IETF Logo Mail Archive

Re: [Secdispatch] [EXTERNAL] Re: IETF117 - Call for topics

Mike Ounsworth <Mike.Ounsworth@entrust.com> Thu, 22 June 2023 20:31 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 163BEC151070 for <secdispatch@ietfa.amsl.com>; Thu, 22 Jun 2023 13:31:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STCO2hhlzr-O for <secdispatch@ietfa.amsl.com>; Thu, 22 Jun 2023 13:31:41 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34E61C14F73E for <secdispatch@ietf.org>; Thu, 22 Jun 2023 13:31:40 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35MDUBCV029505; Thu, 22 Jun 2023 15:31:37 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=mail1; bh=+0tz5m8J7tWUDtb8+KdyMW0Dyw4ekZm0jYXFeV1U+/w=; b=N8ge6RTpToL9MwcJTv4LneJ6OCObE7ox+FXRntFSUD7mNIabltOX6up3pnxe/7oaVOat +7VMOBj56dtFs+ZWxnxgwY8VMUzuvEgC1DICERvp00jLBzE4QcPi3kLLDWIsF2F4ipRF yYtxF5wcYbXEG7CIsAO7wSre5HuI5ld+Sc84LmSXl9X/takbi8eA4aJuNOw9s1eISrw6 AtH1XsvACjzGl5k2HrM/Q6XO+P9O8qs3USzGyumUWIezfu/SOfomTqjk6TKOZj0m7z8G i6desB00DYG/MUL/N/QDp0GwoOu1gkJaru4FZZBs3BAfEgXTMGFduKBE743191aEo/IB tg==
Received: from nam12-mw2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2043.outbound.protection.outlook.com [104.47.66.43]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3r97tpkpr9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 22 Jun 2023 15:31:36 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=feI31AYeLuy6gLMvQz5cNgW7wNq9XCd8TJ1WcN8kHFoQi8riEZUuVFUEmjqCvtJ8q4F+jhDsR3fIjwVeSFPURAeZoXTOMsumL8QdmGHfNwHNAEFDG2J32+GmWHr7CpANHaNUZOrFqB1Uvk1n/6ZaN3GiYgIFWssyQhFxgJmkp3iLnV3ehzofhj2TkSXUnn7LjnKqsUILguBjpi2WCKa+O1LK+spPmDxf/aAvpSbjkQqP3zbcgWD9BdllgVjfuehG/6/ghLgLC7yatylbq/5lvhmKYjxY+NgONM6hmLLa6IVFKWRulg43usb7n+V9xD4CGqbXWVZ/m/TB35m0zUpLQA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+0tz5m8J7tWUDtb8+KdyMW0Dyw4ekZm0jYXFeV1U+/w=; b=g8J+vrx3eh19m/7zEdBp3O/D6xjm9doI8It+htdCWPzimUL28p89xULo74XDkYvkYC5oT7EBFFP9vKd3PWYia266SkUqAf6S18q/eQ8j4MzQJTE58StOvAxfkDXAkzmPUO2g3gwWTEXNqXzMvf2C7VEwt5A7NaeiblEamIHUuHjl0LKXOC5110WMbLo6qw9k9GOq4Ayba0ouZkacNK94rz+9NvisipiScGs1MyMMuu/XIBBYlFGKtTiqQ5ToK49horglDuWvQPqBDunDJ9YHyOl8HD9S2+5A1xhHi2qOhtuUHxSl2QK8cnbY2mMDeL9BTf2rla49TsIbkRsuts2ypQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by DS0PR11MB7381.namprd11.prod.outlook.com (2603:10b6:8:134::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.24; Thu, 22 Jun 2023 20:31:31 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::3c4:2520:16b0:6271]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::3c4:2520:16b0:6271%6]) with mapi id 15.20.6521.024; Thu, 22 Jun 2023 20:31:31 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Yoav Nir <ynir.ietf@gmail.com>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>, secdispatch <secdispatch@ietf.org>
Thread-Topic: [Secdispatch] [EXTERNAL] Re: IETF117 - Call for topics
Thread-Index: AQHZpTQ+4v7fhEZCbkuEaYJihDg2M6+XQT2w
Date: Thu, 22 Jun 2023 20:31:31 +0000
Message-ID: <CH0PR11MB573919382B466BCE3F093F3D9F22A@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <CADNypP8D_qp6fPvWkWnw7hDRppHSkaxpTSBtMbcRkE+ZpS+WBw@mail.gmail.com> <3A66635D-6087-4D87-901A-A9C936A01C12@gmail.com> <CADNypP9h7TaC+VnmUihkcq3pWmqzuq3U1E9z4x3F_9PA8Vn8Aw@mail.gmail.com> <5b77f2aa7b39fe8add9bb6459db323609e2671e8.camel@infradead.org> <54209.1687443106@dyas> <1943D5A5-71B2-42CC-8FD8-832CC1971E9D@gmail.com> <CH0PR11MB573982AEAC43E1B40B2F4D4C9F22A@CH0PR11MB5739.namprd11.prod.outlook.com> <10b52b08-c102-329e-dfbd-9e993dcc923e@cs.tcd.ie>
In-Reply-To: <10b52b08-c102-329e-dfbd-9e993dcc923e@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|DS0PR11MB7381:EE_
x-ms-office365-filtering-correlation-id: 99215bde-4521-4b03-d19f-08db735faa03
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LMKhsLlMRc3A9dvuhlNCn3kVcOX11ZFcd3tvz2TIgEBVbUmT7vfktML4aIrmdxRZQv4Gun/BtU5VGO7TX06IjPV4M73lPq6hNWz3jqEhXsGIGhu/8f8FMr1zV/zcvsuer0CiX6qgwf8DNuvPQjevYX5lLtZK3oggMSfoZE7dRL/S74LafJS7cPzEMT0PteoPyOzUznQ4MxiaP95sm0pF147CN7l6j3mB6mJr5o8hOhJ0xib5yeblXB6Ie4yvWy7wCLF/mNViKiMFyWX5BS9mcQ14rT8Fr139vZQ5JKPhR+b/S956c50kPF/k8UWAbFsm7EKWY3N93aU+Q0BRyKZVDF6nsB0h+IiYc/m+kuBnVjYdoO+5gqMUP3Dg34Kh9gC2fS2h1HWdaLYN0j5XtQwJiGcYFNldWOswzUKPvFcmr4XVTG2csdeUnTRirlQB27xi7Nl2ZsYFWN3J8S+wJkHGGlwqfuKZMASMBJaFyIvAte6f00kT7WL+hFJtVgbW1wSGonXK8BGrnts23ULN6Oz5bz/7JgMbLDKNAHEMt0V2jUMhLVWXCNR9gz4f+QTK7t59ITdqGNOfm8GvYzXqaX/DJ6lofjyw8wx4Y+KjBXvGqcxsUgp0C7LVBMDWrgDgPsTF
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(346002)(376002)(39860400002)(366004)(136003)(396003)(451199021)(53546011)(186003)(71200400001)(26005)(9686003)(6506007)(478600001)(33656002)(55016003)(2906002)(86362001)(41300700001)(52536014)(8936002)(8676002)(110136005)(122000001)(38100700002)(54906003)(38070700005)(4326008)(316002)(296002)(7696005)(5660300002)(64756008)(66476007)(66446008)(66946007)(76116006)(66556008)(83380400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: AW/86NzpTxWkpzlIn7H+dJlZfxOU8JCYJERD3C1ywTjtp2gNtQVXe5L12/0ZwSAvwlweb1ZTk13cmT9ho+2txQ0iTBLo0JxUjj5PqLh23HpM11IOZAi/5Fmim5ynd9VtAvTi8POvQSPk1jp/F6CCoP/2cBeJ01xUKuXt3An4+qjV8EoDZ28FjpSEeV2FH8D+RBbET+3OwiNa0cxW5FgD3QYM6NjrpLZisYeLL72z7QIP8gfxX5s6mn+ng8Xg6H3zBgkcBZnTd6qXxOTORJDSbb8oVOQqRCFCTiTImeji3P2vqVNMilA6TUNz9sJ+Pl3opD4ArkOBGnJS+jW/JNyS3jmULlbvl8GWdsFb5QbG4fyHLLVPEzkEoiaVY8NLzO6+jSwetf5yJDYOdsOuioEOrGj+2dAqjgt4I9tkXEgPlE4o4JNYK7hZk234kg4YFuoFYMNoBUsycUCngcc2ha5Q97/Zk1gZOWSoFapQhsiIL5+N7//pjBVbZJpfn4O06UmUhBAy7AfrDfdW7gSL1tEtFtgjaYQoFkU5Xlswg188v+ukUaWKvPQ+K8rBH92+yLlUAs/umk36GDJDyPqWJZ9ZV92M8j5cPhPIi1aiPMUe31UZ9whVz7y9asjxt/Xvep4KFc7cKgeszRYeLDSfszdx0cm5MYAgnM44q82K7gCuqaIjKvIviupQvJyzJVgxR07NQX0kAJ8/OZCw6conaS3FOc05wloeCVHQO5XAc0p51i8ohIqp+jC/t1SN8W2yiTX3ec4WuLWbn/KQT2hyI/wCfP/h6rA96hudOrFAqyKig/K4z7OBUNo1K0N3gV63UYJ7hLsHz62YsSNz9wKmv47Y2dx6LKbndk++LvKIVY3lXVaL+V0uL7ytr8LDJVNyXie7cskSF5wN1VeuE8UGxEIDwngLGr3M53Sa0KQnYSi/6dm5gg3fIAhykfPt7i3iRw/Cd13buNlLhGoqTV9E/XrhTvSrsW2lJ33AQZr1XgkJzUycfa7BKMM6QQvXrUC6zr+Y3mGxFUF8zZ4LCJeHx3jnCsxiLjLipWwbbwSfqAq2/FNE0Ybi0LYMkPBG7S8T9xb6jCBut8ga3bGOuzBH/JN3uWSVyUzP8bsHAzMAv/coUTOOGSZ56A2ku8qIjsQQuAOnMaFuKphiVmBys40AEAfqFNiFrUWSM7TPNmh40GeYeDAfHtdi3xS1LekIu+spkQKfaOiYozvSiS62Lg5JH9saSgM1ll8EPtTOu2fNnPkhT8fUMzjdImEydW3WMAHTH3XVkGL8sN6xBkYzEol9HkWGTckf+UOHxPCL4iZ/g6K0aVqu7/3uwS7MxV6otoyMWU8rcpAttrToOeQwSGKAkCEO12XRlKovu0MH4oZf7CkiHkeBfSgZLP7g2TyRctNS44CsmWvIQayj8zy9DZIttOGnQhAltxH1SXSOGXa1KSzjXQ4tiSjeVEHqjgwaRInBMhiAN53UQosyAxKE0vedcKaIIZ9eOW4p498TFGVODycx8WdFTS3VEKe3NH16B0mjxpFz9b/bB7i/aJq9SoBRkSu7WxXcyWNu0bDiTkREDa7jNnx8/O0STUjwWttyq2X+lBi8gzfbRsR2qMACq/R+rVdOnQ==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 99215bde-4521-4b03-d19f-08db735faa03
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2023 20:31:31.4043 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6Oojz1eeHoz6En2pIbAJeIPLg6FKqNZwaFutEQwL4p6V3I8+KXcCRoQREsybS7x9oOd1YTqSTRL1xqNZEiYS58OYLbZzZ1B/z++teCwBzOE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR11MB7381
X-Proofpoint-ORIG-GUID: OMwN0iYFQIi-dzT3yg67DQOlE4HSA4DY
X-Proofpoint-GUID: OMwN0iYFQIi-dzT3yg67DQOlE4HSA4DY
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-22_15,2023-06-22_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 lowpriorityscore=0 bulkscore=0 priorityscore=1501 adultscore=0 mlxlogscore=876 spamscore=0 suspectscore=0 mlxscore=0 malwarescore=0 impostorscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2305260000 definitions=main-2306220175
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/xBKQEMAw1s2c3oi46DNQEHM50F4>
Subject: Re: [Secdispatch] [EXTERNAL] Re: IETF117 - Call for topics
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 20:31:46 -0000

Hey Stephen,

We've been at this for months and I clearly still don't have any idea what you mean by "evolving PKI in the face of a CRQC". Maybe I'm overly dense and this is perfectly clear to everyone else, but I suspect not.

(Nearly) everyone else seems to agree that that means adding OIDs / codepoints / JWA names for NIST PQC algs, with hybrid version of them as a bridge, and otherwise carrying on as usual. But you seem to have something completely different in mind. I can't decypher what it is you're looking for because you seem to be taking a "I'll know it when I see it" approach, which is a borderline useless thing to put as an engineering design requirement.

You obviously see something that the rest of us are missing, and I strongly value your experience here. So can you please write down concretely and specifically (maybe in the form of an I-D) what "evolving PKI in the face of a CRQC" means to you so that we can all get on the same page?

---
Mike Ounsworth

-----Original Message-----
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Sent: Thursday, June 22, 2023 1:06 PM
To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; Yoav Nir <ynir.ietf@gmail.com>; Michael Richardson <mcr+ietf@sandelman.ca>
Cc: David Woodhouse <dwmw2@infradead.org>; Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com>; secdispatch <secdispatch@ietf.org>
Subject: Re: [Secdispatch] [EXTERNAL] Re: IETF117 - Call for topics


Hiya,

On 22/06/2023 19:01, Mike Ounsworth wrote:
> I also support a BoF about hybrid signatures.

FWIW: I would not support the above. The BoF I think we need would address evolving PKI in the face of a CRQC.

Discussion of hybrid signatures would be a part of that, but just a part.

Cheers,
S.
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email