Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,
Derek Atkins <derek@ihtfp.com> Thu, 24 June 2021 14:40 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C163E3A1F19 for <openpgp@ietfa.amsl.com>; Thu, 24 Jun 2021 07:40:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ePWcbwIFmT1l for <openpgp@ietfa.amsl.com>; Thu, 24 Jun 2021 07:40:03 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC0A03A1F1A for <openpgp@ietf.org>; Thu, 24 Jun 2021 07:40:03 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 5111CE2040; Thu, 24 Jun 2021 10:40:01 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 27133-01; Thu, 24 Jun 2021 10:39:59 -0400 (EDT)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id D36B0E2045; Thu, 24 Jun 2021 10:39:59 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1624545599; bh=WrFaYnj/VOWDn0dzQT3pYhf9uGcjFFjoXyUoFI5xWwU=; h=In-Reply-To:References:Date:Subject:From:To:Cc; b=Ma9MF+ANiIO/XNYqK6VjQkjqqN/RcTQ0/gPQrR8qEVEyWwGTW+2HN1NFKRBjbHwUY AZjEYOl4LE9BaK6PW/Jx/4SPNhY3BZySWDmmbfBpQyV1w1iI2Opx1vVUfQTwJKy0kb LUeDwffeVLXsVOWv/kDlGdo5r/PyEv7y9oTH1sTo=
Received: from 73.126.63.116 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Thu, 24 Jun 2021 10:39:59 -0400
Message-ID: <6dea5f0d481349c211224e256e23dd1f.squirrel@mail2.ihtfp.org>
In-Reply-To: <c2b4b0ea-ed14-79a0-c547-5fe79fc35fc0@kuix.de>
References: <c2b4b0ea-ed14-79a0-c547-5fe79fc35fc0@kuix.de>
Date: Thu, 24 Jun 2021 10:39:59 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Kai Engert <kaie@kuix.de>
Cc: openpgp@ietf.org
User-Agent: SquirrelMail/1.4.22-14.fc20
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/SNG0zBhGVgJS1qkJW4eS7od5i6E>
Subject: Re: [openpgp] German BSI, PQC for OpenPGP in Thunderbird,
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2021 14:40:08 -0000
Hi Kai, My only concern at this point in time would be the question of what PQC methods to include? Right now there are still way too many choices, and there is an expectation that NIST will reduce those choices over the next 2ish years. So does it pay to do the work now, or perhaps wait a bit for Round 3 to finish, before we potentially add methods? -derek On Thu, June 24, 2021 9:52 am, Kai Engert wrote: > Hello, > > I'd like to make you aware of a project call by the German BSI (a > federal agency for IT security), which was brought to my attention. > > I've posted some information on it on the Thunderbird planning mailing > list, see the following thread, which has multiple messages from me: > > https://thunderbird.topicbox.com/groups/planning/T5abbf135db2f3c1c/the-german-bsi-intends-to-sponsor-pqc-improvements-for-openpgp-in-thunderbird > > In my understanding they intend to pay a contractor for a wide set of > tasks to bring PQC to Thunderbird, including the work to standardize the > use of PQC with OpenPGP, including implementations for RNP, Botan, GnuPG > and libgcrypt. > > It seems the BSI has already made a suggestion that they want to require > the use of CRYSTALS-Kyber and -Dilithium. > > Is that a reasonable choice? > > Does it make sense to define a limitation to these methods at this point > of time? > > Thanks > Kai > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp > -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [openpgp] German BSI, PQC for OpenPGP in Thunderb… Kai Engert
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Derek Atkins
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Daniel Kahn Gillmor
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Kai Engert
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Michael Richardson
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Alessandro Barenghi
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Daniel Huigens
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Werner Koch
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Justus Winter
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Kai Engert
- Re: [openpgp] German BSI, PQC for OpenPGP in Thun… Daniel Kahn Gillmor