[Sidrops] Re: New I-D: draft-yoshikawa-sidrops-pqc-rpki-00 (PQC signature profile for RPKI)

Loganaden Velvindron <loganaden@gmail.com> Thu, 25 June 2026 05:31 UTC

Return-Path: <loganaden@gmail.com>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 77B8D1070417F for <sidrops@mail2.ietf.org>; Wed, 24 Jun 2026 22:31:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782365477; bh=aSwPOKYsP96jmeTI9j0a/m0ehhkuiEHU/sQgxaxBaw8=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=PIkeNljEP78CalKGmEo1JrKbaFIdNR+8LAKBRV2MI0Efnagucpg6NbPyMZYVFm06M 87s+PskPfHFOgYOIleabLgcLu+iKZ9zt9PwNxtGfkfqcCODLkXMrZuQ5+oDSyjH1IB KMNFnKT4X5NJbYm2XVJY6DGQ73OiWUGEDp945Q8s=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HefFCpDuBNBM for <sidrops@mail2.ietf.org>; Wed, 24 Jun 2026 22:31:16 -0700 (PDT)
Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C681A10704178 for <sidrops@ietf.org>; Wed, 24 Jun 2026 22:31:16 -0700 (PDT)
Received: by mail-pf1-x42c.google.com with SMTP id d2e1a72fcca58-84594492c26so1830812b3a.2 for <sidrops@ietf.org>; Wed, 24 Jun 2026 22:31:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1782365476; cv=none; d=google.com; s=arc-20260327; b=i2dnKIGG7QGLYUCSBIR8/p47aA6bWSZ2iXS0TkWqaAxU9uVIX0X66mTb7LhCuvI8n6 ex6AxXPEsoC25c/tdLCOTgta/ZRL7ikkvxqTS8UyBJ1sc8o+NfYVA81OfRKGk+/SyrKd 4/VwdL72jwZ+MUcuIv/md1JjVPbsEww/vvLYEnadeR1vc30N3uMlxIZp8oxWyC09el5P 0KyYXNssf6E5JEJMOgr3/TW/s2l4LzTOLriX9fyyRO+ThQzT8xCFcb/VzM9FhewKfkh0 QJjTetRkneSm386sj82DwUHN6LGefh9mWTzc96AgnvIuKhrHoyWnlsbg9+NrAiC3vtcj SiOA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20260327; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=Qx1nEpBeOuOnPCXu7pVGy5Qw3lnGvGcNKY9dLkKW0fE=; fh=uH2GDokPOn2JSimxOy+Hd5V51WLyYFwuKizQmKPQoYI=; b=D5Vp83E2GmYiWeZSBufTfgqvH1U0Vgw0wBkePvqUzQwJMn6uT4kO21RR7kVxp20OtS KxWGVZnQOjLX+mzsbG4aCtL83z49ikfqlagaBNh9nehFyYlFz1fXXOxCihCGmwGS0S/g HHPS2itsxHaras6vrkMm3g7PhIr772hhwoL1RPkO6Ck4/LxHY9S0EwnrB80qe9v+uG5H Trp13M/mUR+xc0h2JTqJpE5aUHvJObK9mB8iMGZvShRCiLfwuD3NGBsebQUAGmACPQMV lPIsFNt7fVFX+pbtpymHUdtrXeIe9vLsuvQ9wTDFdQk9mX4aLL0+9RuFeC5pkSBRX8Ir G/JQ==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782365476; x=1782970276; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Qx1nEpBeOuOnPCXu7pVGy5Qw3lnGvGcNKY9dLkKW0fE=; b=VigirPzUe9mnrPkuZwRzc43C7VktxYkoTfA1RcVLICmhd2GG6nvp/qLHAhS4HoKCge Z4LHjvlZa9RJHPWayBk7d8UMTeVObfq6zzHcAmgfPDNHgyzHl/YygR7pksqkNls86qXZ Kr/9QwUAO3qx/R+i4/U6TjLhwyH0fE6ulQGEYp679rG3G+ALhva0MFM5l+yt/RBW/xyD jHAjtqrkCyyh3OI6m1KINUSzxRd2WQcMqsXzMJRb+TLi+xxZRFArYbfbKMfyEg2jztZd LqcWcIENKPcCusU9TTfSQrUBRhVYLhl5axB8945+f9iKjtUEgamUafrhQEo50chbrtNO KSpw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782365476; x=1782970276; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=Qx1nEpBeOuOnPCXu7pVGy5Qw3lnGvGcNKY9dLkKW0fE=; b=iT9FZg9Rl8uRKk7m1FrPZ8GUL0wpIWZ+qJ7FGt5jal5U5uow3cs4Px1rCatEM3PcGW Zs/vzUqcqDNso8yHRDeiAwBO/aGhlwjhRqxcmEy2kqVlpywyE/6i17e4vGsKJW9Gcuen +t2IGc9soJGek/+DrMLd7kwBfZBkJJl6AAdLrFK6Tw+vswWHLufpoU+Z+CSzs8rlLEl6 I+fVgHmVahLF/RbJzMpjfoHoLcz4i32Q8WoCm/I3NclUk8vAOkt+K02NbUkcv9T2OP2F 7ooTOLe6h8pMN3xOtPwhYmG+55Zn1uPoVeorevDRWrGta0o0BboPVTsXRIMr8QlowgFD smpg==
X-Forwarded-Encrypted: i=1; AFNElJ92zv0R3FkrRmmxOb8O356ZIDUw22EygvBjcP9khsZJyCvgsr18R/diroWzvNtdP0FAKDhKLO5j@ietf.org
X-Gm-Message-State: AOJu0Yx1ovAxOzp2bvnpfC57DN8ipplv3TOBwOq/Jeo1RN9w0freyxqv lohefXwVP81b0acSHaHV5MiFSK2PvhO2kykxY65PA8YtJWHPT7cLFAXYzk2xJQyxzHrbWAukPhX nMwCYJ7PR9cKd6E/YbRaAJacNuzpoWooIzQ==
X-Gm-Gg: AfdE7clPXE5jUyboxj7Dg5+WJrolqlhzREYC/aajlVQcCFSLpINm0Ij9zSSamxtJrnY 5x43blUh9jypT9Pj5oqKME3io2Jl8pgMElc+fl1k+v3a68o/mOznj91SsaM/bVklQyLaHqQz9tK IFnOLYXxLikLcdopD15NhSBuiB1HicfRifc0oI35i+04ZOjIOivFTfMqeRPfvx3j9WSqRxL4Eto XSc77OBtMwTwcn2wjX/Z8OKKMbQEJhFa+evnFXGJSaAHTDkiDbkPj/oPkDM2VIF2b262ixZJdUX tB/A+r4sjSO/ByqKAMmmxJ3z9+bKcp9drnewKRgjRynHThnyC/iRtTzh6weDvA==
X-Received: by 2002:a05:6a21:9981:b0:3b3:f46:1eea with SMTP id adf61e73a8af0-3bd4ac21823mr1216828637.7.1782365475706; Wed, 24 Jun 2026 22:31:15 -0700 (PDT)
MIME-Version: 1.0
References: <OSZP286MB1487042DC90455369ED69676FEE22@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM> <ajWzqH4slnzcGeQf@feather.sobornost.net> <OSZP286MB14878DE6FA179A8C2CE1D211FEE12@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM> <ajad0w18JoTo7KFb@feather.sobornost.net> <OSZP286MB1487FBBA9E5F111EE1B3D328FEEF2@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM> <ajkhGjaMm4KkuhBl@feather.sobornost.net> <OSZP286MB14878918E662252A4901501FFEEC2@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM> <CAOp4FwT81Ruyrg5DBN0mNqkeO7jpGif3e364BVRknUgPYHMong@mail.gmail.com> <OSZP286MB1487DB4ABB75F733620F97FAFEEC2@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM>
In-Reply-To: <OSZP286MB1487DB4ABB75F733620F97FAFEEC2@OSZP286MB1487.JPNP286.PROD.OUTLOOK.COM>
From: Loganaden Velvindron <loganaden@gmail.com>
Date: Thu, 25 Jun 2026 09:31:06 +0400
X-Gm-Features: AVVi8CdTJMiqWJhtXSUgpUXBr8aoySlfB7qriV9Xo_Id2BuRm74kTzwecyIIvXM
Message-ID: <CAOp4FwT9mLNNbAdas+rX6KkRmYAVmc+gFjAhb0_-tq8ekQkyjw@mail.gmail.com>
To: yoshikawa.tomoki.67i@st.kyoto-u.ac.jp
Content-Type: multipart/alternative; boundary="0000000000000a1eee06550d4d64"
Message-ID-Hash: 33ZMR73LFGRE3E5HPZN7M2LLLTAB75K3
X-Message-ID-Hash: 33ZMR73LFGRE3E5HPZN7M2LLLTAB75K3
X-MailFrom: loganaden@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Job Snijders <job@bsd.nl>, IETF SIDRops <sidrops@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: New I-D: draft-yoshikawa-sidrops-pqc-rpki-00 (PQC signature profile for RPKI)
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/jJm0o9TjxPmlZMeHZKaOyv2_MMQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>

I've created a pr on the github repo.



On Thu, 25 Jun 2026, 09:16 yoshikawa.tomoki.67i@st.kyoto-u.ac.jp, <
yoshikawa.tomoki.67i@st.kyoto-u.ac.jp> wrote:

> Hi Loganaden,
>
> Thank you for the information.
>
> The fact that FN-DSA is not yet standardized is also one of the reasons I
> currently lean toward ML-DSA.
> Your point about implementation difficulty from a vendor perspective is
> also very helpful.
>
> I will take this into account in the section.
>
> Kind regards,
>
> Tomoki
> ------------------------------
> *差出人:* Loganaden Velvindron <loganaden@gmail.com>
> *送信日時:* 2026年6月25日 12:54
> *宛先:* yoshikawa.tomoki.67i@st.kyoto-u.ac.jp <
> yoshikawa.tomoki.67i@st.kyoto-u.ac.jp>
> *CC:* Job Snijders <job@bsd.nl>; sidrops@ietf.org <sidrops@ietf.org>
> *件名:* Re: [Sidrops] Re: New I-D: draft-yoshikawa-sidrops-pqc-rpki-00 (PQC
> signature profile for RPKI)
>
> For the rationale section,
> I would argue to be cautious with FN-DSA (aka Falcon) as it is
> currently hard to get right due
> to it requiring constant time operations. It has been a challenge to get
> right.
>
> Please see an example of a bug here:
> https://x.com/bwesterb/status/1509583201848672258
>
> I'm not sure whether router vendors will want to take a chance on FN-DSA.
>
>
>
>
> On Thu, 25 Jun 2026 at 07:30, yoshikawa.tomoki.67i@st.kyoto-u.ac.jp
> <yoshikawa.tomoki.67i@st.kyoto-u.ac.jp> wrote:
> >
> > Hi Job,
> >
> > Thanks, that makes the mixed-tree construction clear!
> >
> > I'll work the manifest/product key-consistency rule and the certificate
> > signature vs. SPKI distinction into the draft. More broadly, I'd like to
> > take the feedback from this thread — mixed-tree, composites, and the
> > BGPsec scope — and work it into -01 as a more coherent revision rather
> > than piecemeal.
> >
> > Kind regards,
> > Tomoki
> >
> > ________________________________
> > 差出人: Job Snijders <job@bsd.nl>
> > 送信日時: 2026年6月22日 20:48
> > 宛先: yoshikawa.tomoki.67i@st.kyoto-u.ac.jp <
> yoshikawa.tomoki.67i@st.kyoto-u.ac.jp>
> > CC: sidrops@ietf.org <sidrops@ietf.org>
> > 件名: Re: [Sidrops] Re: New I-D: draft-yoshikawa-sidrops-pqc-rpki-00 (PQC
> signature profile for RPKI)
> >
> > On Mon, Jun 22, 2026 at 11:09:56AM +0000,
> yoshikawa.tomoki.67i@st.kyoto-u.ac.jp wrote:
> > > Thank you for the clarification!
> > >
> > > My earlier statement that BGPsec was outside the scope was too broad,
> and
> > > the distinction makes sense now.
> > >
> > > I will split it as follows:
> > >
> > > * The BGPsec UPDATE signature algorithm and the use of the public key
> > >   carried in a BGPsec Router Certificate are matters for IDR and
> > >   RFC 8608.
> > > * The signatures on BGPsec Router Certificates, their issuing CA
> > >   certificates, and the associated CRLs are part of RPKI repository
> > >   maintenance and remain within the SIDROPS scope, including any
> updates
> > >   needed to RFC 6485/7935/8209.
> > >
> > > I will revise the draft accordingly. The RPKI signature profile should
> > > cover the certificates and CRLs associated with BGPsec Router
> > > Certificates, while the algorithm used to sign BGPsec UPDATE messages
> > > remains separate.
> > >
> > > Thank you again for correcting the BGPsec scope distinction!
> >
> >
> > Expressed as a simple rule: all the products listed on a given manifest
> > MUST be signed with the same key, and that key also MUST be the key that
> > was used to sign that manifest.
> >
> > The above rule must be checked by RPs, otherwise you'd end up with gaps
> > in the certification chains, which would be a security issue.
> >
> > To produce mixed certification chains: sign with algorithm X over a CA
> > certificate that has as SPKI a public key of algorithm Y, and sign that
> > CA's manifest using algorithm Y. (Somewhat similar to how BGPsec router
> > certificates are signed with RSA-2048 but contain a P-256 public key in
> > their SPKI.)
> >
> > Kind regards,
> >
> > Job
> > _______________________________________________
> > Sidrops mailing list -- sidrops@ietf.org
> > To unsubscribe send an email to sidrops-leave@ietf.org
>