CURves, Deprecating and a Little more Encryption
charter-ietf-curdle-01

[Ballot comment]
From these two paragraphs, cut/pasted from the charter:

The CURDLE working group is chartered to add a small set of cryptographic
mechanisms to some IETF protocols, and to make implementation requirements
including deprecation of old algorithms where there is IETF consensus to do so.
The focus with regards to adding mechanisms is for those mechanisms that enjoy
broad support from implementers.

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].  Other variants of mechanisms, such as the
ChaCha20-Poly1305 construct deployed for SSH, may also be considered as well as
AES-CCM[4] and AES-GCM [5] where those are not already defined and where there
is implementer interest.  Related specifications such as private and public key
formats are also within scope.

I now understand (thanks to Stephen in an off-line discussion) that "a small set of cryptographic mechanisms" refers to the 3 sentences in the second paragraph. I was confused because those 3 sentences have different subjects: the set of new algorithms, over variant mechanisms, related specifications.

Proposal:
OLD:

The set of new algorithms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].


NEW:

The set of cryptographic mechanisms that can be introduced are limited to key agreement
(ECDH) and digital signatures (EdDSA) with Curve25519 and Curve448 as defined by
CFRG [1] [2], and the AEAD mode ciphers consisting of ChaCha20 and Poly1305 also
defined by CFRG [3].




Editorial: Excuse my French ... I had to read this sentence at least three times to grasp it (hopefully)

The CURDLE working group will be handling changes to protocols and registries
some of which include what are now considered outdated  algorithm options, and
may propose deprecation of such algorithms.

Do you want to say?

The CURDLE working group will be handling changes to protocols and registries
(for outdated algorithm options), and may propose deprecation of such algorithms.


Editorial: There are a couple of double spaces:
    a  relevant
    outdated  algorithm

[Ballot comment]
I don't get what it means for Kerberos and JSON to be "potentially" in scope. It seems to me that they are in scope. If the WG chooses not to pursue the work related to them that's ok, but they're still in the scope of the charter.

[Ballot comment]
seems like:

The relevant IETF protocols are primarily those protocols that are standardized
through the IETF and that do not have an active working group, or where the
working group decides to not take on the work. To be concrete, the protocols in
scope are Secure Shell (SSH), DNSSEC, PKIX, CMS, XML Digital Signatures and
potentially Kerberos and JSON.

can be simplified to

The protocols in scope are Secure Shell (SSH), DNSSEC, PKIX, CMS, XML Digital Signatures and
potentially Kerberos and JSON.

also

As  the CURDLE working group will be handling changes to protocols and
registries some of which include what are now considered outdated  algorithm
options, the working group can also choose to propose deprecation of such
algorithms.

The CURDLE working group will be handling changes to protocols and
registries some of which include what are now considered outdated  algorithm
options, and may propose deprecation of such algorithms.