IETF Logo Mail Archive

[openpgp] Re: WGLC for draft-ietf-openpgp-pqc

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 13 May 2025 22:11 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: openpgp@mail2.ietf.org
Delivered-To: openpgp@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 72D1B283F73B for <openpgp@mail2.ietf.org>; Tue, 13 May 2025 15:11:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 53fvVVqoJBAQ for <openpgp@mail2.ietf.org>; Tue, 13 May 2025 15:11:42 -0700 (PDT)
Received: from DUZPR83CU001.outbound.protection.outlook.com (mail-northeuropeazon11023127.outbound.protection.outlook.com [52.101.67.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 6A574283F6F4 for <openpgp@ietf.org>; Tue, 13 May 2025 15:11:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cxp35g5pJekRWchuytZpi3iOr753O/0YnJmspQ42x/BWfY+SwyduMuHH/xVqV86mu7pIcFbwRFHbi/NcQkRO/nWGFLT0Uxx3K5zgmZ8grGBZubgNNIcDdrNP3KMoa+Cro9DQRIjO2wfhnHNLPD0a8wpYx93haMO/xZT+hf7nWAu2JZASrQvZLXefAFLCohrtlZOiyYIMOVymF5UjPEny9RnKqVE1fExQpf+osd7kbIUlTGVtbs0a1dILNlWBNrlmsDzxZsZ6Sh4Gc9QcLyTDqjLKftvhOQ6hI3XcAW0ZOj1EkvLXRUjGt8slExhJT4jOIRhlqd5wsmvp91jmH6luSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iIgPU1owR5xO1iQ88dmTUm1hBTMQ8QgcJoOttNxNCa0=; b=xhzxZ+axXt/MoIiMfDXWijmFARNdcXtOh1f6fuwZnI3GQqfkt5JHlgi/KkfPk5IumvvKYoZO6w8Ti8poWDGeuW15mVVn1NuiRTsiPA/V9VTCSr3LyFbol9snvO0LNbhADOUWoB0hvEVJedRz/Fw5+kz2MxoxorgRnkSmk+5tmiRYfrjIFy4CWotf6fPJaj0WXBEZheWYhp/rrWNNxfqM0UPRNMUvZSY6vpZKIO5HAx31TUgtM5U2OhhsVnkIWbJMTNttDYnT5FKzD39bdxCs6AXII4DfMZ215hwRcnh8tTihETZSpffenid4OwVlxrhVBA3cBetVDAypWZSil3DSXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iIgPU1owR5xO1iQ88dmTUm1hBTMQ8QgcJoOttNxNCa0=; b=m93ClMmWAsCpE0+sIprq6db6HSwPcA/jTNdhj13QmjQfQRTpRggJ3V9dhjfHF0GVmtig23MTid6FmrGpP8TjWW7i4G9nxoV9s7mewRKbOBCl3Bgn0PUuSRwZ93Q5X0VMlKeB85sZfwFlptfziOucoVRZNoZf4+r2Z/RfWDI+3yTByK/n6fdkfRzSx7FV2NqOhH/mZfYZDyenFe+S/EPe5huvg9u1v9Q5PW0no199xbYr31ApQYl5CCP67i2PcfUunaN0+IWJ+CQtvuBnVwFl4LNBSc/T7XStydjw0wJsCW5UrOazyM6FHivVqadm4r8HME+NeF6Gz41qBfcayGxGQw==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by AS4PR02MB8310.eurprd02.prod.outlook.com (2603:10a6:20b:511::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8722.23; Tue, 13 May 2025 22:11:35 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%2]) with mapi id 15.20.8722.027; Tue, 13 May 2025 22:11:35 +0000
Message-ID: <1a15934d-50be-46dc-8300-189834c70e3f@cs.tcd.ie>
Date: Tue, 13 May 2025 23:11:33 +0100
User-Agent: Mozilla Thunderbird
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, openpgp@ietf.org
References: <174470653269.1286532.14892820163225351018@dt-datatracker-64c5c9b5f9-hz6qg> <LSicuu3DyGQdz5FlANti-HGJ6GuAucc5BKufbsCa603EsSZ0q1XMXYvt_OubLd0UQkg0gh2F--9y9WpoqWfQu5XU-KEcJ15GG66cSFk9ByU=@wussler.it> <87wmblcr8i.fsf@fifthhorseman.net> <87ikm5eoey.fsf@fifthhorseman.net>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <87ikm5eoey.fsf@fifthhorseman.net>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------cfcuRZhTuKCjm4eZuJY7NQaj"
X-ClientProxiedBy: DUZPR01CA0017.eurprd01.prod.exchangelabs.com (2603:10a6:10:46b::8) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|AS4PR02MB8310:EE_
X-MS-Office365-Filtering-Correlation-Id: 4ceb41b8-dbab-4823-3b65-08dd926b1fc4
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|366016|10070799003;
X-Microsoft-Antispam-Message-Info: 0us2qk6FhioOE6DuvDcd+TXUgNWBpazRoZ4pOFprbpfNj10spApqhfNmCMmDepaND+KDr+yf9LnNlx8BMfIPR6Xgi4N/XAwbZVU8hd3vo4yu+XbRi6AZ62UBOETg6P303DJSeoCWLVu1aDudb0kbUqgyOC2cNXGhAlxV13R2c5I0dL3pmZy9givAeEiezhQkvaCpQFZwiWpkLJtRtAnvZCf/UTzK6w5aOXTxZJxaaZMu3M6t2pUorP/U8E9XDfhh/LVMFLmq1KRhF8QZgtBF/KmS+/f+Oa+vICkTHdzKcYIrw/26mQM8RpWq4cnAvGy/pykqp3xMszEKvHr8EGDz/tvVGVIDGgJNPZpxsTeAgvLsFHBwvcfHaJG06E63PUDMrPUC/+dpNDatfSrd5gwL6PudhY7/04MHb492rvdMPbn/N4TlhKKvltSMx4l22b8LKjrfnaOqOUBfVPBuk3Cz/7EDiw1DgOWBC2V5NBNCEv3H1t73tgMuHNYdOTb0+huASl+KDkwicJ/zhGDjmGlVEIQeqPvb8kyEH/2Ut8N7g7sDcHfj17pu2jFIMBEgcGuaTXxUJCY2s+TwsD4M4ZK1D3xJWCHbgTezg0Vpzz0Dlx1BzRToUTzGE4lleOxy1PwCYixR8eCetBLLuDg/T3PkanCsbMs/tW1PAC+n2RAvER5fYsMCB6dyXm7FxpSd8SNCwau9hq1skH5NKnm6xyPywK9VwzFduVRvIPateM6/nMfm++NGokGJirKVTWF7b94h1Or+RyXyAvtsrqR3gwVM6YAYTkHZWLKOcKO3tVsBhc18KjC2Mh5jc8t7Oet+fU2R6El2W4F3V3+G4ppdDWp0i0FRojUMPgCvH4YZsZcy/mFOQeIN6/Mp+QAAqzSe26AARlBjqkgKXyib/RfCPz1R+IRLlEQ14lz5e3tXp/oo6/SZ5f9wSc96URJ8O6JOitNNUSpB7Refz8XkM0pjI0jBi8Ur6xGTHa97o/ah7BQU81sbIyb2KSrDCtTib42SqmVrta9KjNvcQAdhq0Q4JP1OQ3LeLS1b0VPKl6DI6PZ7DOuOM5NUxl2ea2hufMUtwGCbE4rALh2gk+CNNvlC83y1BY4wJ4nGnI0PB8hjv3Dd2ZEOQbJdSK10nw3a7kV/R+puSZIpHizqKcf9x+xxymtK+BLwGOU6u9FKsg78yKVCraB3QQU+2vU10sqChnA3buT+n32W8oFxxWnSII9TWuwqeapX//q3c3tKivpFifrgxYWJDZW2bKTNxve8ckvacrlUnvogf278mzgIWJ1/Lj0kHfFwmzjpGaCvFfg4jj2nwpjEvC+8hTwzcCN+G0VRmkwr5g+4Ofe8BmRPTw75oIBbqfJDWGRSJOfNUPSPihRZBLghgOJz5FgXgPXHy5+INA+UR9A7oZcG1jTdxNyGTrXCibWNdPXoQ/HD4SyfL/z3X9k=
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(10070799003);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 472WJvCmz/X/IMTFV/dmX8jdHVN0r6/2pDNxP6HgfukSTbXyTKMAdrV1z4XgvQbK3DFe21/VHtM9I5IHHtUrUB3WP1MtIY9lRqOXs3LKZFEEGyKB2QqwDcRLGpKdzcEkmS3XiEG9JWzr8Lw5NHFzYLlUGI2RoGBKJHoHXe6Q9jUu30gVeyZ2+R3gUwQGrt3agERrdMpTHKz79LqNFQ5wezSG0KOQyjJZkjqTe2cENBRgYFjwAf5fsx17zOWttuz3WWxTdgStNY3MpStXTDVw3Nt16PbFMU/RM8XlhU8IYk7k7CspF7Tz5bL8qc3nuNmcPPX+TfkcFdUY3vZ2kScaH83WHm3OF5jb0yUx8bsgEwHDpRdcKuhj3aJcHHSJ8vP4zmvtJlLrapVrKULX7WmEAowLdSAO8jqZs485PeDI6xWs0uNtv6rHzLWfO7urvGyWVJMocm7sFKhT3PqoFQn8w/0eI7MDaiNkMRv8+5gyyn9LTu/SNdcOTFM9cBeOO48W8dL5f+AFftsO5uAFFLMMXlXBnksTYEpegU3AnmoNzQkU6DIt9Wslik5UaQUslr+4or48samfQv5ZI2XjJMVtfvYvTbKecqkeZN4JXlv9Csk7xkEToiPST225vW9xS/LF3cp8BDnr5z4wjH8NFjjHcoa5gSgPXJF2urvJUX5B952KIzM6PtipRXjf7TZ1u2smditfErq0YJhiINHyNSsyDBMcQ0rySxLB0O8C4U10kXyi8gkbitUVZnPtA34R99yaDo/vD9wxbCg0A7p3eP34BAvcHw//zQEHaKByr/j9RVIHUoyYG8/C3ZiCXq4PZ1QgwfAApGfMB7ggjn6aJYP2wzJAhur7xnjmY1OgDuxcvBkuGon3fk0hxa+NFfzKK+UXkcOCRuQrkU2cIjZxXzDFU+SebA5jRf8zxofcY2pEUfsOhS2CF2Yj87UfgHdCPp53p/O9gbsVuzGZBY3uPuMzRHNDP/fdc+K7wK2+9u8J/r/rrLiXsjFfp0f8gppDC+mAbB4hkMg8KWXM4lSQKU9xvIU4uWEPqxe2bBa+J87fyhjvBn3Pia0Zv/sVjkHtpwkowGI3Az7ZNuo8e+HywifbwOZs4f21GxkHqt5L3DvFIO4JTKqOzhIduYFALh/qnUmbuHVm0Ph86W/oJOGsjaWcNMlZbw+3rtbsRveAi0Cutyb2mAAXa8GiKaxbHGsFggPVfKxwLd5xpfPJWyG4hPQLgtUCfoihy9ZnYXKbsFN5Hbtakw+O+J1VjUV1SuBdfY0h0wQYW7N5aN8wFWVtScFQ89HXjgu61lPOGLIiThGf3hEIEPGqWe6FgkwCRywDID/hc5QvYGauCEoFgPgGFDCRaAGEUVEDdIz/7JsGQvrBtL2F9x0FK+8+9Ybam95jM4JjotzkZKCLjWW/TLO63i+AEhugw0DMY2P4Ma7peLbucOKUoxULXuVyEYR0WqAFMX18XqDY5SLghDaEcYf7k/vYzw4G7377kiPqUBHFwIaWDhA1wA2J12u+qSno4MYg3SYmEqwTFTFPS8ZC1M6s4fw2nz0+k2cvKds7QpXIPsFiAuCrLZFFnVqh7KkeqTuExsRA+q4er7WKSTeekEFgEXNebmDxGyjwRybmrkZsj6D/ampF73NJ9Yrt9Gu9hlL7IoP1
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ceb41b8-dbab-4823-3b65-08dd926b1fc4
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 May 2025 22:11:35.3778 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: tBszG1DQ4ulIdjpP0KXoWDsjpxt087hphvsmNKjGHIMvoAOLBPsYdVPKbDD5UKxK
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR02MB8310
Message-ID-Hash: BZWMLCODIH5B3PNVIXVKCKHRHIFNBUYK
X-Message-ID-Hash: BZWMLCODIH5B3PNVIXVKCKHRHIFNBUYK
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: WGLC for draft-ietf-openpgp-pqc
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/71Q_cL5F_VSPhm3hdWOK6hP-cU8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

Hiya,

On 12/05/2025 18:20, Daniel Kahn Gillmor wrote:
> Hey folks--
> 
> On Tue 2025-04-15 12:41:01 -0400, Daniel Kahn Gillmor wrote:
>> With these changes, Stephen and I are announcing Working Group Last Call
>> on draft-ietf-openpgp-pqc.
>>
>> We expect the WGLC to last four weeks, which means we will look for
>> consensus (or the lack thereof) based on on-list discusson through
>> Tuesday, 2025-05-13.
> 
> Just a gentle reminder that the deadline for this WGLC is coming up
> tomorrow.  If you have thoughts or reviews you've been holding back, now
> is a good time to share them on the list.

Thanks to my co-chair for the gentle reminder:-) (TBH, I did need
it as I just emerging from exam-marking frenzy:-)

I have a few personal comments below, none of which should delay us
in publication. (Unless they resonate much more widely than I expect.)

It looks to me (and dkg, based on off-list mail) like we do have
consensus to proceed with this, but in chair-mode, we should look back
over the  WGLC comments and send a mail to the list to confirm that etc.
I think we may want a -09 draft too based on the earlier comments, but
should then be good to push ahead.

My non-blocking personal comments/queries are below - it is ok to ignore
'em, honest:-)

Cheers,
S.

- I think (but am not 100% sure) we want it to be true that
   no implementation makes unexpected multiple uses of any
secret or private value at any time. For example, KEM
private values when sending a mail to multiple recipients
or signature private keys when signing twice with algs
32/33. Is that the case?  If so, should we say it (more)
explicitly? We almost do say this in a few places, some of
which RECOMMEND not re-using, others of which call for
"independent" generation. Is this something we could
tighten up on without breaking any use-cases? If we do have
some real use-case that needs to re-use a secret or private
value, (basically other than multiple alg-specific signing
private key use), can we describe that as the
counter-example to just saying RECOMMENDED rather than MUST
NOT?

- 2.1: Five is IMO too many signature options. Can we not
   reduce that number?  If not (as I suspect, I always lose
this argument;-) then it'll help with later document
processing if we can document why we need five in e.g. an
email, in case someone asks, which they probably will.  (I
forget if we covered this specifically in earlier debates
sorry, if a reference provides a good answer, that's just
fine.)

- I didn't check the appendices/examples, but I know others
   have (thanks!).  We should also get somoene to confirm on
the list that the set of examples in the version we forward
for publication are (still) ok, again in an email to the
list so we can point to that later.

- nit: We use ":=" without definition, and I'd say just
"=" would be just as good?

v2.31.3 | Report a Bug | By Email | System Status