[04:50:03] David Oliver joins the room
[04:50:03] Shigeya Suzuki joins the room
[04:50:03] Scott Fluhrer joins the room
[04:50:03] RAJARAM Gnanajeyaraman joins the room
[04:50:03] Paolo Saviano joins the room
[04:50:03] Armando Faz-Hernández joins the room
[04:50:03] Tsunekazu Saito joins the room
[04:50:07] Tsunekazu Saito leaves the room
[04:50:59] Jonathan Hammell joins the room
[04:51:00] Yunchul Choi joins the room
[04:51:41] Ira McDonald joins the room
[04:51:50] Stanislav Smyshlyaev joins the room
[04:52:06] Michael StJohns joins the room
[04:52:18] Phillip Hallam-Baker joins the room
[04:53:04] Kai Mindermann joins the room
[04:53:07] Kirsty P joins the room
[04:53:09] Deb Cooley joins the room
[04:53:31] Fraser Tweedale joins the room
[04:54:17] Tsunekazu Saito joins the room
[04:54:21] Joseph Salowey joins the room
[04:54:33] Joseph Salowey leaves the room
[04:54:49] Alexey Melnikov_255 joins the room
[04:55:04] Bruno Rijsman joins the room
[04:55:12] Gabriel Montenegro joins the room
[04:55:18] Christopher Wood joins the room
[04:55:26] <Kai Mindermann> Good Morning from Germany
[04:55:39] Oshani Dayaratna leaves the room
[04:55:42] Oshani Dayaratna joins the room
[04:55:53] <Alexey Melnikov_255> Good Morning!
[04:55:55] tim costello joins the room
[04:55:55] Colin Perkins joins the room
[04:56:06] Taiji Kimura joins the room
[04:56:21] Marco Hogewoning joins the room
[04:56:28] Gustavo joins the room
[04:56:35] Nick Banks joins the room
[04:56:50] Taiji Kimura leaves the room
[04:56:59] Randy Bush joins the room
[04:57:13] Taiji Kimura joins the room
[04:57:14] Steffen Klassert joins the room
[04:57:18] Burt Kaliski joins the room
[04:57:28] Bob Moskowitz joins the room
[04:57:55] Robert Moskowitz joins the room
[04:58:05] Dan Harkins joins the room
[04:58:07] Yoav Nir joins the room
[04:58:26] alex-meetecho joins the room
[04:58:38] Joseph Salowey joins the room
[04:58:47] Tero Kivinen joins the room
[04:58:57] Björn Haase joins the room
[04:59:07] Russ Housley joins the room
[04:59:16] Colin Perkins leaves the room
[04:59:23] Dan McArdle joins the room
[04:59:25] Gabriel Montenegro leaves the room
[04:59:33] Colin Perkins joins the room
[04:59:34] David Schinazi joins the room
[04:59:34] Gabriel Montenegro joins the room
[04:59:47] Martin Thomson joins the room
[05:00:04] Kazuho Oku joins the room
[05:00:14] Satoru Kanno joins the room
[05:00:39] Jonathan Hoyland joins the room
[05:00:44] Carrick joins the room
[05:00:47] Paul Wouters joins the room
[05:01:06] David Schinazi leaves the room
[05:01:11] David Schinazi joins the room
[05:01:15] synp joins the room
[05:01:16] Melinda joins the room
[05:01:22] Daniel Migault joins the room
[05:01:24] Andrei Popov joins the room
[05:01:28] David Schinazi leaves the room
[05:01:30] Peter Koch joins the room
[05:01:34] David Schinazi joins the room
[05:01:37] Christopher Patton joins the room
[05:01:42] synp has set the subject to: CFRG meeting (109 online)
[05:01:47] Eric Kinnear joins the room
[05:02:16] <Martin Thomson> eye chart
[05:02:19] Nick Harper joins the room
[05:02:21] Yumi Sakemi joins the room
[05:02:32] Paolo Saviano leaves the room
[05:02:34] David Schinazi leaves the room
[05:02:35] Paolo Saviano joins the room
[05:02:42] Roberto Polli joins the room
[05:02:44] Kevin Lewi joins the room
[05:02:45] Daniel Gillmor joins the room
[05:02:45] David Schinazi joins the room
[05:02:51] Leonie Bruckert joins the room
[05:03:11] Yumi Sakemi leaves the room
[05:03:21] Yumi Sakemi joins the room
[05:03:27] Yumi Sakemi leaves the room
[05:03:42] Corey Bonnell joins the room
[05:03:49] <Randy Bush> double click slide and it expands
[05:03:51] Kevin Jacobs joins the room
[05:03:56] Eric Rescorla joins the room
[05:03:59] Yumi Sakemi joins the room
[05:04:03] dkg joins the room
[05:04:14] Tommy C joins the room
[05:05:02] Nasrul Zikri joins the room
[05:05:39] Quynh Dang joins the room
[05:05:47] Benjamin Kaduk joins the room
[05:07:05] Alexey Melnikov joins the room
[05:07:06] Nick Sullivan joins the room
[05:07:17] David Benjamin joins the room
[05:08:19] Henry de Valence joins the room
[05:09:00] Jennifer Gabriel joins the room
[05:09:25] <dkg> we can hear you and see you
[05:09:29] <Dan Harkins> yes
[05:09:30] <Bruno Rijsman> yes, we can hear you
[05:09:32] <Dan Harkins> hear you
[05:10:01] kaduk@jabber.org/barnowl joins the room
[05:10:39] Nasrul Zikri leaves the room
[05:10:40] <dkg> this countdown clock is making me anxious!!
[05:10:56] Nasrul Zikri joins the room
[05:11:05] <kaduk@jabber.org/barnowl> What do you think will happen when the clock reaches 00:00, dkg?
[05:11:30] <dkg> that's exactly the problem: i don't know.  the rocket has already been launched, yes?
[05:11:36] Pete Resnick joins the room
[05:12:24] Ehsan Hemmati joins the room
[05:12:29] Hiroyuki Goto joins the room
[05:12:49] Ehsan Hemmati leaves the room
[05:13:30] Hernâni Marques joins the room
[05:13:38] Hiroyuki Goto leaves the room
[05:13:54] Pete Resnick leaves the room
[05:14:31] Yunchul Choi leaves the room
[05:14:39] Michael Jenkins joins the room
[05:14:45] Kazuho Oku leaves the room
[05:15:04] Rich Salz joins the room
[05:15:04] Ali Hussain joins the room
[05:15:07] Michael Jenkins leaves the room
[05:15:21] Kevin Lewi leaves the room
[05:15:43] Patrick Tarpey joins the room
[05:15:46] Jana Iyengar joins the room
[05:15:51] metricamerica joins the room
[05:16:03] <Carrick> David, lol
[05:16:12] Loren McIntyre joins the room
[05:16:13] Mark Baushke joins the room
[05:16:15] Ali Hussain leaves the room
[05:16:21] Kevin Lewi joins the room
[05:16:26] Ali Hussain joins the room
[05:16:44] Michael Jenkins joins the room
[05:16:44] <Jonathan Hoyland> I wonder if you could use this to secretly store data.
[05:17:20] Ali Hussain leaves the room
[05:17:37] Valery Smyslov joins the room
[05:17:38] Valery Smyslov leaves the room
[05:17:41] Valery Smyslov joins the room
[05:17:44] Valery Smyslov leaves the room
[05:17:51] Patrick Tarpey leaves the room
[05:17:56] Valery Smyslov joins the room
[05:18:21] Mark Baushke_334 joins the room
[05:18:40] <Jonathan Hoyland> Quite a sneaky way to store key material say. The key in the envelope doesn't _have_ to relate to the AKE. You wouldn't be able to log in, but that's perhaps even an advantage.
[05:18:43] Valery Smyslov leaves the room
[05:18:49] Valery Smyslov joins the room
[05:20:22] Jana Iyengar leaves the room
[05:22:12] <Rich Salz> that's clever.
[05:22:50] Nitin joins the room
[05:23:07] Nasrul Zikri leaves the room
[05:23:12] jhoyla joins the room
[05:23:13] Roland Jesske joins the room
[05:23:13] jhoyla leaves the room
[05:24:28] <Dan Harkins> KABOOM!
[05:24:34] Nasrul Zikri joins the room
[05:24:42] <Paul Wouters> stop the count!
[05:25:34] <Rich Salz> not funny paul :)
[05:26:52] <Jonathan Hoyland> Is anyone else having issues connecting to jabber directly?
[05:28:32] <kaduk@jabber.org/barnowl> I'm connected to jabber directly.
[05:29:19] Hernâni Marques leaves the room
[05:30:38] Hernâni Marques joins the room
[05:31:36] Karen O'Donoghue joins the room
[05:31:48] jhoyla joins the room
[05:32:08] <jhoyla> Ah, seems to be an XMPP.jp issue.
[05:32:15] Nasrul Zikri leaves the room
[05:32:42] Ali Hussain joins the room
[05:32:47] Nasrul Zikri joins the room
[05:33:11] Ali Hussain leaves the room
[05:34:51] <Jonathan Hoyland> Can G be the zero element?
[05:35:05] <Jonathan Hoyland> Assuming one exists.
[05:35:10] Meetecho joins the room
[05:35:54] Hernâni Marques leaves the room
[05:35:57] Hernâni Marques joins the room
[05:36:55] Nasrul Zikri leaves the room
[05:36:59] Nasrul Zikri joins the room
[05:37:08] Nasrul Zikri leaves the room
[05:37:11] Nasrul Zikri joins the room
[05:38:00] <synp> Only 30 seconds remain...
[05:38:11] <Jonathan Hoyland> Wasn't the purpose of the competition to select at most one PAKE?
[05:39:14] <kaduk@jabber.org/barnowl> at most one agmented and at most one symmetric, I thought
[05:39:32] <jhoyla> Seems somewhat pointless if all the non-winning candidates can then get standardised later though, no?
[05:39:54] <Christopher Wood> What non-winning candidates are you referring to?
[05:40:16] <kaduk@jabber.org/barnowl> I mean, SPAKE2 is a non-winning candidate
[05:40:30] <Jonathan Hoyland> For example.
[05:40:33] <Bruno Rijsman> Share your powerpoint app instead of the full screen
[05:40:40] <Dan Harkins> are you suggesting to not advance SPAKE2?
[05:40:51] <Christopher Wood> SPAKE2 started before the competition.
[05:41:39] <Jonathan Hoyland> Thus the competition should have been at most one augmented PAKE.
[05:42:01] <Jonathan Hoyland> If we had already decided to go with SPAKE2 as our balanced PAKE.
[05:42:14] <Christopher Wood> I'd encourage you to check out https://github.com/cfrg/pake-selection.
[05:43:00] <kaduk@jabber.org/barnowl> I don't think we had decided that SPAKE2 is "our balanced PAKE" but
rather that it would be of value to the internet community to have
available in an RFC
[05:43:26] Behcet Sarikaya joins the room
[05:43:45] <Dan Harkins> SPAKE2 is being used by people so it makes sense to document it even if it is not the "approved" PAKE.
[05:44:12] <Rich Salz> we have a history of doing this, e.g. many of Simon's writeups
[05:45:02] Behcet Sarikaya leaves the room
[05:46:57] Daniel Gillmor leaves the room
[05:48:30] Ali Hussain joins the room
[05:48:34] Ali Hussain leaves the room
[05:48:42] Ali Hussain joins the room
[05:49:26] Ali Hussain leaves the room
[05:49:30] Hernâni Marques leaves the room
[05:49:40] Hernâni Marques joins the room
[05:49:49] Michael Jenkins leaves the room
[05:49:51] Ali Hussain joins the room
[05:50:04] Yumi Sakemi leaves the room
[05:50:11] Yumi Sakemi joins the room
[05:50:29] Hernâni Marques leaves the room
[05:50:32] Hernâni Marques joins the room
[05:50:40] Hernâni Marques leaves the room
[05:50:47] Hernâni Marques joins the room
[05:51:07] Yumi Sakemi leaves the room
[05:51:34] Hernâni Marques leaves the room
[05:51:35] Yumi Sakemi joins the room
[05:53:34] Kai Mindermann leaves the room
[05:53:37] Kai Mindermann joins the room
[05:53:37] Kai Mindermann leaves the room
[05:53:42] Kai Mindermann joins the room
[05:54:14] Roland Jesske leaves the room
[05:55:02] Hernâni Marques joins the room
[05:55:09] <Christopher Wood> https://cfrg.github.io/draft-irtf-cfrg-hash-to-curve/draft-irtf-cfrg-hash-to-curve.html#name-hashing-to-ristretto255
[05:55:18] Joseph Salowey leaves the room
[05:55:21] Joseph Salowey joins the room
[05:55:25] Joseph Salowey leaves the room
[05:55:28] Joseph Salowey joins the room
[05:57:02] <Christopher Wood> @Henry^^^
[05:57:11] Jianfei(Jeffrey) HE joins the room
[05:57:53] <Daniel Migault> not hearing anything.
[05:57:55] <kaduk@jabber.org/barnowl> I lost MT's audio
[05:57:59] Nick Harper leaves the room
[05:58:00] David Benjamin leaves the room
[05:58:00] Hernâni Marques leaves the room
[05:58:04] Nick Harper joins the room
[05:58:04] David Benjamin joins the room
[05:58:06] Hernâni Marques joins the room
[05:58:07] <kaduk@jabber.org/barnowl> I guess we should try the "reconnect audio" button in the lower right
[05:58:12] Kirsty P leaves the room
[05:58:13] <Daniel Migault> he is back.
[05:58:14] metricamerica leaves the room
[05:58:14] <jhoyla> Lost MT's audio and Stanislav's video.
[05:58:16] <Roberto Polli> oknow
[05:58:17] Christopher Patton leaves the room
[05:58:17] <Dan Harkins> you're back
[05:58:17] Kirsty P joins the room
[05:58:18] <jhoyla> And they're back.
[05:58:22] Christopher Patton joins the room
[05:58:26] Rich Salz leaves the room
[05:58:31] Rich Salz joins the room
[05:58:36] Stanislav Smyshlyaev leaves the room
[05:58:40] Ira McDonald leaves the room
[05:58:51] <jhoyla> What happened to the timer?
[05:59:04] Daniel Gillmor joins the room
[05:59:07] <Dan Harkins> are these "SIV mode limits" for GCM-SIV or SIV by itself?
[05:59:12] Stanislav Smyshlyaev joins the room
[05:59:16] <kaduk@jabber.org/barnowl> I guess the last thing was the final countdown.
[05:59:20] Ira McDonald joins the room
[05:59:36] <Rich Salz> damn, now the melody is stuck in my head
[05:59:59] <Paul Wouters> wasnt SIV IPR complicated? or is that just AES-SIV ?
[06:00:10] Christopher Patton leaves the room
[06:00:13] Christopher Patton joins the room
[06:00:24] <Dan Harkins> there are no IPR complications for AES-SIV
[06:00:28] <Jonathan Hoyland> :joy:
[06:00:34] <Ira McDonald> missed almost all the audio from Martin - will recording recover all that?
[06:00:41] <Paul Wouters> DH: ok thanks
[06:00:43] <Dan Harkins> not sure where that allegation came from....
[06:00:52] <Christopher Wood> AES-GCM-SIV, IMO
[06:01:09] <Paul Wouters> ohh right.
[06:01:32] <synp> mic: So I just read the draft, and I'm missing terms like "gigabyte".  It has things like p - the probability of an attack, which I don't know where people can take from
[06:01:59] <synp> So I think it should have some kind of table with actual gigabytes before you need to rekey
[06:03:18] Britta Hale joins the room
[06:04:04] <synp> That's why it's a table
[06:04:20] <synp> Like for 64-byte packets, 1K packets, 8K, etc
[06:04:31] <Christopher Wood> I'd recommend checking out the analysis in QUIC, which basically fixes parameters and uses the analysis in this document to derive limits.
[06:05:00] <Eric Rescorla> we could provide a little JS program that would let you fill in the numbers
[06:05:10] <Martin Thomson> chris did
[06:05:13] <Christopher Wood> https://github.com/chris-wood/interactive-aead-limits
[06:05:21] <Christopher Wood> https://chris-wood.github.io/interactive-aead-limits/index.html
[06:05:29] <Eric Rescorla> Just base64 that sucker and put it in the draft
[06:05:35] <Christopher Wood> :D
[06:05:44] Kevin Lewi leaves the room
[06:05:54] <zulipbot> [zulip] <Loren McIntyre> ah, a table wouldn't age well either
[06:06:17] Björn Haase leaves the room
[06:06:20] Björn Haase joins the room
[06:06:24] <Martin Thomson> feedback on mic is terrible,  distinguishing between blue and grey is not that good
[06:06:39] <Jonathan Hoyland> One day we'll have interactive IETF drafts :p
[06:07:19] <zulipbot> [zulip] <Loren McIntyre> and we'll get the diffs by email! :p
[06:07:48] <Martin Thomson> zulipbot we already get diffs by email in some working groups
[06:08:09] <Jonathan Hoyland> @MT It also takes a few moments between the Play symbol becoming a Stop symbol, and you being able to actually speak.
[06:08:29] <dkg> the order of presentations here is pretty odd -- the OPAQUE presentation took understanding OPRF as a given, but now we're explaining OPRF?
[06:08:32] <Martin Thomson> I'm aware of the lag; it's the feedback about state that is what I'm complaining about
[06:08:58] <Jonathan Hoyland> They're both annoying :P
[06:09:20] <Eric Rescorla> @dkg: we will be explaining elliptic curves next
[06:09:39] <Eric Rescorla> followed by addition
[06:09:50] <Deb Cooley> modulare addition
[06:09:51] <dkg> to be fair, i'm not complaining about this presentation: i find it really useful to cover things at this level.  I'm sure i'm not the only one who doesn't fully grok OPRFs.  I'm just suggesting that chairs might want to consider the order of presenations next time.
[06:10:01] Nasrul Zikri leaves the room
[06:10:18] <kaduk@jabber.org/barnowl> dkg: so you're saying that presentations are not commutative?
[06:10:19] <Joseph Salowey> Does the AEAD limits doc discuss varying GCM nonce length?
[06:10:48] <Martin Thomson> Joe: no, we assume that you do the sane thing and use a 96-bit nonce
[06:11:03] <Martin Thomson> with a randomized base, like in TLS 1.3 or QUIC
[06:11:18] <Martin Thomson> otherwise, the analysis is substantially different
[06:11:19] <dkg> kaduk, i'm pretty sure they are not
[06:11:44] Kai Mindermann leaves the room
[06:11:49] Kai Mindermann joins the room
[06:11:57] Leonie Bruckert leaves the room
[06:12:04] Nasrul Zikri joins the room
[06:12:33] <jhoyla> @dkg Maybe it's like a LaTeX document, and you have to do several passes to get all the references right :joy:
[06:12:47] <Jonathan Hammell> Why is the ristretto255 ciphersuite using SHA-512 rather than SHA-256 for the 128 bit security level?
[06:12:51] <Eric Rescorla> @MT: to clarify a 96-bit counter with a mask
[06:12:56] <Stanislav Smyshlyaev> dkg: Thanks for the consideration! In fact the VOPRF slides could be just a quick update (since we've already discussed VOPRF in general during the meetings), but since they help to recall the whole thing they could be useful before OPAQUE presentation.
[06:13:15] <Christopher Wood> Ed25519 requires SHA512, so it makes sense to just use SHA512 (otherwise you'd have to have an implementation of SHA256 as well)
[06:13:34] <Jonathan Hammell> @Chris: thanks
[06:13:35] <Henry de Valence> :+1:
[06:14:03] <Henry de Valence> SHAKE256 would be a reasonable choice without that constraint
[06:14:07] <Martin Thomson> ekr, yes random value that you add or xor a counter with
[06:14:18] Gabriel Montenegro leaves the room
[06:14:43] Peter Koch leaves the room
[06:15:11] David Oliver leaves the room
[06:16:20] RAJARAM Gnanajeyaraman leaves the room
[06:16:58] <Martin Thomson> This problem is one that I blame the CFRG for.
[06:17:38] <Martin Thomson> I want sensible defaults and for most people to use those defaults.
[06:17:50] Bruno Rijsman leaves the room
[06:18:17] Antony Antony joins the room
[06:18:23] <Jonathan Hoyland> This doesn't consider people who incorrectly believe they are experts :P
[06:18:27] <Tero Kivinen> and now we have new parameter for AES, i.e., the p and v and so on, so we can calculate when to do rekey...
[06:19:26] <Eric Rescorla> Well, I don't think we can blame the CFRG for confusion about AES parameters
[06:19:38] mcr joins the room
[06:21:30] Roland Jesske joins the room
[06:21:33] <Dan Harkins> Martin, are you pining for misuse resistance?
[06:21:59] <Martin Thomson> Dan, none of the applications I currently work on care about nonce misuse resistance.
[06:22:00] <dkg> i like the idea of robust, regularly-updated, sensible defaults.  but i'm concerned that the level of abstraction and overhead here to make it 100% generic will also make it very difficult to actually deploy (and for people to adopt).
[06:22:03] <Dan Harkins> not having to worry about random values added
[06:22:29] <synp> I don't think the "top secret" vs "secret" distinction is meaningful.  It's been many years since we had a "good" algorithm that is significantly more expensive than a "good enough" algorithm.  It's pretty much AES-GCM that you want for performance.   There is a bit of trade-off in curve length, but not enough that this distinction makes sense.
[06:22:37] mcr leaves the room
[06:22:50] <Rich Salz> outside of TLS, which would be hard to fit into this I think, what other crypto is there in widespread use?
[06:22:52] <Eric Rescorla> @dkg: I'm also quite worried about what happens when you have interop issues
[06:22:52] <Dan Harkins> the what are you blaming CFRG for regarding random numbers you are required to XOR?
[06:22:54] <dkg> look at how difficult it has been to get consensus around just parameters for TLS itself
[06:23:20] <dkg> Rich, if TLS doesn't fit into this, what does?
[06:23:31] <Eric Rescorla> like what happens when I want to send COSE to someone who is on a different update cycle and suddenly I am using AES-2048 and he only has AES-1024
[06:23:38] <Eric Rescorla> (Yes, that's a silly example)
[06:23:39] <Martin Thomson> Dan, take a quick look at argon and tell me what parameters I need to use.
[06:23:40] Roland Jesske leaves the room
[06:23:45] <kaduk@jabber.org/barnowl> > what other crypto is there in widespread use
kerberos?  IKEv2?
[06:23:54] <synp> @Rich: IKE, SSH.  But they all have the same issues as TLS
[06:24:01] <Jonathan Hoyland> QUIC?
[06:24:11] <Carrick> QUIC is TLS
[06:24:13] <Eric Rescorla> TLS ~= QUIC for the purposes of this discussion
[06:24:13] <dkg> wireguard, ssh, CMS (S/MIME), OpenPGP, SUIT, etc
[06:24:19] <Eric Rescorla> EME
[06:24:22] <Carrick> Disk encryption?
[06:24:22] Kirsty P leaves the room
[06:24:31] Kirsty P joins the room
[06:24:32] <Rich Salz> okay thanks.  TLS 1.3 has six choices, and now you're gonna break it up?
[06:24:43] Roland Jesske joins the room
[06:24:45] <Rich Salz> AES384?
[06:24:49] <Jonathan Hoyland> MLS?
[06:25:08] <Valery Smyslov> Lake?
[06:25:18] <Eric Rescorla> AES384 is for losers. AES512
[06:25:23] <Eric Rescorla> Also, AES521
[06:25:28] Paul Wouters leaves the room
[06:25:43] <Eric Rescorla> which is the best prime
[06:25:44] <dkg> Rich, i'm not recommending breaking TLS up.  i'm pointing out how hard it was to get TLS to narrow down to the smallish set that it has
[06:25:45] <synp> Last time I measured, AES-256 was about 7% slower than AES-128.  Not worth the effort
[06:26:03] Kirsty P leaves the room
[06:26:11] <Martin Thomson> I do think that the aead limits are a consequence of us not having better ciphers.  AES-512 would be great.
[06:26:15] <Rich Salz> RedHat did a lot of work standardizing crypto work platform, worth taking a look at it.
[06:26:44] <synp> Maybe we can call one of the sets "Suite-B"
[06:26:57] <Carrick> @synp haha
[06:26:57] <Rich Salz> HA
[06:27:16] <Jonathan Hoyland> Instead of Top Secret and Secret we could have Secure and Legacy.
[06:27:28] Kirsty P joins the room
[06:27:30] <Carrick> haha
[06:27:32] <Martin Thomson> How about Recommended and not?
[06:27:53] <Eric Rescorla> you need to throw me out of the queue
[06:27:54] <Jonathan Hoyland> Well what's the difference between "not recommended" and custom?
[06:27:57] <synp> IPsec had its own suites.  They were called VPN-A and VPN-B and then we added something with elliptic curves.  Nobody ever used them.
[06:27:58] <dkg> ha ha rich is a floating head
[06:28:07] <Tero Kivinen> In IPsec we have the crypto UI suites, i.e. named crypto parameter sets for user interfaces.
[06:28:18] <Bob Moskowitz> Fedora 33 is doing this.
[06:28:23] <Bob Moskowitz> In beta
[06:28:31] <Carrick> Rich I thought your lighting looked great!
[06:28:43] <synp> @Tero: yeah, and AFAIK there is exactly one vendor who put the UI suites in the configuration
[06:28:44] <Rich Salz> I am the great and power $alz
[06:28:48] <Martin Thomson> time to mute rich
[06:29:14] <Valery Smyslov> IPsec crypto UI suites weren't updated for a long time. I wonder if many people use them///
[06:29:29] Ali Hussain leaves the room
[06:29:45] <Roberto Polli> @bob is  this it? https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
[06:29:57] <Tero Kivinen> Last time I talked with UI people about using them they say yes, sure put them there, but we still want to be able to allow user to pick every single parameter, as otherwise they do not think things are secure, unless they can pick dozens of different configuration parameters they have no idea what they do :-)
[06:30:09] <synp> @Valery: Check Point had it in the GUI.  About zero customers used it to configure their VPN
[06:30:13] Ira McDonald leaves the room
[06:30:14] Roland Jesske leaves the room
[06:30:18] Ira McDonald joins the room
[06:30:22] <Rich Salz> "fedora crypto policies" turns up several useful pages
[06:30:29] mt joins the room
[06:30:34] <Jonathan Hoyland> @Stanislav Thanks
[06:30:43] <Valery Smyslov> @synp: that's whap I suspected
[06:30:43] <kaduk@jabber.org/barnowl> Let the user pick every single parameter, like SSLv3 is better than
TLSv1.0 because 3 > 1?
[06:30:46] <Kai Mindermann> There should of course be two interfaces, one for the experts or to further tailor the used algorithms/parameters, but there should also be an easier one that is also secure already
[06:31:06] <Carrick> Isn't Tink a library that attempts to simplify things like this for developers?
[06:31:20] <Kai Mindermann> Yes Tink is great
[06:31:27] <Eric Rescorla> @kaduk: it's 3x better
[06:31:46] <Rich Salz> 2.999 (roundoff) times
[06:31:48] <Eric Rescorla> but only 2.3x better than TLS 1.3
[06:31:48] <Kai Mindermann> SCC is like Tink only standardized, if Tink would use COSE or any standard format, that would be great of course
[06:31:54] <Jonathan Hoyland> @Kaduk but S &lt; T
[06:32:17] Eric Rescorla leaves the room
[06:32:21] Daniel Gillmor leaves the room
[06:32:21] David Benjamin leaves the room
[06:32:21] Corey Bonnell leaves the room
[06:32:22] Kirsty P leaves the room
[06:32:23] Hernâni Marques leaves the room
[06:32:23] Christopher Patton leaves the room
[06:32:23] Michael StJohns leaves the room
[06:32:23] Kevin Jacobs leaves the room
[06:32:24] Valery Smyslov leaves the room
[06:32:24] Rich Salz leaves the room
[06:32:24] Andrei Popov leaves the room
[06:32:24] Britta Hale leaves the room
[06:32:24] Martin Thomson leaves the room
[06:32:25] Björn Haase leaves the room
[06:32:25] Carrick leaves the room
[06:32:26] Nick Harper leaves the room
[06:32:26] <Roberto Polli> bye
[06:32:26] Quynh Dang leaves the room
[06:32:26] Dan McArdle leaves the room
[06:32:27] Fraser Tweedale leaves the room
[06:32:27] Dan Harkins leaves the room
[06:32:27] Scott Fluhrer leaves the room
[06:32:28] Robert Moskowitz leaves the room
[06:32:28] <Jonathan Hoyland> Bye all.
[06:32:28] Nick Sullivan leaves the room
[06:32:29] Bob Moskowitz leaves the room
[06:32:31] Jennifer Gabriel leaves the room
[06:32:31] <Kai Mindermann> thank you, byee
[06:32:32] Daniel Migault leaves the room
[06:32:32] Russ Housley leaves the room
[06:32:35] Nick Banks leaves the room
[06:32:35] tim costello leaves the room
[06:32:35] Tero Kivinen leaves the room
[06:32:35] David Schinazi leaves the room
[06:32:38] Ira McDonald leaves the room
[06:32:38] Gustavo leaves the room
[06:32:39] Henry de Valence leaves the room
[06:32:39] Jonathan Hammell leaves the room
[06:32:39] Steffen Klassert leaves the room
[06:32:39] Jonathan Hoyland leaves the room
[06:32:40] Deb Cooley leaves the room
[06:32:41] Jianfei(Jeffrey) HE leaves the room
[06:32:41] Yumi Sakemi leaves the room
[06:32:43] Alexey Melnikov_255 leaves the room
[06:32:43] Burt Kaliski leaves the room
[06:32:47] Yoav Nir leaves the room
[06:32:49] Melinda leaves the room
[06:32:50] Nasrul Zikri leaves the room
[06:32:51] Satoru Kanno leaves the room
[06:32:52] Phillip Hallam-Baker leaves the room
[06:32:53] Joseph Salowey leaves the room
[06:33:01] Armando Faz-Hernández leaves the room
[06:33:03] <zulipbot> [zulip] <Loren McIntyre> mcint: who commented about the limitations/concerns for machine readable interfacing
[06:33:12] Nitin leaves the room
[06:33:14] synp leaves the room
[06:33:14] Stanislav Smyshlyaev leaves the room
[06:33:20] Loren McIntyre leaves the room
[06:33:27] Kai Mindermann leaves the room
[06:33:38] Peter Koch joins the room
[06:33:39] Tommy C leaves the room
[06:33:39] Leonie Bruckert joins the room
[06:33:44] Leonie Bruckert leaves the room
[06:33:47] Leonie Bruckert joins the room
[06:33:49] Taiji Kimura leaves the room
[06:34:02] Peter Koch leaves the room
[06:34:08] Colin Perkins leaves the room
[06:34:36] Tsunekazu Saito leaves the room
[06:34:46] Leonie Bruckert leaves the room
[06:34:50] Mark Baushke_334 leaves the room
[06:35:49] Roberto Polli leaves the room
[06:38:49] Antony Antony leaves the room
[06:38:49] Shigeya Suzuki leaves the room
[06:38:49] Karen O'Donoghue leaves the room
[06:38:49] Christopher Wood leaves the room
[06:38:49] Randy Bush leaves the room
[06:38:49] Marco Hogewoning leaves the room
[06:38:49] Oshani Dayaratna leaves the room
[06:38:49] Benjamin Kaduk leaves the room
[06:38:49] Eric Kinnear leaves the room
[06:38:49] Paolo Saviano leaves the room
[06:39:09] alex-meetecho leaves the room
[06:47:11] Mark Baushke leaves the room
[07:06:07] Alexey Melnikov leaves the room
[07:06:50] Meetecho leaves the room
[08:23:12] mt leaves the room
[08:24:29] undefined[m] joins the room
[09:36:54] jhoyla leaves the room
[11:27:54] dkg leaves the room
[21:21:51] zyxbac joins the room
[21:26:22] Alexey Melnikov leaves the room
[21:43:55] Alexey Melnikov joins the room