Skip to main content

CURves, Deprecating and a Little more Encryption
charter-ietf-curdle-01

Yes

(Kathleen Moriarty)
(Stephen Farrell)

No Objection

(Alia Atlas)
(Alvaro Retana)
(Barry Leiba)
(Deborah Brungard)
(Jari Arkko)
(Joel Jaeggli)

Note: This ballot was opened for revision 00-04 and is now closed.

Ballot question: "Do we approve of this charter?"

Kathleen Moriarty Former IESG member
Yes
Yes (for -00-04) Unknown

                            
Spencer Dawkins Former IESG member
Yes
Yes (2015-12-16 for -00-04) Unknown
The more we discuss this charter, the more I think we should do it. That could be a good sign :-)
Stephen Farrell Former IESG member
Yes
Yes (for -00-04) Unknown

                            
Alia Atlas Former IESG member
No Objection
No Objection (for -00-04) Unknown

                            
Alissa Cooper Former IESG member
No Objection
No Objection (2015-12-16 for -00-04) Unknown
Alvaro Retana Former IESG member
No Objection
No Objection (for -00-05) Unknown

                            
Barry Leiba Former IESG member
No Objection
No Objection (for -00-04) Unknown

                            
Ben Campbell Former IESG member
No Objection
No Objection (2015-12-16 for -00-04) Unknown
I also would like to see Alissa's previous comment addressed (about why  Kerberos and JSON are only "potentially" in scope.)
Benoît Claise Former IESG member
No Objection
No Objection (2015-12-16 for -00-04) Unknown
From these two paragraphs, cut/pasted from the charter:

The CURDLE working group is chartered to add a small set of cryptographic
mechanisms to some IETF protocols, and to make implementation requirements
including deprecation of old algorithms where there is IETF consensus to do so.
The focus with regards to adding mechanisms is for those mechanisms that enjoy
broad support from implementers.

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].  Other variants of mechanisms, such as the
ChaCha20-Poly1305 construct deployed for SSH, may also be considered as well as
AES-CCM[4] and AES-GCM [5] where those are not already defined and where there
is implementer interest.  Related specifications such as private and public key
formats are also within scope.

I now understand (thanks to Stephen in an off-line discussion) that "a small set of cryptographic mechanisms" refers to the 3 sentences in the second paragraph. I was confused because those 3 sentences have different subjects: the set of new algorithms, over variant mechanisms, related specifications.

Proposal:
OLD:

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].


NEW:

The set of cryptographic mechanisms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].




Editorial: Excuse my French ... I had to read this sentence at least three times to grasp it (hopefully)

The CURDLE working group will be handling changes to protocols and registries
some of which include what are now considered outdated  algorithm options, and
may propose deprecation of such algorithms.

Do you want to say?

The CURDLE working group will be handling changes to protocols and registries
(for outdated algorithm options), and may propose deprecation of such algorithms.


Editorial: There are a couple of double spaces:
    a  relevant
    outdated  algorithm
Deborah Brungard Former IESG member
No Objection
No Objection (for -00-04) Unknown

                            
Jari Arkko Former IESG member
No Objection
No Objection (for -00-05) Unknown

                            
Joel Jaeggli Former IESG member
No Objection
No Objection (for -00-04) Unknown