IETF Logo Mail Archive

Re: [lamps] PQC X.509 115 Hackathon

Tomas Gustavsson <Tomas.Gustavsson@keyfactor.com> Wed, 05 October 2022 07:20 UTC

Return-Path: <Tomas.Gustavsson@keyfactor.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AE9EC14CF06; Wed, 5 Oct 2022 00:20:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=keyfactorinc.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ns93z6SXE53I; Wed, 5 Oct 2022 00:20:02 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20105.outbound.protection.outlook.com [40.107.2.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA794C14CF16; Wed, 5 Oct 2022 00:20:01 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lWyLPBfeYgY2qII0Yc2wLf9HngYMxI2TA7Fnh6pHcULNq7jMdBYqWbSw4l/3Zz8cFRD5n/lUVmd0QtNhRWR0UlsYsbzEaUSsfrwJ8Qzs4mtMxLog0j9qbn0ab5nxzzCJvaq0teiZMmVBQ3lG+fdhAeV6zgTArwIuH0JPpt5W3obMh5aB2CCx/KO2QR5UkiJa2ekhl235HvILag6ZqvPlSR4wHu2AO6sbFBoNbrwWBjMC3qBCUlr6u6JRZ7DZsUMSoSGYtZ7R0t9eFJNzEx+7s67HbKQkUUJR0Y1pzMHBOtBacv3eeVNep+GRiI4wg747kA5XI593Y35vlqfrXfzSRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+8HpKsvxubBaP1tfRN7130mgO4YzCbP5j24+aAfdr7Q=; b=kiC8Pc3kTR0m8bMnciIKV0RmJYI1KCOo0/CGjX+MqcxFCTjOwM9BWMyda4IDoXP8jlU8ux5C+tTxnu/wt5C8Xte7Y+ARweDaKObqZpDXMc6hw4WDVx5AIOUmJHEg2QRdBK6X9uIyuJUVg3igQyvbGenGUrr25Zjoiv/Fb68OysG2+hvGPszyDoEUk0j/PwWJwsI23Rs9NuHpTHqV2BWVFN8XDrjgYf5CvkrxnK3kaQW2rH6om3TFMVybrwXK3BP7H/BW29k9+MeFmItuqlnfH1ZF2qtzqmkdjgbyTVPjubqXNc4usq+JoFcdCJNAmZ3tOhk3sAuIsibfyzyjbwOOAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=keyfactor.com; dmarc=pass action=none header.from=keyfactor.com; dkim=pass header.d=keyfactor.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=KeyfactorInc.onmicrosoft.com; s=selector1-KeyfactorInc-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+8HpKsvxubBaP1tfRN7130mgO4YzCbP5j24+aAfdr7Q=; b=f64HC17POZoJ4F6C17uhU6iE0S5AGMgR7c+Eqo+wwW9Vvt504WQ3URCYnQ8DBuTwGyvVvl31hUZmIHlhYGDE6qChMIgwESA7U5KGhSBDqerOTHNuhKzpBZz7y4rXIYtT2fXkSPxaczL9rhN0ZJAUCaP/OyyUsrEPKBZ3X1BVJmk=
Received: from DU0PR03MB8696.eurprd03.prod.outlook.com (2603:10a6:10:3ef::5) by GV1PR03MB8493.eurprd03.prod.outlook.com (2603:10a6:150:8e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.32; Wed, 5 Oct 2022 07:19:56 +0000
Received: from DU0PR03MB8696.eurprd03.prod.outlook.com ([fe80::5058:8832:239d:d194]) by DU0PR03MB8696.eurprd03.prod.outlook.com ([fe80::5058:8832:239d:d194%8]) with mapi id 15.20.5676.023; Wed, 5 Oct 2022 07:19:56 +0000
From: Tomas Gustavsson <Tomas.Gustavsson@keyfactor.com>
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, 'LAMPS' <spasm@ietf.org>, "pqc@ietf.org" <pqc@ietf.org>
Thread-Topic: PQC X.509 115 Hackathon
Thread-Index: AdjYVOXE6GpE7MN6R9W+NqLxsx9F5gANSo6v
Date: Wed, 05 Oct 2022 07:19:56 +0000
Message-ID: <DU0PR03MB86967496D788EDC9BD19CAF4865D9@DU0PR03MB8696.eurprd03.prod.outlook.com>
References: <CH0PR11MB5739E98B69C5AD88745F539E9F5D9@CH0PR11MB5739.namprd11.prod.outlook.com>
In-Reply-To: <CH0PR11MB5739E98B69C5AD88745F539E9F5D9@CH0PR11MB5739.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=keyfactor.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU0PR03MB8696:EE_|GV1PR03MB8493:EE_
x-ms-office365-filtering-correlation-id: 0c86f459-9093-4638-98ec-08daa6a20185
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Y9LebOQeYScE9TpffxChy3A1GZ8TLUHLN6ALvdI6r+UT1Usp1yUzgeF7fcYe6wxdzTWiSCUhSjHxjPH8j2LW2AqmEZxn/ZuwVz4x+qyyMt0KKw6OOD1PTsVTZkK/SnyPGPdPNLegVKw9w9pKYVN9/nRYHcdoHYAKTf9lCb4mtyY6GsjH7JZPLnsLkyfpSCJNZsJN8ZTizMSmySbhvB1cuFnGH5znyNEVtire+sLyyOdkxdLnXGFjvT+K/KN+ZeudkzSgCHcB68XvTIELXSW4loiZffEZOO3tICQycbC0ptHUMJZVsHN7PB7A/VRHx72dlO2kK87Uazex7i+lwjU9yR2CntWKQIwegDE0C7SzhKqUdWgHg61VVe8DYwr7lcKiP5+ZqesCzqNei9apyKRpH7sJpHxbKC979SfqRrQcSDPLIZcW+2kr2cVW9IE2RG3c3qVlXJ8UFjW+6KZkeGR50HPkaC0r5WgI+yQ0CRPOozppPm/42XKod+CX9UUDg1qvbQ5E2drhiTasox8NK+3XvX/D/S7EpNP3pSEMM36w+ATLZu3IEuvhNn1ozmUxMwa6fbL7XleY3Ft25B41xhlgLdTq2R0MSBOtM4ta6qYhCL1PELGD+Nzf8kbjL/Fb9txulKD7szTf9Mosxrp4Jy4T0lZDCPsWpEYMZFr5+lMMCNNi86hb6NSpzLDZduqrzTOQZpeXVt0AOL8mpZrOY81MIV+3MAfYM4lo2RS5wtdgrA195rALcIXouL9qvPJ8NhOCSIEAeWaFW5RJ1rUhGp3i4A==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0PR03MB8696.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(366004)(376002)(396003)(39850400004)(136003)(346002)(451199015)(19627405001)(8936002)(86362001)(38070700005)(5660300002)(316002)(52536014)(19627235002)(7696005)(6506007)(53546011)(26005)(9686003)(2906002)(110136005)(66476007)(66556008)(41300700001)(76116006)(64756008)(91956017)(8676002)(66946007)(66446008)(33656002)(83380400001)(478600001)(71200400001)(186003)(38100700002)(55016003)(122000001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ViQQ1TYqqQFNoNoe4Unw5ju+Sw6lyLhIi18bmX9WgCxVpFE2jAUuPxf47g5Py9YUzR21Lf1X++VaPZ/gxckiTyzuwaYhUoJceq/EGHiJeOXppdMFGt4d1O1k0FYc6kjGmFQ9agnIxRNlvS4IwGMeZ1Z3bzybOykOxU6ATH9I9g60E2hxGLPgzEL0TotNlf0V6aa6pIJaxKnxFn+t5ggcHxN372nDA4nsFPgYhyVsPJD3LvIY66mtuUwteJeYoemzT9bKGmRXLA9B6gpkXbcv5ZV70VignzvzeqZ39vAFe4ZxnI2AxTBUY3ZOSDmx5GXUYyPYP1eLwYARLxyIYyNFZySizyS5zc9dM+LH4016FavecIKp7b/fa6qd8Enhcb0wPsKwVCJD4xdxduU2z1m3PJEjcqtyJUWaX6ysVESWcEK8Cb6sN6Ne3k48pDjuDGoJNhDk9bBSdF309DsG+5j9e3zzgr6S7P1Jq5RIilXGySRgToASfgC8noXGuMAUyjYoNGsj1dCtt8HmmalLjUjVc/lyftmkhgf7Ful0fRAHKmt8PqrHZ8GnwIyPZPaarVvpB5CNjLEl1kdvWEV3MyiIu4SMsokBsRWqimttbY7VPqjaQHJMxIr1Qgmy0gYD7TkCc+ojVHqob2V949p1vMeEU1dLHRGDwja+VeJOzikAwSy+K0Api1Frb0ub10T8UON08ZatvyLn0OjPPA7fmdSqHBOiQUAuSI0Rdcz/gWH2ssjE7wuhPcEHA6UnkdfPUH7pYsIe2ldHm8XJQGFupVM09TZKabdwEm2hrBxv18KCV58rQRWW5tVvgbSCcRpZ8X84osHyHkBpZG2rIevwQqlYnuuX5Pr8+AtRlwEsjkFuXZsWhxIUXO9UNKjdBb++MFUljUj5jTAgrhEk6uFzkmYEnUihq/VUlQCnKqaF1fygK93JRK/MBXtNDYobqC4cWOsiiK8F8x8NB4A6FBljhdcjW41MvWNZwq5IEsOsYgmrUAOMQtnl5jxP7NmGYaejQoX5QSPkAHFSKK+gUeHccpd0Eqr4VVH4NfnxAclIYlPShNEsCtil4cbNMI3CRucX0itoNfKX11gpZQmPxjRDF6suLTANYitnWM3yQYgnFGAzch4CrhLxkVohnacNvXdiZWOYYz3AIQ6m39DPQ7r0gH4mmbUIxOjD2/AI/tWsN5r9U2tYQ6W3jvS967V+YOiBzvhrkENXFPphKtGHOCya0+LieRKJuASeqIYTbBvxtkhaMD+s711L8L31BnGJAYr6ajVQOjBYKtgL3xsEi0v2tcECljKBAfxTIbUu+c5te8HGMBKYx+Fc93beNCqrlK4ez/CDIaK5XZND8W+LcOxdXnYKL7b4E4uN882uPqTZRHQ5I77kyzetKPnc81oWGA7iBVk+MZKVcgnHPlOgzxtl/1Zm/ihf5MlfB9PsJ0IptkWWvLt9ZcXA6AxWGKVVF/BriLNhaHQAlOCzox3zMtLZXFvvwYTRnMfCLqLvb7pYj17tilGcoCD6iqnAYKTjT+WOB/Zjxo9p7kO9gmupNws0/NaQqHZ9nUDwg3kk6ZIw7P6lFo4uISvHeRg6uSlgReY2UK3l
Content-Type: multipart/alternative; boundary="_000_DU0PR03MB86967496D788EDC9BD19CAF4865D9DU0PR03MB8696eurp_"
MIME-Version: 1.0
X-OriginatorOrg: keyfactor.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0PR03MB8696.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0c86f459-9093-4638-98ec-08daa6a20185
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Oct 2022 07:19:56.6167 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c9ed4b45-9f70-418a-aa58-f04c80848ca9
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IAxczU4x5JbH5ROPHxOm3W+BbnQo9CxVDACsYECavcQ8s4EXq6x8ZlRCfXqa9wp7Wrtnsj7VyPunu+0poaZsxAaQQDHKGinVY8GrC9lo+Us=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR03MB8493
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9NNe4gYEFMi_8gjv1iqmjmx8eBk>
Subject: Re: [lamps] PQC X.509 115 Hackathon
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2022 07:20:06 -0000

Great idea. I will not be able to join unfortunately, but would have liked to. In your list mostly everything is important for sure.

Perhaps from my side I currently think that signatures on certificates, CRLs, CSRs, etc feel pretty stable, certain that it will be right in the end. Some other things you mention are more often overlooked. The basic ability to encode/decode public and private keys from PEM and PKCS#12 will be vital to not waste a lot of time implementing and interoperate.

Just as an example, the two versions of encoding for EdDSA keys cost some hours of work, and some unnecessary if's in code. If we can avoid such seemingly simple annoyances that would be good.

Cheers,
Tomas

________________________________
From: Spasm <spasm-bounces@ietf.org> on behalf of Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>
Sent: Wednesday, October 5, 2022 3:00 AM
To: 'LAMPS' <spasm@ietf.org>; pqc@ietf.org <pqc@ietf.org>
Subject: [lamps] PQC X.509 115 Hackathon

CAUTION: External Sender - Be cautious when clicking links or opening attachments. Please email InfoSec@keyfactor.com with any questions.


Hi LAMPS and people interested in PQC!



As suggested at 114, my colleague John Gray and I would like to do a 115 Hackathon on PQ keys and signatures in X.509 / PKIX.



We are suggesting to play with Dilithium, Falcon, Sphincs+, and Composite signing algorithms in Certs, CRLs, CSRs, PKCS#12s, CMS SignedData, maybe OCSP Responses, maybe Timestamping, maybe CMP. We can bring: the Entrust Toolkit (which we can hack at), Bounce Castle, OpenQuantumSafe-openssl, OpenCA (easier if Max Pala is there, but we can probably figure out how to build it).



The point of the hackathon, I think, is going to be OIDs, and public key / private key formats (ex.: the differences between Dilithium and Falcon encodings in draft-uni-qsckeys, and draft-massimo-lamps-pq-sig-certificates).







Question 1: are others interested in joining us at the hackathon? (no point is signing up for a hackathon spot if we’re the only ones there)



Question 2: whether or not you're joining, what PQ X.509 / PKIX things would you like to see working with Dilithium, Falcon, Sphincs+, Composite?





---
Mike Ounsworth
Software Security Architect, Entrust



Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email