Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on the Independent Stream
Eric Rescorla <ekr@rtfm.com> Mon, 20 January 2020 15:21 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86FAA120639 for <cfrg@ietfa.amsl.com>; Mon, 20 Jan 2020 07:21:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 97uJzmN8NyQO for <cfrg@ietfa.amsl.com>; Mon, 20 Jan 2020 07:21:16 -0800 (PST)
Received: from mail-lj1-x22b.google.com (mail-lj1-x22b.google.com [IPv6:2a00:1450:4864:20::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4572F12022E for <cfrg@irtf.org>; Mon, 20 Jan 2020 07:21:07 -0800 (PST)
Received: by mail-lj1-x22b.google.com with SMTP id y6so34276430lji.0 for <cfrg@irtf.org>; Mon, 20 Jan 2020 07:21:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JSzJu9KPI1TAAWXjvsEsm9n7KRnuEKpzaizztcBafFs=; b=WKyuEv3ovNcXp8Rpmpg2b14CmmnVXrgzvqfyaipIBQ7UZpHv+Mlbb368IStbkVcoJr +yUWK5nQnw6dOXYrEPKH0rDdXd78Wpz2BN/qwuJQqMrEVInhsDnAvyknOq1kgr9uUMQC Nzjpw/6BLpXs3SglEOGCyX9VgcQrMCTD5DI4fSAa6n7ZYxrnPICctpCz6cwk1cwcor+s VC0JsXFm/E0VjpUwW9JCR6Y34xPJM6/wFbQE27YzmPLyRW3ALEkX5wBjgzDIeqbcFN7e iE0CMMThdO2+WeDK9+iwe9znKmhSYTBHl5AOUKYeFAOAb+9Uo/oDzn6RdsXqYNJmRQOM NnJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JSzJu9KPI1TAAWXjvsEsm9n7KRnuEKpzaizztcBafFs=; b=HIhf1eG2JRBKJfr+w9ScF/q9lJtajKt1+MsgE/oVr47RF1e15qAJBj+ZpFy03yqp/k Yp7VarYGWlcL8NFKxCAPr/oLTbCP6fGGLpYSNnp1eib1zy/FlgV2BH1MxEbsYQXAXErw iuxEAJj98J6hvr0XGGGITDc3hn/N/Ca0WxYH0Bwom0pla3/yXGP9P7Dd+3TkXsby8Uhs pNGQa6RSkT4bJNGBeL30EsR2BIlGuODOaJGL8urH/WptZlCAS+IP5O8nNa+UVO8vedx1 PosJvSH97+kdnmsE1WsY4eTyb63gDxD4YwvBdwbwH06wv9qLh/rzK8SxN0n0L+0uI2q7 nInA==
X-Gm-Message-State: APjAAAVkH6cDw9igl2Xc8UibO7BAaGo4vYRtm5WIao7eIW8QUfdAG0Qf Lag5FDSoOwKrkoUoVkNZcQrXmDflGp3rNHXUK1wU2g==
X-Google-Smtp-Source: APXvYqzZq/xYgJtp+E1ow1WE6QYDQpqwJRKNlJwiTXldypkEMZRTforiNoYWyL0/POVfnr9/UNZy0jae0GxecSJHSh4=
X-Received: by 2002:a2e:b0e3:: with SMTP id h3mr13538014ljl.56.1579533665352; Mon, 20 Jan 2020 07:21:05 -0800 (PST)
MIME-Version: 1.0
References: <087819e292adcd619684ac745a8a243f.squirrel@www.rfc-editor.org> <5F28BE43-1AB5-4CA6-9435-BB841778EBD8@inf.ethz.ch> <c7f97345-f272-4bb6-abed-beaa23814592@www.fastmail.com> <7c9d133e-c837-be45-ae83-fe21e9312232@cs.tcd.ie>
In-Reply-To: <7c9d133e-c837-be45-ae83-fe21e9312232@cs.tcd.ie>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 20 Jan 2020 07:20:28 -0800
Message-ID: <CABcZeBOA_RcUZ7v7TXhZfwX5Mjm7nU=8+8eBeY7GjHd_qtpXZw@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Martin Thomson <mt@lowentropy.net>, cfrg <cfrg@irtf.org>, Nevil Brownlee <rfc-ise@rfc-editor.org>
Content-Type: multipart/alternative; boundary="00000000000008cbbb059c93d798"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/OY_ZV2mZq0TAFb9c2GuDJeZvU9Q>
Subject: Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on the Independent Stream
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2020 15:21:23 -0000
On Mon, Jan 20, 2020 at 5:38 AM Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Hiya, > > On 20/01/2020 04:28, Martin Thomson wrote: > > If this were widely-deployed not-good crypto, that might change the > > situation, but the potential for harm in terms of misunderstanding > > the status of the mechanism seems significant enough to argue for not > > publishing even then. In my view. But, as ISE, that is Adrian's > > choice and Adrian's choice alone. > > I agree that publishing this now would be detrimental. Once > the NIST PQ stuff reaches a conclusion (in a yearish maybe?) > then I'd expect we'll see a bunch of CFRG RFCs documenting > (some of) the set of algs that that process has produced as > "winners." I think it'd send a very confusing signal to > implementers if other RFCs describing crypto that aims to > be quantum resistant (or protocols using such) are emitted > ahead of those. > > After those "winners" are known and sufficiently well > documented, then I'd not object to Derek's draft being > considered again, either by the ISE or CFRG, but having > pretty much any "post quantum" RFC published now seems > to me a bad plan, for any RFC stream. > > Two other notes - if the ISE does decide to publish this > then I'd bet the ISE is likely to see more people doing > the same with other algorithms that are no longer in the > running in NISTland, which seems undesirable. (Were there > 95 original entrants? I forget;-) This seems like an important point and one that in general applies to cryptographic algorithms. I would encourage the ISE to develop a policy around "alternative" algorithm publications. I would note that the trend in IETF (or at least in the HTTP-QUIC-TLS-verse) is away from requiring RFCs in order to register code points, so at least that reason has less force. -Ekr Finally, if the ISE did > publish something like this, I'd really hope there'd be > content in the document that explains how this algorithm > got on in NISTland - I didn't see such text in the draft > (but only scanned it quickly) and am not even sure one > could craft good text now, while the NIST process is > still running. > > So overall: "Dear ISE - please say no or put this one > on hold 'till the NIST thing is done." > > Cheers, > S. > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] draft-atkins-suit-cose-walnutdsa on the In… RFC ISE (Adrian Farrel)
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Paterson Kenneth
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Martin Thomson
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Eric Rescorla
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Stephen Farrell
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Eric Rescorla
- Re: [Cfrg] draft-atkins-suit-cose-walnutdsa on th… Derek Atkins