Alternative Elliptic Curve Representations
draft-ietf-lwig-curve-representations-20

Summary: Has enough positions to pass.

Erik Kline Yes

(Deborah Brungard) No Objection

Comment (2021-02-17 for -19)
No email
send info
Agree with Magnus's Discuss -

(Alissa Cooper) No Objection

Comment (2021-02-17 for -19)
No email
send info
I support Magnus' DISCUSS.

Murray Kucherawy No Objection

Comment (2021-02-17)
No email
send info
I support Magnus's DISCUSS.

(Barry Leiba) No Objection

Comment (2021-02-17 for -19)
No email
send info
I second Magnus’s DISCUSS.

Roman Danyliw No Record

Martin Duke No Record

Lars Eggert No Record

Benjamin Kaduk No Record

Warren Kumari No Record

Francesca Palombini No Record

Alvaro Retana No Record

Zaheduzzaman Sarker No Record

John Scudder No Record

Martin Vigoureux No Record

Éric Vyncke No Record

(Magnus Westerlund) (was Discuss) No Record

Comment (2021-03-09)
No email
send info
Clearing my discuss as I step down. Responsible AD will have to address the issues in my discuss, copied below. 

So this discuss is on the process violations that has occurred for this document. 

The first which is fairly straightforward to address is in regards to that the document would require a new IETF last call for proposed standard as it was last called only as informational on 2020-08-25. However, there is no point of doing this before the second part of this discuss has been addressed. 

The second part of the discuss is that this document is out of charter for the LWIG WG. The LWIG charter is clear on that the WG shall not define protocols, only describe how one does implementation that are lightweight but standard compliants. Thus, the document in its current form where it define a number of new curves is thus outside of this charter and that needs to be addressed before this work has a chance to be progressed. I think it is important that this is taken serious as this work defines new curves even if derived from existing ones do need proper review in relevant WG or RG where interested parties are more likely to see and comment on this work. I think a good illustration of this is the reaction in COSE WG when people become aware of this work. So lets look at what I think are a couple of potential ways of dealing with this, in falling preferences from my perspective. 

1) Move the draft to an appropriate WG/RG, I think CFRG could be a reasonable choice but I assume the SEC ADs might have better guidance on this.
2) Rewrite the document to fit the LWIG chartered scope, i.e. not define any new curves only document how one can realize existing standard curves using the transform method in this document. 
3) Recharter LWIG to allow this work. I think this is a bad choice as doing security standard specification appears to be out of scope. 
4) Declare the work dead

A path here needs to be chosen. I can understand that this is frustrating for the author and other proponents. However, there appear to exist venues within IETF and IRTF which do works on curve specifications and their application to various protocols. Thus, we need to use these to ensure proper review. 

I don't think there is much reason to try to place any blame here. There are multiple parties that appears to have made less than optimal decision during the process since WG adoption. What is clear to me is that the scope of the draft has crept from its original adoption into LWIG when it appears to have been in scope from my brief review of the 00.

Robert Wilton No Record