Thursday, 28 July 2011< ^ >
stpeter has set the subject to: SAAG, IETF 79 | | yes the audio is awful, it's being worked on!
Room Configuration

[16:52:13] bkihara.l joins the room
[16:53:48] stpeter joins the room
[16:55:57] David Cooper joins the room
[16:56:04] hildjj joins the room
[16:56:05] Dave Thaler joins the room
[16:56:38] stpeter has set the subject to: SAAG, IETF 81 | slides at | audio at
[16:58:08] =JeffH joins the room
[16:59:02] <=JeffH> SAAG IETF-81 Quebec City -- Thursday, July 28 2011
[17:00:52] <=JeffH> Stephen Farrell & Sean Turner, presiding
[17:02:01] Jim Galvin joins the room
[17:02:10] SFTCD joins the room
[17:02:33] josephyee joins the room
[17:02:54] spturner joins the room
[17:02:56] hartmans joins the room
[17:03:14] barryleiba joins the room
[17:03:15] semery joins the room
[17:03:21] yoav.nir joins the room
[17:03:28] shep joins the room
[17:03:39] ondrej joins the room
[17:03:58] tlyu joins the room
[17:04:14] <=JeffH> ;ltams issued as RFC
[17:05:01] <=JeffH> krb-wg
[17:05:08] <=JeffH> sam hartman
[17:05:12] <=JeffH> 3 major topics
[17:05:18] stefanie.gerdes joins the room
[17:05:24] <=JeffH> registration policy -- want something relaxed but with good review
[17:05:51] <=JeffH> also discussed new i-d for authz in posix environments, newly adoped I-D -- needs more review
[17:06:03] <=JeffH> spent time discussing propsal to adopt ? cyphermode
[17:06:14] <=JeffH> less said about that the more clear, take it to the list
[17:06:44] <=JeffH> sent a number of i-ds fwd, pub'd four RFCs since last ietf meeting (80)
[17:07:07] <=JeffH> hokey: will meet this afternoon -- four wg items underway
[17:07:39] <=JeffH> TLS -- Joe Saloway - will meet this aftn, discussing extensions, and how WG will handle extensions
[17:08:30] kivinen joins the room
[17:08:30] <=JeffH> kitten - Shawn Emery -- 3 presos on behalf of Nico, replay cache, exporting, sec context, and gss
[17:08:37] <=JeffH> abfab -- meet friday
[17:08:48] <=JeffH> dane - one draft that completed WG LC
[17:09:07] Satoru Kanno joins the room
[17:09:10] <=JeffH> dkim - complete final active wg item, close wg after that's pub'd
[17:09:28] <ondrej> dane - it's IETF LC completed
[17:09:29] <=JeffH> msec - one active draft in IETF LC, close wg after that's pub'd
[17:10:42] mrex joins the room
[17:10:50] <=JeffH> ipsecme -- not trying to be next pkix, not looking for new stuff to come to the wg, have one or two things remaining to do, will clarify by Taipei ietf-82
[17:11:09] <=JeffH> isms - also up for closure? asking WG chair
[17:11:58] yoiwa joins the room
[17:12:17] <=JeffH> WOES bof: paul hoffman - richard took notes, will get them out, was charter discussion, working on getting charter approval thru ADs, likely have acceptable charter
[17:12:30] <=JeffH> cicm - was first bof, likely more to do before wg will be formed
[17:12:39] <=JeffH> sec-related WGs......
[17:13:19] shep leaves the room
[17:13:20] <=JeffH> karp -- working on getting sec analysis, have things to fix, long discussion wrt key mgmt, pls pay attention to the list and drafts coming out
[17:13:33] <=JeffH> sandy murphy - cidr -- 11 drafts in rfc ed queue
[17:14:07] <=JeffH> one has a discuss, controversy, but resolved, some left over from pre-recharter, five brand new post recharter
[17:14:18] <=JeffH> oops, SIDR
[17:15:37] <=JeffH> websec -- tobias -- http headers for sec functions -- HSTS, X-Frame-Options -- strong coop with W3C WebAppSec wg (content security policy CSP)
[17:16:13] shep joins the room
[17:16:49] <=JeffH> PLASMA - side meeting - Jim Schaad -- had 2.5 hr discussion on protocol spec -- if u understand ws-trust need help -- working on having reqs draft to iesg before taipei ietf-82
[17:17:05] Satoru Kanno leaves the room
[17:17:05] Satoru Kanno joins the room
[17:18:07] <=JeffH> MILE -- Kathleen M. -- met monday night -- reviewed to understand what's been done previously -- many ietf newbies involved -- hopefully have drafts before ietf-82 taipei --
[17:18:24] <=JeffH> invited presos -- NIST SHA-3 talk -- Tim Polk
[17:19:43] <=JeffH> Suppor&ng
[17:19:56] <=JeffH> slide 2
[17:20:00] <=JeffH> Goal
[17:20:08] <SFTCD> jeff - no need to summarise slides, just slide# is fine
[17:20:42] <=JeffH> gotcha
[17:20:53] ondrej leaves the room
[17:20:54] <=JeffH> preso:
[17:21:02] <=JeffH> slide 3
[17:22:15] wmhaddad joins the room
[17:22:17] <=JeffH> slide 4
[17:22:56] <=JeffH> slide 5
[17:23:02] wmhaddad leaves the room: Logged out
[17:24:24] <=JeffH> slide 6
[17:24:53] <=JeffH> slide 7
[17:25:36] <=JeffH> error in 2nd bullet: NIST has *no plans* to move away from SHA-2
[17:25:51] <=JeffH> PHB: does this have something to do with debt ceiling crisis ?? 8^)
[17:27:05] <mrex> Maybe we should _really_ start moving away from MD5...
[17:27:06] <=JeffH> slide 8
[17:27:53] <=JeffH> slide 9
[17:27:59] <mrex> (meaning that we delete all certificates, in particular all Trust Anchor certs) with MD5-based signatures from our certificate and trust anchor stores
[17:28:26] <=JeffH> slide 10
[17:29:07] <mrex> and then remove the MD5-related digital signature AlgIds from our PKI Software and ASN.1 parsers
[17:29:12] <=JeffH> slide 11
[17:30:05] <kivinen> mrex: Trust anchor certificates does not matter, as they are already securely transmitted in the first place, so the signature does not give anything. If there is still CAs publishing end user certificates using MD5 signatures,that is problem not the signature algorithm in the trust anchor certificate itself.
[17:30:27] <=JeffH> slide 12
[17:30:55] Hugh_Daniel joins the room
[17:31:38] <=JeffH> Summer 12 Announce final selection
[17:31:44] <mrex> there exist such a "additional parameter needed" nightmare about RSA-OAEP and RSA-PSS -- which is probably why adoption/usage is less than marginal
[17:31:55] <=JeffH> slide 13
[17:32:22] <spturner> @mrex - yep!
[17:33:14] <=JeffH> slide 14
[17:34:41] shep leaves the room
[17:35:10] <=JeffH> slide 15
[17:35:54] <mrex> you can not add SHA-3 to the installed base yet -- shipping the SHA-3 real code as a software update to the installed base will be unavoidable
[17:35:59] <=JeffH> slide 16 - Questions
[17:36:04] <=JeffH> PHB @ mic
[17:37:23] <=JeffH> observes that need to have http UAs (web browsers) be able to handle SHA-2 & -3 -- will get deployment deadlock [until that bridge crossed]
[17:38:12] <spturner> there are already protocols trying to put in placeholders for SHA-3...
[17:38:32] <mrex> Microsoft refuses to ship AES for Windows XP !
[17:38:51] mcharlesr joins the room
[17:39:01] Stefans joins the room
[17:39:09] <mrex> so 50% of the installed base of Microsoft windows does not have AES. I would not call that fantastic
[17:39:09] <=JeffH> timpolk (TP): gets what you're saying, but there's more to the problem; hoping... AES was dvlp'd in similar fashion, and adoption rate has been high -- so hoping that SHA-3 will be embraced faster than SHA-256 has been -- but recognize that PKIX is harder nut to crack than AES
[17:39:16] <spturner> the i7 vPro chips have instruction to support AES
[17:39:28] <spturner> granted that's all shiny and new
[17:39:30] shep joins the room
[17:40:00] <mcharlesr> spturner, but lots and lots of embedded CPUs have had AES for 5 years, so that sure helps too.
[17:40:06] <=JeffH> PHB: deployed infrastructure needs to be able to use this, won't work until the infra is ready
[17:40:10] <=JeffH> paul hoffman at mic
[17:40:17] <spturner> I should added the i5 vPro tool
[17:40:17] g.e.montenegro joins the room
[17:40:24] <spturner> yep they sure do
[17:40:39] <=JeffH> asking about whether the NIST will decare that SHA-3 needs to be impl'd in all Fed systems
[17:41:09] <yoav.nir> Microsoft supported AES for the first time in Vista (2007). That's 7 years - not very fast. I can still not assume AES before all XP is dead - probably at least 2015, probably later.
[17:41:13] <=JeffH> TP: well, haven't yet said everyone needs to move to AES, expect SHA-2 & -3 to "peacefully co-exist"
[17:41:43] <yoav.nir> Similarly, you can't issue certificates signed with SHA-256. Too many old browsers around.
[17:41:54] <=JeffH> TP: have learned that SHA-2 family is well designed, [so probably aren't going to deprecate it in foreseeable future]
[17:42:09] <mcharlesr> wow, I didn't know MS took so long.
[17:42:29] <SFTCD> @yoav: but you could issue >1 cert for tls servers and then they could pick the right one
[17:42:30] <=JeffH> igor fayneburg @ mic : security of sha-3 contestents ?
[17:42:46] <=JeffH> TP: have five good candidates, can't speak to details
[17:42:48] <spturner> @yoav - definitely trying to work on that...
[17:42:50] tlyu leaves the room
[17:42:56] tlyu joins the room
[17:43:31] <=JeffH> TP wrt perf, had assumed we'd be able to do better with sha-3 on all platforms than -2 --- this was naive assumption due to prior experience
[17:43:32] <mrex> When did firefox support AES for the first time? wasn't that 3.5?
[17:44:27] <yoav.nir> How could they pick? There is a ClientHello extension for signature algorithms, but everyone who supports the extension also supports SHA-2. Could help for SHA-3
[17:44:38] MStJohns joins the room
[17:45:08] <=JeffH> TP: thinks we will get some perf gains on some platforms, on others not so much, so one worry is.... that we won't get such a perf gain and thus may not have as much deployment drive a la AES
[17:46:12] <mrex> protocol agility is not the reason for slow AES adoption
[17:46:17] <=JeffH> wes hardaker @ mic: counterpoint: at AES time, there was less protocol agility then, so he's hopeful that since we are more agile, that that may mitigate the above and help with deployment
[17:46:26] <=JeffH> TP: yes, thanks.
[17:46:35] Dave Thaler leaves the room
[17:47:05] <=JeffH> hannes tschofenig @ mic: have you looked at constrained devices ?
[17:47:25] <mrex> (at least not for protocols such as TLS (-> cipher suites))
[17:49:05] <=JeffH> TP: have project on resource constrained crypto -- programmer porting the five -3 candidates onto constrained devices - eg 8 bit, small memory, but can still run an IP stack on it --- selected a couple processors, this work will be input into final selection process -- so are looking at low end as well as high end -- have broad range of target environments, will have data on the range, will make conscious trade-offs when making selection
[17:49:31] <=JeffH> paul h. @ mic: if folks don't know about mailing list for hash competition -- this sort of thing is discussed on the list
[17:50:06] <=JeffH> tim will send ptr to the mailing list, and other stuff to the SAAG@ list
[17:50:48] <=JeffH> TP: there's a ton of info about all of this out there -- coming from community
[17:51:11] <=JeffH> Next preso: Dave Thaler -- IAB identifier comparison for security purposes
[17:51:55] <=JeffH> slide 1 - title page
[17:52:45] <=JeffH> slide 2
[17:52:51] Melinda joins the room
[17:53:00] mcharlesr and Tim are going to get ourselves IAB hats.
[17:53:41] <mrex> unique als means different from any other ID someone else might create tomorrow
[17:54:10] <=JeffH> slide 3
[17:54:57] tlyu leaves the room
[17:55:03] tlyu joins the room
[17:55:21] <barryleiba> mrex : that follows from what Dave said... apply his statement again tomorrow.
[17:57:09] <=JeffH> slide 4
[17:58:05] <=JeffH> slide 5
[18:01:20] <=JeffH> slide 6
[18:03:05] <mrex> most users and admins perfer matches that "just work"
[18:03:23] <=JeffH> slide 7
[18:05:36] <=JeffH> slide 8
[18:08:23] <mcharlesr> so.... signed javascript for the comparison function? :-)
[18:08:37] <=JeffH> slide9
[18:08:53] <=JeffH> discuss this draft on
[18:09:52] <=JeffH> preso over
[18:11:24] <=JeffH> igor fayneburg @ mic: can u discuss the idea for the resource owner creating his own "token" rather than the STS in bottom right of the example config on slide 3
[18:11:42] <=JeffH> Dave Thaler (DT): no, we IAB havent' thought of this
[18:11:47] <=JeffH> sam hartman o
[18:11:54] g.e.montenegro leaves the room
[18:11:57] <=JeffH> @mic: gut reaction is strongly negative
[18:12:17] <mrex> Architecturally it is possible to colocate the Security Token Service at the Resource Owner
[18:12:17] g.e.montenegro joins the room
[18:13:28] <mrex> But from the design of the Architecture, the security token service should probably always be conceived as a seperate entity in the architecture, even if in some implementations it is part of or colocated with the Resource owner
[18:13:42] <=JeffH> SH: recommendations are naive, discard them all, will try to figure out how to articulate concerns -- these types of rcmd'ns, in mapping them to stuff SH familiar with, there's more reasons things work the way they do, and there were compelling tradeoffs -- will try to come up with better critique wrt SH's reaction
[18:14:19] <=JeffH> DT: pls send to - - we see a lot of specs that are underspecified in these areas, so yes please send feedback
[18:14:31] <=JeffH> DT: we IAB think issues are worth discussing
[18:15:05] <=JeffH> steve kent @mic: is there a reason you didnt use term "canonicalization" -- many systems have this notion to deal with these sorts of problems
[18:15:17] <mrex> but canonicalization fails badly as soon as you toucn x.509
[18:15:32] <=JeffH> DT: we havne't used that term yet because there's specific meanings of that term in eg UNICODE -- didn't want to cause unnec. confusion
[18:15:33] <mrex> there is no such thing as a canonical distinguished name
[18:16:29] <=JeffH> SH: please don't use canonicalization & normalization terms because ..... [ various issues ]
[18:16:59] <=JeffH> DT: on slide 4 -- "ascii-only case-insensitive" doesn't have a "normal form"
[18:17:06] <mrex> which is caused by the insane matching rules for distinguished names
[18:17:49] <=JeffH> paul hoffman @ mic: please give this preso or next version at next Apps area session
[18:18:07] <=JeffH> DT: PRECIS working group is relevant, have been participating there
[18:18:31] <yoav.nir> This is splitting hairs, but you could have a "normalized" form rather than "canonical". You could call the ascii-only loser-case form "normalized", and then all the names that match have the same "normalized" form, even if you don't want to call it "canonical"
[18:18:38] <=JeffH> next preso
[18:18:43] mcharlesr leaves the room
[18:18:58] <yoav.nir> I'm sure you can find something like this for distinguished names as well.
[18:19:01] <=JeffH> Robert Moskowitz -- KMP for IEEE 802.15
[18:19:04] tlyu leaves the room
[18:19:10] tlyu joins the room
[18:19:24] <=JeffH>
[18:19:27] <=JeffH> slide 1: title
[18:19:32] <=JeffH> slide 2
[18:19:40] Dave Thaler joins the room
[18:21:52] <=JeffH> TLV == Type Length Value
[18:22:06] <=JeffH> slide 3
[18:23:48] Jim Galvin leaves the room
[18:24:08] <=JeffH> slide 4
[18:24:26] <=JeffH> PAR - Project Approval Request
[18:24:43] <=JeffH> what's a "PAN" ?
[18:26:23] <tlyu> i think he mentioned "Personal" Area Network.
[18:26:33] <=JeffH> ah, ok
[18:27:01] <=JeffH> slide 5
[18:28:55] mcharlesr joins the room
[18:30:23] semery leaves the room
[18:30:31] barryleiba leaves the room
[18:30:34] tlyu leaves the room
[18:30:47] yoav.nir leaves the room
[18:30:56] <=JeffH> no questions -- SAAG session finish
[18:30:58] <=JeffH> adios
[18:31:07] hildjj leaves the room: Disconnected.
[18:31:09] David Cooper leaves the room
[18:31:09] kivinen leaves the room
[18:32:05] spturner leaves the room
[18:32:11] =JeffH leaves the room
[18:32:59] g.e.montenegro leaves the room
[18:33:31] shep leaves the room: Logged out
[18:34:05] Satoru Kanno leaves the room
[18:34:09] josephyee leaves the room
[18:37:32] bkihara.l leaves the room
[18:42:05] yoiwa leaves the room
[18:42:05] SFTCD leaves the room
[18:44:29] stefanie.gerdes leaves the room
[18:45:35] Dave Thaler leaves the room
[18:46:45] hartmans leaves the room
[18:50:11] Melinda leaves the room
[18:52:05] MStJohns leaves the room
[19:05:57] Hugh_Daniel leaves the room
[19:08:20] mcharlesr leaves the room
[19:08:25] mcharlesr joins the room
[19:10:44] stpeter leaves the room
[19:11:34] MStJohns joins the room
[19:19:55] MStJohns leaves the room
[19:24:33] hildjj joins the room
[19:24:53] Satoru Kanno joins the room
[19:26:07] spturner joins the room
[19:28:19] hildjj leaves the room
[19:30:58] Satoru Kanno leaves the room
[19:38:05] spturner leaves the room
[19:53:13] mrex leaves the room
[20:08:24] hartmans joins the room
[20:55:42] hartmans leaves the room
[21:18:32] mcharlesr leaves the room
[21:18:33] mcharlesr joins the room
[22:23:51] mcharlesr leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!