Session Date/Time: 09 Nov 2023 16:00

saag

Summary

The Security Area Advisory Group (SAAG) meeting covered various topics, including agenda bashing, working group reports, a presentation on new cryptography emerging in IETF working groups, and an open mic session. The meeting addressed challenges faced by new working group chairs, the state of Errata in security-related RFCs, and provided updates on ongoing and newly chartered working groups. A key focus was the discussion of new cryptographic techniques and their application in IETF protocols, along with related security and privacy considerations.

Key Discussion Points

Involvement in the IETF: Challenges faced by potential working group chairs (concerns about size/importance of groups), and ways to overcome these challenges (pairing with experienced chairs, training sessions offered by the LLC). Emphasis was placed on the importance of not requiring potential chairs to be subject matter experts.
Errata: The current state of Errata for security area documents was reviewed, highlighting TLS and LAMPS as areas needing attention. There was a discussion about a spreadsheet of Errata comments that needs action.
Working Group Summaries: The ADs clarified that working group chairs are not expected to provide pro forma summaries. Instead, reports should focus on significant developments. Paul Hoffman noted that even pro forma summaries are helpful for those who can't attend all meetings.
IETF Reorganization: Discussed the upcoming reorganization of the IETF areas by IETF 119, with certain working groups moving to the SEC area.
New Cryptography in IETF: Presentation covered Hybrid Public Key Encryption (HPKE), Password Authenticated Key Exchange (PAKE), Private Aggregation (DAP), and Private Authorization (Privacy Pass), and Selective Disclosure. Emphasis on not being intimidated to use new crypto primitives and understanding their applicability to protocol design.
Security Analysis of Protocols: Discussion of the importance of formal methods in analyzing security protocols. Emphasis on the need for security analysis to match the implemented specification.
Post-Quantum Considerations: Discussion of the impact of post-quantum algorithms on DNSSEC and other protocols, pointing out the need for more research, and raising concerns about the usability of post quantum KEMs and their security properties. Formal methods are beginning to break out in analysis and are an important aspect of this.
Reference Models and Implementations: The discussion included whether reference models for security protocols should be specified in addition to reference implementations, suggesting that Tamarin or ProVerif models could be useful additions.

Decisions and Action Items

Errata Action: The SEC ADs acknowledged the dropped ball on Errata spreadsheet and committed to taking action. TLS and LAMPS working groups encouraged to address Errata.
Dull Working Group: The charter has had 5 of 6 PRs addressed and ready. Need to go to the mailing list and ask for call for consensus.
Spice Working Group: Refine the how much scope to grab on the mailing list.
Research Agenda for a Post Quantum DNSSEC: Continue this work at the IRTF.

Next Steps

Dull working group to go to mailing list and ask for call for consensus.
Spice working group to refine scope on mailing list.
Address spreadsheet and take action.