**Session Date/Time:** 25 Jul 2025 07:30 # saag Meeting Minutes ## Summary The Security Area (saag) meeting covered working group updates, a presentation on pull and push-based security event open delivery, a discussion about updating RFC 4086 on randomness recommendations, and open mic topics. Key discussions revolved around the utility and interoperability of the proposed push-pull security event delivery mechanism and the appropriate approach to updating guidance on secure random number generation. ## Key Discussion Points * **Working Group Updates:** Updates were given on the EXPATT BoF, the WEBB BoF, the new HPKEE working group, re-chartering of COSIER and LAMS, and personnel changes in AGNI and HBKE. * **Wimsy Working Group:** Noted a good discussion in the Wimsy Working Group regarding workload identity in the context of agentic AI with an upcoming interim meeting. * **SKIM Working Group:** Called for feedback on use cases and device models drafts, with emphasis on interoperability testing in the device models draft. * **Non-Security Area Activities:** Highlighted related activities including the plant mailing list (PGI logs and tree signatures), and settle (secure access to telas local resources). * **Security Event Open Delivery (Push-Pull):** A presentation was given on a combined push-pull security event open delivery mechanism, addressing concerns about incremental work, interoperability, and potential redundancy with existing work. * The presenter argued that the proposed mechanism offers advantages such as asynchronous acknowledgements, improved efficiency through batching, and better handling of bidirectional communication. * Mike Jones raised concerns that the proposed approach would introduce interoperability problems and that earlier concerns about a previous effort in this area still apply. * **RFC 4086 (Randomness):** A discussion was initiated on updating RFC 4086, which provides guidance on secure random number generation. * Current guidance is outdated. * Options considered include: * Marking 4086 as historic. * Creating a short "4086 bis" focusing on how to find good sources of randomness. * Updating 4086 to include more recent knowledge, possibly as an informational document. * Suggestions were made to emphasize "unguessability" over randomness and to provide general guidance on assessing randomness needs rather than specific implementation details. * The need to address side-channel attacks and the proper use of one-way functions were highlighted. * **EU Legislation (NIS2):** Mentioned the EU's NIS2 directive and its potential impact on security requirements, along with ongoing discussions between the IETF and EU policy representatives. * **Routing Security:** Noted recent progress in securing inter-domain routing protocols, specifically BGP, within the routing area. * **Plants Mailing List (Post-Quantum Signatures):** Announced the creation of the plants mailing list for discussing techniques to reduce the size of post-quantum signatures, especially in web environments. ## Decisions and Action Items * **Security Event Open Delivery (Push-Pull):** The sponsoring AD (Deb) will engage with all parties involved to discuss the presented work. * **RFC 4086 (Randomness):** The area directors will consider the feedback received and decide on the best path forward for updating guidance on secure random number generation. They will reach out to the community and aim to have an updated reference available around the next IETF meeting. * **External Activities:** Rudiguer Folk will send links to relevant information from the EU legislation and inter-domain routing security discussions to the saag mailing list or chat. ## Next Steps * Further discussion on RFC 4086 update strategy on the mailing list. * Follow-up on the security event open delivery presentation with the AD and involved parties.