Re: [lamps] LAMPS Re-charter
Jonathan Hammell <jfhamme.cccs@gmail.com> Fri, 26 March 2021 13:44 UTC
Return-Path: <jfhamme.cccs@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7A093A1F13 for <spasm@ietfa.amsl.com>; Fri, 26 Mar 2021 06:44:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZKXUll5KOwUw for <spasm@ietfa.amsl.com>; Fri, 26 Mar 2021 06:44:24 -0700 (PDT)
Received: from mail-oi1-x22a.google.com (mail-oi1-x22a.google.com [IPv6:2607:f8b0:4864:20::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5C203A1F55 for <spasm@ietf.org>; Fri, 26 Mar 2021 06:44:20 -0700 (PDT)
Received: by mail-oi1-x22a.google.com with SMTP id d12so5703604oiw.12 for <spasm@ietf.org>; Fri, 26 Mar 2021 06:44:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=lJx7FMAeW/4y2JAVJSyXZsYFu2CbdHK2T70t8nVKGhE=; b=K1F5ref96EhpgwFOMI1/WjBWq8BGfenEJ1/A5KvDEYnC98em1LtwaXVN7zJ1NnkZ6Y hAEgFAtaEaoF4+TDjKTGUdJ2tOQXno6RcD31GT/ZftUOSiuSJHOx7cJai5yoP/osvonf kHQx65w7n/jvhqQxRnBaaPXDYZCTAJlTqGVVVN5n/FwHoJ5UbIBgwi/eV/D/WnkKwVcd iL6jBOUUQnlT7QDLqUa+bSLiOwUFBgTnUn6OfvR+6QUbTBnRGFnrL1X3stCfGIVfiRpc m62cgqFaGBXB9HX/3zb26Mey8UhzqmL6de+/Tw+K/3LJXkWUkHir5KSg4xFTiB2U20lN NH7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=lJx7FMAeW/4y2JAVJSyXZsYFu2CbdHK2T70t8nVKGhE=; b=aoLRzYO0uLUivXlK5M7lranYaCcl2KMTO0n8F9SsICZZNdwAdJwNsHEJtbkO6A6wwn BGcwAFz0K7UEi+HBpzm7vbkfTEYd1umoja24Chjt3QA+Ray9dXVnHPx3JxvD/hP5j0Ef j2AHFiooD0+mlnIME+JtPeneju5u1wmj9xqRabrKZOPPrPUZFoXf0CxfQwxgpFbSCPYR tFRbUdQPFbn8/EC0NiOGB9gmuyDO7vrxiZuJ7LmDOoZRWZkdfmzx6LsXG4+UIveeqhWQ ITfMFVqchfq4tolhs0TXxLfh9ONOGtmUiFtILy3iqinEgvR4cn2UCkwM/GxjTXjUeQ2M 7jnQ==
X-Gm-Message-State: AOAM532TYQN4yMAY0eksPjcNsJwKSy/GKHXVx1g3lUvM+m/y6YFsLvX2 OOOzNkOh+4NCyc2aNTNMY0T6o0Z2rMPuA5YulxExa9j0dbOOSg==
X-Google-Smtp-Source: ABdhPJzEO/mjSBwXYI/Z7Twdt5I6nn/rjZPhUgd41sln6NHY/1841aDd9vm+4moBsbK6LxMfqsam+KrLpTpVySScdxE=
X-Received: by 2002:aca:f48f:: with SMTP id s137mr9770053oih.101.1616766258020; Fri, 26 Mar 2021 06:44:18 -0700 (PDT)
MIME-Version: 1.0
References: <5A22DF7B-BCA5-42F6-BB95-D4F70FDB1996@vigilsec.com> <951CAF0F-7461-4057-B95E-D1F6CAE61D02@vigilsec.com> <4c18a9982cc94df2952d7b2cbae89d99@cert.org> <7B82765F-9C7A-4C4D-B115-A2835B44E6D6@vigilsec.com> <b3fdb1ac051b4ae0ad748782daebead2@cert.org> <ACE141CD-B0B7-45D3-B54F-BE25275A0D25@vigilsec.com>
In-Reply-To: <ACE141CD-B0B7-45D3-B54F-BE25275A0D25@vigilsec.com>
From: Jonathan Hammell <jfhamme.cccs@gmail.com>
Date: Fri, 26 Mar 2021 09:44:06 -0400
Message-ID: <CALhKWgjB_RVGaQriPbero6eWTdaD4JaVqmHLjHHsqsjrBHUrFA@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: LAMPS <spasm@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Djxz2c7IpLWmAcCj-IjOLv7i9Zw>
Subject: Re: [lamps] LAMPS Re-charter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Mar 2021 13:44:29 -0000
I'm in favour of LAMPS working on the PQC items described in 5.*. Will the changes to PKIX certificates to support hybrid key establishment (5.b.i) and dual signatures (5.b.ii) also require modifications to CMP or CMC/EST to support requesting such certificates from CAs? The text in 5.b.i and 5.b.ii includes that LAMPS will specify "operational practices" to support hybrid/dual. Is that text intended to cover those aspects? Jonathan On Wed, Mar 17, 2021 at 6:26 PM Russ Housley <housley@vigilsec.com> wrote: > > After listening to the LAMPS re-charter comments, I think this captures a way forward. The PQC milestones do not have a "send to the IESG" part. The idea is that we would add those when NIST winners get announced. > > Thoughts? > > Russ > > = = = = = = = = = > > The PKIX and S/MIME Working Groups have been closed for some time. Some > updates have been proposed to the X.509 certificate documents produced > by the PKIX Working Group and the electronic mail security documents > produced by the S/MIME Working Group. > > The LAMPS (Limited Additional Mechanisms for PKIX and SMIME) Working > Group is chartered to make updates where there is a known constituency > interested in real deployment and there is at least one sufficiently > well specified approach to the update so that the working group can > sensibly evaluate whether to adopt a proposal. > > The LAMPS WG is now tackling these topics: > > 1. Specify the use of short-lived X.509 certificates for which no > revocation information is made available by the Certification Authority. > Short-lived certificates have a lifespan that is shorter than the time > needed to detect, report, and distribute revocation information. As a > result, revoking short-lived certificates is unnecessary and pointless. > > 2. Update the specification for the cryptographic protection of email > headers -- both for signatures and encryption -- to improve the > implementation situation with respect to privacy, security, usability > and interoperability in cryptographically-protected electronic mail. > Most current implementations of cryptographically-protected electronic > mail protect only the body of the message, which leaves significant > room for attacks against otherwise-protected messages. > > 3. The Certificate Management Protocol (CMP) is specified in RFC 4210, > and it offers a vast range of certificate management options. CMP is > currently being used in many different industrial environments, but it > needs to be tailored to the specific needs of such machine-to-machine > scenarios and communication among PKI management entities. The LAMPS > WG will develop a "lightweight" profile of CMP to more efficiently > support of these environments and better facilitate interoperable > implementation, while preserving cryptographic algorithm agility. In > addition, necessary updates and clarifications to CMP will be > specified in a separate document. This work will be coordinated with > the LWIG WG. > > 4. Provide concrete guidance for implementers of email user agents > to promote interoperability of end-to-end cryptographic protection > of email messages. This may include guidance about the generation, > interpretation, and handling of protected messages; management of the > relevant certificates; documentation of how to avoid common failure > modes; strategies for deployment in a mixed environment; as well as > test vectors and examples that can be used by implementers and > interoperability testing. The resulting robust consensus among email > user agent implementers is expected to provide more usable and useful > cryptographic security for email users. > > 5. Recent progress in the development of quantum computers pose a threat > to widely deployed public key algorithms. As a result, there is a need > to prepare for a day when cryptosystems such as RSA, Diffie-Hellman, > ECDSA, ECDH, and EdDSA cannot be depended upon in the PKIX and S/MIME > protocols. > > 5.a. NIST has a Post-Quantum Cryptography (PQC) effort to produce one > or more quantum-resistant public-key cryptographic algorithm standards. > The LAMPS WG will specify the use of these new PQC public key algorithms > with the PKIX certificates and the Cryptographic Message Syntax (CMS). > These specifications will use object identifiers for the new algorithms > that are assigned by NIST. > > 5.b. NIST and other organizations are developing standards for > post-quantum cryptographic (PQC) algorithms that that will be secure > even if large-scale quantum computers are ever developed. However, a > lengthy transition from today's public key algorithms to PQC public key > algorithms is expected; time will be needed to gain full confidence in > the new PQC public key algorithms. > > 5.b.i. The LAMPS WG will specify formats, identifiers, and operational > practices for "hybrid key establishment" that combines the shared > secret values one or more traditional key-establishment algorithm and > one or more NIST PQC key-establishment algorithm or a PQC > key-establishment algorithm vetted by the CFRG. The shared secret > values will be combined using HKDF (see RFC 5869) or a key derivation > function vetted by the CFRG. > > 5.b.ii. The LAMPS WG will specify formats, identifiers, and operational > practices for "dual signature" that combine one or more traditional > signature algorithm with one or more NIST PQC signature algorithm or > a PQC algorithm vetted by the CFRG. > > In addition, the LAMPS WG may investigate other updates to documents > produced by the PKIX and S/MIME WG. The LAMPS WG may produce > clarifications where needed, but the LAMPS WG shall not adopt > anything beyond clarifications without rechartering. > > MILESTONES > > Task 1: > Jul 2021 Adopt a draft for short-lived certificate conventions > Mar 2022 Short-lived certificate conventions sent to IESG for BCP publication > > Task 2: > DONE Adopt a draft for header protection conventions > Nov 2021 Header protection conventions sent to IESG for standards track publication > > Task 3: > DONE Adopt a draft for CMP updates > DONE Adopt a draft for CMP algorithm > DONE Adopt a draft for Lightweight CMP profile > Dec 2021 CMP updates sent to IESG for standards track publication > Dec 2021 CMP algorithms sent to IESG for standards track publication > Dec 2021 Lightweight CMP profile sent to IESG for informational publication > > Task 4: > May 2021 Adopt a draft for end-to-end email user agent guidance > Jul 2022 End-to-end email user agent guidance sent to IESG for informational publication > > Task 5.a: > Aug 2021 Adopt draft for PQC KEM public keys in PKIX certificates > Aug 2021 Adopt draft for PQC KEM algorithms in CMS > Sep 2021 Adopt draft for PQC signatures in PKIX certificates > Sep 2021 Adopt draft for PQC signatures in CMS > > Task 5.b.i: > Sep 2021 Adopt draft for public keys for hybrid key establishment in PKIX certificates > Sep 2021 Adopt draft for hybrid key establishment in CMS > > Task 5.b.ii: > Sep 2021 Adopt draft for dual signatures in PKIX certificates > Sep 2021 Adopt draft for dual signature in CMS > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Salz, Rich
- Re: [lamps] LAMPS Re-charter Mike Ounsworth
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Rene Struik
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Rene Struik
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Daniel Kahn Gillmor
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Michael Richardson
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Daniel Kahn Gillmor
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Michael Richardson
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: LAMPS Re-charter Carl Wallace
- Re: [lamps] LAMPS Re-charter Jonathan Hammell
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Jonathan Hammell
- Re: [lamps] LAMPS Re-charter Russ Housley
- Re: [lamps] LAMPS Re-charter Roman Danyliw