**Session Date/Time:** 30 Mar 2023 07:30 ```markdown # SAAG Meeting Minutes - IETF 116 ## Summary The SAAG meeting at IETF 116 covered area updates, including new working groups, security area working group key transparency, and document shepherd opportunities. A presentation from Sofia Ceppi on real-world crypto (RWC) 2023 highlighted key takeaways relevant to the IETF. An open mic session addressed the challenge of applying formal analysis to IETF protocols at scale. ## Key Discussion Points * **Area Updates:** Four new/reopened working groups: satp, pwip, jose, and rad. Key Transparency BoF concluded with consensus on the problem statement and the need for IETF work in this area. * **Security Community Engagement:** The importance of community volunteers for working group chairs, document shepherds, and potential ADs. * **RWC 2023 Summary (Sofia Ceppi):** * Quantum crypto migration: gradual, real-world data needed for benchmarking, moving parameters from stack to the heat. * TLS implementation vulnerabilities: automated testing tools are crucial. * Security analysis of protocols like CoAP and MEGA: important to think of end-to-end encryption even on cloud storage and backups * End-user crypto design: Need for user studies to understand user requirements for crypto. * Concerns over security of protocol implementations and secure libraries. * **Formal Analysis of IETF Protocols (Open Mic):** * Challenge of applying formal analysis at scale, especially for protocols with limited community attention. * Concerns that requiring formal analysis might provide a false sense of security and may ask the wrong questions. * Emphasis on formal analysis as a complementary tool, alongside testing and experimentation. * Lack of formal analysis expertise. ## Decisions and Action Items * **Key Transparency:** A charter for key transparency will be drafted and discussed on the keytrans@ietf.org mailing list. * **Sec Dispatch:** Encouraged authors to use the sec-dispatch list for questions related to security considerations in documents. * **Usable Formal Methods Research Group:** Educate the community with workshops and share knowledge to better inform decision-making around the usage of formal methods. ## Next Steps * SAAG chairs will coordinate with the IAB and Kathleen Moriarty on potential virtual interims if warranted by demonstrated mailing list interest in a topic. * The Usable Formal Methods Research Group will continue exploring ways to make formal analysis tools more accessible and useful to the IETF community. * The community will continue to assess the role of formal analysis in protocol development, recognizing its value as a complementary tool.