"Open-PGP" BOF Meeting Minutes for the 39th IETF
12 August 97 -- Munich
Reported by Rodney Thayer <rodney@sabletech.com>
and Jeff Harrell <jeff@pgp.com>
Open-PGP "Birds-of-a-Feather" Minutes
There were approximately 100-150 people at the meeting. The roster was
passed around and signed. Charles Breed, Dave Del Torto, and Jon Callas
moderated the meeting.
There is a mailing list and a web site. To subscribe to the mailing list,
send a message to ietf-open-pgp-request@imc.org with "subscribe" in the
message body. The web site is at <http://www.imc.org/ietf-open-pgp>.
There is one draft published now, draft-ietf-pgp-formats00.txt, located
in the email archive at the web site.
Charles Breed did a presentation on the reasoning behind PGP, Inc. wanting
to release control to the IETF standards process. It was made clear that
the three representatives from PGP, Inc. were speaking as representatives
and not simply as individuals.
There was a presentation and discussion of what this WG would do. The
goals are to draft a description of the PKI details, message formats, and
algorithm choices to be used with the PGP technology. It was stated that
the intent is that this WG would learn from recent experiences of other
IETF WG's with respect to goals and process, specifically the TLS and
IPsec groups. It was estimated that the WG process would take
18-24 months, possibly sooner.
Possible Extensions/Additional Functionality:
message format
use of new algorithms
cert structure
enhanced PKI
Trust model extensions
the name of the final spec ("open pgp" is the working name)
X.509 interoperability
structure of PGP id strings
MIME rfc 2015 integration
It was asked if we need an API and this was discussed some, it was concluded
this is a point for discussion since there was not consensus either way as
to it's relevance, and was to move to the list.
We then had a (lengthy) discussion of why the IETF should have a third
PKI-related working group, the other two being PKIX and SPKI. The Area
Director spoke up and explained that these all have different goals, the
goal of Open-PGP relating to immediate deployment, etc.
The proposed charter was then discussed. There was some debate about the
"strong cryptography" references in the charter. Rodney Thayer said group
should document what we mean by 'strong' and 'weak'. Charles said roughly
that 40 bit crypto is weak, 128 bit is strong, this will be moved to the
list.
It was discussed that the PGP technology (certs, functions, PKI) can be
used for many things other than just internet mail; such as real time
client authentication for SSL; store and forward like EDI,
and file encryption.
Question on what 'freely available & unencumbered' algorithms are; Charles
answered no trademarks or copyrights; proven strong algorithms without
royalties/contracts; DH (ElGamal variant), etc.
Question on what we mean by the term 'PGP'; what are we doing to make the PGP
system itself unencumbered (since it uses RSA/IDEA, etc.); we've been
concerned
with that too. Now uses CAST/DSA/DH, which are unencumbered (it seemed that
the
audience was not aware of this and was pleased. We're already addressing
that,
and need to document that now so others can interoperate. We will continue to
document extensions to PGP. Plan is that in 18-24 months, group will be
satisfied with Open-PGP as a system. Jon said we need to get questions and
ideas in now because it will be harder once it's a standard,
'before the concrete sets'.
Concern was raised that Open-PGP 'mutating into an unmanageable beast'.
Group discussion resulted in, "It's not, we're trying to extend the install
base. Adding trust model extensions; refinements, is a natural progression,
not a total rewrite.
Support voiced from various people; good move to Open-PGP; PGP is a used
product; it has had success in the past. Would like to see timestamping,
trusted 3rd parties signing with PGP formats (VeriSign, etc.)
Jeff Schiller asked, "how many people think we need to worry about a
solution that will meet regulations in all countries?" Not many people
raised their hands, and Jeff said we should move forward without
worrying about govmt policies.
We should strive for flexibility; MUST INEROPERATE (says Jeff S.)
Charles talked about message recovery being better than key escrow,
a suitable technical solution. Upon public key pair creation, it can
be required to have the key bound to another half from the corporation
or entity so that both outbound and inbound messages can be read by the
corporation or government entity.
Goal is a deployable, usable spec which is implementable in a
'reasonable time', overwhelming response.
The AD queried the audience and there was overwhelming agreement that
there should be an Open PGP Working Group.