Re: [saag] About the "Draft text for a PQ Maintenance WG"
Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 05 August 2021 20:18 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD2F53A03FE for <saag@ietfa.amsl.com>; Thu, 5 Aug 2021 13:18:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qlNegFlp5lWq for <saag@ietfa.amsl.com>; Thu, 5 Aug 2021 13:18:02 -0700 (PDT)
Received: from mail-il1-x12a.google.com (mail-il1-x12a.google.com [IPv6:2607:f8b0:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF2173A03FB for <saag@ietf.org>; Thu, 5 Aug 2021 13:18:01 -0700 (PDT)
Received: by mail-il1-x12a.google.com with SMTP id f8so6421308ilr.4 for <saag@ietf.org>; Thu, 05 Aug 2021 13:18:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version; bh=p41kHGM00v97Ko9pw8wHXK+/SOGNMJMOIZb+Ry8bnyQ=; b=fNvwlz6ckaPBAXmCbPcx3nX+9PyUU+l4TMqsB3Nt+S9M0eDtYTnh2XzKjfspSmCGAv LxD/ovxAyAUuD9XyEqiKc8XTG5ZCJdwTSFo9y863/+/I9LqDrKaid+k14PNZwYcY4Zuc n63y+vcmNXa9WhWsMz6AhnTermCvW5YFRbCFD7e/cBETuSYxiOPHF3UavuO2J/l7Oyeh us0CSinb4bXon7HnMC3MptVaunWG4Wp4Ix9grrDhhnUrN/Gg1VZbQYbyGSoLvbX29zso SNFAfunIiKL4I8GOhDs6o/+il4fcQUx1lj+CnCxOPhRpHwjUP6csKysGi0/gTFxety0I 5OKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version; bh=p41kHGM00v97Ko9pw8wHXK+/SOGNMJMOIZb+Ry8bnyQ=; b=qotW1G3Vkf1I5xleCgrqk/qTqyaO6h9rcuRk9yJpP+o+AP10Yb4vPwQwFsIiP4MQey waUSPatrOCYI/Sq6HK2HrgJtmtaslgSVgl7f6eFFJE+BQXkuah2hGqvkqHMSeFcBP3rX MtbbQTMOdEuvtPDFeSlXHfggUqVNqp4KfMLNd2lBOPN7pQ7gptAar7PQp0EUeBWqD4A3 Abs/d2Ds1Go8u3bTjviaKp2YbQrKeN8nt3yqtS0ButYLiJqqYCLAvrn7FpShxqlb7bov 5hcO1GCzEVvSuN8QTaryeWh5xE2AF3tFjKGQSxA51JSnZvoxM2s6ibR+W6LxXqvj8FPC OYyQ==
X-Gm-Message-State: AOAM531xGotYyJU+kWGHPYtoo7Ad/cEiiGBFXUSOqXn2xFnkLEvVWWCr U8WVFHHBSeauEch2DSv7++MjWvxEIF8=
X-Google-Smtp-Source: ABdhPJxFJxfjd6ytDKKvw8ykxi2v+V6NOoY6jGCg9iKhCfH6OTE8059FuWnBZJHBNQ2eNRwzr/WWFw==
X-Received: by 2002:a05:6e02:13b3:: with SMTP id h19mr510323ilo.218.1628194680818; Thu, 05 Aug 2021 13:18:00 -0700 (PDT)
Received: from [192.168.68.110] (bzq-79-181-28-50.red.bezeqint.net. [79.181.28.50]) by smtp.gmail.com with ESMTPSA id r6sm4157995ioh.27.2021.08.05.13.17.59 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 05 Aug 2021 13:18:00 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.51.21071101
Date: Thu, 05 Aug 2021 23:17:56 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: Roman Danyliw <rdd@cert.org>, Ludovic Perret <ludovic.perret@cryptonext-security.com>, "saag@ietf.org" <saag@ietf.org>
Message-ID: <02E8D61E-D96B-4520-A781-4EB43014BFB8@gmail.com>
Thread-Topic: [saag] About the "Draft text for a PQ Maintenance WG"
References: <66A20135-5437-43E4-9F74-AE1D1FDB3A59@gmail.com> <DM3P110MB053881D653F826CE81524E8BDCF29@DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM>
In-Reply-To: <DM3P110MB053881D653F826CE81524E8BDCF29@DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3711050279_590803617"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/3Uf59467BaIh5B9ofNgSZC0K0og>
Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG"
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 20:18:13 -0000
Hi Roman, Yes, the “tentative” CURDLE text is IMO more reasoned. Thanks, Yaron From: Roman Danyliw <rdd@cert.org> Date: Thursday, August 5, 2021 at 22:31 To: Yaron Sheffer <yaronf.ietf@gmail.com>, Ludovic Perret <ludovic.perret@cryptonext-security.com>, "saag@ietf.org" <saag@ietf.org> Subject: RE: [saag] About the "Draft text for a PQ Maintenance WG" Hi Yaron! Thanks for the feedback. More inline … From: saag <saag-bounces@ietf.org> On Behalf Of Yaron Sheffer Sent: Thursday, July 29, 2021 4:51 PM To: Ludovic Perret <ludovic.perret@cryptonext-security.com>; saag@ietf.org Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG" I support Ludovic’s second point. Also: [Roman] Agreed. Fixed and further discussed in response to him/ * "Maintenance" is not a great name, because of course we're not doing any maintenance on PQ algorithms/protocols. Maybe "PQ Ops"? [Roman] No question that we need a good WG name. The maintenance was targeted at the IETF protocols, not PQ algorithms/protocols, as the primary output of the WG was to updated specifications of existing protocols. The charter only uses “maintenance” is one place: “The [Planned WG Name] working group ([Planned WG Acronym]) is chartered as a maintenance WG to analyze; and adapt or update IETF protocols, registries, and associated code points with PQ cryptographic mechanism.” The intent still stands with s/maintenance WG/WG/ so I’ll remove that word and we can ruminate further on the WG name. * "And the WG may propose deprecation of such algorithms" - can be read as "the WG will deprecate algorithms" which IMO should be left to the per-protocol working groups. Even where such WGs do not exist, it is *still* not a good idea for this WG to deprecate algorithms in specific protocols since it doesn't have the operational experience required to do that. [Roman] I can see the risk you are highlighting. That sentiment is borrowed from the CURDLE charter (https://datatracker.ietf.org/doc/charter-ietf-curdle/) which gave itself the same latitude when updating those documents for EC. Would you feel more comfortable with more tentative text similar to CURDLE? The CURDLE working group will be handling changes to protocols and registries some of which include what are now considered outdated algorithm options, and may propose deprecation of such algorithms. Such deprecation needs to be done with care, ensuring that interoperability and the needs of existing implementers and deployments are properly considered. Where deprecation is practical, the working group is encouraged to deprecate. Regards, Roman Thanks, Yaron From: saag <saag-bounces@ietf.org> on behalf of Ludovic Perret <ludovic.perret@cryptonext-security.com> Reply-To: Ludovic Perret <ludovic.perret@cryptonext-security.com> Date: Wednesday, July 28, 2021 at 23:03 To: "saag@ietf.org" <saag@ietf.org> Subject: [saag] About the "Draft text for a PQ Maintenance WG" Dear, Following the meeting of yesterday and the discussion on post-quantum, I have few comments on the draft text for a PQ Maintenance WG : https://datatracker.ietf.org/meeting/111/materials/slides-111-saag-companion-to-how-should-the-ietf-approach-pq-security-draft-pq-maintenance-charter-00 · [Post Quantum work collaborators] --> what is exactly the semantic behind that ? Do you expect a commitment from pq people ? · The [Planned WG Acronym] WG will not define new PQ algorithms and methods --> What do you mean by method ? · I would suggest "The [Planned WG Acronym] WG will rely on future NIST or international pq standards" Best Regards, Ludovic Perret, CPO, co-founder, CryptoNext Security https://cryptonext-security.com/ _______________________________________________ saag mailing list saag@ietf.org https://www.ietf.org/mailman/listinfo/saag
- [saag] About the "Draft text for a PQ Maintenance… Ludovic Perret
- Re: [saag] About the "Draft text for a PQ Mainten… Yaron Sheffer
- Re: [saag] About the "Draft text for a PQ Mainten… Roman Danyliw
- Re: [saag] About the "Draft text for a PQ Mainten… Roman Danyliw
- Re: [saag] About the "Draft text for a PQ Mainten… Yaron Sheffer
- Re: [saag] About the "Draft text for a PQ Mainten… Roman Danyliw
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Ludovic Perret
- Re: [saag] About the "Draft text for a PQ Mainten… Salz, Rich
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Roman Danyliw
- Re: [saag] About the "Draft text for a PQ Mainten… Salz, Rich
- Re: [saag] [EXTERNAL] Re: About the "Draft text f… Sheehe, Charles J. (GRC-LCN0)
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Roman Danyliw
- Re: [saag] About the "Draft text for a PQ Mainten… Rebecca Guthrie
- Re: [saag] About the "Draft text for a PQ Mainten… Mike Prorock
- Re: [saag] About the "Draft text for a PQ Mainten… Mike Prorock
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos
- Re: [saag] About the "Draft text for a PQ Mainten… Rebecca Guthrie
- Re: [saag] About the "Draft text for a PQ Mainten… Mike Prorock
- Re: [saag] About the "Draft text for a PQ Mainten… Christine Cloostermans
- Re: [saag] About the "Draft text for a PQ Mainten… Kampanakis, Panos