'll be formalised in a couple of weeks.

Regards,
Stephen.

Sean Turner | 18 Mar 2011 19:23

Tuesday Lunch Room

We've been assigned Tyrolka on Tuesday, March 29th (11:30-13:00)
for our Security Directorate meeting.

See you all there,

spt

Sean Turner | 18 Mar 2011 19:56

Re: Tuesday Lunch Room

So that was means for the security directorate.  My bad.

spt

On 3/18/11 2:23 PM, Sean Turner wrote:
> We've been assigned Tyrolka on Tuesday, March 29th (11:30-13:00)
> for our Security Directorate meeting.
>
> See you all there,
>
> spt
> _______________________________________________
> saag mailing list
> saag <at> ietf.org
> https://www.ietf.org/mailman/listinfo/saag
>

Sean Turner | 28 Mar 2011 10:14

WOES Bar BOF

I just wanted to let everybody know about the WOES Bar BOF:

* Room: Karlin I
* Date: 20:00 on Monday, 28th March 2011
* Relevant documents:
    - http://www.ietf.org/id/draft-rescorla-jsms-00.txt
    - http://tools.ietf.org/html/draft-jones-json-web-token-01

List info:

    - https://www.ietf.org/mailman/listinfo/woes

spt

Barry Leiba | 28 Mar 2011 15:00

Picon

DKIM meeting summary for IETF 80

DKIM working group session, IETF 80 (Prague), Monday, 28 March 2011.

Murray gave status of the implementation report document (includes
interoperability).  There are no issues with this document.  It will
not be last-called, but will only be used to support the 4871bis
advancement.  As such, it will be recorded on the IESG page with other
interoperability reports.

We reviewed the changes to 4871bis since the last reviewed version.
The editors believe they have all the open issues addressed.  Three
remaining changes required after discussion.  The schedule is set for
changes to be made by 10 April, WGLC after an updated version is
posted.

Murray listed some questions he has as editor of the mailing-lists
document.  We resolved all but one.  Remaining question is whether it
should be Informational or BCP.  Decision is BCP, while making it
clear when we're insufficiently certain about something.  The schedule
is set for changes to be made by 10 April, WGLC after an updated
version is posted.

We discussed the future of the working group.  Two charter items (3
and 4) not yet done, dealing with ADSP and updates to the
Informational deployment/operations documents.  Consensus in room and
jabber is to close.  Will confirm on the mailing list.  Tony noted
that there are changes to deployment/overview docs because changes in
4871bis.  We can handle those before the WG closes, or Stephen (as AD)
will sponsor that as an individual submission.

--

--

(Continue reading)

Peter Saint-Andre | 29 Mar 2011 00:41

FW: HTTP authentication side meeting

For those at IETF 80 interested in HTTP and authentication, there will
be a side meeting on Wednesday night for more in-depth discussion than
will be possible during the SAAG session on Thursday. Logistics are
20:00 in Karlin II/III. Further details below...

-------- Original Message --------
Subject: Re: [http-auth] side meeting on Wednesday, March 30
Date: Tue, 29 Mar 2011 02:37:30 +0900
From: Yutaka OIWA <y.oiwa <at> aist.go.jp>
To: http-auth <at> ietf.org <http-auth <at> ietf.org>

Dear all,

I'm looking forward to seeing you at 20:00 Wednesday in Karlin II/III.

My current plan for the side meeting is to mutually know each other's
face by
meeting face-to-face, and to share the problem space which is broken now and
which is to be fixed by our future working group (hopefully).
The important point here is that the solutions must be not only
implementable to
the HTTP client/server, but also deployable and usable by Web
applications. I
believe this is the most problematic point of current largely-unused
solutions
including TLS client certificate authentication.

I will prepare a small presentation which will describe *my* view of
what should
be done.  Your opinions and views are very welcome.

(Continue reading)

Group

gmane.ietf.saag.

Project Web Page

IETF Security Area Advisory Group

Search Archive

Page

1 | 2 | 3 | 4

Articles in period: 30

March 2011

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Fwd: Just Announced: New NIST Security Controls Document - SP 800-53 R (7 May 2013)
Biggest Fake Conference in Computer Science (27 Apr 2013)
BoF dates for Berlin IETF (23 Apr 2013)
Requesting review of AES-GCM and AES-CCM Authenticated Encryption in S (18 Apr 2013)
SSH user key management - new draft and mailing list (6 Apr 2013)
Fwd: Fwd: Choosing a header compression algorithm (30 Mar 2013)
FW: New Version Notification for draft-moriarty-pkcs12v1-1-01.txt (25 Mar 2013)
IETF-86 draft saag minutes (22 Mar 2013)
security consideration of CGA and SSAS - Ii-D action : draft-rafiee-6m (18 Mar 2013)
Off-the-Record (OTR) Messaging Protocol version 3 (14 Mar 2013)
Off-the-Record (OTR) Messaging Protocol version 2 (14 Mar 2013)
SACM Meeting Summary (14 Mar 2013)
Kitten Summary - IETF 86 (14 Mar 2013)
TLS Meeting Preview (14 Mar 2013)
OAUTH summary (part 1) at IETF-86 (14 Mar 2013)
IETF 86 Slides Up (14 Mar 2013)
IETF 86 KARP Summary for SAAG (14 Mar 2013)
MILE Meeting Summary (14 Mar 2013)
IPSECME summary for IETF 86 (14 Mar 2013)
HTTPAuth Summary for SAAG (14 Mar 2013)
saag summary for nea (13 Mar 2013)

Archives

4	May 2013
4	April 2013
39	March 2013
1	February 2013
37	January 2013
12	December 2012
45	November 2012
68	October 2012
7	September 2012
25	August 2012
174	July 2012
107	June 2012
81	May 2012
9	April 2012
36	March 2012
3	February 2012
12	January 2012
9	December 2011
41	November 2011
16	October 2011
18	September 2011
30	August 2011
81	July 2011
43	June 2011
31	May 2011
71	April 2011
30	March 2011
13	February 2011
11	January 2011
22	December 2010
36	November 2010
23	October 2010
5	September 2010
40	August 2010
38	July 2010
16	June 2010
12	May 2010
7	April 2010
17	March 2010
2	February 2010
3	January 2010
3	December 2009
24	November 2009
10	October 2009
1	September 2009
8	August 2009
16	July 2009
6	June 2009
4	May 2009
56	April 2009
84	March 2009
41	February 2009
63	January 2009
110	December 2008
30	November 2008
25	October 2008
14	September 2008
10	August 2008
18	July 2008
4	June 2008
5	May 2008
17	April 2008
37	March 2008
38	February 2008
27	January 2008
41	December 2007
1	November 2007
6	October 2007
29	September 2007
6	August 2007
15	July 2007
33	June 2007
43	May 2007
38	March 2007
6	February 2007
24	January 2007
31	December 2006
23	November 2006
11	October 2006
11	September 2006
2	August 2006
12	July 2006
24	May 2006
4	April 2006
5	March 2006
30	February 2006
8	December 2005
4	November 2005
32	October 2005
6	September 2005
26	August 2005
9	July 2005
23	June 2005
36	May 2005
7	April 2005
56	March 2005
25	February 2005
68	January 2005
3	December 2004
57	November 2004
17	October 2004
42	September 2004
83	August 2004
8	July 2004
8	June 2004
4	May 2004
16	April 2004

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template