From prvs=68351d35a9=scott.mansfield@ericsson.com Fri May 3 10:34:31 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A7FD21F86D3; Fri, 3 May 2013 10:34:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.001 X-Spam-Level: X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uvM01i0eISlR; Fri, 3 May 2013 10:34:26 -0700 (PDT) Received: from usevmg21.ericsson.net (usevmg21.ericsson.net [198.24.6.65]) by ietfa.amsl.com (Postfix) with ESMTP id 7ED7C21F9664; Fri, 3 May 2013 10:08:26 -0700 (PDT) X-AuditID: c6180641-b7f906d000003e3f-d7-5183eefff680 Received: from EUSAAHC005.ericsson.se (Unknown_Domain [147.117.188.87]) by usevmg21.ericsson.net (Symantec Mail Security) with SMTP id 71.58.15935.FFEE3815; Fri, 3 May 2013 19:08:16 +0200 (CEST) Received: from EUSAAMB105.ericsson.se ([147.117.188.122]) by EUSAAHC005.ericsson.se ([147.117.188.87]) with mapi id 14.02.0328.009; Fri, 3 May 2013 13:08:11 -0400 From: Scott Mansfield To: "saag@ietf.org" , "opsec@ietf.org" Thread-Topic: Liaison from SG17 on IPv6 Security Guideline Thread-Index: Ac5IIMiS/sHDEQrxSIeSnSr9qeiU+A== Date: Fri, 3 May 2013 17:08:10 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [147.117.188.134] Content-Type: multipart/alternative; boundary="_000_EF35EE4B92789843B1DECBC0E245586427E198eusaamb105ericsso_" MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrALMWRmVeSWpSXmKPExsUyuXRPuC7D++ZAgyurOCw+bL3LZjGlv5PJ gcljyZKfTAGMUdw2SYklZcGZ6Xn6dgncGavutTIWPJSsaHz/hLmB8Y9YFyMnh4SAicTju+eZ IWwxiQv31rN1MXJxCAkcZZToatnNAuEsY5ToXfiWBaSKDahj667pjCC2iICbxJmn55lAbGEB U4l1f7czQ8StJFZ9esACYetJfJr1n7WLkYODRUBFouEAO0iYV8Bb4uXXfWBjGIEWfz+1BmwM s4C4xK0n85kgDhKQWLIH5jhRiZeP/7FC2MoSS57sZwEZySyQL7GoKwxipKDEyZlPWCYwCs1C MmkWQtUsJFUQJToSC3Z/YoOwtSWWLXzNDGOfOfCYCVl8ASP7KkaO0uLUstx0I8NNjMAIOCbB 5riDccEny0OM0hwsSuK8iVyNgUIC6YklqdmpqQWpRfFFpTmpxYcYmTg4QQSXVAMjm4Zebc0v 3cZ17x/9v2c78bDzGU5DwYM1IrWvSsJed3bKH3oit7O97si1a4Uns55mlC1e0nbv+obnBQ6P bgsZzr3ziu9dQHWTctvOQ25Vq9YX/Iq+//T3ljO/zboZ5y5JvsO33zn57x1zzlsHTvrqpOz6 v6Huf4Z9FW/8XsbaTLnOG7FzZ1SJKrEUZyQaajEXFScCABAv1ERTAgAA X-Mailman-Approved-At: Sun, 05 May 2013 08:20:20 -0700 Subject: [saag] Liaison from SG17 on IPv6 Security Guideline X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 May 2013 17:34:31 -0000 --_000_EF35EE4B92789843B1DECBC0E245586427E198eusaamb105ericsso_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable The ITU-T SG17 (Security) has provided a copy of the latest version of the = draft Recommendation ITU-T X.ipv6-secguide "Technical security guideline on= deploying IPv6". There is no action requested, the liaison is for information. https://datatracker.ietf.org/liaison/1246/ Regards, -scott. Scott Mansfield Ericsson Inc. +1 724 931 9316 --_000_EF35EE4B92789843B1DECBC0E245586427E198eusaamb105ericsso_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

The ITU-T SG17 (Security) has provided a copy of the= latest version of the draft Recommendation ITU-T X.ipv6-secguide “Te= chnical security guideline on deploying IPv6”.

There is no action requested, the liaison is for inf= ormation.

https://datatracker.ietf.org/liaison/1246/

Regards,

-scott.

Scott Mansfield

Ericsson Inc.

+1 724 931 9316

--_000_EF35EE4B92789843B1DECBC0E245586427E198eusaamb105ericsso_-- From prvs=58389e349a=magnus.westerlund@ericsson.com Mon May 6 02:57:15 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBAE421F8F41 for ; Mon, 6 May 2013 02:57:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.249 X-Spam-Level: X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oebc3bkC+c-y for ; Mon, 6 May 2013 02:57:10 -0700 (PDT) Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 0DE8B21F85F4 for ; Mon, 6 May 2013 02:57:09 -0700 (PDT) X-AuditID: c1b4fb2d-b7f536d000006e05-41-51877e7438ac Received: from esessmw0184.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id F8.92.28165.47E77815; Mon, 6 May 2013 11:57:09 +0200 (CEST) Received: from [127.0.0.1] (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.82) with Microsoft SMTP Server id 8.3.279.1; Mon, 6 May 2013 11:57:09 +0200 Message-ID: <51877E74.8090002@ericsson.com> Date: Mon, 6 May 2013 11:57:08 +0200 From: Magnus Westerlund User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: saag@ietf.org References: <20130506094039.7500.34911.idtracker@ietfa.amsl.com> In-Reply-To: <20130506094039.7500.34911.idtracker@ietfa.amsl.com> X-Enigmail-Version: 1.5.1 X-Forwarded-Message-Id: <20130506094039.7500.34911.idtracker@ietfa.amsl.com> Content-Type: multipart/mixed; boundary="------------050105040005020209070601" X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrIKsWRmVeSWpSXmKPExsUyM+JvrW5pXXugQdsCPosp/Z1MDoweS5b8 ZApgjOK2SUosKQvOTM/Tt0vgzpj94QZ7wQuLim8HPjE2MC437GLk5JAQMJFobW1hhbDFJC7c W8/WxcjFISRwilGi4cs1dghnGaNE55upLCBVvALaEttPnmADsVkEVCSuXlkPFmcTsJC4+aMR KM7BISoQLLG1NQaiXFDi5MwnYCUiQPaDvklgtrBAkMTtz4eYQWwhAQeJt63vwI7gFHCU6L3z nA3iIEmJLS/a2UFGSgj4SJztFQYJMwsESDzcdoMNolVboqGpg3UCo+AsJNtmISmDsPUkplxt YYSw5SW2v53DDGHnS8yasogNVZwLyO4Eev/2N6ZZYGckSNzcdRNsqJDATkaJVS/4ZoGDZQOj RNPyn6yzwO4zkWiZzAoR38Uo8WdlK5QzhVHi9sWbjCAOi8B3Zomui5tYIcYqSvQtmsA+CxyQ ChKzGxoYITomAEP76kc2iCINiRkrLzBCrOCXWHtIeRY0ql51f4E6j1fi9JTjbCC9EgL9jBJz f66GWr2NUWL9z70scHd0Lb4M9gUb0LpXH1eyg0wVEZCWOP2UH2KSiMS7qw+ZZ0HD/s1piKd5 gfHzd90ZqEtVJC5O3AMNPSGJ03O+gX0jLOAr8ejTZaYFjMarGNlzEzNz0ssNNzECU+jBLb91 dzCeOidyiFGag0VJnDeJqzFQSCA9sSQ1OzW1ILUovqg0J7X4ECMTByeI4JJqYBQW2fXr20mP /aXPHtsVB/LP5o62j322oDmmmD1jjvXzCJkLh075ia0M5Ff9I1V6bm98/plqSbVb6e5Pyw6d cM4wODjHdYq029npcy+z+0zo3SVry5RoraN8LtVzQZ4sy14x3lscigY/DHMtDrysOv/qPI/R hcyb0rl+PUd9H+zhERaVlfQWVWIpzkg01GIuKk4EAFGd0fl0AwAA Subject: [saag] Fwd: [AVTCORE] I-D Action: draft-ietf-avtcore-rtp-security-options-03.txt X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 May 2013 09:57:15 -0000 --------------050105040005020209070601 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit Security People, AVTCORE WG are developing an overview document over available security options for RTP. As several of these comes from various corners of the security area as well as some being developed in AVT WG. I am thus requesting review of this document. Or maybe you want to be astonished of the flora of things you have produced that can be applied to securing a protocol like RTP in its various usages. Thanks Magnus Westerlund --------------050105040005020209070601 Content-Type: message/rfc822; name="[AVTCORE] I-D Action: draft-ietf-avtcore-rtp-security-options-03_txt.eml" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename*0="[AVTCORE] I-D Action: draft-ietf-avtcore-rtp-security-option"; filename*1="s-03_txt.eml" X-Mozilla-Keys: Received: from esessmw0184.eemea.ericsson.se (153.88.115.81) by ESESSHC022.ericsson.se (153.88.183.84) with Microsoft SMTP Server (TLS) id 14.2.328.9; Mon, 6 May 2013 11:40:43 +0200 Received: from sesbmg11.ericsson.net (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.83) with Microsoft SMTP Server id 8.3.279.1; Mon, 6 May 2013 11:40:43 +0200 X-AuditID: c1b4fb39-b7f676d000003b73-d0-51877a9aa895 Received: from mail.ietf.org (mail.ietf.org [12.22.58.30]) by sesbmg11.ericsson.net (Symantec Mail Security) with SMTP id 15.94.15219.A9A77815; Mon, 6 May 2013 11:40:42 +0200 (CEST) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2034E21F8FE3; Mon, 6 May 2013 02:40:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1367833241; bh=6/3dr8NG94LYEEp0DPBI2nuCMOv1NgNFtuCPvaLhtb4=; h=MIME-Version:From:To:Message-ID:Date:Cc:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: Content-Type:Content-Transfer-Encoding:Sender; b=c8iblOvYO8CTgfGbx8ZmfeohVXmT+FuB6uUkrh3knH90sV1E8dH/x7lATxLitcAQa odrsYHzJuDjscsfAmp5AixT8X2KTD9Y8XuJoN0STecT8Srbs7Sfv5+YWjtM7XzhQWK B4Z5sfCiQlmcYwvI0fY2LT9uQ66Ib1B0nWznbTU8= X-Original-To: avt@ietfa.amsl.com Delivered-To: avt@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E0F821F8FE3; Mon, 6 May 2013 02:40:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.466 X-Spam-Level: X-Spam-Status: No, score=-102.466 tagged_above=-999 required=5 tests=[AWL=0.134, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZFvxxMoIwKrd; Mon, 6 May 2013 02:40:39 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B91421F8FDB; Mon, 6 May 2013 02:40:39 -0700 (PDT) From: To: X-Test-IDTracker: no X-IETF-IDTracker: 4.44.p5 Message-ID: <20130506094039.7500.34911.idtracker@ietfa.amsl.com> Date: Mon, 6 May 2013 02:40:39 -0700 CC: Subject: [AVTCORE] I-D Action: draft-ietf-avtcore-rtp-security-options-03.txt X-BeenThere: avt@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Audio/Video Transport Core Maintenance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: Errors-To: avt-bounces@ietf.org X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrEJsWRWlGSWpSXmKPExsXCI2Ylpzurqj3QYOYLa4umu1vYLS7MPMxo selmgcXW90UWm5avZLJ4d/0ou0XvynmsFjdOtDNZNDYVW2ztbWC1uHDyD7PFpfX3mCxmzo23 uLPyFqPF3J+BFr3Xm1gsDtxqZLfYf+Abm8W9n1/ZLKa32locOfWO2UHU49fXq2wBjFFcNimp OZllqUX6dglcGctffWQsOMxbMXvzVcYGxg9cXYwcHBICJhItk1m7GDmBTDGJC/fWs3UxcnEI CexglPh99jorhDONUWL3j0MsIA6LwHdmia6Lm6BaFCX6Fk1gB7FZBBQkZjc0MEJ0TGKUaJ/8 lB2iSENixsoLjBDr+CXWHlKGWfeq+wsThM0ncfHFDyaQXgmBfkaJuT9XQ63exiix5Pc3hDuW r13GAtLCKyAocXLmEzCbTUBOYvWraYwgtoiApMSsM3OhNotIvLv6kBnClpR4c/omVK+DxN91 Z6DOVpW4Or8L7B1mAQGJFf2TwU4SFvCVePTpMhNM7+19Lxlh7K7eJ2C9AkD185bsBKvhEbCT uLH9KyuEXSgx7ehWqLiFRNuiXjYIW0Fi0rGrLBC2qcSx3h7WCYyqs5C8MwvsDB2JBbs/sUHY 8hLb385hXsDIvIpRtDi1OCk33dBQL7UoM7m4OD9PLy+1ZBMjMI0d3PLbcgfjoiXmhxglOZiU RHmtK9sDhfiS8lMqMxKLM+KLSnNSiw8xSnOwKInz1glVBgoJpCeWpGanphakFsFkZTg4lCR4 3UE6BYtS01Mr0jJzShDSTBycIILrEKMEB4+SCG8tSCFvcUFibnFmOkTRKUZFKXHelRVACQGQ REZpHtwAWFa4xCgrJczLyMDAIMQDtDw3swRV/hWjOAejkjBvLsh4nsy8Erjpr4AWMwEtTuAD W1ySiJCSamDUEkw78+vCfjnnErtFF6bFv+BVydc5XDD59j6ZJ3dDuRkFbrP8271nl+OM37be q8M237ubZjLJ1iK5vSlT2zEjydrkNl/rnLp2jYMPZt/iyzEqPx/Dufuo8sfr6dv5AooDPgXX TN7WL89zTXHetkObdrBtOdvk2DVhrnngmWDWFpvdby88F41RYinOSDTUYi4qTgQAlkJMAQUE AAA= Return-Path: avt-bounces@ietf.org X-MS-Exchange-Organization-AVStamp-Mailbox: MSFTFF;1;0;0 0 0 X-MS-Exchange-Organization-AuthSource: esessmw0184.eemea.ericsson.se X-MS-Exchange-Organization-AuthAs: Anonymous MIME-Version: 1.0 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Audio/Video Transport Core Maintenance Working Group of the IETF. Title : Options for Securing RTP Sessions Author(s) : Magnus Westerlund Colin Perkins Filename : draft-ietf-avtcore-rtp-security-options-03.txt Pages : 32 Date : 2013-05-06 Abstract: The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity and source authentication of RTP/RTCP packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP, and gives guidance for developers on how to choose the appropriate security mechanism. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-avtcore-rtp-security-options There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-avtcore-rtp-security-options-03 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-ietf-avtcore-rtp-security-options-03 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ Audio/Video Transport Core Maintenance avt@ietf.org https://www.ietf.org/mailman/listinfo/avt --------------050105040005020209070601-- From stephen.farrell@cs.tcd.ie Tue May 7 07:40:23 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A10721F8EAC for ; Tue, 7 May 2013 07:40:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -103.599 X-Spam-Level: X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[AWL=1.000, BAYES_00=-2.599, GB_I_LETTER=-2, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rGsccKZWY1E2 for ; Tue, 7 May 2013 07:40:19 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id E022321F8E96 for ; Tue, 7 May 2013 07:40:18 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id E0EA4BE8A for ; Tue, 7 May 2013 15:39:54 +0100 (IST) Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mGoeDqUpqd1z for ; Tue, 7 May 2013 15:39:54 +0100 (IST) Received: from [IPv6:2001:770:10:203:fcc8:28bf:25b1:b303] (unknown [IPv6:2001:770:10:203:fcc8:28bf:25b1:b303]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id C04CFBE3F for ; Tue, 7 May 2013 15:39:54 +0100 (IST) Message-ID: <5189123C.6040108@cs.tcd.ie> Date: Tue, 07 May 2013 15:39:56 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130404 Thunderbird/17.0.5 MIME-Version: 1.0 To: "saag@ietf.org" References: In-Reply-To: X-Enigmail-Version: 1.5.1 X-Forwarded-Message-Id: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Subject: [saag] Fwd: Just Announced: New NIST Security Controls Document - SP 800-53 Rev 4 Training X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 May 2013 14:40:23 -0000 FYI -------- Original Message -------- Subject: Just Announced: New NIST Security Controls Document - SP 800-53 Rev 4 Training Date: Tue, 07 May 2013 08:34:28 -0600 From: NIST Security Controls SP 800-53 Rev 4 Workshop To: Just Released NIST SP 800-53 Rev 4 (FINAL) Security Controls Document - Released on April 30th. NIST Keynote and Featured Presentation. Workshop will Present a Detailed Analysis of the Document- Please Forward To Your Associates - CIO, Security, IG, CFO, Program Managers & Staff, Industry Interested in IT Security - Government & Industry - New NIST Security Controls Publication SP 800-53 Revision 4 (April 30, 2013) http://www.potomacforum.org http://www.potomacforum.org Security and Privacy Controls for Federal Information Systems and Organizations Training Workshop Gov Security Controls: What is New What Has Changed How Does Rev 4 Effect Government Security Programs Government and Industry Invited to Attend June 7, 2013 Willard InterContinental Hotel Washington, D.C. (Early Bird Registration Fee) Team "Learn Together" Registration 2nd Person from Same Gov Organization Registers for 50% of Current Fee Keynote Speaker and Overview Dr Ron Ross NIST FELLOW Leader, Joint Task Force Transformation Interagency Working Group and Leader, FISMA Team National Institute of Standards and Technology (NIST) Author: SP 800-53 Rev 4 Featured Speaker - Continuous Monitoring and Revision 4 L. Arnold Johnson National Institute of Standards and Technology (NIST) Co-Author of NIST SP 800-137 and SP 800-53 Revision 4 Team Member of the Joint Transformation Interagency Working Group FOR NIST SP 800-53 Revision 4: - What is new - What has changed - What YOU need to know to implement the new controls, and Why - Including Presentations on the New Controls - Continuous Monitoring and FedRAMP · How new, changed and withdrawn security controls in NIST SP 800-53 Revision 4 will affect your organization · How to take advantage of the changes in NIST SP 800-53 Revision 4 to improve your organization's security program · How to select and apply NIST 800-53 controls across the enterprise, in external environments, and in legacy systems · How to tailor and scope security controls for your environment · How security controls fit into an organizational perspective on risk management Practical Training from Recognized Leaders in Government IT Security and FISMA Training Our 10th Year of Government IT Security, and FISMA Training "Early Bird" and Send a Team Registration Fee To Encourage Your Team to Learn Together - Potomac Forum is offering a special Government "Send-a-Team" Registration. Register One Person and a Second Attends at 50% of the Current Fee*. *(Both Persons Must Be From the Same Government Organization and Register at the Same Time) Additional Workshop That May Be Of Interest to You or Others In Your Organization Please Forward http://www.potomacforum.org/ New Reduced Registration Fees http://www.potomacforum.org The Managing Government Records Directive from OMB and NARA Workshop III (OMB M12-18) What Has Been Done and What Needs to be Done to Comply With the Letter and Spirit of the Memo: Lessons Learned and Best Practices Starts Next Week - May 15, 2013 Willard InterContinental Hotel Washington, D.C. Workshop for Government and Industry Partners Special "Early Bird" Registration Fee in Support of Government Budget Reductions Team Rates: Register 1 persons and the 2nd person from the same government organization can register for 50% of the current rate. http://www.potomacforum.org/ Registration and Information: http://www.potomacforum.org/ www.potomacforum.org Call: (703) 683-1613 mailto:info@PotomacForum.org info@PotomacForum.org Sponsored by: http://www.potomacforum.org/ Potomac Forum, Ltd. Founded in 1982 as a non-profit educational organization Potomac Forum, Ltd is Proud to be: Corporate Partner of http://www.agacgfm.org/ The Association of Government Accountants Potomac Forum Direct Phone: (703) 683-1613 If this email is not of specific interest to you, please forward to an associate. Please DO NOT UNSUBSCRIBE from this "SECURITY CONTROLS 800-53R4" mailing list. Potomac Forum offers a wide variety of government related training events which may be of interest to you in the future. If you unsubscribe from this "SECURITYCONTROLS 800-53R4 " list, you will not receive future notices for "SECURITYCONTROLS 800-53R4" from this list. Thank You. ---------------------------------------- This email was sent by: Potomac Forum, Ltd. 400 North Washington Street Alexandria, Virginia, 22314, USA We respect your right to privacy - visit the following URL to view our policy. ( http://email.exacttarget.com/Company/Policies/PrivacyPolicy.html?linkid=View+Privacy+Policy ) ---------------------------------------- Visit the following URL to manage your subscriptions. ( http://cl.exct.net/subscription_center.aspx?s=fe1f107874610274731776&j=fe59177173630074751c&mid=ff2910727c63&l=fe5a1574726c06747015&jb=ffcf14&ju= ) Visit the following URL to update your profile. ( http://cl.exct.net/profile_center.aspx?s=fe1f107874610274731776&mid=ff2910727c63&j=fe59177173630074751c&l=fe5a1574726c06747015&jb=ffcf14&ju= ) Visit the following URL to unsubscribe. ( http://cl.exct.net/unsub_center.aspx?s=fe1f107874610274731776&j=fe59177173630074751c&mid=ff2910727c63&lid=fe5a1574726c06747015&jb=ffcf14&ju= ) From turners@ieca.com Thu May 9 02:33:10 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5D3221F8E6B for ; Thu, 9 May 2013 02:33:10 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.289 X-Spam-Level: X-Spam-Status: No, score=-101.289 tagged_above=-999 required=5 tests=[AWL=0.976, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h4KOsrshZ8eH for ; Thu, 9 May 2013 02:33:05 -0700 (PDT) Received: from gateway14.websitewelcome.com (gateway14.websitewelcome.com [67.18.68.2]) by ietfa.amsl.com (Postfix) with ESMTP id A423621F8CB4 for ; Thu, 9 May 2013 02:33:05 -0700 (PDT) Received: by gateway14.websitewelcome.com (Postfix, from userid 5007) id 246B6FF61444F; Thu, 9 May 2013 04:33:01 -0500 (CDT) Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway14.websitewelcome.com (Postfix) with ESMTP id C19BAFF614328 for ; Thu, 9 May 2013 04:33:00 -0500 (CDT) Received: from [31.216.236.149] (port=17814 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1UaNDk-0002DE-Km for saag@ietf.org; Thu, 09 May 2013 04:33:04 -0500 Message-ID: <518B6D50.2010706@ieca.com> Date: Thu, 09 May 2013 10:33:04 +0100 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: saag@ietf.org References: <20130509035220.2061.846.idtracker@ietfa.amsl.com> In-Reply-To: <20130509035220.2061.846.idtracker@ietfa.amsl.com> X-Forwarded-Message-Id: <20130509035220.2061.846.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator1743.hostgator.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ieca.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (thunderfish.local) [31.216.236.149]:17814 X-Source-Auth: sean.turner@ieca.com X-Email-Count: 1 X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20= Subject: [saag] Fwd: I-D Action: draft-saintandre-username-interop-00.txt X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 May 2013 09:33:10 -0000 Some on this list might find this of interest. spt -------- Original Message -------- Subject: I-D Action: draft-saintandre-username-interop-00.txt Date: Wed, 08 May 2013 20:52:20 -0700 From: internet-drafts@ietf.org Reply-To: internet-drafts@ietf.org To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Username Interoperability Author(s) : Peter Saint-Andre Filename : draft-saintandre-username-interop-00.txt Pages : 9 Date : 2013-05-08 Abstract: Various Internet protocols have defined constructs for usernames. This document describes a subset of characters to allow in usernames for maximal interoperability across Internet protocols. The subset might prove useful in cases where a provider offers multiple services using the same underlying identifier. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-saintandre-username-interop There's also a htmlized version available at: http://tools.ietf.org/html/draft-saintandre-username-interop-00 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt From fgont@si6networks.com Mon May 20 20:43:38 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41E0321F970A; Mon, 20 May 2013 20:43:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.524 X-Spam-Level: X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id va+aOk7oBOHA; Mon, 20 May 2013 20:43:37 -0700 (PDT) Received: from web01.jbserver.net (web01.jbserver.net [IPv6:2a00:d10:2000:e::3]) by ietfa.amsl.com (Postfix) with ESMTP id 73AC321F9707; Mon, 20 May 2013 20:43:36 -0700 (PDT) Received: from [186.134.40.103] (helo=[192.168.123.125]) by web01.jbserver.net with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.80.1) (envelope-from ) id 1UedU2-0001c9-5D; Tue, 21 May 2013 05:43:30 +0200 Message-ID: <519AD1B3.9090508@si6networks.com> Date: Mon, 20 May 2013 22:45:23 -0300 From: Fernando Gont User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130510 Thunderbird/17.0.6 MIME-Version: 1.0 To: Scott Mansfield References: In-Reply-To: X-Enigmail-Version: 1.4.6 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Tue, 21 May 2013 08:09:32 -0700 Cc: "opsec@ietf.org" , "saag@ietf.org" Subject: Re: [saag] [OPSEC] Liaison from SG17 on IPv6 Security Guideline X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 03:43:38 -0000 On 05/03/2013 02:08 PM, Scott Mansfield wrote: > The ITU-T SG17 (Security) has provided a copy of the latest version of > the draft Recommendation ITU-T X.ipv6-secguide �Technical security > guideline on deploying IPv6�. > > There is no action requested, the liaison is for information. > > https://datatracker.ietf.org/liaison/1246/ Dumb question: Are we expected/allowed to contribute to the corresponding document? If so, how should such contributions happen? (i.e., where should contributions be sent to or discussed at?). Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 From turners@ieca.com Tue May 21 11:34:55 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A305721F85E8 for ; Tue, 21 May 2013 11:34:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.249 X-Spam-Level: X-Spam-Status: No, score=-102.249 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KiDbP6vTBIe9 for ; Tue, 21 May 2013 11:34:55 -0700 (PDT) Received: from gateway11.websitewelcome.com (gateway11.websitewelcome.com [67.18.106.3]) by ietfa.amsl.com (Postfix) with ESMTP id 6093621F85DC for ; Tue, 21 May 2013 11:34:55 -0700 (PDT) Received: by gateway11.websitewelcome.com (Postfix, from userid 500) id 86CF7D7D3E78F; Tue, 21 May 2013 13:34:48 -0500 (CDT) Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway11.websitewelcome.com (Postfix) with ESMTP id 75577D7D3E738 for ; Tue, 21 May 2013 13:34:48 -0500 (CDT) Received: from [173.73.135.101] (port=64583 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1UerOa-0000B6-7l; Tue, 21 May 2013 13:34:48 -0500 Message-ID: <519BBE47.9050407@ieca.com> Date: Tue, 21 May 2013 14:34:47 -0400 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 MIME-Version: 1.0 To: saag@ietf.org, apps-discuss@ietf.org References: <20130521183122.29537.74465.idtracker@ietfa.amsl.com> In-Reply-To: <20130521183122.29537.74465.idtracker@ietfa.amsl.com> X-Forwarded-Message-Id: <20130521183122.29537.74465.idtracker@ietfa.amsl.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator1743.hostgator.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ieca.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (thunderfish.local) [173.73.135.101]:64583 X-Source-Auth: sean.turner@ieca.com X-Email-Count: 6 X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20= Subject: [saag] Fwd: I-D Action: draft-turner-application-cms-media-type-01.txt X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 18:34:55 -0000 Comments welcomed. spt -------- Original Message -------- Subject: I-D Action: draft-turner-application-cms-media-type-01.txt Date: Tue, 21 May 2013 11:31:22 -0700 From: internet-drafts@ietf.org Reply-To: internet-drafts@ietf.org To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : The application/cms media type Author(s) : Sean Turner Russell Housley Jim Schaad Filename : draft-turner-application-cms-media-type-01.txt Pages : 8 Date : 2013-05-21 Abstract: This document registers the application/cms media types for use with the corresponding CMS (Cryptographic Message Syntax) content types. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-turner-application-cms-media-type There's also a htmlized version available at: http://tools.ietf.org/html/draft-turner-application-cms-media-type-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-turner-application-cms-media-type-01 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt From scott.mansfield@ericsson.com Tue May 21 13:04:27 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C777911E812E; Tue, 21 May 2013 13:04:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cWJq+kuGCmBn; Tue, 21 May 2013 13:04:22 -0700 (PDT) Received: from usevmg20.ericsson.net (usevmg20.ericsson.net [198.24.6.45]) by ietfa.amsl.com (Postfix) with ESMTP id A75D211E80F7; Tue, 21 May 2013 13:04:22 -0700 (PDT) X-AuditID: c618062d-b7fb56d0000042e1-d2-519bd345f5ea Received: from EUSAAHC005.ericsson.se (Unknown_Domain [147.117.188.87]) by usevmg20.ericsson.net (Symantec Mail Security) with SMTP id C3.0F.17121.543DB915; Tue, 21 May 2013 22:04:22 +0200 (CEST) Received: from EUSAAMB105.ericsson.se ([147.117.188.122]) by EUSAAHC005.ericsson.se ([147.117.188.87]) with mapi id 14.02.0328.009; Tue, 21 May 2013 16:04:21 -0400 From: Scott Mansfield To: Merike Kaeo , Fernando Gont Thread-Topic: [OPSEC] Liaison from SG17 on IPv6 Security Guideline Thread-Index: Ac5IIMiS/sHDEQrxSIeSnSr9qeiU+ANxZpOAACDHcYAAAyz4sA== Date: Tue, 21 May 2013 20:04:20 +0000 Message-ID: References: <519AD1B3.9090508@si6networks.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [147.117.188.135] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrFLMWRmVeSWpSXmKPExsUyuXRPuK7b5dmBBtuni1k8WfWGzWLT24NM Fh+23mWzmNLfyeTA4jHnponHkiU/mTw+HOphD2CO4rJJSc3JLEst0rdL4MroPjGbuWCFZMWT ea/YGxivSHQxcnJICJhIzP9+gQnCFpO4cG89WxcjF4eQwFFGiRWHPjFCOMsZJb7tXcAKUsUG 1LF113RGEFtEIEJiw7SNYHFmATeJ7qZtYJOEBRwleju62LsYOYBqnCT+fwiAKHeSOLn8AAuI zSKgKjHvzDU2EJtXwFtic9NOdohdGxglbrX1gxVxCnhJnF+9AMxmBLru+6k1TBC7xCVuPZkP dbWAxJI955khbFGJl4//sULYyhLf5zxiAbmBWUBTYv0ufYhWRYkp3Q/ZIfYKSpyc+YRlAqPY LCRTZyF0zELSMQtJxwJGllWMHKXFqWW56UYGmxiB8XNMgk13B+Oel5aHGKU5WJTEeVu1pwYK CaQnlqRmp6YWpBbFF5XmpBYfYmTi4JRqYDSpub7o+Voeje4nGmkL/O/vOLV1hvxs5mC3q9G6 WTMtz12Y+i9kavDaF9e2LPA8fyXAR/m2rH5SyhbmqHvG/ryL/3FrOU3kqzn+OUPeJ3Dnr4Lm Na/DHXgnu+sUTo5z2RxmeSTkFUOh1RqpjfKvH1XecXkt0//294IpfBFvI6q/2smWcE3prVZi Kc5INNRiLipOBACqj7O6bQIAAA== Cc: "opsec@ietf.org" , "saag@ietf.org" Subject: Re: [saag] [OPSEC] Liaison from SG17 on IPv6 Security Guideline X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 20:04:27 -0000 DQpBcyBJIHNhaWQgd2hlbiBJIGZvcndhcmRlZCB0aGUgbGlhaXNvbiwgdGhpcyBsaWFpc29uIGlz ICJmb3IgaW5mb3JtYXRpb24iLiAgVGhlIElUVS1UIGlzIG5vdCBleHBlY3RpbmcgYW55IHJlc3Bv bnNlIHRvIHRoZSBsaWFpc29uLiAgSG93ZXZlci4uLg0KDQpXaXRob3V0IGRpdmluZyBpbnRvIElU VS1UIHByb2Nlc3Mgc3BlYWsuLi4gIHN1ZmZpY2UgaXQgdG8gc2F5IHRoYXQgdGhlIGRvY3VtZW50 IChub3cgY2FsbGVkIFguMTAzNykgaGFzIGVudGVyZWQgb25lIG9mIHRoZWlyIGFwcHJvdmFsIHBy b2Nlc3Nlcy4gIFRoZSBsYXN0IGNhbGwgZm9yIGNvbW1lbnRzIG9uIHRoZSBkb2N1bWVudCBpcyBK dW5lIDEyLiAgSWYgeW91IHdhbnQgdG8gY29tbWVudCwgb25lIG9wdGlvbiBpcyB0byBzZW5kIGEg bGlhaXNvbiB0byB0aGUgSVRVLVQsIGJ1dCB0aGUgc3R1ZHkgZ3JvdXAgd291bGQgcHJvYmFibHkg bm90IGhhdmUgdGltZSB0byBjb25zaWRlciB0aGUgbGlhaXNvbiBiZWZvcmUgdGhlIGxhc3QgY2Fs bCBjbG9zZWQuICBUaGF0IG1heSBiZSBvaywgaWYgeW91IHNpbXBseSB3YW50IHRvIGluY2x1ZGUg aWRlYXMgZm9yIHRoZSBuZXh0IHJldmlzaW9uIG9mIHRoZSBkb2N1bWVudC4gIFRoZSBvdGhlciB3 YXkgdG8gY29tbWVudCBpcyB0byBzdWJtaXQgQUFQIGNvbW1lbnRzLiAgVGhhdCBwcm9jZXNzIGlz IGVhc3kgaWYgeW91IGFyZSBhIHNlY3RvciBtZW1iZXIgb2YgdGhlIElUVS1ULCBidXQgaXMgc3Rp bGwgcG9zc2libGUgaWYgeW91IGFyZSBub3QuICBJU09DIGlzIGEgc2VjdG9yIG1lbWJlciBhbmQg Y2FuIHN1Ym1pdCBjb21tZW50cywgb3IgeW91IGNhbiBmaW5kIGFuIElUVS1UIHNlY3RvciBtZW1i ZXIgdGhhdCBhZ3JlZXMgdG8gc3VibWl0IHlvdXIgY29tbWVudHMuICBIZXJlIGlzIHRoZSBsaW5r IC0tPiBodHRwOi8vd3d3Lml0dS5pbnQvSVRVLVQvYWFwL2FhcGlkLzI4MDQvc2hvdy5hc3B4IA0K DQpJZiBJIGNhbiBoZWxwLCBsZXQgbWUga25vdy4NCg0KUmVnYXJkcywNCi1zY290dC4NCg0KLS0t LS1PcmlnaW5hbCBNZXNzYWdlLS0tLS0NCkZyb206IE1lcmlrZSBLYWVvIFttYWlsdG86bWVyaWtl QGRvdWJsZXNob3RzZWN1cml0eS5jb21dIA0KU2VudDogVHVlc2RheSwgTWF5IDIxLCAyMDEzIDE6 MjQgUE0NClRvOiBGZXJuYW5kbyBHb250DQpDYzogU2NvdHQgTWFuc2ZpZWxkOyBvcHNlY0BpZXRm Lm9yZzsgc2FhZ0BpZXRmLm9yZw0KU3ViamVjdDogUmU6IFtPUFNFQ10gTGlhaXNvbiBmcm9tIFNH MTcgb24gSVB2NiBTZWN1cml0eSBHdWlkZWxpbmUNCg0KDQoNCk9uIE1heSAyMCwgMjAxMywgYXQg Njo0NSBQTSwgRmVybmFuZG8gR29udCA8ZmdvbnRAc2k2bmV0d29ya3MuY29tPiB3cm90ZToNCg0K PiBPbiAwNS8wMy8yMDEzIDAyOjA4IFBNLCBTY290dCBNYW5zZmllbGQgd3JvdGU6DQo+PiBUaGUg SVRVLVQgU0cxNyAoU2VjdXJpdHkpIGhhcyBwcm92aWRlZCBhIGNvcHkgb2YgdGhlIGxhdGVzdCB2 ZXJzaW9uIA0KPj4gb2YgdGhlIGRyYWZ0IFJlY29tbWVuZGF0aW9uIElUVS1UIFguaXB2Ni1zZWNn dWlkZSDigJxUZWNobmljYWwgc2VjdXJpdHkgDQo+PiBndWlkZWxpbmUgb24gZGVwbG95aW5nIElQ djbigJ0uDQo+PiANCj4+IFRoZXJlIGlzIG5vIGFjdGlvbiByZXF1ZXN0ZWQsIHRoZSBsaWFpc29u IGlzIGZvciBpbmZvcm1hdGlvbi4NCj4+IA0KPj4gaHR0cHM6Ly9kYXRhdHJhY2tlci5pZXRmLm9y Zy9saWFpc29uLzEyNDYvDQo+IA0KPiBEdW1iIHF1ZXN0aW9uOg0KPiANCj4gQXJlIHdlIGV4cGVj dGVkL2FsbG93ZWQgdG8gY29udHJpYnV0ZSB0byB0aGUgY29ycmVzcG9uZGluZyBkb2N1bWVudD8g DQo+IElmIHNvLCBob3cgc2hvdWxkIHN1Y2ggY29udHJpYnV0aW9ucyBoYXBwZW4/IChpLmUuLCB3 aGVyZSBzaG91bGQgDQo+IGNvbnRyaWJ1dGlvbnMgYmUgc2VudCB0byBvciBkaXNjdXNzZWQgYXQ/ KS4NCj4gDQpJIGhhdmUgc2FtZSBxdWVzdGlvbiBzaW5jZSBoYXZlIHNvbWUgZWRpdHMgKHJlY29t bWVuZGF0aW9ucyBmb3IgZWRpdHMpLg0KDQotIG1lcmlrZQ0KDQo+IFRoYW5rcyENCj4gDQo+IEJl c3QgcmVnYXJkcywNCj4gLS0NCj4gRmVybmFuZG8gR29udA0KPiBTSTYgTmV0d29ya3MNCj4gZS1t YWlsOiBmZ29udEBzaTZuZXR3b3Jrcy5jb20NCj4gUEdQIEZpbmdlcnByaW50OiA2NjY2IDMxQzYg RDQ4NCA2M0IyIDhGQjEgRTNDNCBBRTI1IDBENTUgMUQ0RSA3NDkyDQo+IA0KPiANCj4gDQo+IA0K PiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fXw0KPiBPUFNF QyBtYWlsaW5nIGxpc3QNCj4gT1BTRUNAaWV0Zi5vcmcNCj4gaHR0cHM6Ly93d3cuaWV0Zi5vcmcv bWFpbG1hbi9saXN0aW5mby9vcHNlYw0KPiANCg== From merike@doubleshotsecurity.com Tue May 21 10:24:56 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C8DC21F8EC2; Tue, 21 May 2013 10:24:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.203 X-Spam-Level: X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tSHwIQE560wc; Tue, 21 May 2013 10:24:40 -0700 (PDT) Received: from b.mail.sonic.net (b.mail.sonic.net [64.142.19.5]) by ietfa.amsl.com (Postfix) with ESMTP id 7488C21F983A; Tue, 21 May 2013 10:24:08 -0700 (PDT) Received: from [192.168.10.130] ([64.122.169.98]) (authenticated bits=0) by b.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id r4LHNxMr009857 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 21 May 2013 10:24:00 -0700 References: <519AD1B3.9090508@si6networks.com> Mime-Version: 1.0 (1.0) In-Reply-To: <519AD1B3.9090508@si6networks.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Message-Id: X-Mailer: iPad Mail (10B329) From: Merike Kaeo Date: Tue, 21 May 2013 10:23:57 -0700 To: Fernando Gont X-Mailman-Approved-At: Wed, 22 May 2013 08:41:05 -0700 Cc: "opsec@ietf.org" , "saag@ietf.org" Subject: Re: [saag] [OPSEC] Liaison from SG17 on IPv6 Security Guideline X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 17:24:56 -0000 On May 20, 2013, at 6:45 PM, Fernando Gont wrote: > On 05/03/2013 02:08 PM, Scott Mansfield wrote: >> The ITU-T SG17 (Security) has provided a copy of the latest version of >> the draft Recommendation ITU-T X.ipv6-secguide =E2=80=9CTechnical securit= y >> guideline on deploying IPv6=E2=80=9D. >>=20 >> There is no action requested, the liaison is for information. >>=20 >> https://datatracker.ietf.org/liaison/1246/ >=20 > Dumb question: >=20 > Are we expected/allowed to contribute to the corresponding document? If > so, how should such contributions happen? (i.e., where should > contributions be sent to or discussed at?). >=20 I have same question since have some edits (recommendations for edits). - merike > Thanks! >=20 > Best regards, > --=20 > Fernando Gont > SI6 Networks > e-mail: fgont@si6networks.com > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 >=20 >=20 >=20 >=20 > _______________________________________________ > OPSEC mailing list > OPSEC@ietf.org > https://www.ietf.org/mailman/listinfo/opsec >=20 From manav.bhatia@alcatel-lucent.com Tue May 21 10:36:52 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D1B521F9870; Tue, 21 May 2013 10:36:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p9DCd+XXgx2u; Tue, 21 May 2013 10:36:46 -0700 (PDT) Received: from ihemail1.lucent.com (ihemail1.lucent.com [135.245.0.33]) by ietfa.amsl.com (Postfix) with ESMTP id 7D2A321F9679; Tue, 21 May 2013 10:36:46 -0700 (PDT) Received: from us70uusmtp4.zam.alcatel-lucent.com (h135-5-2-66.lucent.com [135.5.2.66]) by ihemail1.lucent.com (8.13.8/IER-o) with ESMTP id r4LHadCP021159 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 21 May 2013 12:36:39 -0500 (CDT) Received: from US70TWXCHHUB03.zam.alcatel-lucent.com (us70twxchhub03.zam.alcatel-lucent.com [135.5.2.35]) by us70uusmtp4.zam.alcatel-lucent.com (GMO) with ESMTP id r4LHacdV009339 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 21 May 2013 13:36:38 -0400 Received: from SG70YWXCHHUB04.zap.alcatel-lucent.com (135.253.2.38) by US70TWXCHHUB03.zam.alcatel-lucent.com (135.5.2.35) with Microsoft SMTP Server (TLS) id 14.2.247.3; Tue, 21 May 2013 13:36:38 -0400 Received: from SG70YWXCHMBA05.zap.alcatel-lucent.com ([169.254.5.102]) by SG70YWXCHHUB04.zap.alcatel-lucent.com ([135.253.2.38]) with mapi id 14.02.0247.003; Wed, 22 May 2013 01:36:35 +0800 From: "Bhatia, Manav (Manav)" To: Merike Kaeo , Fernando Gont Thread-Topic: [OPSEC] Liaison from SG17 on IPv6 Security Guideline Thread-Index: AQHOVkgkFn78OBlImkadqmjpXqS/epkP5nvw Date: Tue, 21 May 2013 17:36:35 +0000 Message-ID: <20211F91F544D247976D84C5D778A4C302A089@SG70YWXCHMBA05.zap.alcatel-lucent.com> References: <519AD1B3.9090508@si6networks.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [135.253.19.16] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.57 on 135.245.2.33 X-Mailman-Approved-At: Wed, 22 May 2013 08:41:05 -0700 Cc: "opsec@ietf.org" , "saag@ietf.org" Subject: Re: [saag] [OPSEC] Liaison from SG17 on IPv6 Security Guideline X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 May 2013 17:36:52 -0000 +1 It should at the very least offer RFC 6505 as another alternative to RFC 45= 52 (which anyways has few implementations). Cheers, Manav > -----Original Message----- > From: opsec-bounces@ietf.org [mailto:opsec-bounces@ietf.org]=20 > On Behalf Of Merike Kaeo > Sent: Tuesday, May 21, 2013 10:54 PM > To: Fernando Gont > Cc: opsec@ietf.org; saag@ietf.org > Subject: Re: [OPSEC] Liaison from SG17 on IPv6 Security Guideline >=20 >=20 >=20 > On May 20, 2013, at 6:45 PM, Fernando Gont=20 > wrote: >=20 > > On 05/03/2013 02:08 PM, Scott Mansfield wrote: > >> The ITU-T SG17 (Security) has provided a copy of the=20 > latest version=20 > >> of the draft Recommendation ITU-T X.ipv6-secguide=20 > "Technical security=20 > >> guideline on deploying IPv6". > >>=20 > >> There is no action requested, the liaison is for information. > >>=20 > >> https://datatracker.ietf.org/liaison/1246/ > >=20 > > Dumb question: > >=20 > > Are we expected/allowed to contribute to the corresponding=20 > document?=20 > > If so, how should such contributions happen? (i.e., where should=20 > > contributions be sent to or discussed at?). > >=20 > I have same question since have some edits (recommendations=20 > for edits). >=20 > - merike >=20 > > Thanks! > >=20 > > Best regards, > > -- > > Fernando Gont > > SI6 Networks > > e-mail: fgont@si6networks.com > > PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > >=20 > >=20 > >=20 > >=20 > > _______________________________________________ > > OPSEC mailing list > > OPSEC@ietf.org > > https://www.ietf.org/mailman/listinfo/opsec > >=20 > _______________________________________________ > OPSEC mailing list > OPSEC@ietf.org > https://www.ietf.org/mailman/listinfo/opsec > = From quynh.dang@nist.gov Thu May 23 04:23:56 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA77921F9670 for ; Thu, 23 May 2013 04:23:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.845 X-Spam-Level: X-Spam-Status: No, score=-4.845 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=1.753, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c7PKS31xgPdM for ; Thu, 23 May 2013 04:23:52 -0700 (PDT) Received: from wsget1.nist.gov (wsget1.nist.gov [129.6.13.150]) by ietfa.amsl.com (Postfix) with ESMTP id 1EB9121F8BC5 for ; Thu, 23 May 2013 04:23:51 -0700 (PDT) Received: from WSXGHUB2.xchange.nist.gov (129.6.18.19) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.3.123.3; Thu, 23 May 2013 07:23:53 -0400 Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB2.xchange.nist.gov ([129.6.18.19]) with mapi; Thu, 23 May 2013 07:23:47 -0400 From: "Dang, Quynh" To: "saag@ietf.org" Date: Thu, 23 May 2013 07:23:46 -0400 Thread-Topic: Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) Thread-Index: Ac5Xp/4kvKihGpeaT1ylp5qZQ9iy0A== Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.4.130416 acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_CDC374822E0B5qdangnistgov_" MIME-Version: 1.0 Subject: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 May 2013 11:23:57 -0000 --_000_CDC374822E0B5qdangnistgov_ Content-Type: text/plain; charset="us-ascii" Hi everyone, I just submitted an individual draft which I and Sean wrote together discussing recommended uses of SHA-512/224 and SHA-512/256. Below is the link to the ID. http://www.ietf.org/id/draft-dang-turner-sha-512-224-256-00.txt Your comments will be appreciated. Regards, Quynh. --_000_CDC374822E0B5qdangnistgov_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: base64 PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5IHN0eWxlPSJ3b3JkLXdyYXA6IGJyZWFrLXdvcmQ7IC13 ZWJraXQtbmJzcC1tb2RlOiBzcGFjZTsgLXdlYmtpdC1saW5lLWJyZWFrOiBhZnRlci13aGl0ZS1z cGFjZTsgY29sb3I6IHJnYigwLCAwLCAwKTsgZm9udC1zaXplOiAxNHB4OyBmb250LWZhbWlseTog Q2FsaWJyaSwgc2Fucy1zZXJpZjsgIj48ZGl2PkhpIGV2ZXJ5b25lLDwvZGl2PjxkaXY+PGJyPjwv ZGl2PjxkaXY+SSBqdXN0IHN1Ym1pdHRlZCBhbiBpbmRpdmlkdWFsIGRyYWZ0IHdoaWNoIEkgYW5k IFNlYW4gd3JvdGUgdG9nZXRoZXIgZGlzY3Vzc2luZyByZWNvbW1lbmRlZCB1c2VzIG9mIFNIQS01 MTIvMjI0IGFuZCBTSEEtNTEyLzI1Ni4gQmVsb3cgaXMgdGhlIGxpbmsgdG8gdGhlIElELiZuYnNw OzwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+PGEgaHJlZj0iaHR0cDovL3d3dy5pZXRmLm9yZy9p ZC9kcmFmdC1kYW5nLXR1cm5lci1zaGEtNTEyLTIyNC0yNTYtMDAudHh0Ij5odHRwOi8vd3d3Lmll dGYub3JnL2lkL2RyYWZ0LWRhbmctdHVybmVyLXNoYS01MTItMjI0LTI1Ni0wMC50eHQ8L2E+PC9k aXY+PGRpdj48YnI+PC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5Zb3VyIGNvbW1lbnRzIHdpbGwg YmUgYXBwcmVjaWF0ZWQuPC9kaXY+PGRpdj48YnI+PC9kaXY+PGRpdj5SZWdhcmRzLDwvZGl2Pjxk aXY+UXV5bmguJm5ic3A7PC9kaXY+PC9ib2R5PjwvaHRtbD4NCg== --_000_CDC374822E0B5qdangnistgov_-- From housley@vigilsec.com Thu May 23 06:39:43 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86F5D21F8517 for ; Thu, 23 May 2013 06:39:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.578 X-Spam-Level: X-Spam-Status: No, score=-102.578 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PZGK9BZM8iV0 for ; Thu, 23 May 2013 06:39:38 -0700 (PDT) Received: from odin.smetech.net (mail.smetech.net [208.254.26.82]) by ietfa.amsl.com (Postfix) with ESMTP id C24CF21F94A6 for ; Thu, 23 May 2013 06:39:36 -0700 (PDT) Received: from localhost (unknown [208.254.26.81]) by odin.smetech.net (Postfix) with ESMTP id B1D44F24070; Thu, 23 May 2013 09:39:45 -0400 (EDT) X-Virus-Scanned: amavisd-new at smetech.net Received: from odin.smetech.net ([208.254.26.82]) by localhost (ronin.smetech.net [208.254.26.81]) (amavisd-new, port 10024) with ESMTP id qgJ8UCDWuXQK; Thu, 23 May 2013 09:39:29 -0400 (EDT) Received: from [192.168.2.109] (pool-96-241-156-29.washdc.fios.verizon.net [96.241.156.29]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id CC3FFF2406E; Thu, 23 May 2013 09:39:44 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1085) Content-Type: multipart/alternative; boundary=Apple-Mail-197-167151061 From: Russ Housley In-Reply-To: Date: Thu, 23 May 2013 09:39:34 -0400 Message-Id: References: To: "Dang, Quynh" X-Mailer: Apple Mail (2.1085) Cc: "saag@ietf.org" Subject: Re: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 May 2013 13:39:43 -0000 --Apple-Mail-197-167151061 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Quynh: Has NIST assigned OIDs for these hash algorithms? If so, it would be = good to include them in this draft, even as an appendix. Russ On May 23, 2013, at 7:23 AM, Dang, Quynh wrote: > Hi everyone, >=20 > I just submitted an individual draft which I and Sean wrote together = discussing recommended uses of SHA-512/224 and SHA-512/256. Below is the = link to the ID.=20 >=20 > http://www.ietf.org/id/draft-dang-turner-sha-512-224-256-00.txt >=20 >=20 > Your comments will be appreciated. >=20 > Regards, > Quynh.=20 > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag --Apple-Mail-197-167151061 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii

Hi = everyone,

I just submitted an individual draft = which I and Sean wrote together discussing recommended uses of = SHA-512/224 and SHA-512/256. Below is the link to the = ID.

h= ttp://www.ietf.org/id/draft-dang-turner-sha-512-224-256-00.txt

Your comments will be = appreciated.

Regards,
Quynh.
_______________________________________________
saag mailing = list
saag@ietf.org
https://www.ietf.org/m= ailman/listinfo/saag

= --Apple-Mail-197-167151061-- From mdchalmers@gmail.com Thu May 23 07:48:06 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6590A21F8A6B for ; Thu, 23 May 2013 07:48:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.977 X-Spam-Level: X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id csomI-TMFcKC for ; Thu, 23 May 2013 07:48:05 -0700 (PDT) Received: from mail-qa0-x22c.google.com (mail-qa0-x22c.google.com [IPv6:2607:f8b0:400d:c00::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 0ED0221F967D for ; Thu, 23 May 2013 07:48:01 -0700 (PDT) Received: by mail-qa0-f44.google.com with SMTP id hu16so3474141qab.17 for ; Thu, 23 May 2013 07:48:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=LhdqwzMoQoTgwA4FbM9jBGEJ0682YFRbHebha8M50oQ=; b=UeFGFmQi4GjYrL3sPHY9ma6S86/HpuGzNQd4WZA40v8bH+bQr7sVv04bjNECmrhRDK fa0q4HJx/LWxumu/IL7DUxFYw7JAAgrlHmXVursPHaNx/u3S/gfU5VafXot8bYYJWZtP Xd3lsLcxmEvvtgm9Rl08jH7bZzCv9jtTP4iiXiKhM3lwSwfklDyyYipYMnzLf0cPlRib vpCUlO8snOrKzPriqyg0dAwjKLZZ3wlS200EWjNFinFl4JFayF4DLEgpVplXwFRcQvug A9Zv8ePBrUXPhCG+IbbJH7SXrEiDuGg+i29V7zfMvE/hecWE7dlwsYqc6h/1pGro3V16 3DAQ== X-Received: by 10.224.167.133 with SMTP id q5mr12246447qay.2.1369320481347; Thu, 23 May 2013 07:48:01 -0700 (PDT) MIME-Version: 1.0 Sender: mdchalmers@gmail.com Received: by 10.49.85.41 with HTTP; Thu, 23 May 2013 07:47:41 -0700 (PDT) In-Reply-To: References:

From: Matthew Chalmers Date: Thu, 23 May 2013 09:47:41 -0500 X-Google-Sender-Auth: oMr6pt0bJBKzRO3b-hXyCYcONkg Message-ID: To: Russ Housley Content-Type: multipart/alternative; boundary=089e0149cab0e001a104dd63c406 Cc: "saag@ietf.org" Subject: Re: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 May 2013 14:55:20 -0000 --089e0149cab0e001a104dd63c406 Content-Type: text/plain; charset=ISO-8859-1 They appear to be mentioned here: http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html#Hash Secure Hash Algorithm object identifiers id-sha256 OBJECT IDENTIFIER ::= { hashAlgs 1 } id-sha384 OBJECT IDENTIFIER ::= { hashAlgs 2 } id-sha512 OBJECT IDENTIFIER ::= { hashAlgs 3 } id-sha224 OBJECT IDENTIFIER ::= { hashAlgs 4 } id-sha512-224 OBJECT IDENTIFIER ::= { hashAlgs 5 } id-sha512-256 OBJECT IDENTIFIER ::= { hashAlgs 6 } On Thu, May 23, 2013 at 8:39 AM, Russ Housley wrote: > Quynh: > > Has NIST assigned OIDs for these hash algorithms? If so, it would be good > to include them in this draft, even as an appendix. > > Russ > > > On May 23, 2013, at 7:23 AM, Dang, Quynh wrote: > > Hi everyone, > > I just submitted an individual draft which I and Sean wrote together > discussing recommended uses of SHA-512/224 and SHA-512/256. Below is the > link to the ID. > > http://www.ietf.org/id/draft-dang-turner-sha-512-224-256-00.txt > > > Your comments will be appreciated. > > Regards, > Quynh. > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag > > --089e0149cab0e001a104dd63c406 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

They appear to be mentioned here:

http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.htm= l#Hash

Secure Hash Algorithm object identifiers

id-sha256 OBJECT IDENTIFIER ::=3D { hashAlgs 1 }

id-sha384 OBJECT IDENTIFIER ::=3D { hashAlgs 2 }

id-sha512 OBJECT IDENTIFIER ::=3D { hashAlgs 3 }

id-sha224 OBJECT IDENTIFIER ::=3D { hashAlgs 4 }

id-sha512-224 OBJECT IDENTIFIER ::=3D { hashAlgs 5 }

id-sha512-256 OBJECT IDENTIFIER ::=3D { hashAlgs 6 }

On Thu, May 2= 3, 2013 at 8:39 AM, Russ Housley <housley@vigilsec.com> w= rote:

Quynh:
Has NIST assigned OIDs for these hash algorithms? =A0If s= o, it would be good to include them in this draft, even as an appendix.
Russ

On May 23, 2013, at 7:23 AM, Dang, Quynh wrote:

Hi everyone,

I just submitted an individual d= raft which I and Sean wrote together discussing recommended uses of SHA-512= /224 and SHA-512/256. Below is the link to the ID.=A0

http://www.ietf.org/id/draft-dang-turner-sha-512-22= 4-256-00.txt

Your comments will= be appreciated.

Regards,
Quynh.=A0
_______________________________________________
saag mailing list
saag@ietf.org
https://= www.ietf.org/mailman/listinfo/saag

________________________= _______________________
saag mailing list
saag@ietf.org
ht= tps://www.ietf.org/mailman/listinfo/saag

--089e0149cab0e001a104dd63c406-- From paul.hoffman@vpnc.org Thu May 23 11:01:50 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ECE6F21F93B1 for ; Thu, 23 May 2013 11:01:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.608 X-Spam-Level: X-Spam-Status: No, score=-102.608 tagged_above=-999 required=5 tests=[AWL=-0.009, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wnNftEthXO-v for ; Thu, 23 May 2013 11:01:39 -0700 (PDT) Received: from hoffman.proper.com (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by ietfa.amsl.com (Postfix) with ESMTP id ABFB021F9021 for ; Thu, 23 May 2013 10:47:12 -0700 (PDT) Received: from [10.20.30.90] (50-1-98-173.dsl.dynamic.sonic.net [50.1.98.173]) (authenticated bits=0) by hoffman.proper.com (8.14.5/8.14.5) with ESMTP id r4NHlBWu002577 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 23 May 2013 10:47:12 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.3 $1503$) From: Paul Hoffman In-Reply-To: Date: Thu, 23 May 2013 10:47:10 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: <12CE3094-4537-4DB1-BE41-5DD70512113A@vpnc.org> References: To: "Dang, Quynh" X-Mailer: Apple Mail (2.1503) Cc: "saag@ietf.org" Subject: Re: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 May 2013 18:01:50 -0000 The document makes an assumption that someone signing a message knows = the algorithm capabilities of everyone who is intended to verify that = signature. That seems like a very, very bad assumption. Defining a new hash algorithm whose benefit is to be part of a signature = algorithm implies that all verifiers will have the new algorithm in = their implementations. In online protocols with negotiation, that's = acceptable (but still a bit onerous). However, if these signatures are = also meant to be used in protocols with no negotiation (such as PKIX and = CMS), then adding a new signature algorithm needs to be done only if the = advantage (in this case, speed of one part of the verification) greatly = outweighs the disadvantage of some verifiers having to fail completely. To date, it is extremely rare to hear "we can't use SHA256 in this = signature algorithm because it is too slow". This proposal seems to be = based on optimization, not actual need. These balances should be covered in the document, probably in the = introduction. These seem like useful algorithms for very slow roll-out, particularly = if we later discover attacks on the key tables in SHA-256 that don't = apply to SHA-512. However, a document that defines new algorithms but = doesn't cover the operational aspects of widespread failure to validate = seems incomplete. --Paul Hoffman= From hartmans@mit.edu Thu May 23 12:17:11 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AAB621F901A for ; Thu, 23 May 2013 12:17:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BMtrdHMkwmaM for ; Thu, 23 May 2013 12:16:52 -0700 (PDT) Received: from mail.painless-security.com (mail.painless-security.com [23.30.188.241]) by ietfa.amsl.com (Postfix) with ESMTP id 1177721F9416 for ; Thu, 23 May 2013 11:50:17 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mail.painless-security.com (Postfix) with ESMTP id 3B6B020618; Thu, 23 May 2013 14:47:15 -0400 (EDT) Received: from mail.painless-security.com ([127.0.0.1]) by localhost (mail.suchdamage.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KTCGbHfli7x4; Thu, 23 May 2013 14:47:14 -0400 (EDT) Received: from carter-zimmerman.suchdamage.org (unknown [10.1.10.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "laptop", Issuer "laptop" (not verified)) by mail.painless-security.com (Postfix) with ESMTPS; Thu, 23 May 2013 14:47:14 -0400 (EDT) Received: by carter-zimmerman.suchdamage.org (Postfix, from userid 8042) id 7F61C440B; Thu, 23 May 2013 14:50:15 -0400 (EDT) From: Sam Hartman To: Paul Hoffman References: <12CE3094-4537-4DB1-BE41-5DD70512113A@vpnc.org> Date: Thu, 23 May 2013 14:50:15 -0400 In-Reply-To: <12CE3094-4537-4DB1-BE41-5DD70512113A@vpnc.org> (Paul Hoffman's message of "Thu, 23 May 2013 10:47:10 -0700") Message-ID: User-Agent: Gnus/5.110009 (No Gnus v0.9) Emacs/22.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: "saag@ietf.org" Subject: Re: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 May 2013 19:17:11 -0000 >>>>> "Paul" == Paul Hoffman writes: Paul> The document makes an assumption that someone signing a Paul> message knows the algorithm capabilities of everyone who is Paul> intended to verify that signature. That seems like a very, Paul> very bad assumption. Defining a new hash algorithm whose Paul> benefit is to be part of a signature algorithm implies that Paul> all verifiers will have the new algorithm in their Paul> implementations. In online protocols with negotiation, that's Paul> acceptable (but still a bit onerous). Having just spent two months debugging what ended up being a bug in how some verifiers reported the absence of SHA-256 support (and the shocking lack of SHA-256 support in places where I was kind of hoping it would be present by now), i'd like to agree with Paul that this assumption is really bad. The bar to overcome for adding a new hash algorithm in offline verification can be really high in practice. From pgut001@cs.auckland.ac.nz Thu May 23 17:54:22 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF21121F90F4 for ; Thu, 23 May 2013 17:54:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYu1O8OnmxMc for ; Thu, 23 May 2013 17:54:17 -0700 (PDT) Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.244]) by ietfa.amsl.com (Postfix) with ESMTP id E1FDF21F90CD for ; Thu, 23 May 2013 17:54:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1369356857; x=1400892857; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=D89ojRwZiESry8pWC0BRPNgVLyDaiMYyRWREyF+uwQs=; b=TPt5Q6zO5QxYTcET91u3d2KsC4H3WpzpicSR2EdXyCU7yFrR0/UMz6nu qXAov/EROSWvMDH5y5kvwF7aZk1maBqF173XiLcQm5K00l5V6mEdbI6E5 euNCVsYTzO9c4/UTKPhBkj1XYrFQGET9dsjn24Y7XW/pBwChh2+Ucgp1q 0=; X-IronPort-AV: E=Sophos;i="4.87,730,1363086000"; d="scan'208";a="188924186" X-Ironport-HAT: MAIL-SERVERS - $RELAYED X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 24 May 2013 12:54:14 +1200 Received: from UXCHANGE10-FE4.UoA.auckland.ac.nz (130.216.4.171) by uxchange10-fe2.UoA.auckland.ac.nz (130.216.4.106) with Microsoft SMTP Server (TLS) id 14.2.318.4; Fri, 24 May 2013 12:54:13 +1200 Received: from UXCN10-TDC02.UoA.auckland.ac.nz ([169.254.8.4]) by uxchange10-fe4.UoA.auckland.ac.nz ([130.216.4.171]) with mapi id 14.02.0318.004; Fri, 24 May 2013 12:54:13 +1200 From: Peter Gutmann To: "saag@ietf.org" Thread-Topic: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) Thread-Index: Ac5YGTUJUQqWfllLSXm75stcVvoZuw== Date: Fri, 24 May 2013 00:54:12 +0000 Message-ID: <9A043F3CF02CD34C8E74AC1594475C7343D50FF5@uxcn10-tdc02.UoA.auckland.ac.nz> Accept-Language: en-NZ, en-GB, en-US Content-Language: en-NZ X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [130.216.158.4] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [saag] Recommended Usages of SHA-512/224, SHA-512/256 (draft-dang-turner-sha-512-224-256-00.txt) X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 May 2013 00:54:22 -0000 Sam Hartman writes:=0A= =0A= >Having just spent two months debugging what ended up being a bug in how so= me=0A= >verifiers reported the absence of SHA-256 support (and the shocking lack o= f=0A= >SHA-256 support in places where I was kind of hoping it would be present b= y=0A= >now), i'd like to agree with Paul that this assumption is really bad. The= bar=0A= >to overcome for adding a new hash algorithm in offline verification can be= =0A= >really high in practice.=0A= =0A= See also Question J of the "Crypto Gardening Guide and Planting Tips",=0A= http://www.cs.auckland.ac.nz/~pgut001/pubs/crypto_guide.txt (based on an=0A= informal survey of crypto app developers at the time).=0A= =0A= Peter.=0A=