Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-08.txt

"Christopher Wood" <caw@heapingbits.net> Tue, 03 December 2019 22:03 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0658E12003F for <cfrg@ietfa.amsl.com>; Tue, 3 Dec 2019 14:03:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=pvv+Bnnh; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=rS15noyh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ye7xgz3Ui04g for <cfrg@ietfa.amsl.com>; Tue, 3 Dec 2019 14:03:08 -0800 (PST)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1B7F12003E for <cfrg@irtf.org>; Tue, 3 Dec 2019 14:03:08 -0800 (PST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 948F88C2; Tue, 3 Dec 2019 17:03:06 -0500 (EST)
Received: from imap4 ([10.202.2.54]) by compute6.internal (MEProxy); Tue, 03 Dec 2019 17:03:06 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm3; bh=MaDUki+Yhw/OJNBCS8hmGOuRqixo yMrC0koKQM48eXU=; b=pvv+Bnnhzo4pNNsKP/zVliQqEPgdx7qejCHwIf2VyIPV RGS+0wQzUc6yZ7gD+R8tUBcoTIAtj9rMgCLX56oVP6Dz4IJE1CPYgpi+FrlXZ969 cmlMv9xUk55pMY9o/gJ7d89SJL8C+YAwT3TOZEKDSC93EH+CVqCljvAoEzclOich ZRCQTO1mUiUXgjMGQ2VFLyjjN4hqK/qF25/MYVG/asR0glbV331jRfXElnc7XPPF UO43GzQHNdzBQGImE/Pjy/30xrqLLRrWP4lNVg906ZoWjWAzuLGEGSDj4NjLxVO0 F6Jhh/I3bj4LUvt7V5T9yDpEk2BpF2j1U33ToXlHOw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=MaDUki +Yhw/OJNBCS8hmGOuRqixoyMrC0koKQM48eXU=; b=rS15noyhtYF3Llc4A+wG29 7mlCX3R5mpcSMQFwqQR+epMfhRsoxux4Xmsde8CVpf8e36aqWhizuDSQVyYpbKP9 PfSeIvtdrS3XF/3bo6ktHWcZX4hW8hK/ydeoR0a/rPYBX+r0lmfPFMgjj8tcQefT HUShoZSVu/ctZzautBt/XhwlfXgP8W5jn+6ZvLAKui5svqg8YKGqZb1ShEz4l+o2 2PxyNU7ktoVK7v7w1qJfhd3htJ0H/fd3LN9FiUmOD1ExyNZohGEv+zDIFg0ofYG0 dE40c/4G/sUW+um0ySyZLxNC4WPCfuNecAiWw85ABTnk3csoui466qmgyEUi8gLg ==
X-ME-Sender: <xms:mdvmXWSgnK5Qh_wsVFMds-u5dxU9gc7SIdIE-WO8FMvf_V1EQKJ-1g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrudejjedgudehiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvufgtsehttdertderredtnecuhfhrohhmpedfvehh rhhishhtohhphhgvrhcuhghoohgufdcuoegtrgifsehhvggrphhinhhgsghithhsrdhnvg htqeenucfrrghrrghmpehmrghilhhfrhhomheptggrfieshhgvrghpihhnghgsihhtshdr nhgvthenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:mdvmXR4NLzH58xDlECtzef8-bhRCrb-zveoMar41yT7NbZJSsDyo3A> <xmx:mdvmXWja1EzXPw8ZjMr-mu0nqI8R3kCiAMuboDrwF_qHhj_x5dNCEA> <xmx:mdvmXf18Fcua6MZVGbmWzmsEkVSasJZvWmFyJ7EL0hAfFQK47jgNEQ> <xmx:mtvmXQgItOqWelrv_NnpEQxYeOOdRQ_eBcq7bFyDAmynRH8C29PgVA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id B38EC3C00A1; Tue, 3 Dec 2019 17:03:05 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-612-g13027cc-fmstable-20191203v1
Mime-Version: 1.0
Message-Id: <d41c6edd-22a6-465c-a105-220074ff9102@www.fastmail.com>
In-Reply-To: <CAFDDyk__uQRy6k3pJyP-t3CwXPUPaFs8Q5Z+7LNf+GffjAGELg@mail.gmail.com>
References: <157273808364.6043.6715638492611593951@ietfa.amsl.com> <77AD232C-094D-4FC1-A966-DA56EC44A27F@ericsson.com> <CAMr0u6=7r2wAD_3Yn1hBjJW-y=8FE27jeYQW8wk3wJ-Xh2g2hg@mail.gmail.com> <20191122162758.kzx3vl4ibayykyqu@positron.jfet.org> <CAMr0u6=94uCjUybJ89Nf-qNvyKFPkX_KWM6k5u1kPUZMOCLNRw@mail.gmail.com> <20191124213717.o5gjtyv55lmlcy4s@positron.jfet.org> <CAMr0u6mEW=orEF6YtbTfdQy5EuQHDqdo=2_R243PUkqGD2Vgqg@mail.gmail.com> <d6cd6002-8984-4940-a06e-9c46d2f789eb@www.fastmail.com> <CAFDDyk__uQRy6k3pJyP-t3CwXPUPaFs8Q5Z+7LNf+GffjAGELg@mail.gmail.com>
Date: Tue, 03 Dec 2019 14:02:45 -0800
From: Christopher Wood <caw@heapingbits.net>
To: Nick Sullivan <nick@cloudflare.com>
Cc: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>, "Riad S. Wahby" <rsw@jfet.org>, Christopher Wood <christopherwood07@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/aPWMHIJQeLLug8QmfNEDpHf1xq4>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-08.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 22:03:10 -0000

On Tue, Dec 3, 2019, at 1:46 PM, Nick Sullivan wrote:
> 
> 
> On Tue, Dec 3, 2019 at 1:18 PM Christopher Wood <caw@heapingbits.net> wrote:
> > 
> > 
> >  On Wed, Nov 27, 2019, at 1:56 AM, Stanislav V. Smyshlyaev wrote:
> >  > >> In this case, it seems like a separate document for other constructions
> >  > is definitely more appropriate---no sense introducing serious delay for
> >  > this document
> >  > 
> >  > Many thanks, Riad!
> >  > 
> >  > I'll definitely think about this - maybe it will be reasonable to 
> >  > arrange a discussion of this (with slides, at CFRG) at IETF 107 and 
> >  > initiate a document on this.
> >  > If you don't mind, I'll get in touch with you off-list in the beginning 
> >  > of 2020 - to discuss, what should be included in such a document. Would 
> >  > you like to participate in this?..
> >  > 
> >  > >> But: would it be possible to clarify, maybe just in the intro, that 
> >  > this document is primarily geared toward the HSM case?
> >  > I think that mentioning HSMs as one of most important cases when the 
> >  > construction is needed, can be helpful. 
> >  > Chris, Nick, what do you think?
> > 
> >  +1 -- this makes sense to me!
> 
> I think HSM is too narrow a term. I'd be open to talking about cases in 
> which the private key is inaccessible to the application, but a signing 
> interface is available. HSMs, TPMs are the most concrete examples, but 
> not the only ones. 

Sure, sure. I took Stanislav's suggestion to mean that we highlight HSMs (or TPMs) as a specific example of cases where the private key is inaccessible.

Best,
Chris