[IPP] Fwd: [Ssh] SSH side meeting at IETF 120

[IPP] Fwd: [Ssh] SSH side meeting at IETF 120

Ira McDonald blueroofmusic at gmail.com
Wed Jul 31 13:05:33 UTC 2024


Hi,

New SSH WG charter in progress.

*Ira McDonald (Musician / Software Architect)*

*Chair - SAE Trust Anchors and Authentication TF*
*Co-Chair - TCG Trusted Mobility Solutions WG*

*Co-Chair - TCG Metadata Access Protocol SG*








*Chair - Linux Foundation Open Printing WGSecretary - IEEE-ISTO Printer
Working GroupCo-Chair - IEEE-ISTO PWG Internet Printing Protocol WGIETF
Designated Expert - IPP & Printer MIBBlue Roof Music / High North
Inchttp://sites.google.com/site/blueroofmusic
<http://sites.google.com/site/blueroofmusic>http://sites.google.com/site/highnorthinc
<http://sites.google.com/site/highnorthinc>mailto: blueroofmusic at gmail.com
<blueroofmusic at gmail.com>(permanent) PO Box 221  Grand Marais, MI 49839
906-494-2434*


---------- Forwarded message ---------
From: Deb Cooley <debcooley1 at gmail.com>
Date: Tue, Jul 30, 2024 at 3:34 PM
Subject: [Ssh] SSH side meeting at IETF 120
To: <SSH at ietf.org>
Cc: Paul Wouters <paul.wouters at aiven.io>, Theo de Raadt <deraadt at openbsd.org>,
Roman Danyliw <rdd at cert.org>


I want to thank everyone that attended Tuesday evening's side meeting in
person or remotely.  I also want to thank those that worked to bring people
together for that meeting.  I also want to thank Francois Michel who
chaired the session and to David Schinazi who jumped into moderate.  I'm
sure I've left out people, for which I will apologize.

It was a healthy, positive discussion about potentially forming a SSH
working group and how it would add value to everyone without unnecessarily
increasing the burden on implementers. It was great seeing many people with
different goals and concerns agree to work together.

The charter will have clauses about the existence of implementations,
recognizing that maintaining interoperability is crucial.

We discussed a number of work items which include the following (*reflects
work that may/may not follow on later):

1.  Updating algorithms (deprecating very old MTI algorithms and updating
IANA).
2.  Cleanup and publish selected drafts (agent draft, SFTP)
3.  Adding new PQ algorithms (hybrid in the near term).
4.  Reacting to relevant formal analysis results, e.g. from ufmrg or
elsewhere (initial key exchange, user authentication protocol, machine
verification of strict kex).
*5.  Certificates - to understand the landscape - SSH style, X.509, public
trust
*6.  New ideas and experiments - later on, drafts can be written, implement
for testing.

Going forward:  It is possible to get a working group chartered without a
BOF.  But we need to get the charter drafted soonest, so we can get it
through the process (there are multiple review windows that take some time).

Charter:  This is step 1.  Just remember that charters are not forever, we
need an initial working charter that will get the work started, not one
that will stand for the ages.  What is posted is a first draft, please feel
free to post PRs and/or issues that you see.  First draft charter language
is posted here:
https://github.com/DavidSchinazi/ssh-charter/blob/main/charter.md

If there are issues attending meetings (either in person or remote), please
contact the Security ADs (me and/or Paul Wouters).

I look forward to helping to facilitate this work!

Deb
_______________________________________________
Ssh mailing list -- ssh at ietf.org
To unsubscribe send an email to ssh-leave at ietf.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20240731/13c9f9e3/attachment.html>


More information about the ipp mailing list