WG Action: Rechartered Limited Additional Mechanisms for PKIX and SMIME (lamps)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The Limited Additional Mechanisms for PKIX and SMIME (lamps) WG in the
Security Area of the IETF has been rechartered. For additional information,
please contact the Area Directors or the WG Chair.

Limited Additional Mechanisms for PKIX and SMIME (lamps)
-----------------------------------------------------------------------
Current status: Active WG

Chairs:
  Russ Housley <housley@vigilsec.com>

Assigned Area Director:
  Eric Rescorla <ekr@rtfm.com>

Security Area Directors:
  Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
  Eric Rescorla <ekr@rtfm.com>

Mailing list:
  Address: spasm@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/spasm
  Archive: https://mailarchive.ietf.org/arch/browse/spasm/

Group page: https://datatracker.ietf.org/group/lamps/

Charter: https://datatracker.ietf.org/doc/charter-ietf-lamps/

The PKIX and S/MIME Working Groups have been closed for some time. Some
updates have been proposed to the X.509 certificate documents produced
by the PKIX Working Group and the electronic mail security documents
produced by the S/MIME Working Group.

The LAMPS (Limited Additional Mechanisms for PKIX and SMIME) Working
Group is chartered to make updates where there is a known constituency
interested in real deployment and there is at least one sufficiently
well specified approach to the update so that the working group can
sensibly evaluate whether to adopt a proposal.

Having completed the S/MIME 4.0 specifications and updates to support
i18n email addresses in PKIX certificates, the LAMPS WG is now tackling
these topics:

1. Specify a discovery mechanism for CAA records to replace the one
   described in RFC 6844.

2. Specify the use of SHAKE128/256 and SHAKE256/512 for PKIX and S/MIME.

RFC 6844 describes the mechanism by which CAA records relating to a
domain are discovered.  Implementation experience has demonstrated an
ambiguity in the current processing of CNAME and DNAME records during
discovery.  Subsequent discussion has suggested that a different
discovery approach would resolve limitations inherent in the current
approach.

Unlike the previous hashing standards, the SHA-3 family of functions are
the outcome of an open competition.  They have a clear design rationale
and have received a lot of public analysis, which gives great confidence
that the SHA-3 family of functions are secure.  Also, since SHA-3 uses a
very different construction from SHA-2, the SHA-3 family of functions
offers an excellent alternative.  In particular, SHAKE128/256 and
SHAKE256/512 offer security and performance benefits.

In addition, the LAMPS Working Group may investigate other updates to
the documents produced by the PKIX and S/MIME Working Groups, but the
LAMPS Working Group shall not adopt any of these potential work items
without rechartering.

Milestones:

  Apr 2018 - Adopt a draft for rfc6844bis

  Apr 2018 - Adopt a PKIX draft for SHAKE128/256 and SHAKE256/512

  Apr 2018 - Adopt a S/MIME draft for SHAKE128/256 and SHAKE256/512

  Apr 2018 - rfc6844bis sent to IESG for standards track publication

  Sep 2018 - SHAKE128/256 and SHAKE256/512 for PKIX sent to IESG for 
  standards track publication

  Sep 2018 - SHAKE128/256 and SHAKE256/512 for S/MIME sent to IESG for 
  standards track publication





[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux