IETF Logo Mail Archive

Re: [Cfrg] I-D Action: draft-irtf-cfrg-xmss-hash-based-signatures-06.txt

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 23 July 2016 20:56 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A739E12D179 for <cfrg@ietfa.amsl.com>; Sat, 23 Jul 2016 13:56:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.588
X-Spam-Level:
X-Spam-Status: No, score=-5.588 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OPHdNdpmmopk for <cfrg@ietfa.amsl.com>; Sat, 23 Jul 2016 13:56:33 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4271C12D0B0 for <cfrg@irtf.org>; Sat, 23 Jul 2016 13:56:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 09E59BE38; Sat, 23 Jul 2016 21:56:29 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Atsg56t-iGgO; Sat, 23 Jul 2016 21:56:27 +0100 (IST)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 54842BDF9; Sat, 23 Jul 2016 21:56:27 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1469307387; bh=V8ijAfW9Odg+yQi1nWva7gpo8xNmJPOax7/xAUoWxxo=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=EBA2jb0eyJNF2IUOhc6jm++jRfrJpCJZsRH3h97obR0b8NqD2ANIwjJVV1RlUzWEs u27sz45WSIgjkgSj1rkYKCNxleXPshUM/6gPJgkSvuVvcA+NjA6ZE+IPUYLQ63bU1P Qcc9uZBNlVsZhYb97MIdd5d4rGQT/4WVKwpC2M2U=
To: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>, Phillip Hallam-Baker <phill@hallambaker.com>
References: <20160706144508.25995.18605.idtracker@ietfa.amsl.com> <577D1B6E.1020506@huelsing.net> <D3B93AC9.7187E%kenny.paterson@rhul.ac.uk> <994C5976EA09B556.08963792-86E6-4CE4-95FB-23F0F6046EC0@mail.outlook.com> <C6F5FDF9-6A09-4ECB-AAF5-985BF06F0F83@rhul.ac.uk>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <69e0bf26-c079-75fb-0a5c-751bf3581016@cs.tcd.ie>
Date: Sat, 23 Jul 2016 21:56:27 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <C6F5FDF9-6A09-4ECB-AAF5-985BF06F0F83@rhul.ac.uk>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms070404040403000908010505"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/0D80314tU8Zc7mL7cy3qcxOtIoM>
Resent-From: alias-bounces@ietf.org
Resent-To: <>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-xmss-hash-based-signatures-06.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 23 Jul 2016 20:56:36 -0000


On 23/07/16 20:14, Paterson, Kenny wrote:
> Your other point regarding state is well made.

So that, and the fact that implementations are going to be
brand new and hence quite likely buggy implies to me that
the more cautious text I suggested takes the right approach.

Even if we're cryptographically confident of this particular
scheme, we are IMO far from wanting the Internet to depend
upon it (or any other proposed PQ scheme).

Cautious text is better here now, rather than overly optimistic
text.

S.

v2.23.0 | Report a Bug | By Email