[CFRG] Re: [irsg] Re: Stephen Farrell's Not Ready on draft-irtf-cfrg-rsa-guidance-08: (with COMMENT)
Alvaro Retana <aretana.ietf@gmail.com> Fri, 26 June 2026 15:03 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: cfrg@mail2.ietf.org
Delivered-To: cfrg@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B78711080D489 for <cfrg@mail2.ietf.org>; Fri, 26 Jun 2026 08:03:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782486183; bh=MkoRZnHwl3PpM0xtsrqG7Kzp6IgYBfdOBiBONfbZSwg=; h=From:In-Reply-To:References:Date:Subject:To:Cc; b=L5X5Sqc6iU5n+DOH7n4lCHyJuUAteEF0AQRRTm8FkUDI4oAsoFyByOoL3yHehbuUB wDo+4JJQvU3hxQRvUs8eNTT6CoIGfM3x7OB94ppq5LHpZLmlp7A69YAdYPloaVKmmf m/YgfN/owp7o6yi/CboTjV1oYw4U8VJ0nUv3EG04=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4kKuPx-JdXfO for <cfrg@mail2.ietf.org>; Fri, 26 Jun 2026 08:03:03 -0700 (PDT)
Received: from mail-dl1-x122c.google.com (mail-dl1-x122c.google.com [IPv6:2607:f8b0:4864:20::122c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 5B2301080D45E for <cfrg@ietf.org>; Fri, 26 Jun 2026 08:02:59 -0700 (PDT)
Received: by mail-dl1-x122c.google.com with SMTP id a92af1059eb24-139aff562e1so1599203c88.1 for <cfrg@ietf.org>; Fri, 26 Jun 2026 08:02:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1782486178; cv=none; d=google.com; s=arc-20260327; b=UrrxX1EuAtrDEJ6zosv/mtbiJ08oi+vcCfGeYtwl5lb5aTeU8AgE0ErwR7jj7Q/diX DIq/P8Eiuu4f5i1yf+H0mI+i8E2kBximhm4uhZuRESx7xuWBF7I8WDqVtoD5OMXaAyEq jVCC8s98/HKl4UXZf4WTnSfYW//DTrZKWXv4AmdPDscMphdeY9RgWBvHEmK7lPLMsoF9 ap/v60FsI/YJ04NdMfw0ydvv43fuNTsGrZSjWtxcDPrgJOi+bwQx+HE14hPrNzy2mOec /Bs+QugW8yH+ufGLVe3DrNNS6eHuYLPfQLC+W1WmhgkcENT/8AKsMeTwdmU33S4pPiEO G5Xg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20260327; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:dkim-signature; bh=qi8M1BCtr9otXANtpdiJ/WTrcgT5xAFgaZxA4FBnLOQ=; fh=Xj5wBlRY0d45jhsrmXN7ukUhAAOcAkqQjHj4RynjZ1k=; b=MerTHu7hE0KnSadrY6zoqFnTqg5/cG27EbFRDb0yuvBz/eFrD/5TkP/ksgwrT4SRDz ksa+m7WvWSoVBpSUubORmgWdTZxNKiioezLV26aiPMLH5o35Zfn0XnKDJUsOFjWepS6N 6ER+PYqYGObvt4EXxOD/N/RXTbiWCv2U19qqeCVlBUSudj5tFAU6NZuzHEf6jYD7OekF OsdGxiZCb0M+uTd3ODK6ZVvp7xTeD0SLmObrQtbVmq3Zc+YXYetn5A1nCKX2CxSbH34b R9tcnh88yWujWvkUOuaddn7dcdoT75WotKDlbC6yUWa3qmfwZ408cirH6FYdJGYc5Ask 0ZiQ==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782486178; x=1783090978; darn=ietf.org; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:from:to:cc:subject:date:message-id:reply-to; bh=qi8M1BCtr9otXANtpdiJ/WTrcgT5xAFgaZxA4FBnLOQ=; b=foLEh85utob3gilPafG9V+vjpcwMt/E4xIOwanMV5wfJOgl9RwgDD7Kop5XDNDL2Hq V6s8iT5hX+B4/i7BeJAINwji263ySz2x5QdPcRic+Ai6wXfbJ9Z5sCrZ1f6YcSvNSLJy Gq1pmEiDNQcgANGtAdQbrBlMWmGq8RhRguPsumAV3cXqrWqLJ6h5utjl4K+Z44JE4FZ2 dwvC98G3cfBqESteSWdpxxAAxSrRwiig2SMTSRa0IO9Yz7qGys0RTRLR2Yk3sutje1jN pg8zOiNnnCNPbHPoW2aUDy8gqkRrWY4kx1UpMgmy0LOxoJsoo38ERjaQD4o+ETeWq0YN LcMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782486178; x=1783090978; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qi8M1BCtr9otXANtpdiJ/WTrcgT5xAFgaZxA4FBnLOQ=; b=T91oUrfOuvgia2PbZrxOC7CjOynU54VggygBvNyQmbtYocd/vSDChjarvQuSPV26d7 wvMA1Yo8JgwCSpAHlrRTz+MzVhgBVkmdgsPI9orkNji4Oal3J+OQ+9Z7d1anWN+M3Q3J 8K4yyARAsVITuedo/s/Z4eAGm7ltZcVUk18NQTOQ+zWsGP3XXZBibqYOIFANEaBtssz2 jc1m/hmQCQFHvXjhz4MMGWyV4ZBUM3sTuLw1ow5XqHhdIp8KSu/JejOVxY4Um02geqzh k0CZKYNBF2ZBMV8NXDA2PsIZQCCUNqB4oy6of2jiteOxii6c4QzXcCW4zqVkfrlWFkCn jrCg==
X-Forwarded-Encrypted: i=1; AFNElJ/7GWZ5DllnxT8QKJhYLXC9zlWJ76h1HS+bnreR9hbAbyfwGfuAGP+yBqAxEoC64uQlSkqt@ietf.org
X-Gm-Message-State: AOJu0YyT6cLYbnqBuT4oBl0fyBh51qM8v+9q2pafzmx0J+i/QA72gHMV WJipqhIaCHCITdqyybc8mv7Sal4Kb8lmPcUW277DP0882aiz36xipbi61P++AvpVWUO2lmOAiet CyoSeql80lz5w9VbvF638Uvcj9NpX09Y=
X-Gm-Gg: AfdE7ckGqyvQG1QfNIAPyETVqFrI6HCa+EreL1EYdagjQmTTFn6DGV/BQWPMgrA2Wlj VvhfGxvBjJRpgYqbsb1+XxuMgEbh/CLgCxlivwMByTWJHHCxLhmqZElKatn9SLmnU8kuO3fNB7q mwKXNTBXeUVapFccH/xY6pfP2icofE0LcW74iWkvr6w0MDU6cRjjnLaZgEtD6GcTTDIL68f1hLh 2r0CCXAypnGyi09J1zt2MjiPABkIbznb9wmg002FLbVod4YdITowT+DTtrQhrD35DgRJ791P3uK biiz9QZXwW8ZJOLN4kQzTx2dww==
X-Received: by 2002:a05:7022:6098:b0:128:d20a:2f40 with SMTP id a92af1059eb24-139db9e831fmr5786789c88.8.1782486178038; Fri, 26 Jun 2026 08:02:58 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 26 Jun 2026 11:02:56 -0400
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 26 Jun 2026 11:02:56 -0400
From: Alvaro Retana <aretana.ietf@gmail.com>
In-Reply-To: <770da57e-5229-4aa1-ad6e-8c2eeef0b985@tolerantnetworks.com>
References: <178156300068.389395.16654149160667954667@dt-datatracker-f9b87776f-xzl65> <41fae245-635d-4f72-9c51-1bfd30ec68ef@redhat.com> <4770a978-53b6-4fd7-9282-0549d3ce5adc@redhat.com> <770da57e-5229-4aa1-ad6e-8c2eeef0b985@tolerantnetworks.com>
MIME-Version: 1.0
Date: Fri, 26 Jun 2026 11:02:56 -0400
X-Gm-Features: AVVi8Ccu0Rvxi1xM7t1ed7xobNDPl2JdfFAmMU_2IN6pc--mXlGqdA0Z6QTKeN8
Message-ID: <CAMMESszowKR9LPzD7TyH_-2Q59wk_ttnMHQ=-ygYmr9F7ujbnQ@mail.gmail.com>
To: Stephen <stephen@tolerantnetworks.com>, Alicja Kario <hkario@redhat.com>
Content-Type: multipart/alternative; boundary="0000000000007589c906552967fb"
Message-ID-Hash: NLVY52HFWRISKT3JRHH72MPYX4EFSXLJ
X-Message-ID-Hash: NLVY52HFWRISKT3JRHH72MPYX4EFSXLJ
X-MailFrom: aretana.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; header-match-cfrg.irtf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: cfrg-chairs@ietf.org, cfrg@ietf.org, The IRSG <irsg@irtf.org>, draft-irtf-cfrg-rsa-guidance@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [CFRG] Re: [irsg] Re: Stephen Farrell's Not Ready on draft-irtf-cfrg-rsa-guidance-08: (with COMMENT)
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/6A8V4e6fmq_JLuBtD_rlIxzHDHA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>
Hi! FWIW, these changes work for me too. I’m clearing my Not Ready position. Thanks! Alvaro. On June 26, 2026 at 10:55:04 AM, Stephen (stephen@tolerantnetworks.com) wrote: Hiya, On 26/06/2026 15:32, Alicja Kario wrote: > Sorry, sent too quickly... > > On Friday, 26 June 2026 16:29:50 CEST, Alicja Kario wrote: >> On Tuesday, 16 June 2026 00:36:40 CEST, Stephen Farrell via >> Datatracker wrote: >>> Stephen Farrell has entered the following ballot position for >>> draft-irtf-cfrg-rsa-guidance-08: Not Ready >>> >>> When responding, please keep the subject line intact and reply to all >>> email addresses included in the To and CC lines. (Feel free to cut this >>> introductory paragraph, however.) ... >> >> Agreed, I have prepared a PR that softens the language and removes formal >> "updates": https://github.com/tomato42/marvin-ietf/pull/10 LGTM. Cheers, S. >> >>> The comments below can be taken or ignored, unlike the above, they're >>> totally >>> non-blocking: >>> >>> - I wondered if any RSA code implementer had reviewed the text - >>> could be good >>> to see what such a person (who is the prime target audience here) >>> thought. - >>> Sections 6.4 and 6.5 seem a bit unclear to me - I've not re-read >>> [kocker96] so >>> forget if it explains exactly this method of blinding, if not, then >>> maybe more >>> refs are needed? >> >> Yes, [kocher96] does that in Section 10. But doesn't go into >> significantly >> more detail. >> >> I had few colleagues look at the document and they did say it's >> understandable > > for example, the NSS implementation of the implicit rejection was > developed completely independently, with just access to the earlier > description > of the algorithm and access to the test vectors. > >>> - I'd keep the reference to the TLS fuzzer github repo (unless >>> it's known that that will change soon). >> >> The link to the specific line will definitely change in the future, >> I've changed it to point to > > a specific commit. >
- [CFRG] Stephen Farrell's Not Ready on draft-irtf-… Stephen Farrell via Datatracker
- [CFRG] Re: Stephen Farrell's Not Ready on draft-i… Alicja Kario
- [CFRG] Re: [irsg] Re: Stephen Farrell's Not Ready… Stephen
- [CFRG] Re: Stephen Farrell's Not Ready on draft-i… Alicja Kario
- [CFRG] Re: Stephen Farrell's Not Ready on draft-i… Alicja Kario
- [CFRG] Re: Stephen Farrell's Not Ready on draft-i… Stephen
- [CFRG] Re: [irsg] Re: Stephen Farrell's Not Ready… Alvaro Retana