0

IEEE 1363-2000 - IEEE Standard Specifications for Public-Key Cryptography - has been withdrawn on 7th November 2019 and is now in inactive-reserved status. What does this mean? Why was it withdrawn? Are some of the contents suspect? Some serious vulnerabilities were discovered? Should we no longer use it as a reference?

After reading about the meaning of inactive-reserved and of withdrawn, I thought it's not possible for the same standard to be both, yet, that is what is showing on the IEEE 1363-2000 Standard's web page (linked above). enter image description here

auspicious99
  • 493
  • 3
  • 17
  • This is about how old the standard is, not a comment on the contents themselves. See their [docs about revising standards](https://standards.ieee.org/develop/maintaining-standard/revisestds.html). This is separate from "withdrawn" (see their [faq](https://standards.ieee.org/faqs/maintenance.html#8)) – Marc Jun 04 '20 at 09:10
  • From the docs on revising standards, it doesn't seem clear whether it lapsed into an inactive-reserved status after 10 years of no revisions, or whether it was actually withdrawn, which "requires a ballot with 50% return and 75% approval (this number is traditionally lower due to the difficulty of achieving a rate of return)", as there are indications of both. – auspicious99 Jun 04 '20 at 09:14
  • I mean, on their site, they are using both "inactive-reserved" and "withdrawn" to describe it. Should it be just one or the other? – auspicious99 Jun 04 '20 at 09:15

2 Answers2

1

As already noted by Marc, information about the revision process for IEEE standards can be found on their website. There it says:

A standard has a validity period of ten years from the date of IEEE SA Standards Board approval. (...) At the end of this period, one of two things has to happen: revision or withdrawal. If no action is taken, the standard will be moved to inactive-reserved status.

And from their FAQ we can learn that there are four categories of standards: active (currently being maintained), superseded (replaced with revised version), inactive-reserved (has not undergone a revision process within 10 years), and inactive-withdrawn (made inactive as a consensus decision).

So IEEE 1363-2000 was not withdrawn but only not revised recently. And as such it can safely be cited if you find its content cite-worthy.

Moritz Schmitt
  • 799
  • 3
  • 11
  • Thanks, but see also my comments responding to Mark's comment. I'm adding a screenshot of the relevant portion from the web page on IEEE 1363-2000 to the question, for easier reference. – auspicious99 Jun 04 '20 at 20:53
  • This is confusing indeed. I wouldn't trust the "Withdrawn Date" on their site very much. It seems to be the same for many (all?) standards that are of status *inactive-reserved*. Maybe it's best to just drop them a line and ask? – Moritz Schmitt Jun 04 '20 at 21:57
1

As suggested by Moritz Schmitt, I contacted the relevant people in IEEE Standards Association. Here is their reply:

The 1363 working group hasn’t met for a long time, maybe 15 years. If someone is interested in resurrecting it I’d be happy to support them and provide editable copies of all the docs. Otherwise, we’re unlikely to be producing an update. If we were to produce an update it would integrate 1363a, but as I say that’s not likely at the moment.

So, lack of interest, lack of funding (for participants in the working group), .. such could be the reasons. If nobody steps up to resurrect the working group, then IEEE 1363 will remain Inactive-Reserved for a long time, maybe even forever.

auspicious99
  • 493
  • 3
  • 17