IETF Logo Mail Archive

Re: [saag] About the "Draft text for a PQ Maintenance WG"

Roman Danyliw <rdd@cert.org> Thu, 05 August 2021 21:04 UTC

Return-Path: <rdd@cert.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D7AA3A0969 for <saag@ietfa.amsl.com>; Thu, 5 Aug 2021 14:04:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HgTS3SXgaWQE for <saag@ietfa.amsl.com>; Thu, 5 Aug 2021 14:04:39 -0700 (PDT)
Received: from USG02-BN3-obe.outbound.protection.office365.us (mail-bn3usg02on0135.outbound.protection.office365.us [23.103.208.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0B383A095F for <saag@ietf.org>; Thu, 5 Aug 2021 14:04:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=QYFUXqKHpWjxGpcwFKMfzUJ2er7yf7XnjUP6RY7ZOCyoM1eR4uwlsKLmRdvIWIwBkBQRRvronm0qCSAPBewZEKMvX88PuvEnJacNHZb2AgJw0YvrEfkuU0XPBt7ExKkNbmdbO9EK2q0OGUwMdml5lhXDbXnz9F9w07K/zaZJWjbozlOk8S98CthnFJmS0bJ1476x1l+QvvTnsh08JC2uofFaoylvQvItSmvVteLanv2b1U00M1VEWjUY2nH+i9gWk1rxyXYztH1azA2Q/UGgq63RwWfPX/YshlVnYCq4/5YcmUpTAlc4pxmBadCOr7Zso08fteBBuYJWDNrvMjcN/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3dgDDuIqFsaxwOvoca1d9ydGMvW9sTknONM26p3RWPs=; b=KEhcq0/GTa8dKQ4mM66XJkUtD3gdlL/19toPb49FoMoiY2R/6cXm65JeWDBXJ2+HttH43M2bVsN0uUkPy8rHOgYCUc19Wp9SQ8gixBMXpJlXlP4+AMLZ+xg/4pSSc7Gkg7heAjtZPl97u/mTnRQa0sL70Z7JQcfM7s6OvHrGznmH+tWwe0LypF/VthiCKSOzK+gNHoAbYhuwQxj+Yvd35Uc4aktMhRCsyHfyAYOM3oLZk6C0MYtMvNbUdGQM1NxbW8Jf6+XAe2arqSENlKvKEKGQtPv1IvfYdMHcvqtnUmrFxcuxTZmyg05Drdz8LAEI1Jio7Bls1yDW5UI5NUEF/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM (52.145.10.9) by DM3P110MB0298.NAMP110.PROD.OUTLOOK.COM (23.103.34.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.29; Thu, 5 Aug 2021 21:04:30 +0000
Received: from DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36]) by DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM ([fe80::8156:6fdb:538a:7d36%5]) with mapi id 15.20.4352.035; Thu, 5 Aug 2021 21:04:30 +0000
From: Roman Danyliw <rdd@cert.org>
To: Yaron Sheffer <yaronf.ietf@gmail.com>, Ludovic Perret <ludovic.perret@cryptonext-security.com>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] About the "Draft text for a PQ Maintenance WG"
Thread-Index: AQHXhLuSGGyZqrqlbkStPTDdXV0qAKtlSuLAgAAZmwCAAAzrUA==
Date: Thu, 05 Aug 2021 21:04:30 +0000
Message-ID: <DM3P110MB053869F08FD5E90EF139E564DCF29@DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM>
References: <66A20135-5437-43E4-9F74-AE1D1FDB3A59@gmail.com> <DM3P110MB053881D653F826CE81524E8BDCF29@DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM> <02E8D61E-D96B-4520-A781-4EB43014BFB8@gmail.com>
In-Reply-To: <02E8D61E-D96B-4520-A781-4EB43014BFB8@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=cert.org;
x-originating-ip: [71.112.171.248]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 02fe41ad-dd04-4616-958d-08d958549e3a
x-ms-traffictypediagnostic: DM3P110MB0298:
x-microsoft-antispam-prvs: <DM3P110MB029819B820FCBC8AE7BA33B8DCF29@DM3P110MB0298.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: wITfgiOnmphGEW1jqrnxbEX382UwS0vLdh1kYj/ym6Rqahe5rgMWTqR6dKJ9eAoJsEbO3G9OSbeLTA44gQrl0Wu2oR3+MLk7d+JL0EEXurF+hdL4ziVopj2vqqpcEe3qlCyD6xCXyC5uQoFY4Lkbt/SYF/1J13/wnQVtouTpsjX8l7j+4NhbTjvT2//CSY6zJ9m3qdt+LiXdLcgPhnc6cz2ew/bf9UYaIjM901ARutiMsExaUafiTYHgpbLmGPNosnFMPBUmgL8PA+U3D4rCjCZipqLCrlEvqmMZTTneM0rELoyytpztpK1wtzOOYvXOjr0h34bb1S6oUqlztseg9bBjwvodtvgQuK3QIF1/pmaRFFn+OZ1hrc/SmX1ANCJI428cwJsiRqzVgYks+1Wf1+mgwsp5PqBCPIveCkSXKXS+XbYCRqZkpgzBmTQ9G3OghfYEiXYj4ZLa2tJJu0oQyFUL76rZi+dP1EFIEc1cIVLK7jbU4BYuDvzgavhmeaEpDghQcQ2Mm2Z9ytnj0UFX58DKVeAwZvhhe/cBT2y7fSLZ+lvebPCrzM3jxsbALwhmG+d3KJO1dPBH2AEhDVhj/MBoS9TX7lhT86FSzaSiOs3gCMtnHjPhuryVOeqVc3LnPuTmD154fHTXk7qNOSHUbU+EA8ZAhA0387tDxcSKyJCfjni8O32kMHL0h4YW+TPFLRlRE9JyOAdUNhjA4YKsIw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(376002)(346002)(136003)(396003)(39850400004)(366004)(33656002)(122000001)(66946007)(26005)(53546011)(316002)(38070700005)(7696005)(86362001)(38100700002)(2906002)(83380400001)(64756008)(71200400001)(66446008)(66556008)(5660300002)(76116006)(9686003)(55016002)(110136005)(166002)(66476007)(186003)(6506007)(8676002)(478600001)(966005)(8936002)(52536014); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4bS2hP6hM8BQQIIIT80WmQx4XUQPG5ycAj7jFJrjCQwRMh7ZJAVYPcPaA8dr3Zqgy/ctSFZjIJHjJtw02Ei794sICtGKDpLieVBiFZSXG2yK6gMrYmzVet4cId8cvQiCfnyHRsX9eSVvi1q7eaHBwn5JfPRWxTKyA4fBqZJHTb7XibqTDpxiaCY/3yYenhR+GsD6orG1mzSKK3tEz7UX77EQZKgjaxDke90WZJJlDB4Ar/GnWQazTX8T5P5GEqCRJLuziVjeLNgBMpYEowvktsaXY1R6aotfYe/Q7RW97sn+1yKodohPfPKS/Ht4V1pMFqxOCrpStBEXSJzlz5T+vRfm46e8w698y/hbSaeTiZWs3fv+yjXk6KMns9cjXShf3hswAvLF9F690Y6pFgJvyWH5nucHrEGp9puZY0eKHpZcmYtnujBGgGXKd0zv7/NVvHuwpU6CrrLQZmnrWpsJbsR+O71UfuBCSquRKoZucTSyJ/Sl0JqNTMdFXaJpCCy9EavJLYr61mGX6r9vqsQGqctLdVB4zp1cZTONrM6yMSn7Z5kLuyIDMU40BLLiREjrBMsItLSCDWugIlDCLPNEdxx8zs5A+gchy0DZEyrAcNQLKnOWMwObNYs8kUuhX1WISz0MO7CdFEMhtzWXmb5nS3unife4VohpbVTerUeXBsmVW2lOGqfLWyqPcud9IzpojwBl39EkvIC7NbBZH+yp7wQqfqU8X65pdT3NKF08Vj0=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM3P110MB053869F08FD5E90EF139E564DCF29DM3P110MB0538NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM3P110MB0538.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 02fe41ad-dd04-4616-958d-08d958549e3a
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Aug 2021 21:04:30.3682 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3P110MB0298
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/GGJHh-tPrlCFBy2r4oSMedwb4gQ>
Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG"
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 21:04:44 -0000

Hi Yaron.

Thanks.  I made the edit.

Roman

From: Yaron Sheffer <yaronf.ietf@gmail.com>
Sent: Thursday, August 5, 2021 4:18 PM
To: Roman Danyliw <rdd@cert.org>; Ludovic Perret <ludovic.perret@cryptonext-security.com>; saag@ietf.org
Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG"

Hi Roman,

Yes, the “tentative” CURDLE text is IMO more reasoned.

Thanks,
                Yaron

From: Roman Danyliw <rdd@cert.org<mailto:rdd@cert.org>>
Date: Thursday, August 5, 2021 at 22:31
To: Yaron Sheffer <yaronf.ietf@gmail.com<mailto:yaronf.ietf@gmail.com>>, Ludovic Perret <ludovic.perret@cryptonext-security.com<mailto:ludovic.perret@cryptonext-security.com>>, "saag@ietf.org<mailto:saag@ietf.org>" <saag@ietf.org<mailto:saag@ietf.org>>
Subject: RE: [saag] About the "Draft text for a PQ Maintenance WG"

Hi Yaron!

Thanks for the feedback.  More inline …

From: saag <saag-bounces@ietf.org<mailto:saag-bounces@ietf.org>> On Behalf Of Yaron Sheffer
Sent: Thursday, July 29, 2021 4:51 PM
To: Ludovic Perret <ludovic.perret@cryptonext-security.com<mailto:ludovic.perret@cryptonext-security.com>>; saag@ietf.org<mailto:saag@ietf.org>
Subject: Re: [saag] About the "Draft text for a PQ Maintenance WG"

I support Ludovic’s second point. Also:

[Roman] Agreed. Fixed and further discussed in response to him/

* "Maintenance" is not a great name, because of course we're not doing any maintenance on PQ algorithms/protocols. Maybe "PQ Ops"?

[Roman] No question that we need a good WG name.  The maintenance was targeted at the IETF protocols, not PQ algorithms/protocols, as the primary output of the WG was to updated specifications of existing protocols.

The charter only uses “maintenance” is one place:

“The [Planned WG Name] working group ([Planned WG Acronym]) is chartered as a maintenance WG to analyze; and adapt or update IETF protocols, registries, and associated code points with PQ cryptographic mechanism.”

The intent still stands with s/maintenance WG/WG/ so I’ll remove that word and we can ruminate further on the WG name.

* "And the WG may propose deprecation of such algorithms" - can be read as "the WG will deprecate algorithms" which IMO should be left to the per-protocol working groups. Even where such WGs do not exist, it is *still* not a good idea for this WG to deprecate algorithms in specific protocols since it doesn't have the operational experience required to do that.

[Roman] I can see the risk you are highlighting.  That sentiment is borrowed from the CURDLE charter (https://datatracker.ietf.org/doc/charter-ietf-curdle/) which gave itself the same latitude when updating those documents for EC.  Would you feel more comfortable with more tentative text similar to CURDLE?

The CURDLE working group will be handling changes to protocols and registries
some of which include what are now considered outdated algorithm options, and
may propose deprecation of such algorithms. Such deprecation needs to be done
with care, ensuring that interoperability and the needs of existing
implementers and deployments are properly considered. Where deprecation is
practical, the working group is encouraged to deprecate.

Regards,
Roman

Thanks,
                Yaron


From: saag <saag-bounces@ietf.org<mailto:saag-bounces@ietf.org>> on behalf of Ludovic Perret <ludovic.perret@cryptonext-security.com<mailto:ludovic.perret@cryptonext-security.com>>
Reply-To: Ludovic Perret <ludovic.perret@cryptonext-security.com<mailto:ludovic.perret@cryptonext-security.com>>
Date: Wednesday, July 28, 2021 at 23:03
To: "saag@ietf.org<mailto:saag@ietf.org>" <saag@ietf.org<mailto:saag@ietf.org>>
Subject: [saag] About the "Draft text for a PQ Maintenance WG"

Dear,

Following the meeting of yesterday and the discussion on post-quantum, I have few comments on the  draft text for a PQ Maintenance WG :
https://datatracker.ietf.org/meeting/111/materials/slides-111-saag-companion-to-how-should-the-ietf-approach-pq-security-draft-pq-maintenance-charter-00
·         [Post Quantum work collaborators] --> what is exactly the semantic behind that ? Do you expect a commitment from pq people ?
·        The [Planned WG Acronym] WG will not define new PQ algorithms and methods --> What do you mean by method ?
·        I would suggest "The [Planned WG Acronym] WG will rely on future NIST or international pq  standards"
Best Regards,

Ludovic Perret,

CPO, co-founder, CryptoNext Security
https://cryptonext-security.com/

_______________________________________________ saag mailing list saag@ietf.org<mailto:saag@ietf.org> https://www.ietf.org/mailman/listinfo/saag

v2.23.0 | Report a Bug | By Email