Re: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]
Mike Jones <Michael.Jones@microsoft.com> Thu, 10 March 2022 01:52 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEA433A0D52 for <cose@ietfa.amsl.com>; Wed, 9 Mar 2022 17:52:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f7PNvuQzGUzm for <cose@ietfa.amsl.com>; Wed, 9 Mar 2022 17:52:30 -0800 (PST)
Received: from na01-obe.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E19053A0D51 for <cose@ietf.org>; Wed, 9 Mar 2022 17:52:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dsnhrWEgRzVbKEGEKtgtZu/4WFqy1jep7ofNkrVDleDYLnTQ3kBlZJMSNGjD8FLAKU6DAiW6FCHKYtxhwgvjEMK0JUlurmvqpsP30BhQCgeX6wn7DAereAPm9OaDVyX6MctGfh0VTVEnCMqcjG6bgOmpGBXKFJEOq4+dfr0gpvQxDMCEpRecD6nQT4HTPCf+t6SY/bIYgkisaO96OKdwGIcVj1aBEpnn7EfF8tSuJyho1svDUBRh55WBUttRp/G9J7L4NWJVOtgDq60gpDwwprbzE3BcwM493f/Ek/fgKIkM/f8oeh5jTAnygefwq9+ZLSJxLL1bceJ22gTyFwUfdg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0FZmS32zz8JxK1F7okKKAM0iFIeQ/f3ujvRcjUAp0EQ=; b=nhG+m0dJtT+gupVbIEt+ojYBbAa5PuQsBPy2C8SuKZSnPF9sfABMLSJBY+tlTcSULpel63Ei5Sct0IoBw5mp3TATECP29GAoZCzWKqOEbzQkZIxzClwIfSYS6pbKzuZu1ygVqijEVvFoDlganAEYIsBqXXHYkOYpdQLIUWaAY1OunO8XQMM6YyHRxQzate61aQ0hYUtXVMfKG+jhCcGpS0X21OQU2M/LMbAvYN5lh51W75qRSNroTzHBgizudX/SwTTHv7dRe4lEP4YqrpldewzZtLUyfr/V/5X40IsFK+ZFh+No39L9t5ZtfcKAyVlSc4wExJUpV7yxUG91YuXkVQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0FZmS32zz8JxK1F7okKKAM0iFIeQ/f3ujvRcjUAp0EQ=; b=MMs52SJMHBxA8VjK9xSMzHWr8vIDoV+Z+vtR4zEh6MkwoK3p8xyFZe/BIrXq/uWh88A1y1gg2BwhceTz+/qdrRsz/Lek8MwViKn+K1RnjXsthaINh4A8hc9Byhz+++B7/hmcsGfaL4zz9XBoK2CbWVv0li/ZLXD7unBRLk6wGfo=
Received: from SA2PR00MB1002.namprd00.prod.outlook.com (2603:10b6:806:11a::8) by PH0PR00MB1230.namprd00.prod.outlook.com (2603:10b6:510:9e::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5096.0; Thu, 10 Mar 2022 01:52:23 +0000
Received: from SA2PR00MB1002.namprd00.prod.outlook.com ([fe80::3041:a612:8ffa:763c]) by SA2PR00MB1002.namprd00.prod.outlook.com ([fe80::3041:a612:8ffa:763c%7]) with mapi id 15.20.5096.000; Thu, 10 Mar 2022 01:52:23 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Russ Housley <housley@vigilsec.com>, Mike Prorock <mprorock@mesur.io>
CC: Ilari Liusvaara <ilariliusvaara@welho.com>, "cose@ietf.org" <cose@ietf.org>, Orie <orie@transmute.industries>, Anders Rundgren <anders.rundgren.net@gmail.com>
Thread-Topic: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]
Thread-Index: Adg0IXiDRxL+JRrCRtWsE/Mbqp2SDw==
Date: Thu, 10 Mar 2022 01:52:23 +0000
Message-ID: <SA2PR00MB1002C64FDF9A7CF14E95D135F50B9@SA2PR00MB1002.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-03-10T01:52:19Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=492acd6c-0719-4518-b51e-2a95c1ccee5a; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dc86fc46-eb26-4d71-6f0d-08da02389ed9
x-ms-traffictypediagnostic: PH0PR00MB1230:EE_
x-ms-exchange-atpmessageproperties: SA|SL
x-microsoft-antispam-prvs: <PH0PR00MB12300EF1FF893682095B51CDF50B9@PH0PR00MB1230.namprd00.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9w/l36v6Y8Ya//7MvQwLbCGkGZictE1Wj0jNTo3TE2wtU1AwAzcgebE8Hb6EMLSycNd30VnLU1T+sS/j+ifElF33pZg1Kkdk0jHpZE2TTFjXSzBBe9vT0a3cDYPytdg4mL3l8kEw2gPJiKKXe9Y5XXZ/0wpA8XSyIPRiPNtzWjbIoVcRCrB0k+eItNLRXYbhKs5oooMSgyAJwwRtBkDQGyGWajIXCJD1x8RvOwT6I9QWZFBQhdC0V/HxwB/Rpx2nRTlIr3S86gZYlgtWSvFlKXJ2K386nr21rzD/CGTFUajZCT5C0tszgTZQwM+J7VUkBqxvYKIvyV6Kqyk+MzbsEss8imT8qLN7/9fhjvjHXKup4VWVsJSUxbjsJT1gFgICyzwNefd5KebyEY3CvqB5X0nGKKxmkqdEnItCXvPxjleKm523ooymTHuvev4yurxCpeaXohd1d8q8LmaDs/zRc+aSeMk/NetGld8nPPUdOkZqT4PF5R4BBhWZjmcwkEilcQv5pINel6Q4QVvJaC1aCKDFTh81sBZz9p7WJMbhjwyDhvlxTIuZkjW2tpthl/sSxHSspEDUS1L/mZFX1l+Ospf2hC1djvQzdo2gUn6KRJ+L7sYs4oYBcm6hSLke0+i54qCgIbThYBsmNDkKzyyn1VBZOsNRtK96d8ZbnKhRJmM5bxi8rFkJGgRlKJf5lpJyLcyMrHg8SjaZOJWNreODju0BysArt2GiCVo5m3iFXD0Dq09R5xa+cTmGyzduOYtsZjhv1cGvv9dK4uUvy8M7DUKJgHsZLNEcSOxUV3VB6lkfJPcn4V5lDnsF+R7ck78pCjWxfALr7HVJ9zDt/HxYCw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA2PR00MB1002.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(451199009)(66556008)(186003)(66476007)(64756008)(66946007)(53546011)(66446008)(26005)(8676002)(76116006)(5660300002)(8936002)(4326008)(316002)(54906003)(38070700005)(9686003)(110136005)(71200400001)(6506007)(83380400001)(508600001)(966005)(10290500003)(166002)(2906002)(82960400001)(38100700002)(122000001)(82950400001)(86362001)(8990500004)(33656002)(52536014)(55016003)(7696005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: sgB09phZvuD+5vrjBpq52xSGpZ/zkAES+ki1Q8qrvuDu9lsYLYb6I1VuJGgkxVhu5Dqoe4h5FkgPZmQe0rzqmc9nqoelXC8PqVlQLxjdYbPIMqETKfCJrYIyf0gfWmqE8l24079dOjU8snJsZHVzpQCIeROyRDZBwemrnjecSSFpVKLPRnFFpqEyA+Yc9L7id5UU08SB7tUm2pQIW6sjlTKYNn15msLKZtOppo4AftGisG0aeKtySpRVD9wsywu768ITxpwC49cftEdsgg3UL+uluAcCGl/cxnyTDlm9wpUCJ9nvksDN9eotzTQNHjgPiKPIqe61NZLJU7u41SrljaOZHkCXpUCingeuZQOy6Mro5Pfoo3VJCMjsYm5W8tQBUdQW3YZ8LnQVYrMOX9uB7XioiPqkLlJr5tOQrlNZCXJVduaJKEU/rdbbg1S5kI1euotWz1IFiaAszgaAWqbUXaMq0fH4w6OTOfwT2uFvIgl7fu91RwnGRg3MakV/ZxKcL4Shs4XY/nJEeEN5RbnQdOEK/gXxqisauugCQ0QVkWk2Oi7AMux+dfdhItJaqQ5ieIVJdiIipE+9ZvAAEMx3yS4I8CDJC72DEbIwknYSXS9MkFZXwoIzqEypUiyqtg3IYQoHaVM2hwDJzoHoWYtcNmhx61fT6JV5qCQrJ0/Y2MIsivCL8WBNZ6xzHaV2OjGqxAlWFGmQK7dRUvECUQ6pWVlWb4t+8HwaWycDXNTmWtXHQTLe0ZTNqxpOT+SJvXlMhXUlNk+35QhZw4IuR7XzKXjCuKri4x5BInSO9BZV7Y8wN+ONMrVyumXJK+giFaIaGob6JIIHXbxyozgEYuxjkwgwofxopefe/p1ePwCcbgKI5EQvwvRxU5zjJCq1eXAQE55eX8Q5YtxukoVAiTHUoEKAdXw77hVMV67+UdiMY8a8YlqIvSL9HqQkyHfsfPjek38b8Du6jJG6K5If0/J0quDlou0AygC1Nz0+s+xhTkS7ZDBJmVhr1lMCYHPEukgUqPJV0HHfM46QfSruz4ouV6H0Qn9EKiMehvFy5iaUdiwLgaRKGhvqGDhRXMJ0WGZHQeKm0HAduHQM/SXsYaaCILKuQCL4QN85eXmdoFlowPokxNVGNOUqQRoXQ/qqZEd2DCXTjHWX2M9SvHp9u1xZ7QMO5OKaxQwIgLxvf/LysyqKITED5CCpCxyXisrNtgczBSc5YRY/v/LN9c26YLjn6NU8qgqtGTKZoKY6maSC3Dob3VJRLCg/esASCtQ+GZqvFOzvCIDQ7p7rDyr5iE2inukMgazKdiv4NEZ7qLbTkBeL7AKfcbeccaBKnPeR7grYpo76KiISc7aIb5JJpUGIe8BWufC/ZSWrr2zNmRZm7WwCvF4qXEnoo1rlZr+s79vICxBsGOrVd7NjJvZFOd8ypMrPzkiGFcirfn0vMiuIyUlDJrjx1aSN1o7clg5KaK9p
Content-Type: multipart/alternative; boundary="_000_SA2PR00MB1002C64FDF9A7CF14E95D135F50B9SA2PR00MB1002namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA2PR00MB1002.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: dc86fc46-eb26-4d71-6f0d-08da02389ed9
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2022 01:52:23.1120 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: l5aEpkvMITspmhJc/qnXUesxLurHuaydLum4p5Y3z90NOXMealmqfqr5oaWDoUWntVvRhkjsE/Ba3KqLoQ+J5w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR00MB1230
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/NXxnmfc3pTQvtOkGkMSIaDJNpMc>
Subject: Re: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2022 01:52:37 -0000
Russ, I can't tell from your brief comment if you're supportive of non-polymorphic or polymorphic algorithm identifiers. Can you expand on your remarks? For the record, I also believe the polymorphic algorithm identifiers were a mistake. OAuth, OpenID Connect, FIDO2, W3C WebAuthn, and I believe other systems, all count on being able to use a single algorithm identifier to fully specify the cryptographic computation. Polymorphic algorithm identifiers break that invariant. We should introduce no more of them. That's why, for instance, https://www.rfc-editor.org/rfc/rfc8812 intentionally introduced the new algorithm identifier "ES256K" for "ECDSA using secp256k1 curve and SHA-256"; it requires the use of "ES256K" for signing with the secp256k1 curve so that a polymorphic algorithm identifier is never used with it. -- Mike (writing as an individual) From: COSE <cose-bounces@ietf.org> On Behalf Of Russ Housley Sent: Wednesday, March 9, 2022 2:56 PM To: Mike Prorock <mprorock@mesur.io> Cc: Ilari Liusvaara <ilariliusvaara@welho.com>; cose@ietf.org; Orie <orie@transmute.industries>; Anders Rundgren <anders.rundgren.net@gmail.com> Subject: Re: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna] On Mar 8, 2022, at 2:36 PM, Mike Prorock <mprorock@mesur.io<mailto:mprorock@mesur.io>> wrote: I believe most people (in retrospect) have rather come to the conclusion that polymorphic algorithms were a mistake. +1 - that seems to be something that folks are finding out Where the actual "kty" shakes out as we continue to improve the draft is yet to be seen. "PQK" made sense at the time as this is dealing with post quantum keys and signatures - just as easily we could be looking at two key types, probably by family - e.g. one for lattice based, and one for hash based signatures, or could just as easily be "OKP" - we opened an issue to track that here: https://github.com/mesur-io/post-quantum-signatures/issues/48 and will discuss on our next call. This is exactly why we wanted the broader input from the COSE WG https://www.rfc-editor.org/rfc/rfc8778.txt Is there any reason to do things differently for other hash-based signatures? Russ
- [COSE] Call for COSE Agenda Items for IETF 113 in… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Jones
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Anders Rundgren
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Mike Prorock
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Hannes Tschofenig
- [COSE] draft-prorock-cose-post-quantum-signatures… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] Call for COSE Agenda Items for IETF 11… Göran Selander
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Rafael Misoczki
- Re: [COSE] draft-prorock-cose-post-quantum-signat… John K
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Rafael Misoczki
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… David Waite
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Anders Rundgren
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Orie Steele
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Ilari Liusvaara
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Russ Housley
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Prorock
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Michael Richardson
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones
- Re: [COSE] draft-prorock-cose-post-quantum-signat… Mike Jones