[CFRG] Re: Request for adoption: Signature modes guidance / draft-harvey-cfrg-mtl-mode-03

Watson Ladd <watsonbladd@gmail.com> Mon, 05 August 2024 16:59 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FFB8C151543 for <cfrg@ietfa.amsl.com>; Mon, 5 Aug 2024 09:59:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oTKP5SlA1oA2 for <cfrg@ietfa.amsl.com>; Mon, 5 Aug 2024 09:59:32 -0700 (PDT)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 280AAC14F5F3 for <cfrg@irtf.org>; Mon, 5 Aug 2024 09:59:32 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id 5b1f17b1804b1-428e0d184b4so31277015e9.2 for <cfrg@irtf.org>; Mon, 05 Aug 2024 09:59:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722877170; x=1723481970; darn=irtf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=S3xDp5MLjBsV95e6kIoYowk2aHCbCDfzVicUdsUQSvI=; b=EBUnBiJTdxHQgRgr4GkPZYp45TGEmxWeabzjQ7GF6Cv8A3rg+zpVrPMUBeSX1YS7QG iEnuaPTPqjNctES090SbiK9u33yYeCu5tQiP9mh2GeVOXERtUPN5sW4D0lbH7V3nPkN8 +eByPMlWm+KoW62+xCK5Sg5Epc31Gz/+GlLQXdu/8IOIcAE3Wbfi0oB2RVKieDgqCn5r VWLxfr58pDWI/lPR4gofSGaRPFY5b+//3y6BewG1YDFnX33TlnZKuBq8qGpEm2mgq4pL psYO5S7dFQWsMQ00LE/m5ObXuo+ZG5uhXFzXWNh+RBVuMAabrqT2vxymeJtcyawUGrjG 6qzw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722877170; x=1723481970; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=S3xDp5MLjBsV95e6kIoYowk2aHCbCDfzVicUdsUQSvI=; b=jotCGjATtSLjhHB0eiei8DVTMBCG2Utd/aVjn+f2teRpSwedwhycDKJNAYdj0xcZ/N Fzb6Eb/Q+6xCH8G2OrCxjFavLp7zwDngFh+7INVuZ90ZSjw4UdDcm10mIs9vZUdW7HnZ FBlUa8JwZKpq6nR/4N1qnmxYWL2YrQhT52+mRLAlYk54LshOIs0XRGrwd9BKNyhyvDka pJ9Lw0IP4wXNfHrdnXo0K79517M1+1sSm6r7F91FPJaj72A5vkMhCP9xywJXk9V4EU8G 0e/V9qc+IRMxDjpHY2dBEn39J2p+kl7pVoFEUFLg28QkftkmUbbTXu8Z1aEhQ1hYBS+C fhnQ==
X-Gm-Message-State: AOJu0Yz0WemtJ4ZfzICXm54s8+CUdJ+VyEIq1xTlbSlxovZPDaRVeeKt MNAJ/hPkDVDUtynvMd2StdF/+kxGnJWqv3oQEmEE4pXXHd6pjrk5SvcwyBMY8sN32WLVm5F+GCp 4s+vTkkIOoZwl9yg3utCCW5TVnzc=
X-Google-Smtp-Source: AGHT+IG5U8DZdlY5cIWpROYVyiWcH68/Wh1C4H9m2d3q/h6dgv9B8YR8bFQc6fNH9J4SeUNq5axx7fdUTLrZdyLsuPQ=
X-Received: by 2002:adf:e607:0:b0:367:40b9:e9e6 with SMTP id ffacd0b85a97d-36bbc0f5b05mr7718503f8f.21.1722877170076; Mon, 05 Aug 2024 09:59:30 -0700 (PDT)
MIME-Version: 1.0
References: <43f8434f68c144f38b4a4a3933841899@verisign.com>
In-Reply-To: <43f8434f68c144f38b4a4a3933841899@verisign.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Mon, 05 Aug 2024 12:59:18 -0400
Message-ID: <CACsn0c=8=DKKUu6uyevevdNRbZUae4bD=omc24Qtnz8dfeuG=Q@mail.gmail.com>
To: "Kaliski, Burt" <bkaliski=40verisign.com@dmarc.ietf.org>
Content-Type: text/plain; charset="UTF-8"
Message-ID-Hash: CD25WPFTGVHNFJ5BURMVFTYPDP4XWNLS
X-Message-ID-Hash: CD25WPFTGVHNFJ5BURMVFTYPDP4XWNLS
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "cfrg@irtf.org" <cfrg@irtf.org>, "Sheth, Swapneel" <ssheth@verisign.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: Request for adoption: Signature modes guidance / draft-harvey-cfrg-mtl-mode-03
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/p1Wv7rqCMD9dR5d_TiWnvcDEbGM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

I don't understand why this is in the CFRG: it seems to be squarely in
the line of decisions WGs have made outside CFRG such as keytrans or
CT.

Separately while I think the idea is interesting, there's a lot of
operational and structural questions to actually apply it very closely
ingrained with application and protocol level considerations. CFRG
isn't really suited to determine if this will work. This is not to say
it shouldn't be pursued, but I just have a lot of questions about how
it would work fro DNSSEC for instance.

Sincerely,
Watson Ladd

--
Astra mortemque praestare gradatim