IETF Logo Mail Archive

Re: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]

Anders Rundgren <anders.rundgren.net@gmail.com> Sat, 12 March 2022 05:02 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C75B63A1221 for <cose@ietfa.amsl.com>; Fri, 11 Mar 2022 21:02:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.11
X-Spam-Level:
X-Spam-Status: No, score=-2.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q7HFqnXvGyqn for <cose@ietfa.amsl.com>; Fri, 11 Mar 2022 21:02:20 -0800 (PST)
Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6A5F3A0867 for <cose@ietf.org>; Fri, 11 Mar 2022 21:02:19 -0800 (PST)
Received: by mail-wr1-x430.google.com with SMTP id j17so15855663wrc.0 for <cose@ietf.org>; Fri, 11 Mar 2022 21:02:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language:to :cc:references:from:in-reply-to:content-transfer-encoding; bh=AlFTz96Ya3B7Wq/ntauOUr9wGsH3OqmTg1Y6CiOl+FU=; b=UznXHRmkM0UfD2mt8yd1nMfdLuogH93Dq+Ewzld+WhqS9As4DoVoIn2WcpKhLhK/WL E/iJoI7DiEwja3HaRG8vp+UcriBJ3qoeCpmeQ7w4zuvL38ScmQNYUNBkaCsEJBDwm5sA gpOcbrViMhzXkWel4XMF6RKJlp5a5+k9sC2g3MXyXpi6jI0xseMlLXafXdiaOgVrIPZt 8c5ZuBVnifMvt0U0Kp+Mm6XykXSrCP7njgxfaGaOfuW7IXbcVudikx5h6Lona0esZ8V6 Thgm5PeSyLjECvOWVDIJ1suq69yxj1HIm9AeE2saiGGEHPrT7l0K/0xHtSQlAiVqRaqs drtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=AlFTz96Ya3B7Wq/ntauOUr9wGsH3OqmTg1Y6CiOl+FU=; b=pkM1k5Vw76ZDlJDJyKspGK3vJ0CdQJa8QuvK/smn2dl8qj390E/LusqVKkXdXi1kUp uTXID98H+xck5JDrTZDEzNVdIsE/jz4mDS+S6J91qCXpg7JwTIZ4IPRBrMkTVf7zYoWP j0CLVNzEMvMfL7OsLhbbd2hIzaMOZ0/LdOQyGj9S8Kcf17glz03e7BWzOLuP5wAq+Uz1 rMPFkWiQstlp2EqU/W9PTL1t7c6Dd657BTG+gOCbVfUF2TXnGLpLvXpSpEqylbdmMwAG RWH7xyeAq+27cDCLVgqbvAzcYHMAKc4TgiOeYhRllUIZ55/RcYP6DAtRrEVo8INmitTi G6Ag==
X-Gm-Message-State: AOAM531bxl4C0ryJ40pqaMENHP5jzcKbfYwL1atvzu3GRFfYlsGwAf9j HBGZ+GsuWk0+MJ9fZZ0p8zLY2MnuQMU=
X-Google-Smtp-Source: ABdhPJwUQ82ThZBT3ozhllxsl7KWnMC4axQt0qkK1sPyHheigbwW+vASINSntJI6KZ3/IjNiE5VdYw==
X-Received: by 2002:a5d:64a6:0:b0:1f9:e22f:5f8d with SMTP id m6-20020a5d64a6000000b001f9e22f5f8dmr9527870wrp.530.1647061337691; Fri, 11 Mar 2022 21:02:17 -0800 (PST)
Received: from [192.168.1.67] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id o7-20020a5d6707000000b001f067c7b47fsm12992359wru.27.2022.03.11.21.02.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 11 Mar 2022 21:02:16 -0800 (PST)
Message-ID: <557e18f0-f173-07c8-e9cb-c0f514a1f47e@gmail.com>
Date: Sat, 12 Mar 2022 06:02:15 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.6.2
Content-Language: en-US
To: Russ Housley <housley@vigilsec.com>, Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: "cose@ietf.org" <cose@ietf.org>
References: <SA2PR00MB1002092057CE9580A4029532F50B9@SA2PR00MB1002.namprd00.prod.outlook.com> <CAGJKSNSVuvmsdy9PmUGW7_a2kGqvAxW0fv+hOqSKE6ZfeagSWw@mail.gmail.com> <Yio968v//v87+fTH@LK-Perkele-VII2.locald> <40bf177b-9ac4-f1ed-db05-a0e8636a9363@gmail.com> <Yit0xOrYJSQXxkMy@LK-Perkele-VII2.locald> <F677F35E-8C9B-4FD6-901A-CBEEC36E7E8A@vigilsec.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
In-Reply-To: <F677F35E-8C9B-4FD6-901A-CBEEC36E7E8A@vigilsec.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/PG_98Gmzwo5dYokHgBrdIvHGJ7I>
Subject: Re: [COSE] draft-prorock-cose-post-quantum-signatures [Was: Re: Call for COSE Agenda Items for IETF 113 in Vienna]
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Mar 2022 05:02:23 -0000

You may also consider "pluggable" crypto provider schemes.  In such schemes, each core crypto system (RSA, EC, etc) have its own name space.

If you want COSE/JOSE keys to potentially become an integral part of pluggable crypto system architectures, unique, family specific, top level algorithm identifiers is a prerequisite.

Are there any pluggable crypto systems out there?  Not that I'm aware of but it would be possible to extend the (semi-pluggable) Java crypto system so that it could deal with external key representations in a fully transparent way instead of burden application and library developers with such details.  This already works out of the box (in just about all crypto platforms), for public keys in X.509 certificates although current implementations are "hard coded".

Cheers,
Anders

v2.8.7 | Report a Bug | By Email