Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-08.txt

Nick Sullivan <nick@cloudflare.com> Tue, 03 December 2019 21:46 UTC

Return-Path: <nick@cloudflare.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9DE4120077 for <cfrg@ietfa.amsl.com>; Tue, 3 Dec 2019 13:46:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ac9M77B7b_sp for <cfrg@ietfa.amsl.com>; Tue, 3 Dec 2019 13:46:50 -0800 (PST)
Received: from mail-ua1-x934.google.com (mail-ua1-x934.google.com [IPv6:2607:f8b0:4864:20::934]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8D6E12003E for <cfrg@irtf.org>; Tue, 3 Dec 2019 13:46:49 -0800 (PST)
Received: by mail-ua1-x934.google.com with SMTP id w10so1954078uar.12 for <cfrg@irtf.org>; Tue, 03 Dec 2019 13:46:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KeQ8QXUCKYJgFlZlvNkmbTtJrqHtCqb4rgpDZXA0UNg=; b=bUt/X5Tx8rw88G9SmBkYbbBohLbnXbRRHuygg5Yil0bZA0R+4aI0ajAYnUS2YYLUpx 5jV7aVvUhqaxYbnNT9GneuIXXuRK8Wy2SGdiATSz7jBBhpngG7pEOyOeXsuJ8sWbZBEc WPex3uMbCvR91OqHRfrCalmr00W+ZtVbf34UI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KeQ8QXUCKYJgFlZlvNkmbTtJrqHtCqb4rgpDZXA0UNg=; b=VGzK6AI/pjNWYKODhetzVpoMtgVP7qW5q+EeMDJfHuC/f/aa12YJuc8XFJYy/a9ZJ0 gWZmNGfXHyH8mES6F7NdDNAR6hk4cwIeiKMxsC1Y7GeQkQkRkzk/rO4o6zySBnBSFd7A u9zOXWdNj2GEJkP4m7cPBtfOdK1sNW38EN4HXwlrDJ6tXU4PDw0TG4bJxfVEJo/q908O FEtVxT3CqOWp7XB/vfGkaWy8loTrb8Jl2U5qe6Ig3ndHVTki1JPKKbymxrwZrbyNLKfz Etfm19lSjSPT0qyRB9EauKiR9tAFuO23FbWa+An/T3Vdczv3HzSJkxWKaCctFFbyhVPK sMsg==
X-Gm-Message-State: APjAAAVK6WBUs85oyNgwQzyQ6YjMoswG7T1IkJeGva5k+5RFO5LVc2tf RemWHke0Ifur/kuPwK9QMd2F1aSuNcHrBfE0PoUk9Q==
X-Google-Smtp-Source: APXvYqxvWH2Ifu553M42RMzdpaHCHH16cCal0hRAk3UesMI9u77hIhoDJAoNyStujPNS4RRG2zb1WKo1xGo2Z5SYgGU=
X-Received: by 2002:ab0:21cc:: with SMTP id u12mr243911uan.55.1575409608680; Tue, 03 Dec 2019 13:46:48 -0800 (PST)
MIME-Version: 1.0
References: <157273808364.6043.6715638492611593951@ietfa.amsl.com> <77AD232C-094D-4FC1-A966-DA56EC44A27F@ericsson.com> <CAMr0u6=7r2wAD_3Yn1hBjJW-y=8FE27jeYQW8wk3wJ-Xh2g2hg@mail.gmail.com> <20191122162758.kzx3vl4ibayykyqu@positron.jfet.org> <CAMr0u6=94uCjUybJ89Nf-qNvyKFPkX_KWM6k5u1kPUZMOCLNRw@mail.gmail.com> <20191124213717.o5gjtyv55lmlcy4s@positron.jfet.org> <CAMr0u6mEW=orEF6YtbTfdQy5EuQHDqdo=2_R243PUkqGD2Vgqg@mail.gmail.com> <d6cd6002-8984-4940-a06e-9c46d2f789eb@www.fastmail.com>
In-Reply-To: <d6cd6002-8984-4940-a06e-9c46d2f789eb@www.fastmail.com>
From: Nick Sullivan <nick@cloudflare.com>
Date: Tue, 3 Dec 2019 13:46:20 -0800
Message-ID: <CAFDDyk__uQRy6k3pJyP-t3CwXPUPaFs8Q5Z+7LNf+GffjAGELg@mail.gmail.com>
To: Christopher Wood <caw@heapingbits.net>
Cc: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>, "Riad S. Wahby" <rsw@jfet.org>, Christopher Wood <christopherwood07@gmail.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000001a2b130598d3a2bb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/y1wBtgdjN_BU65ZyXIiozv6d9Io>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-08.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2019 21:46:52 -0000

On Tue, Dec 3, 2019 at 1:18 PM Christopher Wood <caw@heapingbits.net>; wrote:

>
>
> On Wed, Nov 27, 2019, at 1:56 AM, Stanislav V. Smyshlyaev wrote:
> > >> In this case, it seems like a separate document for other
> constructions
> > is definitely more appropriate---no sense introducing serious delay for
> > this document
> >
> > Many thanks, Riad!
> >
> > I'll definitely think about this - maybe it will be reasonable to
> > arrange a discussion of this (with slides, at CFRG) at IETF 107 and
> > initiate a document on this.
> > If you don't mind, I'll get in touch with you off-list in the beginning
> > of 2020 - to discuss, what should be included in such a document. Would
> > you like to participate in this?..
> >
> > >> But: would it be possible to clarify, maybe just in the intro, that
> > this document is primarily geared toward the HSM case?
> > I think that mentioning HSMs as one of most important cases when the
> > construction is needed, can be helpful.
> > Chris, Nick, what do you think?
>
> +1 -- this makes sense to me!
>

I think HSM is too narrow a term. I'd be open to talking about cases in
which the private key is inaccessible to the application, but a signing
interface is available. HSMs, TPMs are the most concrete examples, but not
the only ones.


> Best,
> Chris
>