Re: [lamps] Call for adoption of draft-vangeest-x509-hash-sigs-03
Tim Hollebeek <tim.hollebeek@digicert.com> Fri, 12 April 2019 19:44 UTC
Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B22112030E for <spasm@ietfa.amsl.com>; Fri, 12 Apr 2019 12:44:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com header.b=Wq5R4Mbw; dkim=pass (1024-bit key) header.d=digicert.com header.b=XzpwtGmk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gK4NjDQMBs2T for <spasm@ietfa.amsl.com>; Fri, 12 Apr 2019 12:44:08 -0700 (PDT)
Received: from us-smtp-delivery-173.mimecast.com (us-smtp-delivery-173.mimecast.com [216.205.24.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94C7A120486 for <spasm@ietf.org>; Fri, 12 Apr 2019 12:44:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=mimecast20190124; t=1555098247; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XDyd/HDCjIxuJekQriFcczKyjLZI1btTjC/DrntIXTw=; b=Wq5R4Mbwz3/TfDIGZk8cA+qr9+brqqrY2Jh16BUHieZGvb4d04yR863V8Fctjq7Wu7B34J9TalUl6uI73NbznL9FcuQwxJRmFofWz0Ss8/Qy2blbOg0tswAruuBDsEP1gPtGRZWX96FG1A+xbFGbDO0LIeBr1i9qUX0rlQXO0qY=
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (mail-by2nam05lp2050.outbound.protection.outlook.com [104.47.50.50]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-253-HRV64RhRPYqAkUx8IZ4COQ-1; Fri, 12 Apr 2019 15:44:05 -0400
X-MC-Unique: HRV64RhRPYqAkUx8IZ4COQ-1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XDyd/HDCjIxuJekQriFcczKyjLZI1btTjC/DrntIXTw=; b=XzpwtGmkscwBeNv4ygm91p5XxY8375FB9N5LCIUuNavps00KNzj39ekgM7D4TM9IrkXe2QKUjMUQfednOZC7ebY3yesPuXDRClsjRPRbY3MIVVW99UZHwfGzveGUwURkexmdzgQ2DkFQHT05fPUzBZFdYwEdOEQwfzgalS7XNC8=
Received: from BN6PR14MB1106.namprd14.prod.outlook.com (10.173.161.15) by BN6PR14MB1123.namprd14.prod.outlook.com (10.173.160.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1792.15; Fri, 12 Apr 2019 19:44:03 +0000
Received: from BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::294e:1bc:bb2b:e728]) by BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::294e:1bc:bb2b:e728%6]) with mapi id 15.20.1771.019; Fri, 12 Apr 2019 19:44:03 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Russ Housley <housley@vigilsec.com>, SPASM <spasm@ietf.org>
Thread-Topic: [lamps] Call for adoption of draft-vangeest-x509-hash-sigs-03
Thread-Index: AQHU49NowkMfYPWCe0mf+LI7TVjMg6Y3Yf+AgAGlFxA=
Date: Fri, 12 Apr 2019 19:44:02 +0000
Message-ID: <BN6PR14MB1106B95D86CDAE6CEB29517983280@BN6PR14MB1106.namprd14.prod.outlook.com>
References: <BN6PR14MB1106140408FFB08553DEAE98835F0@BN6PR14MB1106.namprd14.prod.outlook.com> <D6AB5830-C69A-44CA-BD63-9B64F92C032E@vigilsec.com> <391B7EFF-C02D-4D2D-9C19-FA18B8F9FD6A@vigilsec.com>
In-Reply-To: <391B7EFF-C02D-4D2D-9C19-FA18B8F9FD6A@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tim.hollebeek@digicert.com;
x-originating-ip: [98.111.253.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7781b2f5-b4ec-445e-d1de-08d6bf7f3766
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(49563074)(7193020); SRVR:BN6PR14MB1123;
x-ms-traffictypediagnostic: BN6PR14MB1123:
x-microsoft-antispam-prvs: <BN6PR14MB11237D31498BE7F596F8FAA183280@BN6PR14MB1123.namprd14.prod.outlook.com>
x-forefront-prvs: 0005B05917
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(39860400002)(136003)(366004)(396003)(199004)(189003)(25786009)(9686003)(6506007)(68736007)(11346002)(52536014)(6116002)(7736002)(5660300002)(8936002)(66574012)(81166006)(33656002)(316002)(486006)(97736004)(26005)(7696005)(2906002)(186003)(3846002)(74316002)(6436002)(44832011)(476003)(81156014)(790700001)(105586002)(53936002)(86362001)(71200400001)(106356001)(606006)(478600001)(14444005)(8676002)(99936001)(102836004)(54896002)(229853002)(446003)(71190400001)(76176011)(66066001)(55016002)(6246003)(6306002)(256004)(99286004)(14454004)(53546011)(236005)(110136005); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR14MB1123; H:BN6PR14MB1106.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 27vszJgSzsV2ObzGWZ6OkRbPScXEircFWRtMPCWkRAl49f5zFvHruCoz+KnqeJE0Wd9rh+L2zLik4zMF9tV2rFh/XxrC4dKd5VG3aPvDFBGGd6k78/StAJ7EWbvNPZ1FmHBsTtW9aALuxcNZBSCYJPVwMpHR7Q8FdQKfGt2cP9dEYskZC5jasspG89HlXh/FMURHdXmCazajFrqgOqbFjBTxuFUWglXo5WUSFZANaeRXdGX6lt9WrPmqSS6OeJTK6d4ri/pSozHp4qZuFLUm+idPKlBCYIaKQezgKkWj9zgSUlNe334lJPgQKVSHiR/apKidjKpgw3XBZMtXfMHZg4nfttdYTm21wQcT+a+hQzVd2edLZMvp5TqitmsarvjE/1hVRhYMzUJj7ShQx6ZbfvS4WVGPWR8VT+H4j5zYD9A=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0029_01D4F146.89792650"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7781b2f5-b4ec-445e-d1de-08d6bf7f3766
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Apr 2019 19:44:02.8278 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR14MB1123
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/BqRQBdO_Gv7IYtsyWhShx-_WBjU>
Subject: Re: [lamps] Call for adoption of draft-vangeest-x509-hash-sigs-03
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2019 19:44:12 -0000
We support this work and would implement it. While there are some legitimate concerns about state management, we think a standard that articulates the proper procedures for addressing those concerns is the best way to resolve that. Hash-based signatures are an important and well-understood tool for providing security against attacks based on quantum computing, and failing to adopt drafts describing the right way of using them will increase the risks they are implemented unsafely, instead of reducing the risk. -Tim From: Spasm <spasm-bounces@ietf.org> On Behalf Of Russ Housley Sent: Thursday, April 11, 2019 2:32 PM To: SPASM <spasm@ietf.org> Subject: Re: [lamps] Call for adoption of draft-vangeest-x509-hash-sigs-03 Only three people have spoken so fare (2 support; 1 oppose). We need more participation to make a consensus call. Russ On Mar 26, 2019, at 8:56 AM, Russ Housley <housley@vigilsec.com <mailto:housley@vigilsec.com> > wrote: We talked about the "Algorithm Identifiers for HSS and XMSS for Use in the Internet X.509 Public Key Infrastructure" <https://www.ietf.org/id/draft-vangeest-x509-hash-sigs-03.txt> document today dat the face-to-face meeting session. It was suggested that the document is read for WG adoption. Please voice your support or concerns on the list. Russ
- [lamps] Call for adoption of draft-nir-saag-star Tim Hollebeek
- Re: [lamps] Call for adoption of draft-nir-saag-s… Melinda Shore
- Re: [lamps] Call for adoption of draft-nir-saag-s… Ryan Sleevi
- Re: [lamps] Call for adoption of draft-nir-saag-s… Dr. Pala
- Re: [lamps] Call for adoption of draft-nir-saag-s… Daniel Migault
- Re: [lamps] Call for adoption of draft-nir-saag-s… Russ Housley
- [lamps] discuss: empty OSCP (as: Re: Call for ado… Toerless Eckert
- Re: [lamps] Call for adoption of draft-nir-saag-s… Dr. Pala
- [lamps] Call for adoption of draft-vangeest-x509-… Russ Housley
- Re: [lamps] Call for adoption of draft-vangeest-x… Salz, Rich
- Re: [lamps] Call for adoption of draft-vangeest-x… Scott Fluhrer (sfluhrer)
- [lamps] Side-channel attack on multi-level trees … Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Scott Fluhrer (sfluhrer)
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Jim Schaad
- Re: [lamps] Side-channel attack on multi-level tr… Jim Schaad
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Scott Fluhrer (sfluhrer)
- Re: [lamps] Side-channel attack on multi-level tr… Tim Hollebeek
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Jim Schaad
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Tim Hollebeek
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Russ Housley
- Re: [lamps] Side-channel attack on multi-level tr… Russ Housley
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Scott Fluhrer (sfluhrer)
- Re: [lamps] Side-channel attack on multi-level tr… Daniel Van Geest
- Re: [lamps] Side-channel attack on multi-level tr… Dang, Quynh (Fed)
- Re: [lamps] Side-channel attack on multi-level tr… Russ Housley
- Re: [lamps] Side-channel attack on multi-level tr… Panos Kampanakis (pkampana)
- Re: [lamps] Call for adoption of draft-vangeest-x… Ryan Sleevi
- Re: [lamps] Call for adoption of draft-vangeest-x… Russ Housley
- Re: [lamps] Call for adoption of draft-vangeest-x… Adam Langley
- Re: [lamps] Call for adoption of draft-vangeest-x… Jonathan Hammell
- Re: [lamps] Side-channel attack on multi-level tr… Tim Hollebeek
- Re: [lamps] Call for adoption of draft-vangeest-x… Tim Hollebeek
- Re: [lamps] Call for adoption of draft-vangeest-x… Jim Schaad
- Re: [lamps] Call for adoption of draft-vangeest-x… Russ Housley
- Re: [lamps] Call for adoption of draft-vangeest-x… Russ Housley