IETF Logo Mail Archive

Re: [lamps] PQC X.509 115 Hackathon

John Gray <John.Gray@entrust.com> Fri, 21 October 2022 22:33 UTC

Return-Path: <John.Gray@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C559FC14CF03; Fri, 21 Oct 2022 15:33:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z6YMyboO4ocN; Fri, 21 Oct 2022 15:33:30 -0700 (PDT)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 083EBC14CF09; Fri, 21 Oct 2022 15:33:29 -0700 (PDT)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.19/8.17.1.5) with ESMTP id 29LGPf3L031352; Fri, 21 Oct 2022 17:33:04 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=mail1; bh=H/w3ilEwKVEwhnSozfuAd4CT9UePKE9uhiQ8EsoU1/A=; b=R2wmJyF5RkJZu9zeqzvhsVPhekNQp6SZ07+hTkNA4QzhPTe4fQbFh/AGEa/pltt/nlS6 2Uf0qk9f8lfqb9fTAdcjU5LOnt+hpJQPbsaZdxd0uQBFSPmIggHqtn3ImSPoZRgCYU5g qFphYD01bOvk53EZDH5Jod5uK6B2UxJj9vcFyzhNa04lQEbo1eML/RE5CkrYBhLNJ/UC gCLb+lctK8Mcp+VO3/BUj8lKuxQ7y1VCtWJNAoVnoAqL/uE5Yv8mRimwXNuycU2bGfzM emhaRm2QNZL1kyT7iw+L3SaXyjBsUh2wcjSJPpyxYWSzNI0HA35tbPFoUUmEX2YuZOfN Zg==
Received: from nam04-mw2-obe.outbound.protection.outlook.com (mail-mw2nam04lp2174.outbound.protection.outlook.com [104.47.73.174]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3kavsesfd3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 17:33:03 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Epm/055TrX8Lzyz3O+LN8dxOxtfOFTq5tiHh2hLzsJgIr9EJKeJIIroTz2WxTFBec6jlUoRma3VDgad0sIA1dQevmiY4C9BfV7E/eBK5FkECO1rAfeOgeDwPNHrEaRC28j357MRTMu+o149hR1qeg677egn4HdzkH47IyhKc5M6C1OkujxER4CODo944kUoWNCIg3mVvmI5X6fybMgWhlFOUeg1t/+SueUdWcXTOzdbrHH3k86DAG9sKB+/u3cMtecNRuaYd8re+bBNtJMPYxjdKcS1pN5zol0HGxaS2j8V8vZX1dn61+DaMTcg94lqNVnZV3whsDHcsrbPSyx+lCQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H/w3ilEwKVEwhnSozfuAd4CT9UePKE9uhiQ8EsoU1/A=; b=FH21c72VotCgCligZB7F5PlmAh2e9bIGquCmUVS9Ieic9H08TETNjQbvjt2i5jBmLXjlptcqBWTPKkXv0uKOKkDYEKQ2T2Uro2xKvFk6MJE5TRh2g6XIKZGLtIA/0xevd7CXbNJJwbFoCXoSy1ZRH0CYAM6RyNJlFRZDLJvaj1Ka9ZFswJiXDmch8m69xnlIkTC/VPZyW5TPswsv3+H85hTvKoi2P1eRQ2IsPxTGJ4HtgBc5zYAS1EaMuJKnq9Qb5lvQHJaeUU/LF7yUSWpQPBbjELq4UX/w3CJmzr+atgDNNvH1G5lQ1I/zpBu7NzmEcT8eJQRzuhhlKOBKv/d0NQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from DM6PR11MB2585.namprd11.prod.outlook.com (2603:10b6:5:ce::22) by CY5PR11MB6140.namprd11.prod.outlook.com (2603:10b6:930:28::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.33; Fri, 21 Oct 2022 22:32:59 +0000
Received: from DM6PR11MB2585.namprd11.prod.outlook.com ([fe80::43eb:1724:f177:db0f]) by DM6PR11MB2585.namprd11.prod.outlook.com ([fe80::43eb:1724:f177:db0f%4]) with mapi id 15.20.5746.021; Fri, 21 Oct 2022 22:32:59 +0000
From: John Gray <John.Gray@entrust.com>
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, 'LAMPS' <spasm@ietf.org>, "pqc@ietf.org" <pqc@ietf.org>, "hackathon@ietf.org" <hackathon@ietf.org>
CC: "info@baentsch.ch" <info@baentsch.ch>, Felipe Ventura <Felipe.Ventura@entrust.com>, "kris@amongbytes.com" <kris@amongbytes.com>, "Railean, Alexander" <alexander.railean@siemens.com>, "Kretschmer, Andreas" <andreas.kretschmer@siemens.com>, Tim Hollebeek <tim.hollebeek@digicert.com>, Max Pala <M.Pala@cablelabs.com>, Michael Richardson <mcr@sandelman.ca>, Sofía Celi <cherenkov@riseup.net>, "alexandre.petrescu@gmail.com" <alexandre.petrescu@gmail.com>, "Klaußner, Jan" <Jan.Klaussner@d-trust.net>, Florence D <Florence.D@ncsc.gov.uk>, "Vaira, Antonio" <antonio.vaira@siemens.com>, Serge Mister <Serge.Mister@entrust.com>, David Hook <dgh@cryptoworkshop.com>
Thread-Topic: PQC X.509 115 Hackathon
Thread-Index: AdjYVOXE6GpE7MN6R9W+NqLxsx9F5gCNS/ywArpYwyA=
Date: Fri, 21 Oct 2022 22:32:58 +0000
Message-ID: <DM6PR11MB25852EC7B6A0715311F0A97EEA2D9@DM6PR11MB2585.namprd11.prod.outlook.com>
References: <CH0PR11MB5739E98B69C5AD88745F539E9F5D9@CH0PR11MB5739.namprd11.prod.outlook.com> <DM6PR11MB25852409BE2751E34E1E83AAEA259@DM6PR11MB2585.namprd11.prod.outlook.com>
In-Reply-To: <DM6PR11MB25852409BE2751E34E1E83AAEA259@DM6PR11MB2585.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR11MB2585:EE_|CY5PR11MB6140:EE_
x-ms-office365-filtering-correlation-id: 3cd5dee8-19bb-4df6-69c5-08dab3b434f9
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 2J6EEgibJ8n0YiXM/QPj6SHZpViRxMyTGB9oCsJWR95xmC6gQM33zFE0u+1qkZZJUADgSGYV0esWJi2uRN6LQKWcfsRp72c9tGqWV8IOly/xMnReT/K/7CFQZUiw2hyMCekRYpl7QM9YExm6N0yVk+It96B2xM1tdr1x3M4kpNsXTGBBhUf+p62TYceYbiiv/2xwjZJyq0XXqKmaeUO6hTz+Ol0nDvCqnx46Nd0bbQbES0ayrwlYd/NzoY7Inu+05sBwhVjAAQ0H6DKyQ843qj9drHAZ2kn7DUL3hCp0V1chO1Fu5Z0qYUtL9lwK2bLQGynX4zrY2FTlwsMb9n/lvIOC+Q/Tr/wzAo367jylttmMB0sqO6e8QPL5R900rcFdWMpJw2rP2J3YDQd1XZKidsPHYgs8ud81/LQl6WFeqFygwHv7vL5GoBgY+zC8MH+er/Wl9TzGdavK8La8c50yBq8GgF8Ccp1iV6V45eziS8pSiTZ56iJ5VfSNa/NIKcM8XwT2AakN9RqdQbTWzTMsmAxpD8o0zsIzddyBOUIi04mIs0SpXMW5bXE05aGPAGlxVaw7wpaxZ2C7Cs5O2Tr9b3QpBdeEbrzjSLFVfSC4vD77Qvci9dY3z4CHAZ/vAybXyT9EGDf87uttlNJqxPxUTS2ojZ92S+r948Hy8xNI3eQW/w077abZHyUzvP2zSARt/CKDFYuaOU57WdWhz8UlomYpL2be/cWHguUV182uRly0M1EHld1M2kNnFA1hz5FVhWtdF7X0GoeLB7vfvQX8Jg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB2585.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(136003)(346002)(39860400002)(376002)(366004)(396003)(451199015)(66899015)(66446008)(83380400001)(4326008)(966005)(66476007)(64756008)(8676002)(33656002)(66946007)(110136005)(26005)(53546011)(9686003)(54906003)(55016003)(66556008)(478600001)(6506007)(38100700002)(122000001)(38070700005)(86362001)(166002)(186003)(7696005)(71200400001)(99936003)(76116006)(316002)(52536014)(41300700001)(8936002)(5660300002)(2906002)(21615005)(7416002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jdR0kdAMICqX2GonRXr8obcBcHVq4U/nJ0VQmNKfI9EkpYnao1dCm5UJXgzRYvo9/d8PhSyCtEGTydwLFBtoD/0+8JI6NVtCcnu6O6t+73cljF4QSwZnelB0CcrwQC+svXwn7whwBHWSpPgHJCTS45Xx3sdvJGzbwj5YjpgfBhUfgFCADC4pe4E7GvNW8tjmgjWfPFW1YOQAnAMyvIV3gXP3lAtSSHGpnsY1CkEe70zuanIXkSBtBEveTN5e4WcwfsPQeHVd7dXEgxmLo6h6ZSXMV0sDD35Og2mRrpylQvVNBcBQWCbYrOCxQnvTGvvLovI4LEQwGjjUk6VwGP1J7aAFzLbexed1hB14EVUcb+HT+PvqMHxBD+LChk0VJFNlCkycQ/tA9cwpyeV4VDPyizPyjt109EvoCKN3bO7oDVwSy76MIspC7J7cevXGog2AJaEl3TpoRhJ7TcJRZhljQxOmQ6bxrKV8Fje42ag8JXl6r5R5h39NbdTCpPxh2R5KEBIbuPKxuF3EC+zujDHpLwP0qmwPTJ/uQbHaEMsKVaLv6cX11ma/pFg/a8Up/HOjCxVPJUoZE9PZDAVZFgmzlXn19x+JDP4sYKe7c6eODzojcCtl3wrBzM/9oBhVel7mzI3UQ27uvJUCsakmkybeWW99oQJFHLt7XQJ5bF1/3EtNODJP1dx0hsAODlfQy+dfcZEHiQiVtyvJwH+C2JwBv8WlytSqor6TZN3scXWjdzgh7Kd7PxVSeIbDd6Mc8bh0USj7mU/WfyhuM9IYJGcoFwxW09JubXN6+pmVcuCMkukMRCXlKcmVBIHL+vUg5i1wGbTELJQ0tvfnS2WF2RcjIRTLTXec54kT/O/i6rwmcFtvbB4d/tcC+eBbRwD0KlI0DdBFuq7teiyGYZ5gZJs79wo7RmQCTMpWUP2S7fFTEdyo6jNX60aBcAoxjiVZI2ctyIqkqACQ5Qsros0/5D1059Trkg4zpxyYzC9pohrQjkvJsj4YnCnhfUGqV1oFHarcyzooWQhHLEQOZYa24tWpvtJfM/MMbM8cdbAxmEquW9XSCqUUWUvgcbF5ngHGcX0jWVxCf0iOA57hsyNKjrdmK1lpm4qRjsQ3nWw0ORREGfZ7JkTpsXjAQYFhiPdknOfEWYEDl/XBdaEtaNRuTVCvhuutzCsz881TOD8MKRYdoXzV6tYrwMHRtBEmlZlTBqphQgN6H6jHFskV4nsDpHK3/Bz4LEhYn5FI1ShnD119Z3m/7RZcGjWIcmM0zqfZlC/sNNQyqEbM5GuSugVyW1ySx3rHJYTGmTc3bbX8DNaNgY8w+YVC+b0PFsbTl4kdQZX/5beYbiD3LMVojHkxQnU/IwrXtWK5lhBc1GJv3zBvxuPcM7kYkhq5frVXcKDPmIMxMjwKi042W1BdavdItuMmMg7mZF7Yf9qpVzixVz61rsEwYJd2xk1mwb2QpbKv/eVy1yVo7beDphslJlLsl9xfHnA+Xf0IkiIobgpm6Xf7/dyJvebOWEANsEU9wydChLbr5/YWZwMzA3FjawKCbaH/Wc6gcFyJ4NTQwtrAuUI0bM4rxSP8YXzmpAbe43Kfu4jN
Content-Type: multipart/mixed; boundary="_004_DM6PR11MB25852EC7B6A0715311F0A97EEA2D9DM6PR11MB2585namp_"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB2585.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3cd5dee8-19bb-4df6-69c5-08dab3b434f9
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2022 22:32:59.0279 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Ii39Xuz3IFD7opxfQ4TaaJ7IOGeE376GeICYeR8LjdrhVTQKBtvmX1MIt1cGa7OcyeaQOOidMNukf8ewAfPPMA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR11MB6140
X-Proofpoint-ORIG-GUID: JgixDtA6Cpi6acv6M6_azmeU3veFX5vw
X-Proofpoint-GUID: JgixDtA6Cpi6acv6M6_azmeU3veFX5vw
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_04,2022-10-21_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 bulkscore=0 malwarescore=0 adultscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 clxscore=1011 lowpriorityscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2209130000 definitions=main-2210210131
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/AnZuyru3pPQGi7KXKwH8G80tMKo>
X-Mailman-Approved-At: Mon, 24 Oct 2022 16:54:15 -0700
Subject: Re: [lamps] PQC X.509 115 Hackathon
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2022 22:33:34 -0000

Thanks for your interesting in the PQ Keys and Signatures in X.509 / PKIX Hackathon.   I have tried to cc those people who have expressed interest in the hackathon either via email or by discussion.   Some of you may already know each other, some of you may not.   If I forgot to include you, I apologize.   You are welcome to attend.

We are planning a pre-hackathon meeting Monday October 31st in the IETF's gather.town in the Hackathon room table G.
https://www.ietf.org/how/meetings/gather/

This will allow everyone to test their A/V and so we can sync up about what we want to hack at.     If you can't make the meeting, that is okay, let me know and I will send you notes.

Suggested Agenda:

  1.  Introductions
  2.  Discuss Scope (What do people want to test).  I put together this slide deck today which covers much of the scope that I envision.  Hopefully it goes through email without an issue.   Obviously it is not exhaustive, but gives a good starting point for those who may just be starting to take a look at this.

Cheers,

John Gray
Entrust



From: John Gray
Sent: Wednesday, October 12, 2022 8:20 PM
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>; 'LAMPS' <spasm@ietf.org>; pqc@ietf.org; hackathon@ietf.org
Subject: RE: PQC X.509 115 Hackathon

Thank you for all your comments and suggestions in regards to a PQC X.509 Hackathon.   We have added the details of this hackathon topic to the IETF Hackathon Wiki located here as 'PQ keys and signatures in X.509 / PKIX'

https://wiki.ietf.org/en/meeting/115/hackathon

We hope that at least one author for each of these drafts is able to join in some capacity so we can attempt to come to a consensus on the key and signature formats of the PQ finalist algorithms.


  *   https://datatracker.ietf.org/doc/html/draft-uni-qsckeys-00.html
  *   https://datatracker.ietf.org/doc/draft-massimo-lamps-pq-sig-certificates/
We plan to distribute a set of OIDS we will use to identify the key and signature formats (we need those to interoperate with the various X.509 structures like PublicKeyInfo, PrivateKeyInfo, X509Certificate, PKCS10, X509CRL, OSCP, CMS, etc).   Ideally we suggest that these are done in an agile way in software to make it easier to plug in the real OID values once they have been officially registered.  We will use formats already suggested in existing drafts whenever possible.

I know there have already been multiple key format proposals for some of the PQ key and Signature drafts, so we can use different OIDs to designate different formats if we want to test with different key and signature formats for the same algorithms.   If there are key and signature formats that aren't included in the list we provide, please suggest and add to the list.

I plan to add this information into the IETF GitHub repository in the next week, so stay tuned!

If there is something you think we have missed, please let us know.

Cheers,

John Gray
Entrust




From: Spasm <spasm-bounces@ietf.org<mailto:spasm-bounces@ietf.org>> On Behalf Of Mike Ounsworth
Sent: Tuesday, October 4, 2022 9:01 PM
To: 'LAMPS' <spasm@ietf.org<mailto:spasm@ietf.org>>; pqc@ietf.org<mailto:pqc@ietf.org>
Subject: [EXTERNAL] [lamps] PQC X.509 115 Hackathon

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.
________________________________
Hi LAMPS and people interested in PQC!

As suggested at 114, my colleague John Gray and I would like to do a 115 Hackathon on PQ keys and signatures in X.509 / PKIX.

We are suggesting to play with Dilithium, Falcon, Sphincs+, and Composite signing algorithms in Certs, CRLs, CSRs, PKCS#12s, CMS SignedData, maybe OCSP Responses, maybe Timestamping, maybe CMP. We can bring: the Entrust Toolkit (which we can hack at), Bounce Castle, OpenQuantumSafe-openssl, OpenCA (easier if Max Pala is there, but we can probably figure out how to build it).

The point of the hackathon, I think, is going to be OIDs, and public key / private key formats (ex.: the differences between Dilithium and Falcon encodings in draft-uni-qsckeys, and draft-massimo-lamps-pq-sig-certificates).



Question 1: are others interested in joining us at the hackathon? (no point is signing up for a hackathon spot if we're the only ones there)

Question 2: whether or not you're joining, what PQ X.509 / PKIX things would you like to see working with Dilithium, Falcon, Sphincs+, Composite?


---
Mike Ounsworth
Software Security Architect, Entrust

Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email