Re: [Secdispatch] [EXTERNAL]Re: Can Composite sigs move back to LAMPS?

Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com> Fri, 17 January 2020 17:54 UTC

Return-Path: <prvs=27897f1b8=Mike.Ounsworth@entrustdatacard.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B7861200E5 for <secdispatch@ietfa.amsl.com>; Fri, 17 Jan 2020 09:54:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=entrustdatacardcorp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FQOk8At3jye5 for <secdispatch@ietfa.amsl.com>; Fri, 17 Jan 2020 09:54:29 -0800 (PST)
Received: from mx2.entrustdatacard.com (mx2.entrustdatacard.com [204.124.80.222]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5D8F1200A3 for <secdispatch@ietf.org>; Fri, 17 Jan 2020 09:54:27 -0800 (PST)
IronPort-SDR: cubn1L7g5gUfWL80QE6qu6tBy2zhpAgWBLXD5Mv4lfnl4SZ7k/WzU8tE3GzTs03dvrDMKXAMPW PivTXz9+qV3g==
X-IronPort-AV: E=Sophos;i="5.70,331,1574143200"; d="scan'208";a="7753627"
Received: from pmspex04.corporate.datacard.com (HELO owa.entrustdatacard.com) ([192.168.211.51]) by pmspesa04inside.corporate.datacard.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 17 Jan 2020 11:54:27 -0600
Received: from pmspex01.corporate.datacard.com (192.168.211.29) by PMSPEX04.corporate.datacard.com (192.168.211.51) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 17 Jan 2020 11:54:27 -0600
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (172.28.1.8) by pmspex01.corporate.datacard.com (192.168.211.29) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 17 Jan 2020 11:54:26 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CXFjUHFGyiLZ2MIXuy+rr4uUdGs+KRjoLF+I5SnlBFNuDgU+Jlb6WV3y09mMnpm3wQ34yQssvoYIQEUM+AHIkdeG2l7gkE4jtGz0PsYQz6LcwltniOsjCO4wK6x0zTwOix6zGrG/ptV4H4Zl21JDeelGBTKN9n5HF7fjFwi2HDD/RBg24bNHpq+Uwwb6W8nrvNrtuXrcN1v2mcpByW0aMPx3wagpWMEdzNLE+qOGWVXyBkWpbJhJ4AieUK+mLoHKZGp9lZK6W1ZWl7vVQt1GBw4W56Ed1KtFlcwL8L54xwnzZbMkNQXquLCrpSMGn3r4SxYkvUU6Vg09JJ9I1s5oeQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x8RGT3EHd0e1LNGz4uyCCpzDMZJ7EVkjvkNxUNCO2dA=; b=JLZ6jlruvhw8CBbizLSSfwNvrRf8cUK77OLZLtNf/7tX4qEi5D4eSsI1Van/goHAAbvZ/be+mHU0tzeVSv2sw2sJWMxYroIyvEbHeT1sILbhdzbMF3GdkCUCIb1Awxt0qMmM2aaHI6eohQ7yhEC+sdjCr7NlWXSrORfxebYIhG3id39O7qDEWOglGYir7e5kzV9loWepIBMlw1045xdspZDJn9Ehne3Fo1RsooJNDr9wUBdhiduXs1V65jKAUGCiyoK66GBnH/YkpAMRHlX/+1arORDptqz6xElJKlDm0GVH/w7PWFSDoHGR7qNM5dslto5/RyIz3AeMvXCtmVzHJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrustdatacard.com; dmarc=pass action=none header.from=entrustdatacard.com; dkim=pass header.d=entrustdatacard.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrustdatacardcorp.onmicrosoft.com; s=selector1-entrustdatacardcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x8RGT3EHd0e1LNGz4uyCCpzDMZJ7EVkjvkNxUNCO2dA=; b=TbbAze2qrY94+JYX5k0ce312dPSIEZSsSExqBbsL7CLmZQU2VEA8YjNaQkC3BSRhx64GaXdOAb1vcUWU2skJLLpaEfCchp90JEE0j2KjBaXaDbExs144dNeCXLS6QIEWrEsDSk+khDTsDyopiuRev6ecVk1N6gB4LSKxPUApYrw=
Received: from DM6PR11MB3883.namprd11.prod.outlook.com (10.255.61.32) by DM6PR11MB3052.namprd11.prod.outlook.com (20.177.218.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2623.9; Fri, 17 Jan 2020 17:54:25 +0000
Received: from DM6PR11MB3883.namprd11.prod.outlook.com ([fe80::34ac:ed41:2759:3392]) by DM6PR11MB3883.namprd11.prod.outlook.com ([fe80::34ac:ed41:2759:3392%6]) with mapi id 15.20.2644.023; Fri, 17 Jan 2020 17:54:25 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "Markku-Juhani O. Saarinen" <mjos@pqshield.com>
CC: Daniel Van Geest <Daniel.VanGeest@isara.com>, IETF SecDispatch <secdispatch@ietf.org>
Thread-Topic: [EXTERNAL]Re: [Secdispatch] Can Composite sigs move back to LAMPS?
Thread-Index: AQHVzS8z4XsT5+vb5UScUzn4/98hV6fuxzqAgAACNYCAAFmCYA==
Date: Fri, 17 Jan 2020 17:54:25 +0000
Message-ID: <DM6PR11MB3883C63F99A2512112D694129B310@DM6PR11MB3883.namprd11.prod.outlook.com>
References: <DM6PR11MB388377406A1AAEDCA397749C9B360@DM6PR11MB3883.namprd11.prod.outlook.com> <70b221bb-bc39-52cc-f9e0-a84261afe473@cs.tcd.ie> <09B0CA53-BAAF-4139-8179-2A70ADE58632@isara.com> <c0f620d7-4e22-18a5-c168-f66b737cae86@cs.tcd.ie> <CAPwdP4PG3i5-_BuVMdH0iMcJCT40xejoM=J3dH=pPO61T-F4Aw@mail.gmail.com> <3f9de00e-85ad-48ed-ba97-e1b5418e3867@cs.tcd.ie>
In-Reply-To: <3f9de00e-85ad-48ed-ba97-e1b5418e3867@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Mike.Ounsworth@entrustdatacard.com;
x-originating-ip: [70.76.144.81]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 12d5c148-7ed2-412d-ffd8-08d79b764a93
x-ms-traffictypediagnostic: DM6PR11MB3052:
x-microsoft-antispam-prvs: <DM6PR11MB3052F5E2B3EC6440F569CBB49B310@DM6PR11MB3052.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0285201563
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(396003)(136003)(366004)(376002)(39850400004)(199004)(189003)(71200400001)(5660300002)(66556008)(64756008)(66946007)(76116006)(8676002)(8936002)(66476007)(81156014)(4326008)(54906003)(316002)(81166006)(296002)(110136005)(33656002)(66446008)(9686003)(478600001)(186003)(55016002)(7696005)(52536014)(86362001)(26005)(6506007)(2906002)(53546011)(966005); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR11MB3052; H:DM6PR11MB3883.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JhtfbgD2Ho7wD928MwIp/XqRbQo+rYNhepLDonjNfJgkrt+PjZaEtfI3LZvPYzk8/TuPGNYUd1kLjAbogItuH5nWCEwEFQS2ZsfuMN919D5HkaoUF/6hQ/rDfI8peJU9joSy1kAoDaGYaN+ac0G4xV5cwEkln3diKJX7wvA4loyyJZuBUB5kR+eh3aYJZt95jSn2pOq4cszlJDgEjGcB5g4ahSMM/hakV8WoRj5w7y1bYvzIHgm/7EQPWEcX3kcHHaJ5/wjLuFfoS7ZU+4WWpjAF8BbW/+Y+uB0aoRNT6P0ld+r5+bRt2e8GoSkn1DBPqARQIlPz4cCvFQ90smeD7q2vXhIW7K4CDTtZOo+2X3jnwe17M+C17ZkTO1naV/L7jQ0ubyiJPb13HSr8NdLzJGQA/7e2xmRMCz4ODcwmvenUudEXVnfbY11pSboF+BBTBkEbGQUlv41dvJOxPDS+qA9HEev+Ys5+xz3eX85jox8=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 12d5c148-7ed2-412d-ffd8-08d79b764a93
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2020 17:54:25.4464 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pkEyQXl0fzr6GjAJBFnvU7AedAz3XScGcwpXvhQY9MuvN6TERwoekqhvkLMR7teQUpRrkm4pN6B0IRp6IbuOo6rDiR0C4QFV6wgaa+Fm6QzAjJCAklnAmtaH8j7uvBkd
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3052
X-OriginatorOrg: entrustdatacard.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/qTnftdvac-SzHAxo2Xu1giXByzo>
Subject: Re: [Secdispatch] [EXTERNAL]Re: Can Composite sigs move back to LAMPS?
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2020 17:54:31 -0000

> Were I to guess and be optimistic it might be worth re-considering the topic in a year or so.

Cool. In the meantime, we plan to keep working on the outstanding TODO decision points in the draft as more vendors approach us for interop testing. :-)

---
Mike Ounsworth | Office: +1 (613) 270-2873

-----Original Message-----
From: Stephen Farrell <stephen.farrell@cs.tcd.ie> 
Sent: January 17, 2020 6:30 AM
To: Markku-Juhani O. Saarinen <mjos@pqshield.com>
Cc: Daniel Van Geest <Daniel.VanGeest@isara.com>om>; IETF SecDispatch <secdispatch@ietf.org>rg>; Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com>
Subject: [EXTERNAL]Re: [Secdispatch] Can Composite sigs move back to LAMPS?



On 17/01/2020 12:22, Markku-Juhani O. Saarinen wrote:
> On Fri, Jan 17, 2020 at 12:11 PM Stephen Farrell 
> <stephen.farrell@cs.tcd.ie>
> wrote:
> 
>>
> My conclusion is that this stuff could only really be useful
>> enough to justify the costs if we have PQ signature schemes that are 
>> considered stable enough to deploy but where we don't yet fully trust 
>> the algorithms to the point where we'd be happy to depend solely on 
>> those new algorithms.
> 
> 
> Thanks for your support. That is exactly where we are

I hope it's clear I disagree with you - IMO the conditions above are not satisfied today and I do not support adopting such work at this time. Were I to guess and be optimistic it might be worth re-considering the topic in a year or so.

S.

> and what the stated
> purpose of draft-ounsworth-pq-composite-sigs-02 is.
> 
> Cheers,
> - markku
> 
> Dr. Markku-Juhani O. Saarinen <mjos@pqshield.com> PQShield, Oxford UK.
> 
> 
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch
>