IETF
openpgp
openpgp@jabber.ietf.org
Wednesday, November 10, 2021< ^ >
dkg has set the subject to: OpenPGP @ IETF 110
Room Configuration
Room Occupants

GMT+0
[00:17:57] gniibe joins the room
[03:13:20] gniibe leaves the room
[06:11:38] gniibe joins the room
[11:25:16] Meetecho joins the room
[11:25:26] Meetecho has set the subject to: OpenPGP @ IETF 112
[11:26:35] <sftcd> Just to note that we're meeting in a little more than 30 minutes, if anyone would like to volunteer to take notes, that'd be much appreciated as always
[11:28:36] sftcd1 joins the room
[11:43:38] jj_fux joins the room
[11:44:52] <jj_fux> Greetings, Christoph Biedl here, axhn in oftc, Debian Developer
[11:45:08] Stephen Farrell_web_199 joins the room
[11:45:08] Alessandro Toppi_web_579 joins the room
[11:45:08] Tobia Castaldi_web_249 joins the room
[11:47:05] Yoshiro Yoneya joins the room
[11:47:38] Yoshiro Yoneya_web_339 joins the room
[11:47:49] Sue Ciminelli_web_898 joins the room
[11:50:07] Roman Danyliw_web_925 joins the room
[11:52:24] Ken Takayama_web_508 joins the room
[11:53:15] Michael Bilca_web_190 joins the room
[11:53:50] Brian Sipos_web_934 joins the room
[11:54:01] <sftcd> welcome Christoph
[11:54:28] Valery Smyslov_web_373 joins the room
[11:55:39] Justus Winter_web_105 joins the room
[11:56:19] <jj_fux> Audo stream is on, and it's just muted, I presume?
[11:56:36] <jj_fux> Now there's something, I'm fine
[11:56:42] alexamirante joins the room
[11:56:49] Daniel Gillmor_web_273 joins the room
[11:57:04] Sylvain Besençon_web_722 joins the room
[11:57:17] Michael Breuer_web_793 joins the room
[11:57:21] Jonathan Hammell_web_133 joins the room
[11:57:28] dkg joins the room
[11:57:52] Daniel Huigens_web_919 joins the room
[11:58:05] Quynh Dang_web_197 joins the room
[11:58:26] Karen Staley_web_611 joins the room
[11:58:36] Paul Wouters_web_391 joins the room
[11:58:45] Alyssa Thompson_web_717 joins the room
[11:59:03] Robin Wilton_web_612 joins the room
[11:59:17] Yuji Suga_web_254 joins the room
[11:59:30] g新部 裕_web_553 joins the room
[11:59:42] Benjamin Kaduk_web_758 joins the room
[11:59:57] kaduk@jabber.org/barnowl joins the room
[12:00:19] <Jonathan Hammell_web_133> I can take notes
[12:00:30] <dkg> yay Jonathan!
[12:00:51] Greg Wood_web_882 joins the room
[12:01:04] <kaduk@jabber.org/barnowl> Thanks Jonathan!
[12:01:16] Jeffrey Lau_web_199 joins the room
[12:01:29] Jay Daley_web_818 joins the room
[12:01:33] cw-ietf joins the room
[12:01:42] Lara Bruseghini_web_971 joins the room
[12:01:43] Daiki Ueno_web_293 joins the room
[12:02:18] Tadahiko Ito_web_760 joins the room
[12:02:30] <dkg> the pre-uploaded slide button is in the upper left, the document-looking thing next to the "raise hand/get in queue" button
[12:02:50] Bernie Hoeneisen_web_348 joins the room
[12:03:38] Mallory Knodel_web_562 joins the room
[12:03:42] Russ Housley_web_944 joins the room
[12:03:43] Nicholas Gajcowski_web_311 joins the room
[12:04:19] Brian Sipos_web_934 leaves the room
[12:04:23] Brian Sipos_web_327 joins the room
[12:05:27] Satoru Kanno_web_696 joins the room
[12:06:15] Robin Wilton_web_612 leaves the room
[12:06:19] Robin Wilton_web_377 joins the room
[12:07:40] <sftcd> 'case it helps, the design team mailing list archive I mentioned is at https://mailarchive.ietf.org/arch/browse/openpgp-dt/
[12:07:58] <sftcd> and thanks again to the DT members for being so constructive and spending time on this
[12:11:55] <kaduk@jabber.org/barnowl> I echo Stephen's thanks to the design team members -- these efforts
are greatly appreciated!
[12:14:33] Ahmed Bashandy_web_836 joins the room
[12:14:43] Ahmed Bashandy_web_836 leaves the room
[12:14:47] Ahmed Bashandy_web_779 joins the room
[12:16:07] Jurgen Sonnenmoser_web_462 joins the room
[12:18:17] Per Andersson_web_971 joins the room
[12:19:36] Chen Li_web_108 joins the room
[12:22:31] Chen Li_web_108 leaves the room
[12:25:39] <kaduk@jabber.org/barnowl> Do we know if there are any US government/related use cases for
openpgp, where a limitation to NIST or FIPS-approved algorithms would
apply?
[12:25:54] <sftcd> bear in mind these are the outcome of DT chats - we'd really like feedback no this from the broader WG so please do chime in on this bit of the agenda
[12:26:23] <sftcd> @ben: no idea wrt US govt use but my impression is that FIPS stuff is as always an issue for some implementers
[12:26:45] <Paul Wouters_web_391> @kaduk: nist / fips recommendations does cover encryption etc. even if not specifically for openpgp (or smime).
[12:26:48] <kaduk@jabber.org/barnowl> I see Quynh is in the session, so maybe I will ask at the mic later.
[12:26:57] <sftcd> please do
[12:26:58] <kaduk@jabber.org/barnowl> @Paul: ah, thanks
[12:27:42] <dkg> note that these limits will have very different effects if they are < vs. ≤
[12:27:44] chenmeiling_web_355 joins the room
[12:27:59] <Jonathan Hammell_web_133> Being able to choose a FIPS validated implementation is always nice, rather than just trusting implementers got it right.
[12:29:02] <dkg> In the DT discussion, the rough consensus seemed to be that IETF mandatory-to-implement (MTI) didn't need to align directly with FIPS, as long as the spec includes reasonable codepoint choices that would be FIPS-compliant
[12:29:16] <Paul Wouters_web_391> @jonathan: yes, and we are taking that into account when discussing MTI
[12:29:17] <kaduk@jabber.org/barnowl> Great, that matches my own thinking
[12:29:22] <dkg> in part, this is because we expect FIPS requirements to change
[12:29:32] <Quynh Dang_web_197> @Ben, I am here.
[12:30:22] <Quynh Dang_web_197> WE plan to approve curve 25519 and 448 for EdDSA and key exchange. I don't have a plan to approve OCB.
[12:30:22] <dkg> also, we didn't want to pick a national standards body -- different national standards bodies might disagree, and the union of all of them seems like it could be unwieldy
[12:30:37] Daphanie Nisbeth_web_287 joins the room
[12:31:22] <kaduk@jabber.org/barnowl> Thanks Quynh!
[12:31:23] <Roman Danyliw_web_925> Is there an appendix or separate (ISE?) profile doc that would state the {FIPS, other national thing} MTI/MUST/SHOULD?
[12:31:49] <Paul Wouters_web_391> @roman: not currently
[12:32:03] <Quynh Dang_web_197> Many places beside US governments use FIPS valiadated cyrpto.
[12:32:05] <kaduk@jabber.org/barnowl> There's a cluster of CNSA docs making their way through the ISE, but I
don't think there has historically been such guidance specifically for
openpgp
[12:32:15] Ahmed Bashandy_web_779 leaves the room
[12:32:48] <Jonathan Hammell_web_133> A profile would be able to add algs as MUST, but cannot really change MTI algs.
[12:33:10] <Paul Wouters_web_391> i think there is no problem, as we currently have overlap with today's NIST allowed list and our defined MTI
[12:33:11] <Roman Danyliw_web_925> @kaduk -- yes, in my recollection of recent conflict reviews, the ISE CNSA docs were all focused on TLS
[12:33:21] <sftcd> right, I'm learning that pgp can differ somewhat from other crypto applications so if those cnsa authors wanted to consider it they might conclude they ought add some text to their pile of text
[12:33:23] <dkg> Roman: there was some sort of "profile" section in the draft, merged in from 6637, but it is weirdly out-of-date and in conflict with what we were specifying, so it's on the way out.  a separate document for alignment with FIPS seems like a reasonable approach, if there are interested parties.
[12:33:37] <kaduk@jabber.org/barnowl> @Roman: I think there were some ISE CNSA for CMS and S/MIME as well ;)
[12:33:50] Daphanie Nisbeth_web_287 leaves the room
[12:33:54] Daphanie Nisbeth_web_961 joins the room
[12:34:05] chenmeiling_web_355 leaves the room
[12:34:24] <Quynh Dang_web_197> @Janathan: agree. Users get certain levels of quality checks from FIPS validated modules.
[12:34:35] <Paul Wouters_web_391> seems like something the CNSA people should do if they want to make statements about openpgp ....
[12:35:04] <kaduk@jabber.org/barnowl> Yeah.  At most we would be finding (e.g.) Deb Cooley or Sean Turner
and saying "hey, did CNSA think about openpgp?"
[12:36:00] <Robin Wilton_web_377> Quynh is being censored!!  ;^o
[12:36:07] <dkg> Quynh Dang: can you turn on your audio?
[12:36:34] <Quynh Dang_web_197> Thanks. I just unmuted myself :)
[12:36:34] <dkg> i see your audio flowing now, Quynh! thanks :)
[12:37:16] <Roman Danyliw_web_925> +1 to Daniel.  We should not hold this document for PQC updates
[12:37:21] <Russ Housley_web_944> There was never a Suite B document for OpenPGP.  If I recall, the reason is alignment with the Suite B certificate profile.
[12:37:23] <Quynh Dang_web_197> Thank you Ben for alarming me.
[12:37:28] <kaduk@jabber.org/barnowl> +1 to Daniel and Roman
[12:38:16] <kaduk@jabber.org/barnowl> Hi Russ!  I maybe should have included you in the list with Deb and
Sean :)
[12:38:51] Suzanne Woolf_web_439 joins the room
[12:39:17] Karen Staley_web_611 leaves the room
[12:39:41] <dkg> Quynh: is there FIPS approval for EAX ?
[12:39:46] <sftcd> @Quynh: any idea of a timeline on 25519 etc?
[12:40:14] <dkg> is there any FIPS-approval for any AEAD mode?
[12:40:26] <kaduk@jabber.org/barnowl> I thought GCM was okay
[12:40:33] <Nicholas Gajcowski_web_311> GCM is.
[12:40:44] <dkg> (anything is probably better than RFC 4880's CFB)
[12:41:34] <kaduk@jabber.org/barnowl> dkg: careful what you wish for -- I will be submitting my rot13+crc32
AEAD shortly ;)
[12:41:43] <dkg> ha ha
[12:41:55] <dkg> i have to claim IPR on that, kaduk
[12:42:02] <sftcd> what was that unicode rot13 equivalent? we should all start using it now obviously:-)
[12:42:17] Karen Staley_web_696 joins the room
[12:43:24] <Tadahiko Ito_web_760> which would be faster migration to 3072 or PQC?
[12:43:30] <Roman Danyliw_web_925> PQC Agility WG draft charter = https://github.com/rdanyliw/ietf-pq-maintenance/blob/main/pqm-charter.md
[12:43:58] <dkg> Tadahiko Ito_web_760: if you mean 3072-bit RSA, it's much faster to just do that now than to wait for PQC
[12:44:18] <dkg> though i'd recommend that you consider moving to Curve25519 or Curve448 instead
[12:44:23] <jj_fux> sftcd: utf-ebcdic of course :->
[12:44:51] <kaduk@jabber.org/barnowl> I'm still on 3104-bit RSA for my own key, and thus not in a huge hurry
to move to a CFRG curve
[12:48:35] <Tadahiko Ito_web_760> thanks dkg. I see, migration to 3072 RSA do not need much implementation change.
[12:48:56] <kaduk@jabber.org/barnowl> Maybe dkg should turn off his video to give more CPU cycles for the
audio
[12:48:59] <Jonathan Hammell_web_133> DKGs audio is choppy for me.
[12:49:42] <Jonathan Hammell_web_133> Better now
[12:49:47] <jj_fux> +1
[12:50:48] <sftcd> @roman: fwiw, my guess (for now) is that handling PQC stuff for PGP would make more sense in this WG if we have energy to recharter for that once the crypto-refresh is done - hard for me to predict now, but in either case I'd bet there'll be some PGP specific things to consider esp if some kind of hybrid mode is at issue
[12:53:15] <Roman Danyliw_web_925> @sftcd -- I agree.  The expertise of how to make such a change seems to already be gathered here.  That pointer was for general awareness per Ben's reference not to suggest a direction of this work.
[12:53:48] <sftcd> sounds good
[12:54:56] Wes Hardaker_web_371 joins the room
[12:56:24] <kaduk@jabber.org/barnowl> Huh, the UI seems to be showing that Justus is sending video, just at
0kbps.  I wonder if that indicates a bug somewhere
[12:57:09] <dkg> it's very easy to render a 0 mbps video :)
[12:57:25] <sftcd> even on a dkg-era laptop?
[12:58:41] <dkg> i'm getting choppy audio now.  if it's just me, i can adjust
[12:58:57] <Jonathan Hammell_web_133> Audio is fine for me
[12:59:47] <dkg> good for me now too
[13:05:51] Suzanne Woolf_web_439 leaves the room
[13:07:30] <Robin Wilton_web_377> +1 DKG; congratulations and thanks, Justus. Removing obstacles to interop/interop testing is one of the most virtuous things a community member can do.
[13:07:57] <kaduk@jabber.org/barnowl> Wasn't Stephen supposed to be vanishing about now?
[13:09:31] sftcd1 leaves the room
[13:09:50] <Paul Wouters_web_391> handwaving    1 or 2 versions    ?
[13:10:14] <sftcd> apologies again to have to drop off folks and thanks to Jonathan for the fine notes but I gotta head n ow
[13:10:50] <Mallory Knodel_web_562> Yes
[13:10:55] Stephen Farrell_web_199 leaves the room
[13:11:19] Robin Wilton_web_377 leaves the room
[13:11:23] Robin Wilton_web_497 joins the room
[13:12:04] <Jeffrey Lau_web_199> Thanks everyone!
[13:12:07] Benjamin Kaduk_web_758 leaves the room
[13:12:09] Daiki Ueno_web_293 leaves the room
[13:12:11] Yoshiro Yoneya_web_339 leaves the room
[13:12:14] <Daniel Huigens_web_919> Thanks!
[13:12:14] Roman Danyliw_web_925 leaves the room
[13:12:20] Russ Housley_web_944 leaves the room
[13:12:29] Yoshiro Yoneya leaves the room
[13:12:33] Sue Ciminelli_web_898 leaves the room
[13:12:36] Paul Wouters_web_391 leaves the room
[13:12:39] Wes Hardaker_web_371 leaves the room
[13:12:39] Tadahiko Ito_web_760 leaves the room
[13:12:40] Sylvain Besençon_web_722 leaves the room
[13:12:44] Greg Wood_web_882 leaves the room
[13:12:45] Mallory Knodel_web_562 leaves the room
[13:12:46] g新部 裕_web_553 leaves the room
[13:12:47] Jonathan Hammell_web_133 leaves the room
[13:12:51] Michael Breuer_web_793 leaves the room
[13:12:51] Valery Smyslov_web_373 leaves the room
[13:12:53] Bernie Hoeneisen_web_348 leaves the room
[13:12:54] Alyssa Thompson_web_717 leaves the room
[13:12:56] Jurgen Sonnenmoser_web_462 leaves the room
[13:12:56] Daphanie Nisbeth_web_961 leaves the room
[13:12:57] <jj_fux> Thanks
[13:13:00] Ken Takayama_web_508 leaves the room
[13:13:03] Robin Wilton_web_497 leaves the room
[13:13:05] <dkg> thanks everyone!
[13:13:11] Daniel Huigens_web_919 leaves the room
[13:13:16] Lara Bruseghini_web_971 leaves the room
[13:13:20] cw-ietf leaves the room
[13:13:22] Brian Sipos_web_327 leaves the room
[13:13:32] Justus Winter_web_105 leaves the room
[13:13:33] Yuji Suga_web_254 leaves the room
[13:14:10] Daniel Gillmor_web_273 leaves the room
[13:14:11] Alessandro Toppi_web_579 leaves the room
[13:14:11] Tobia Castaldi_web_249 leaves the room
[13:14:11] Michael Bilca_web_190 leaves the room
[13:14:11] Jeffrey Lau_web_199 leaves the room
[13:14:11] Jay Daley_web_818 leaves the room
[13:14:11] Nicholas Gajcowski_web_311 leaves the room
[13:14:11] Satoru Kanno_web_696 leaves the room
[13:14:11] Per Andersson_web_971 leaves the room
[13:14:11] Karen Staley_web_696 leaves the room
[13:14:11] Quynh Dang_web_197 leaves the room
[13:17:44] kaduk@jabber.org/barnowl leaves the room
[13:22:20] gniibe leaves the room
[13:39:40] Meetecho leaves the room
[14:02:52] alexamirante leaves the room
[18:00:07] jj_fux leaves the room
[18:03:12] jj_fux joins the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!