[secdir] Re: Telechat SECDIR Review of draft-ietf-lamps-pq-composite-sigs-15
Mike Ounsworth <mike@ounsworth.ca> Thu, 26 March 2026 18:37 UTC
Return-Path: <mike@ounsworth.ca>
X-Original-To: secdir@mail2.ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 40DE6D1F4029 for <secdir@mail2.ietf.org>; Thu, 26 Mar 2026 11:37:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.797
X-Spam-Level:
X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=ounsworth.ca
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8es-M1UbQXCl for <secdir@mail2.ietf.org>; Thu, 26 Mar 2026 11:37:45 -0700 (PDT)
Received: from mail-4396.protonmail.ch (mail-4396.protonmail.ch [185.70.43.96]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 54394D1F4021 for <secdir@ietf.org>; Thu, 26 Mar 2026 11:37:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ounsworth.ca; s=protonmail; t=1774550256; x=1774809456; bh=bREjLiSaDBlbP3GVVT2VB+Q34P0bpdm9lWAath9H9Gs=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=nvvCfnxvfdq2fUmaqZrEfy6inup32YD/6eunRbIrtok3KUN5bObtrDyBK+qQsSX8F Xy8ksihI/LWspzV2qk/jO8oS0d91MaAQ7R7iqosZSSN/4SRSFN8YSBrxl5yq2u4MNx 8tO7vvtCvBYgHCYjjGARf4dcO4rsiYSZgpafAz4yMP5kUQMTMcLNNX/dZXv48ZzTLb yGZ2nz+YSjhFPoW8m1Z0IClG1dN8Y+EQtjgOLN0mLGyf9bf2DYMRQkegHLAAFncqcr MQUTUvxFhz7NcKQkcQSPe2xHFlcfHIFPKT2W3LJFYRaqPVNN2xa1cu5mcCH6YNN7Kr 22aZDZ4ON2qjg==
Date: Thu, 26 Mar 2026 18:37:33 +0000
To: Donald Eastlake <d3e3e3@gmail.com>
From: Mike Ounsworth <mike@ounsworth.ca>
Message-ID: <NaPpnliKnBWAw276e_uE0A7HaaNJnEEaRwMMWEt4kcO1LrUNThna1vJWkNzHAbpw6wu22AmAM1laMZO7mP8RGw6TT9cOyIircfGF6967rSE=@ounsworth.ca>
In-Reply-To: <CAF4+nEE9Jhwskwr57A_m6ag_hic38mwq69gbgCjTdfzF1ZbN4g@mail.gmail.com>
References: <CAF4+nEHOgrYfU52xOTHY99fx1s5dSxOq6xTSmuLgC50FRko=FQ@mail.gmail.com> <CAF4+nEED3WwrwLitO8NHOKKR+mcYzUHFT7eHh0wi4t_TwKO=Gw@mail.gmail.com> <CAF4+nEE9Jhwskwr57A_m6ag_hic38mwq69gbgCjTdfzF1ZbN4g@mail.gmail.com>
Feedback-ID: 61358882:user:proton
X-Pm-Message-ID: 9ce4a8c6f1549891e53b6ed6e4836c5fd463a7a2
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: Z7545UPHCW3G4A2H33MHVJCHPGPMHQOR
X-Message-ID-Hash: Z7545UPHCW3G4A2H33MHVJCHPGPMHQOR
X-MailFrom: mike@ounsworth.ca
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: secdir <secdir@ietf.org>, draft-ietf-lamps-pq-composite-sigs.all@ietf.org, Last Call <last-call@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [secdir] Re: Telechat SECDIR Review of draft-ietf-lamps-pq-composite-sigs-15
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/7lMOg4k4NAiPd3zSu9vH8erU7b8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>
Thanks Donald! I just fixed that in github, so that's ready for a next rev. (@Authors -- I also looked at draft-composite-kems and I don't see any overly-long lines there) -Mike "Knowing is a barrier which prevents learning" -- Frank Herbert, Dune. "An expert is a person who has found out by his own painful experience all the mistakes that one can make in a very narrow field.” -- Niels Bohr On Thursday, March 26th, 2026 at 12:42 PM, Donald Eastlake <d3e3e3@gmail.com> wrote: > Actually, I missed that there are five lines too long in the -15 > version of this draft. Should be easy to fix in the next rev. Here are > the line numbers and lines: > > 792: Signature Label values are defined in the "Signature > Label Values" > 923: Signature Label values are defined in the "Signature > Label Values" > 966: if not ML-DSA.Verify( mldsaPK, M', mldsaSig, > mldsa_ctx=Label ) then > 1641: -- algorithm identifier dictates > the format of > 3336: Signature Label values are defined in the "Signature > Label Values" > > Sorry, > Donald > =============================== > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > 2386 Panoramic Circle, Apopka, FL 32703 USA > d3e3e3@gmail.com > > On Thu, Mar 26, 2026 at 1:11 PM Donald Eastlake <d3e3e3@gmail.com> wrote: > > > > # Telechat SECDIR Review of draft-ietf-lamps-pq-composite-sigs-15 > > > > I have reviewed this document as part of the security directorate's > > ongoing effort to review all IETF documents being processed by the > > IESG. These comments were written primarily for the benefit of the > > security area directors. Document editors and WG chairs should treat > > these comments just like any other last call comments. > > > > The summary of the review is Ready. > > > > This is a re-review of my previous review of -14 which is here: > > https://datatracker.ietf.org/doc/review-ietf-lamps-pq-composite-sigs-14-secdir-lc-eastlake-2026-02-04/ > > > > This draft specifies how to do hybrid signatures with ML-DSA as the > > post-quantum algorithm and various traditional algorithms. > > > > ## Security Considerations > > > > This draft does a good job of covering all the bases. It explains the > > hybrid signature concept and motivation well. The Security > > Considerations Section appears to be thorough and comprehensive. > > > > ## Major/Minor Issues > > > > None. > > > > ## Nits > > > > All of the nits mentioned in my previous review have been corrected > > and, as far as I can see, no new ones added. > > > > > > I did not review Sections 7 and 8 or Appendices A through F. > > > > Thanks, > > Donald > > ============================= > > Donald E. Eastlake 3rd +1-508-333-2270 (cell) > > 2386 Panoramic Circle, Apopka, FL 32703 USA > > d3e3e3@gmail.com >
- [secdir] Last Call SECDIR Review of draft-ietf-la… Donald Eastlake
- [secdir] Re: Last Call SECDIR Review of draft-iet… Donald Eastlake
- [secdir] Re: [EXTERNAL] Re: Last Call SECDIR Revi… John Gray
- [secdir] Re: [EXTERNAL] Re: Last Call SECDIR Revi… Mike Ounsworth
- [secdir] Re: Last Call SECDIR Review of draft-iet… Mike Ounsworth
- [secdir] Telechat SECDIR Review of draft-ietf-lam… Donald Eastlake
- [secdir] Re: Telechat SECDIR Review of draft-ietf… Donald Eastlake
- [secdir] Re: Telechat SECDIR Review of draft-ietf… Mike Ounsworth