Skip to main content

CURves, Deprecating and a Little more Encryption
charter-ietf-curdle-01

Yes

(Kathleen Moriarty)
(Stephen Farrell)

No Objection

Alvaro Retana
(Alia Atlas)
(Barry Leiba)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)

Note: This ballot was opened for revision 00-04 and is now closed.

Ballot question: "Do we approve of this charter?"

Alvaro Retana No Objection

(Kathleen Moriarty; former steering group member) Yes

Yes (for -00-04)

                            

(Spencer Dawkins; former steering group member) Yes

Yes (2015-12-16 for -00-04)
The more we discuss this charter, the more I think we should do it. That could be a good sign :-)

(Stephen Farrell; former steering group member) Yes

Yes (for -00-04)

                            

(Alia Atlas; former steering group member) No Objection

No Objection (for -00-04)

                            

(Alissa Cooper; former steering group member) No Objection

(Barry Leiba; former steering group member) No Objection

No Objection (for -00-04)

                            

(Ben Campbell; former steering group member) No Objection

No Objection (2015-12-16 for -00-04)
I also would like to see Alissa's previous comment addressed (about why  Kerberos and JSON are only "potentially" in scope.)

(Benoît Claise; former steering group member) No Objection

No Objection (2015-12-16 for -00-04)
From these two paragraphs, cut/pasted from the charter:

The CURDLE working group is chartered to add a small set of cryptographic
mechanisms to some IETF protocols, and to make implementation requirements
including deprecation of old algorithms where there is IETF consensus to do so.
The focus with regards to adding mechanisms is for those mechanisms that enjoy
broad support from implementers.

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].  Other variants of mechanisms, such as the
ChaCha20-Poly1305 construct deployed for SSH, may also be considered as well as
AES-CCM[4] and AES-GCM [5] where those are not already defined and where there
is implementer interest.  Related specifications such as private and public key
formats are also within scope.

I now understand (thanks to Stephen in an off-line discussion) that "a small set of cryptographic mechanisms" refers to the 3 sentences in the second paragraph. I was confused because those 3 sentences have different subjects: the set of new algorithms, over variant mechanisms, related specifications.

Proposal:
OLD:

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].


NEW:

The set of cryptographic mechanisms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].




Editorial: Excuse my French ... I had to read this sentence at least three times to grasp it (hopefully)

The CURDLE working group will be handling changes to protocols and registries
some of which include what are now considered outdated  algorithm options, and
may propose deprecation of such algorithms.

Do you want to say?

The CURDLE working group will be handling changes to protocols and registries
(for outdated algorithm options), and may propose deprecation of such algorithms.


Editorial: There are a couple of double spaces:
    a  relevant
    outdated  algorithm

(Deborah Brungard; former steering group member) No Objection

No Objection (for -00-04)

                            

(Jari Arkko; former steering group member) No Objection

No Objection (for -00-05)

                            

(Joel Jaeggli; former steering group member) No Objection

No Objection (for -00-04)