2024-02-14 TSPTF Meeting Notes
Meeting Date & Time
This Task Force meets every Wednesday. There are two meetings to serve different time zones:
- NA/EU meeting: 08:00-09:00 PT / 16:00-17:00 UTC
- APAC meeting: 18:00-19:00 PT / 02:00-03:00 UTC
See the Calendar of ToIP Meetings for exact meeting dates, times and Zoom links.
Zoom Meeting Recording
- NA/EU Meeting: https://zoom.us/rec/share/yscrfpYpU5T7gvpM3bhrm1q2KvBe6bvKuiP5OyGop0U7vt74ExbSA6eltdcpc0WJ.AweZgdRNL1_ua6Ca
- APAC Meeting: NO MEETING TODAY
Attendees
NA/EU:
APAC:
NO MEETING TODAY (due to Valentine's Day).
Agenda Items and Notes (including all relevant links)
Time | Agenda Item | Lead | Notes |
3 min |
| Chairs |
|
2 min | Review of previous action items | Chairs |
|
20 mins | HPKE Support | Wenjing Chu | See the Wikipedia article on hybrid encryption and IETF RFC 9180. Wenjing explained the purpose of section 8 of the Working Draft and why it references both LibSodium sealed box and HPKE. See screenshot #1 below. Sam Smith explained that TSP can support both. He clarified that each "base mode" in the HPKE spec can be assigned a different CESR code. He said that CESR can support hundreds of codes if we need them. Each code identifies any combination of parameters across all of the algorithms and inputs. That is an example of the cryptographic agility of CESR. If LibSodium adds another base mode that interoperates with RFC 9180, then that can be assigned another CESR code. Neil Thomson: "Sounds like a case for Lipsodium as initially supported with clear path/compatibility/commitment to HPKE family for future." Sam Smith: "We need to be smarter than past choices about too many cryptographic options". We need to be very exact about which combinations we choose. Wenjing then covered how HPKE will be used in our ESSR pattern. See screenshot #2 below. Neil Thomson: "It would be helpful if this diagram was updated with a list of exactly what is provided (and why) from each of the sources (S Header, ETS Header) to each stage (HPKE-SealAuth(…), Sign(…)) - e.g. capture what Sam is saying....". Sam Smith made a case for using existing libraries such as LibSodium to be able to implement TSP right away. Drummond Reed asked for the business case for looking forward to HPKE. Wenjing replied by saying that it should be okay to have 3 choices:
Drummond Reed asked about where the CESR codes for each option will be published. Wenjing Chu said they should be in the spec. We can always create a registry option down the road. |
10 mins | Resolution of key rotation question | Wenjing Chu | See second action item above. Wenjing Chu said no resolution to this issue yet. It may actually depend on the specific VIDs that end out being most popular/practical for TSP. He will continue to think on this. |
20 mins | Other prep for moving to Implementers Draft | Chairs | Our plan has been to move to Implementers Draft by end of February. What remains to be done to reach that goal? Wenjing shared that he believes the draft could be ready for conversion from Google docs to GitHub Spec-Up by March 6th. |
5 mins |
| Chairs | We will have our regular meeting next week, on Feb 21. Wenjing said he will be traveling and not able to attend the Feb 28 meeting. But he is hoping that by the following meeting, March 6th, he will have been able to do the GitHub conversion. Drummond proposes that we skip the Feb 28 meeting as an "Editor's Break" to allow the time for the conversion from Google docs to GitHub Spec-Up. We also agreed that, due to Valentine's Day, we would cancel the APAC call today. |
Screenshots/Diagrams (numbered for reference in notes above)
#1
#2
#3
#4
Decisions
- None
Action Items
- None