Those guidelines may be useful to us, thanks for the link. I want to be clear that the output of the FATT is not 'design' as described in https://datatracker.ietf.org/doc/statement-iesg-on-design-teams-20011221/, as the FATT may include experts that do not participate in the working group generally , but closer to security review and recommendations of what kind of analysis (if any) would help confirm that the proven formal security properties of TLS 1.3 remain standing. Just as external researchers looked at drafts of TLS 1.3 and did analyses of them, which were taken into account for future drafts of the document (or not!), so would the FATT be providing input, but not necessarily 'design'.
On Mon, Oct 21, 2024 at 4:31 PM Rob Sayre <say...@gmail.com> wrote: > On Mon, Oct 21, 2024 at 1:14 PM Deirdre Connolly <durumcrustu...@gmail.com> > wrote: > >> Ah if that's an overloaded term we can use another word >> > > I think what you have here is a way to quickly appoint a "Design Team". > That's fine. The general WG mailing list may not be appropriate for formal > analysis discussion. > > But I think the WG should follow the guidelines here: > > https://datatracker.ietf.org/doc/statement-iesg-on-design-teams-20011221/ > > If I look at the slides linked below (maybe these are old), > > > https://datatracker.ietf.org/meeting/120/materials/slides-120-tls-tls-13-formal-analysis-triage-panel-00 > > the only issue is this question: > > "Q: Why isn’t the FATT discussion radically transparent?" > > It's fine for discussion to be private according to Design Team > guidelines, but the membership needs to be public, at least according to > the IESG statement. > > I hope that approach is sufficient to move forward. > > thanks, > Rob >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
