[mailto:owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Blake
Ramsdell
* Identity Based Encryption -- there have been a flurry of
new drafts that surround this, and I'd like to get a
presentation about the scope and content of these, and an
overview of what's needed from the working group.
I will be unable to attend the WG meeting but I do have real concerns about
this latest expansion in scope.
Whether IBE is a good thing or a bad thing it is a PKI proposal and not an
application proposal. It is not appropriate to extend the S.MIME charter to
consider IBE.
"New wine in new skins"
The right way to do this is to start a separate IBE WG. If IBE is going to find
an application it is most unlikely that this will happen as a replacement for
an existing infrastructure.
"Old wine in old skins"
There is a major benefit to closing a working group and declaring its work
done. S/MIME has achieved what it set out to achieve. The world needs to be
told that this is the case.
Such maintenance effort as is required should be handed over to a separate
crypto maintenance WG whose scope includes all the actively used security
protocols (S/MIME, PGP, SSH, PKIX, IPSEC, etc).
I note that if the groups listed are closed down and replaced by a crypto
maintenance group as I suggest that a net of 4 IETF meeting slots would be
freed as a result to make room for new work.
I am not suggesting here that the IETF should not consider IBE, clearly it
should, IBE has been waiting for twenty two years, that is enough. What I am
saying is that I do not want to see this done by a series of piecemeal
extensions to each protocol in turn. I want an infrastructure I can plug into
reliably. I also want to ensure that whatever IBE proposal is eventually
choosen it has the same degree of algorithm agility as the existing PKIX work.
I do not see how that is achieved if there is a piecemeal process.