IETF Logo Mail Archive

[openpgp] Re: Size of ML-DSA Secret key in draft-ietf-openpgp-pqc and other considerations

Daniel Huigens <d.huigens@protonmail.com> Tue, 11 February 2025 08:52 UTC

Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB888C37E177 for <openpgp@ietfa.amsl.com>; Tue, 11 Feb 2025 00:52:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XdbU4fOQVrc4 for <openpgp@ietfa.amsl.com>; Tue, 11 Feb 2025 00:52:41 -0800 (PST)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7DA6C37E15A for <openpgp@ietf.org>; Tue, 11 Feb 2025 00:52:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1739263958; x=1739523158; bh=8iMj47cwpAO2qPP0MmwDkO6X5x11ayF1sd/dQ3F7IYY=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector:List-Unsubscribe:List-Unsubscribe-Post; b=zQ6vm7ow0vRnOdZTRveX464u5Xzbd5cfw0z2VaWLvzyhTHNOm9hnv3dGil1nZfGdR TPcc5nt6CWyG0LSHxVZ9E2K4bJKF1nqQ/wkeDiVPt8xXPAa6F7elnTVXyvYyL9tLkL SigGpt0Rd55I8YlBwaswEC8NVIKkDXgwVvk4swLExEXClwcIHLZlwS4NMj/0cg0Tqb p/oFAIbS7N3WbTswwu+5EM7FNuuKZ3lc8ZT89y31A1V7ahay+/9WE4XvZCVQK0KF8r qQiiPzGmrh2VuxXWsQJP3L6sgdDFHLMi2C9DIZ7oN81PD4gajg32wkrF8/QM3DyrMW UUf9GB6WS9W7Q==
Date: Tue, 11 Feb 2025 08:52:33 +0000
To: Johannes Roth <johannes.roth@mtg.de>
From: Daniel Huigens <d.huigens@protonmail.com>
Message-ID: <T5qQDRoFipqypjxS7EqVzE2G3ATqCJFNm_31Mkd4ixyC6oRHD_hWWnJJp-tEBsNpC2iZe9FnbFl6Gw8TvhX5kisx1uUBnndBfVzo21vPQkk=@protonmail.com>
In-Reply-To: <1c8ebdf0-f99f-4899-876e-1086d782ae74@mtg.de>
References: <f8e34cda2473b36fa3db819fd09fe05ed8fdc35d.camel@redhat.com> <0NnLQ5QK6Pu-Z6OJUjwKuU3n5joUWg5LWhh5PwIzZIKfqD-vMkv5fxt2oZJKeA1MZP0leh6LGwLzjH6CtFf02Pg0KNkknx4LdzGmHhEbTsk=@wussler.it> <2ef0cb6899f56e5d8f50aa0b3aa3238d64fae281.camel@redhat.com> <rmWB0qyA-ZVBoC7QgnHl_tUg4HUBgTFIXytY03V3d9ihX3K7eSYAhYwoSJ-RpxCKhArQy4-OOpcuMJ6KsrKtoLtMB5nQ2NPuMAZlXV0pEko=@wussler.it> <dabadadf-c65a-4f57-bcd5-3057aec9174c@mtg.de> <c32af9d7e4c142b38e3fb9beb6ae5f26@bsi.bund.de> <1c8ebdf0-f99f-4899-876e-1086d782ae74@mtg.de>
Feedback-ID: 2934448:user:proton
X-Pm-Message-ID: da1621362a165544a21392f5b5fd0464f7ac33e2
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 3O4QUFYQI52MCKCGEBGOFTOQUW4TPYCJ
X-Message-ID-Hash: 3O4QUFYQI52MCKCGEBGOFTOQUW4TPYCJ
X-MailFrom: d.huigens@protonmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-openpgp.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "openpgp@ietf.org" <openpgp@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [openpgp] Re: Size of ML-DSA Secret key in draft-ietf-openpgp-pqc and other considerations
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/jNCZMjKsvUl0NdLPQiF5gVP3oVs>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Owner: <mailto:openpgp-owner@ietf.org>
List-Post: <mailto:openpgp@ietf.org>
List-Subscribe: <mailto:openpgp-join@ietf.org>
List-Unsubscribe: <mailto:openpgp-leave@ietf.org>

On Tuesday, February 11th, 2025 at 09:11, Johannes Roth wrote:
> can't we keep SHA3 as well, meaning we allow both a SHA3 and a SHA2
> variant? The user / policy can then decide what to use.

Yeah, I would even say something like; we SHOULD use SHA3 to match
the security of the signing algorithm, but MAY use SHA2 if needed
for CNSA compliance.

Maybe this can be accomplished by keeping the existing text and
table and just changing the MUST to a SHOULD, and then either
adding some text or an additional column for the fallback option?

Best,
Daniel

v2.29.0 | Report a Bug | By Email | System Status