[cryptography] IETF Working Group Charter on Common Interface to Cryptographic Modules (CICM)

Nico Williams nico at cryptonector.com
Tue Jun 21 13:35:43 EDT 2011

I'm quite concerned about this section 5 of
http://tools.ietf.org/html/draft-lanz-cicm-lm-00, and, really,
everything to do with "channels" in CICM.

My concern is that we already have a large number of technologies in
the IETF for establishing channels[*].  Adding any more should require
some strong justification for not using an existing one.  (For
example, if SSH were not an Internet protocol, but still widely used,
it'd be useful to standardize it at the IETF.  But when we're talking
about *new* protocols, we need to set the bar pretty high, otherwise
we'll just keep adding to the pile of protocols we already have, which
means adding to the pile of code that we already have, and to the
interop matrix that we already have that is already huge.)


[*] TLS, SSHv2, SASL, GSS-API, Kerberos V5.

More information about the cryptography mailing list