[lamps] Re-charter text for LAMPS to work on Post-Quantum, and PQ problem statement
Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com> Sat, 24 August 2019 13:49 UTC
Return-Path: <prvs=13284568e=Mike.Ounsworth@entrustdatacard.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6F0B12001A for <spasm@ietfa.amsl.com>; Sat, 24 Aug 2019 06:49:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WFNsUe98Szaf for <spasm@ietfa.amsl.com>; Sat, 24 Aug 2019 06:49:13 -0700 (PDT)
Received: from mx1.entrustdatacard.com (mx1.entrustdatacard.com [204.124.80.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A94012001B for <spasm@ietf.org>; Sat, 24 Aug 2019 06:49:13 -0700 (PDT)
IronPort-SDR: 6+Yd3AFd5BEXJBAfsRvvK5V30zVj5inHOJFPqP0SyEeLbTxENMIYRVVbuQqsLB0FFvOWoxE2zj 4ZLDWi6j8z6A==
X-IronPort-AV: E=Sophos;i="5.64,425,1559538000"; d="scan'208";a="55465807"
Received: from pmspex01.corporate.datacard.com (HELO owa.entrustdatacard.com) ([192.168.211.29]) by pmspesa03inside.corporate.datacard.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 24 Aug 2019 08:49:12 -0500
Received: from PMSPEX05.corporate.datacard.com (192.168.211.52) by pmspex01.corporate.datacard.com (192.168.211.29) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sat, 24 Aug 2019 08:49:12 -0500
Received: from PMSPEX05.corporate.datacard.com ([fe80::8084:293e:7f03:4ab2]) by PMSPEX05.corporate.datacard.com ([fe80::8084:293e:7f03:4ab2%12]) with mapi id 15.00.1497.000; Sat, 24 Aug 2019 08:49:12 -0500
From: Mike Ounsworth <Mike.Ounsworth@entrustdatacard.com>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: Re-charter text for LAMPS to work on Post-Quantum, and PQ problem statement
Thread-Index: AdVagooKGrRjGm0KRwu26mtcjpHrXA==
Date: Sat, 24 Aug 2019 13:49:12 +0000
Message-ID: <b3a7fae82d6a4d5ea1b25ae4ed60608e@PMSPEX05.corporate.datacard.com>
Accept-Language: en-CA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.1.43.131]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/4FpO7bNlI5OfmUZirHxm1bA7kJQ>
Subject: [lamps] Re-charter text for LAMPS to work on Post-Quantum, and PQ problem statement
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Aug 2019 13:49:16 -0000
Hi LAMPS, After the discussion at 105, I'm going to take a step back from my "composite crypto" draft and propose: A) LAMPS re-charter so that post-quantum is guaranteed time on future agendas. B) As a group, we define the post-quantum certificates problem that we're trying to solve, and examine the whole space of possible solutions. --- A) Proposed re-charter text: > Quantum computers and the emerging post-quantum cryptographic algorithms present a unique agility challenge in that legacy algorithms may become compromised before we have full trust in, or adoption of, the replacement algorithms. The prevailing opinion in the crypto community is to address this uncertainty by layering all crypto operations with legacy and post-quantum algorithms during the transition period. LAMPS is tasked with specifying appropriate mechanism(s) by which PKIX and relying protocols can leverage public keys from two or more algorithms in the same cryptographically-protected transaction. Proposed mechanisms should address combining new and conventional algorithms, backwards compatibility, and increased certificate size. Both negotiated and non-negotiated protocols need to be considered. The first discussion question is: what is appropriate for LAMPS adoption here? If it doesn't get adopted by LAMPS, maybe we need a specific PQ WG? Maybe we should run a BoF session at 106? --- B) Problem statement and solutions overview; I put up a draft here: https://datatracker.ietf.org/doc/draft-pq-pkix-problem-statement/ Let the discussions begin! - - - Mike Ounsworth | Software Security Architect Entrust Datacard
- [lamps] Re-charter text for LAMPS to work on Post… Mike Ounsworth
- Re: [lamps] Re-charter text for LAMPS to work on … Stephen Farrell
- Re: [lamps] [EXTERNAL]Re: Re-charter text for LAM… Mike Ounsworth
- Re: [lamps] [EXTERNAL]Re: Re-charter text for LAM… Stephen Farrell
- Re: [lamps] [EXTERNAL]Re: Re-charter text for LAM… Russ Housley
- Re: [lamps] [EXTERNAL]Re: Re-charter text for LAM… Salz, Rich
- Re: [lamps] [EXTERNAL]Re: Re-charter text for LAM… Mike Ounsworth