New Non-WG Mailing List: e-impact

2023-01-20 Thread IETF Secretariat 
A new IETF non-working group email list has been created.

List address: e-imp...@ietf.org
Archive:  https://mailarchive.ietf.org/arch/browse/e-impact/
To subscribe:  https://www.ietf.org/mailman/listinfo/e-impact

Purpose:
This list is for general discussions of environmental impacts of the Internet, 
along with avenues for potential improvements. It is an open list, and replaces 
earlier closed list that was used during the IAB’s E-Impact workshop 
discussions (e-impact-workshop-attendees).

This list belongs to IETF area: GEN

For additional information, please contact the list administrators.

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

WG Action: Formed Post-Quantum Use In Protocols (pquip)

2023-01-20 Thread The IESG 
A new IETF WG has been formed in the Security Area. For additional
information, please contact the Area Directors or the WG Chairs.

Post-Quantum Use In Protocols (pquip)
---
Current status: Proposed WG

Chairs:
  Sofia Celi 
  Paul Hoffman 

Assigned Area Director:
  Roman Danyliw 

Security Area Directors:
  Roman Danyliw 
  Paul Wouters 

Mailing list:
  Address: p...@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/pqc
  Archive: https://mailarchive.ietf.org/arch/browse/pqc/

Group page: https://datatracker.ietf.org/group/pquip/

Charter: https://datatracker.ietf.org/doc/charter-ietf-pquip/

Some IETF protocols rely upon cryptographic mechanisms that are considered
secure given today’s “classical computers” but would be vulnerable to attacks
by a Cryptographically Relevant Quantum Computer (CRQC).  These mechanisms
rely upon algorithms based on integer factorization or the discrete logarithm
problem.   Outside of the IETF, active work is underway to develop and
validate Post-Quantum Cryptography (PQC) mechanisms that are expected to be
resilient to the cryptanalysis capabilities of future CRQCs (e.g., CFRG, US
NIST).  Select IETF WGs (e.g., LAMPS, TLS, IPSECME, COSE) have already begun
standardizing revised protocol behaviors. The focus of Post-Quantum Use in
Protocols (PQUIP) WG is to support this growing body of work in the IETF to
facilitate the evolution of IETF protocols and document associated
operational guidance with respect to PQC.

The WG will provide a standing venue to discuss PQC (operational and
engineering) transition issues and experiences to date relevant to work in
the IETF. The WG will also provide a venue of last resort to discuss
PQC-related issues in IETF protocols that have no associated maintenance WGs.
This WG will not update existing protocols, specify new protocols, define new
cryptographic mechanisms, or assess whether a given cryptographic mechanism
is quantum-resistant.

The WG will document operational and design guidance which supports PQC
transition. The general process of elaboration through documentation will be
for issues to be identified and discussed on the mailing list, and
presentations made at WG meetings. When topics merit more coherent
documentation, the WG will adopt documents to capture the information in
Internet-Drafts. If the working group consensus is that the material of the
Internet-Draft is generally useful for archival purposes, the WG will seek
publication of the work items as Informational or Best Current Practices
RFCs. At any point, from early discussion of topics through later
documentation stages, the WG may identify a more appropriate WG for the
matter, and with coordination, dispatch it there.

The output of this WG is expended to inform protocol work and guidance
developed by other WGs in the IETF.  Consistent with other IETF WGs, this WG
will also rely on outside entities (e.g., CFRG) to define and assess new PQC
mechanisms.

The IESG is establishing this working group on an experimental basis, and in
2 years, the IESG intends to review it for rechartering to continue or else
closure.

Milestones:

  Apr 2023 - WG Adoption of an Informational document that defines
  terminology for (hybrid) PQC schemes

  May 2023 - WG Adoption of an Informational document on ‘PQC for engineers’



___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

WG Review: Secure Asset Transfer Protocol (satp)

2023-01-20 Thread The IESG 
A new IETF WG has been proposed in the Applications and Real-Time Area. The
IESG has not made any determination yet. The following draft charter was
submitted, and is provided for informational purposes only. Please send your
comments to the IESG mailing list (i...@ietf.org) by 2023-01-30.

Secure Asset Transfer Protocol (satp)
---
Current status: Proposed WG

Chairs:
  Wes Hardaker 

Assigned Area Directors:
  Paul Wouters 
  Murray Kucherawy 

Applications and Real-Time Area Directors:
  Murray Kucherawy 
  Francesca Palombini 

Mailing list:
  Address: s...@ietf.org
  To subscribe: https://www.ietf.org/mailman/listinfo/sat
  Archive: https://mailarchive.ietf.org/arch/browse/sat/

Group page: https://datatracker.ietf.org/group/satp/

Charter: https://datatracker.ietf.org/doc/charter-ietf-satp/

OBJECTIVE

There is currently an interoperability problem in many digital asset
networks (frequently shortened to "network" below for simplicity), where
assets in one network cannot be moved easily to another network. The
problem is more acute in the case of private asset networks, where
external entities have no visibility into the state of an asset in the
private network. An example is regulated digital representations of
real-world private assets, such as property ownership certificates, and
regulated government-issued digital currencies.

The goal of the Secure Asset Transfer Protocol (SATP) working group will
be to develop a standard protocol which operates between two peer
gateways for the purpose of transferring digital assets between an
originator in the origin network to a beneficiary in destination
network. The resulting protocol that will be agnostic with respect to
the type of asset being transferred although.

PROBLEM SPACE AND ARCHITECTURE

To begin addressing these challenges, SATP will employ the gateway
paradigm as a means for digital assets to be moved from one network to
another through a standardized asset transfer protocol implemented
between peer gateways.

Each gateway represents one digital asset network, and SATP allows
gateways to perform a voluntary transfer of a digital asset from the
origin network to a destination network in such a way that evidence of
the transfer can be verified by a third-party audit in the case of
disputes. Both the origin and destination networks are assumed to share
a common understanding of the digital asset.

There might be several gateways representing the same digital asset
network. It is assumed that the same peer gateways representing the
networks are participating in the entire asset transfer sequence from
the beginning to the end.

A key requirement for transferring assets is ensuring that the digital
asset is valid in one network only at any given time. This means that
SATP must ensure that the properties of atomicity, consistency,
isolation, and durability (ACID) of the underlying networks are
satisfied in an asset transfer. Commitments and rollbacks must be
supported in the case of an asset mid-transfer failure.

DELIVERABLES

The deliverables of the SATP Working Group will be as follows:

SATP Architecture: The immediate scope of work for SATP will be a base
architecture that utilizes the gateway paradigm that ensures a common
semantic understanding to be shared among the modes of asset transfers,
data sharing and coordinated asset exchanges. The starting point for the
architecture document will be draft-hardjono-sat-architecture.

Secure Asset Transfer Protocol: Concurrent with the development of the
SATP architecture will be the Secure Asset Transfer Protocol that
implements the transfer of a digital asset from one gateway to another,
satisfying the ACID properties.

SATP Use-Cases: Various real-world use-cases will be collected and
described succinctly, with the goal of providing the background to the
SATP work.

SATP will define common identifiers, message flows and payloads for
transferring digital assets. A common terminology will be defined in the
architecture document.

SATP will reuse existing IETF standards for various aspects of the
protocol modes, including but not limited to secure channel
establishment (TLS), payload formats (e.g., JSON, CBOR, ProtoBuf, etc.),
digital signature and encryption (e.g., JOSE, COSE, etc.), digital
certificates and tokens (e.g., PKIX, JWT, etc.), and others. SATP may
also reuse existing standards from other organizations (e.g., W3C with
DIDs).

Note that for the protocol to work, agreements will likely be needed
between participating digital asset networks that intend to use SATP;
these legal or other frameworks are outside of the scope of the SATP.
This assumption is akin to how the BGP protocol is frequently run
between parties that have previously agreed to route IP packets.

Milestones:

  Jan 2024 - SATP Use-Cases document

  Jul 2024 - SATP Architecture document

  Jul 2024 - ATP Asset Tra