[secdir] Last Call SECDIR Review of draft-ietf-lamps-pq-composite-sigs-14
Donald Eastlake <d3e3e3@gmail.com> Wed, 04 February 2026 18:18 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: secdir@mail2.ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id AC77EB1E1436 for <secdir@mail2.ietf.org>; Wed, 4 Feb 2026 10:18:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NMZsLfR0QZV2 for <secdir@mail2.ietf.org>; Wed, 4 Feb 2026 10:18:17 -0800 (PST)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 51FC9B1E1419 for <secdir@ietf.org>; Wed, 4 Feb 2026 10:18:17 -0800 (PST)
Received: by mail-qt1-x831.google.com with SMTP id d75a77b69052e-502a4e3e611so1530191cf.0 for <secdir@ietf.org>; Wed, 04 Feb 2026 10:18:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1770229091; cv=none; d=google.com; s=arc-20240605; b=GieThrtZH/5XCQAil6MkV0jwq2bdBXUg+q8LCrrzwOhRCrUa5Gyq/FeQY3JJ3REmwC kheeDJzaM/IoX+GKVD4BqURN7WHCNuPFcvA4N2zHoo6KW3jEYoDhsQ3vLRZu6gaPO/i7 2zneTQTvTUhYxl7a/cTuvF9GowSsPltXfThCJFZ3ETRmbMWDMmZY8+zFKWuW3rUOtzeD nghbRKwf4+cumvcprFt3S32y2gBT2kmwLvAHmWyo4uzDLLF6EYU7b3vjMAJN4pFc16V4 Ha7gu15ZKVhcSgCQVGYNnafOb/54P0fro5ZPlM1NDlWpEPm3y963H6fvaqi4MAApylXt RxLg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:mime-version:dkim-signature; bh=4C6f+1xlp0bXYTfWMW72sNr+kH/4c24m+Utz4grSTsk=; fh=IgqxEUAjk421i91eAyx8RI3v2whHwDu0mTFZkJVvt/8=; b=CHUhh+ysUdRo1DG1QA12shUEWd3TNVHdJinPX6G654SLnzx3enSiofjSY3bd+Ezs68 ih2cymVsxEl2VVMH52B7IZZqwtnC6BARkMbRuhpvXy9jlUI2FwvoTxeg8SmntR26VVP1 3UVWFbDp601TwcRVpLJXpNc9k4GH7Xoueh0s0nfmIAdsD6GJsqYhs8oWrfXrpKejtJGK StkTq9lWGxM8KAzgLE0oGgWgHclExyXvo8R64RKNvfAKbsNrYOpkpGbYOTwfx/bWr06J GUy7aLANaT+KdEziGU/pOdCZPpywzvp+uEnL5yRLUmAhDTQESQUXroSsmI+OYMIKg8hh AxEg==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1770229091; x=1770833891; darn=ietf.org; h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=4C6f+1xlp0bXYTfWMW72sNr+kH/4c24m+Utz4grSTsk=; b=l9rSCVrkrpJcK8S/Rlu3UUkoKV2GlWYF5pA3NrKsrOAcGVLj8E/5sNlW9yr88KHJwy Sz7AefdOyAXA56KRxcnjO0IiMTj8cgJfams6qpOSri3b7ovjUv2iSYW2QsAy9jvZ25lf LhM6MdmYxW5hc8nD3k9pHRKCEujztZY5CoG4j8X/sYaV2qElLRjaEqxle4+r5/7PqbwA 7SGSxMO0ntFlkMuLvXsWubfWaH5PhqCbbNSACS01Mw8/fnqa2AVaRRyfBNPjBtshaeyu KDC3OzQ/hkmev6aWHc8wsCO+zqJ4mIeEibt1213iHeaay+RocVt3NeOzNl6F/OyQEgOK +P7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770229091; x=1770833891; h=cc:to:subject:message-id:date:from:mime-version:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4C6f+1xlp0bXYTfWMW72sNr+kH/4c24m+Utz4grSTsk=; b=aximNpt6kNt86p0IVoksup4OMAx6/GxNAhlDMSEBmlJmUcetMKpu3NtBxhDJj6xbPb D+TANK4QDkwKJF5czAIFLUHAEAxczctNwduoEGLmn+C18yG0NQiJcT6NIwU+bcU0OUEI Nhz6wfrUCn5js9JbaBN07pGbb306nMP6kOA8YiDIwaAbbUMDxFJ2Lfs+HELuq9Fkek3K d9x/aTYfbmWeN5ueiqsSiPkqjqICcf4NUc5R6/DyzxPhKanrYPt1bpil6ZWiDtaxB/W6 lIgzqAj8FDqQ3otdNAYtyLVBSYcjA0e6JIOIsATcWqWY7CF1eF/Br875PRkWHdoUox8z OXug==
X-Forwarded-Encrypted: i=1; AJvYcCWW9tsJEG97wFZuCejuc4I3uQ3KniWPEsOMJvjjFRh8SeqxCatlLChykfpPqnED4+CIhKdrtNE=@ietf.org
X-Gm-Message-State: AOJu0YzlELyAW4RxbBgeEmgvOnNkRY1B2ye4TRh2Ll0QwSIv67e2H+7N b/Dgy3GOEI4IkloIxP0omIl4zpLPw7+jc8pa2+A31F6BV32lvDDUK0DA3KgBZIjiL/49VIm/8dg 4hwtgTp1iR0OtEBH32uuHyocZTr+AvDA=
X-Gm-Gg: AZuq6aIQfWn6en/rwhqmD02k5ciAm0ZfSMdwFokv+X9bZ9DN/RdwzMcLWd7QB2y/cGU osM3MM0b9N4DBq+Fw0jpwpN7qH1mgc66bC1rFyHvugrsqrl1mjch3JFlIvG1FALukJhyJZoxkg5 +XuU8Mx0jMH0sfkPUbLDiaQsMEvkAODEHHNUZGkBiO+qQBracoQiBwjeYdFh5iCUPHFpSQXyt60 VvP0d5TUBsSbraKOrbwHmpHVE31F5hd+adYcERaZ+c6Mx0yXU3k38FNBZTdBNGieFAoqQ==
X-Received: by 2002:a05:622a:8a:b0:4ff:7eaf:6fa1 with SMTP id d75a77b69052e-5062ad98028mr2120511cf.11.1770229091151; Wed, 04 Feb 2026 10:18:11 -0800 (PST)
MIME-Version: 1.0
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Wed, 04 Feb 2026 13:18:00 -0500
X-Gm-Features: AZwV_QhcX2nwYBtm-XC3txwI9zgS1oJAqYUvvAbJAEWx1AA6CljTJZV_wj6oG4s
Message-ID: <CAF4+nEHOgrYfU52xOTHY99fx1s5dSxOq6xTSmuLgC50FRko=FQ@mail.gmail.com>
To: "iesg@ietf.org" <iesg@ietf.org>, secdir <secdir@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000263318064a039447"
Message-ID-Hash: 4JCJWDSATAP65OOJRCU7A5RWW7LACI2E
X-Message-ID-Hash: 4JCJWDSATAP65OOJRCU7A5RWW7LACI2E
X-MailFrom: d3e3e3@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-lamps-pq-composite-sigs.all@ietf.org, Last Call <last-call@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [secdir] Last Call SECDIR Review of draft-ietf-lamps-pq-composite-sigs-14
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/-onfJeypJFgWzh-EeW44Cgx2a-0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is Ready with Nits. This draft specifies how to do hybrid signatures with ML-DSA as the post-quantum algorithm and various traditional algorithms. Security Considerations ----------------------- This draft does a good job of covering all the bases. It explains the hybrid signature concept and motivation well. The Security Considerations Section appears to be thorough and comprehensive. Major/Minor Issues ------------------ None. Nits ---- Should expand ML-DSA (Module-Lattice-Based Digital Signature Standard) on first use in Abstract and Introduction. This is probably true of other crypto acronyms. Consider including them in Section 1.1. Section 5.2 extention -> extension Should expand EUF-CMA and SUF-CMA and give reference to 9.2.1 and 9.2.2 respectively on first use of each. Section 9.2: securtiy -> security considiration -> consideration In Sections 9.2.1 and 9.2.2, I think the difference between EUF-CMA and SUF-CMA is not very clearly explained. Section 9.2.2: The unusual sequence "=/=" is never defined. Section 9.3: uses Foobar but does not include a reference to RFC 3092 which might be helpful to some readers Section 9.5: "at least is principle," -> "at least in principle," Section 10.3: The sentence before the first "id-..." line needs to be recast like all the following sentences in this Section. Otherwise, it is not clear what it is talking about. The nits checker says there are 5 lines that are too long. References: RFC5758 appears in the references but not in the body of the draft. BonehShoup appears in the references but not in the body of the draft. References: Obsolete reference RFC4210 is used rather than its replacements RFC9810. It seems odd to see an IPR disclosure called out in a draft as is done in Appendix F. Usually the Datatracker indication of IPR is considered adequate. I did not review Sections 7 and 8, Appendices A through E, or Appendix G. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@gmail.com
- [secdir] Last Call SECDIR Review of draft-ietf-la… Donald Eastlake
- [secdir] Re: Last Call SECDIR Review of draft-iet… Donald Eastlake
- [secdir] Re: [EXTERNAL] Re: Last Call SECDIR Revi… John Gray
- [secdir] Re: [EXTERNAL] Re: Last Call SECDIR Revi… Mike Ounsworth
- [secdir] Re: Last Call SECDIR Review of draft-iet… Mike Ounsworth
- [secdir] Telechat SECDIR Review of draft-ietf-lam… Donald Eastlake
- [secdir] Re: Telechat SECDIR Review of draft-ietf… Donald Eastlake
- [secdir] Re: Telechat SECDIR Review of draft-ietf… Mike Ounsworth