IETF Logo Mail Archive

Re: [Pqc] [lamps] PQC X.509 115 Hackathon

Alexandre Petrescu <alexandre.petrescu@gmail.com> Fri, 21 October 2022 09:42 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: pqc@ietfa.amsl.com
Delivered-To: pqc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C172EC1522BA for <pqc@ietfa.amsl.com>; Fri, 21 Oct 2022 02:42:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.339
X-Spam-Level:
X-Spam-Status: No, score=-4.339 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6YJyAjY5wy9 for <pqc@ietfa.amsl.com>; Fri, 21 Oct 2022 02:42:18 -0700 (PDT)
Received: from cirse-smtp-out.extra.cea.fr (cirse-smtp-out.extra.cea.fr [132.167.192.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 416A6C14CF11 for <pqc@ietf.org>; Fri, 21 Oct 2022 02:42:18 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by cirse-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 29L9gF10015088 for <pqc@ietf.org>; Fri, 21 Oct 2022 11:42:15 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 54ACD2058BC for <pqc@ietf.org>; Fri, 21 Oct 2022 11:42:15 +0200 (CEST)
Received: from muguet2-smtp-out.intra.cea.fr (muguet2-smtp-out.intra.cea.fr [132.166.192.13]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 4E82B2015FE for <pqc@ietf.org>; Fri, 21 Oct 2022 11:42:15 +0200 (CEST)
Received: from [10.8.32.70] (is156570.intra.cea.fr [10.8.32.70]) by muguet2-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id 29L9gFjY043848 for <pqc@ietf.org>; Fri, 21 Oct 2022 11:42:15 +0200
Message-ID: <d79b617c-0333-d672-b9ee-0a4b7d330806@gmail.com>
Date: Fri, 21 Oct 2022 11:42:15 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.4.0
Content-Language: fr
To: "pqc@ietf.org" <pqc@ietf.org>
References: <CH0PR11MB5739E98B69C5AD88745F539E9F5D9@CH0PR11MB5739.namprd11.prod.outlook.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
In-Reply-To: <CH0PR11MB5739E98B69C5AD88745F539E9F5D9@CH0PR11MB5739.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pqc/3KyCLPkT51vjU8NnWEok0ZX3c7k>
Subject: Re: [Pqc] [lamps] PQC X.509 115 Hackathon
X-BeenThere: pqc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Post Quantum Cryptography discussion list <pqc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pqc>, <mailto:pqc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pqc/>
List-Post: <mailto:pqc@ietf.org>
List-Help: <mailto:pqc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pqc>, <mailto:pqc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2022 09:42:22 -0000

Assuming X.509 is made to work with quantum-resistant crypto 
implementations, does that mean that, by consequence, IPsec and further 
down - IPv6, will become quantum-resistant?

Intuitively, I would think X.509 is just one little part of IPsec and 
there would be a need of more.  But I am not entirely sure.

For example, one would appreciate the entire chain of security overall. 
A quantum-resistant X.509 payload of an IPv6 packet with an MD5 AH 
signature would still be non-resistant overall, I would say.

Sorry if this message is too naïve about the respective technology.

Alex


Le 05/10/2022 à 03:00, Mike Ounsworth a écrit :
> Hi LAMPS and people interested in PQC!
> 
> As suggested at 114, my colleague John Gray and I would like to do a 115 
> Hackathon on PQ keys and signatures in X.509 / PKIX.
> 
> We are suggesting to play with Dilithium, Falcon, Sphincs+, and 
> Composite signing algorithms in Certs, CRLs, CSRs, PKCS#12s, CMS 
> SignedData, maybe OCSP Responses, maybe Timestamping, maybe CMP. We can 
> bring: the Entrust Toolkit (which we can hack at), Bounce Castle, 
> OpenQuantumSafe-openssl, OpenCA (easier if Max Pala is there, but we can 
> probably figure out how to build it).
> 
> The point of the hackathon, I think, is going to be OIDs, and public key 
> / private key formats (ex.: the differences between Dilithium and Falcon 
> encodings in draft-uni-qsckeys, and 
> draft-massimo-lamps-pq-sig-certificates).
> 
> Question 1: are others interested in joining us at the hackathon? (no 
> point is signing up for a hackathon spot if we’re the only ones there)
> 
> Question 2: whether or not you're joining, what PQ X.509 / PKIX things 
> would you like to see working with Dilithium, Falcon, Sphincs+, Composite?
> 
> ---
> Mike Ounsworth
> Software Security Architect, Entrust
> 
> /Any email and files/attachments transmitted with it are confidential 
> and are intended solely for the use of the individual or entity to whom 
> they are addressed. If this message has been sent to you in error, you 
> must not copy, distribute or disclose of the information it contains. 
> _Please notify Entrust immediately_ and delete the message from your 
> system./
> 
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email