Re: [lamps] [EXTERNAL] Re: Adoption call for draft-housley-lamps-cms-sha3-hash
Mike Ounsworth <Mike.Ounsworth@entrust.com> Sat, 28 October 2023 18:08 UTC
Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEB21C151073 for <spasm@ietfa.amsl.com>; Sat, 28 Oct 2023 11:08:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4lFJ6QXWISOA for <spasm@ietfa.amsl.com>; Sat, 28 Oct 2023 11:07:59 -0700 (PDT)
Received: from mx08-0015a003.pphosted.com (mx08-0015a003.pphosted.com [185.183.30.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2BDBCC14CE47 for <spasm@ietf.org>; Sat, 28 Oct 2023 11:07:58 -0700 (PDT)
Received: from pps.filterd (m0242863.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.22/8.17.1.22) with ESMTP id 39S6hf8M026427; Sat, 28 Oct 2023 13:07:54 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=/DHs5TZgFdfGukpc+uY+BUNh h9+XuQRBhAPh2Y+OObY=; b=FCEnOCRbdT3u7pAijCcasrkitjT0VanxW8OngyCI g9xMVlGcYDQgAMOmS93EV/0w61Rtc/criIyQy93Omdo3n7Su4MAExfqdDBscdLHk mMIIXWwLLeOmLE7UTpJQdFfUMXZzkea+k/kxP2SNsnF0fOHK/MjDIm3P7oP6pdx+ wvwqxZsfD04bA8PpF8+FTrQukmA3wfbD6woZ8EwlI6b1S8z57vpzIpbH9/d2HlZF arw2RWuP3aVnwydm0vvQQrn6hU8kNOnqZlgp15cxj4Lv99Sr0EFI4aZcoDfHNlIl +pjawzOsF0OAXrn9e4HdD3WDrP1aZihozanYN4re423gpQ==
Received: from nam04-bn8-obe.outbound.protection.outlook.com (mail-bn8nam04lp2041.outbound.protection.outlook.com [104.47.74.41]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3u0w9khtmd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 28 Oct 2023 13:07:54 -0500 (CDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g+tE2e9Cn6Jpt8kZ27+P28FLIhl9spUfTz+FRPCjt+ITOupK3QAfF6fIyfIywaGWnL+WYVPv+D/6xX4kimgQkWbT5zE7vN6Qb1XobHqSgh2zQZeZhNUtJQprHaBPHVRABn2LbuX1gL35SyNNNGHeUYpyd6ETuvkLdF43RUw3Wq7u810AfuUj29uO/O1wCR1tT14Lwgxy7R8sFkWp3yw000C7JG0n6ZIxlFAoNtHPsrN4NoXlVpEqlKhgcIgsFLmnuioB4FDbKPrVeTx6DbFHmnIpWV8I1brFLiXJlkjzVZAOK/tbKG98IEAYVbpVI/9XKAl2DX5vylBsx8cS9JStoQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LR4CLDTTdNUnx4ebP440DfwVrfhNPvy0vK23YeBYkEk=; b=SPQKS6exYcknzcljY6uOnMcsWcbP+9kmOYaRkgIDVv+yyWcrPV64iHzkrGlhDRdULISOz62gv2j3yo5Gk+wRp7g5ZEi6H4W+Fs+b2RRxZ8/vWtap+0fcw907Zft5KDY9ancnlQfjQD4JB9c9DwkJ7PHiKQQkn0gTtnph1eNJuwkPsk7E1FZx8VZJYiJtc4aZxFpsp2hyZYGF5Cq97XPg5Ha783sOcwWq1PIESgLCJg8cJWwz5PliV69bL9pxjYihR+IyLzwNexIL0WCz/dvImyCghf53LnAOZlr1JRvepd2PdtS7hpu46KCIZUGDWQyMT7DyQZYj/a2nfkolzvjbuQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by IA1PR11MB7680.namprd11.prod.outlook.com (2603:10b6:208:3fb::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.33; Sat, 28 Oct 2023 18:07:50 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::9154:8630:8db3:6f4d]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::9154:8630:8db3:6f4d%6]) with mapi id 15.20.6933.024; Sat, 28 Oct 2023 18:07:49 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Russ Housley <housley@vigilsec.com>, Panos Kampanakis <kpanos@amazon.com>
CC: LAMPS <spasm@ietf.org>
Thread-Topic: [EXTERNAL] Re: [lamps] Adoption call for draft-housley-lamps-cms-sha3-hash
Thread-Index: AdoI6y+y2y5ZcOeiSVKlqZs1jTYungAXnD9wABsEw4AAANSTWA==
Date: Sat, 28 Oct 2023 18:07:48 +0000
Message-ID: <CH0PR11MB573915B912FA76F9D2A8B3239FA3A@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <SN7PR14MB64924398A13D7C521AEDF4B283DCA@SN7PR14MB6492.namprd14.prod.outlook.com> <bfa2812c899541cc84f7c5abb38ee435@amazon.com> <597E6452-69BF-41EE-A3EB-19AF0A01304C@vigilsec.com>
In-Reply-To: <597E6452-69BF-41EE-A3EB-19AF0A01304C@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|IA1PR11MB7680:EE_
x-ms-office365-filtering-correlation-id: e8eb3f6d-4835-48fb-dbcd-08dbd7e0cb50
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: V6d5VcbT+5pp7vyAXKwuHLsRsImg3eH8SXIeoDaOrSF2TD2KjzqZBbp9qrzXAkygH1BBWkvMqKDKJco+sE/sMq1IgE3gcFFdKZaw6+rHdyXikUc5LvRqQ4nrqbo98ZFCzn1aurzXKcLdbZxJkFV80s3FI+aqh8XH+eo9e55PKtAV7Xr4EK7nuK3YAB+SQ81Gt7DckgstCW1XB257XHl75HusHaNLIJ+UmsFWNXgu0ZtWTqnZFHlY65o7t1n4OiD36JJyXSeK7cIVVmKXBiUGZLycVanMx3xwnlCrIKnoUklRiObOWzPE2OV2xoc+CCnHhexYkhXSSPT7dUGWOtUku6xzjYmyxheSgHaIdnWR5vwG6OP//QMvqMTnSYbNuJ6vEqWoVCdN0gE0ATKq3nWVl8CQQPwpV2tJDrPdAHFODmKmqo8IFgAHqyRO0hr9BaqordDDyWppP2oASWMI72rX0enTygLfx7K93hfPZbJGegKDhdJzoDzdreKRi75fnLogHACzpIP+wizQYDJromLZKL8WrEzHfWCtfQANOc8vTII6NFr7eKxMwuR/PTCcps+UVAQ5As99rRlyEDbG/QjHc2rO4Nih/MO4FqX3cRRQdMkeKJncSBl26iIKCfuveIE/81k7ohZ7NJukYA/k3HUPI9CiuC2WlMFiiG8vHHKf8RlXZjTIuKMOd8OnkGKPCF5w
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(366004)(396003)(346002)(376002)(39850400004)(230273577357003)(230922051799003)(230173577357003)(451199024)(1800799009)(186009)(64100799003)(38070700009)(19627405001)(55016003)(26005)(71200400001)(2906002)(166002)(8676002)(53546011)(33656002)(122000001)(4326008)(38100700002)(52536014)(83380400001)(8936002)(7696005)(5660300002)(66476007)(316002)(9686003)(6506007)(966005)(66446008)(110136005)(478600001)(66946007)(41300700001)(86362001)(76116006)(66556008)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: +Xkm37DOopV31eBA/6WPF4aWylk7z8B5HWAcB9s9FLsFFtH/Sd3QVpH0AoRC9/OntK6IayW5YGVoB5r5EiBBEbougfZBUQmNVUtx5VvjelyAh/6R7m4Vo3n6m0V0oesCU7pfUlI/xItZKjCEt2mQuqddSAqPo7wV0gbsIf7M4VQmd0RwWYDlM0pdsdtVqhNBN+SWdVM2yaQfg8QClb5pkbb6MV9t8PpER+q5rVc9/XgnCDnlziH2KgTyi8bkmtroCvHQ265B0yvHTe249GL+pPtQ/Ga3cm/5gkxyDZsaxqFKICZ4U2rLQnAzidRPdhg5vfWRghvQg/T3tYA7vlC1HIEiNBV/mc8CRHDUdLcPVQC36RDWj8AImK3d50TIsC3P5p8Owdgr9AHXYCx0BbLXc5BT1n0pXzIavwj84f7F+VwUc+qjxMdp/egx//jz17/e1TkoTjE9O0YPpEZgj+6cPkMyD0rJy6F9kMXjCleNKtQQH7pgWzlcz4OUO9CfeX3kvRbjtUzVLF9Ef8ky0oIXiyAdqTEMF9k/W4/ljPo7KEywfukuTiMAAVina6JKEm/e9o5buMkJ6UiZI3aI5BgDmSfuUtQbeQZnoko8bzfUXkw8yt2/3kg8gGLrDaJRo5IiJswYL9CQ3xaDMcGEHobkJRmrYxDkfHuUNds4Nc1IBPK/tdSAPJVxXydfP6zt6zocO6pSLWjcmgDdaWmlvuWDXpbjhhm7JDEpupX571NUb7fwXOLJ0fSDYzQV7MsJ2FIWGG4oJe/OBjMt7zD8QYwr8korwBd5NQXAyrMFbuqsG5LjZb/BrCB7rk+xc08eZH83CwZ7ffZ50gG88u3RGQfdJ3RBbDuTmk+EmRLK3D2vOTwWthZkQmMWUZupWULAWEfUcFO7GJH+bf9CvaKB5cTh+brN9kRElJZKCopam849IGk5a+dkckxFzcA/R+Hd9ZXdwGxlEI9zuGc5hW1ULLuZL5/Wg/YsktgXPkx4e0OxMBv68sgGSoKy1YarkXoLmNHxgPM/UX6LkDX4b0uzGB7HlwS8JZw2xyZTxebFaOvKfMRG/A/IRoS1v8J9nj07W6dNW1aBzXhCQnNJTka+mD0aqfM4FsnXO7w+qqz9E62LPcW/Fv+/hWWAcGrA1TFCFkZkgll9KcIiXXbsgEmk48FiPiOjzrsC5fLb3D7YGw5jp3I589YSmQg40ZlGwObV49L+jkKgAaDg0LKL3C2D6nCjghErAt/1d4FRAIZxkH4BxixSzZP/flZexu70+26n+n7wLzFtCUoADEhev/yxtPb9rUtO8sQvDELfnbnt04H6ExN08cOE7Per4TCzFpc3AFLptsHTNTjOeqdWNc5aw3HUlzb93GJhnninQyrS0sPoriOAuhtxTbR7OU2syAwnHeHQ9I0r7oyNUk2A+8+CTci+Vz6+Nr+02kiwrk0eyx1yQ9iJ5Az27WMIq3jQ7e4LlFNhfyEPL8kqOwiZ+biE2IHUG/kznft5sl63pFozY8oA5Q5cRXR9w5hjNsVNVmGq/LxkLkdw6JaZA2Gli2fQH4pkSJGvoVFdYHa9Dro8WjV0uxvXGNSsbKLK3HkHMJMoU2KXOmz9DLprcWJQ4dca9OHuDA==
Content-Type: multipart/alternative; boundary="_000_CH0PR11MB573915B912FA76F9D2A8B3239FA3ACH0PR11MB5739namp_"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e8eb3f6d-4835-48fb-dbcd-08dbd7e0cb50
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2023 18:07:48.6477 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Wk0uaOkx0hU/1WEm/QyG22lRqo2rYNpRQS5kvvqukKrlHYlb0xpwPEqhOKkfUq59BGfBCfhJS/kSt1jaOj8KCIr4+llq/W+fy0zGVUEesBw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR11MB7680
X-Proofpoint-ORIG-GUID: 9iJHO4gxr9r3OBuJEFRBG7owymfY8uv7
X-Proofpoint-GUID: 9iJHO4gxr9r3OBuJEFRBG7owymfY8uv7
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-28_17,2023-10-27_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 malwarescore=0 spamscore=0 mlxlogscore=999 lowpriorityscore=0 adultscore=0 priorityscore=1501 mlxscore=0 clxscore=1011 suspectscore=0 phishscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2310240000 definitions=main-2310280147
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/EcLxI8z46ZFpyzf9marM7Q2SkEY>
Subject: Re: [lamps] [EXTERNAL] Re: Adoption call for draft-housley-lamps-cms-sha3-hash
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Oct 2023 18:08:03 -0000
Panos, Specifically, draft-ietf-lamps-pq-composite-kem instantiates RSA-KEM (RFC5990bis) with: keyDerivationFunction kda-kdf3 with id-sha3-256 See: https://datatracker.ietf.org/doc/html/draft-ietf-lamps-pq-composite-kem-02#name-rsa-kem-parameters Therefore, I need an OID for id-sha3-256. I guess this is a design choice that the WG can discuss. We could instead use id-shake-256 from RFC8702, which is usable as a digest algorithm as per section 3.1, but why? If what I actually want is a hash function, then why can’t I have a hash function? - Mike Ounsworth ________________________________ From: Spasm <spasm-bounces@ietf.org> on behalf of Russ Housley <housley@vigilsec.com> Sent: Saturday, October 28, 2023 10:44:57 AM To: Panos Kampanakis <kpanos@amazon.com> Cc: LAMPS <spasm@ietf.org> Subject: [EXTERNAL] Re: [lamps] Adoption call for draft-housley-lamps-cms-sha3-hash Panos: Mike Ounsworth needs these OIDs to be available, and the easiest solution was to just publish the previously abandoned I-D. Russ On Oct 27, 2023, at 11: 00 PM, Kampanakis, Panos <kpanos=40amazon. com@ dmarc. ietf. org> wrote: Hi Russ, Panos: Mike Ounsworth needs these OIDs to be available, and the easiest solution was to just publish the previously abandoned I-D. Russ On Oct 27, 2023, at 11:00 PM, Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org> wrote: Hi Russ, I was under the impression that SHAKEs for CMS and X.509 would suffice for introducing the Keccak family to these standards. SHAKEs have the same security and better performance. I thought that was the reason draft-turner-lamps-adding-sha3-to-pkix never made it. Is there a reason why someone would use SHA-3 in CMS instead of SHAKE128 or SHAKE256 (RFC8702)? From: Spasm <spasm-bounces@ietf.org<mailto:spasm-bounces@ietf.org>> On Behalf Of Tim Hollebeek Sent: Friday, October 27, 2023 11:39 AM To: SPASM <spasm@ietf.org<mailto:spasm@ietf.org>> Subject: [EXTERNAL] [lamps] Adoption call for draft-housley-lamps-cms-sha3-hash CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. Hello, Russ has asked for an adoption call for this short document that explains how to use SHA-3 with CMS. Since people may be traveling to IETF 118, we’ll do a three week adoption call. https://datatracker.ietf.org/doc/html/draft-housley-lamps-cms-sha3-hash-00<https://urldefense.com/v3/__https:/datatracker.ietf.org/doc/html/draft-housley-lamps-cms-sha3-hash-00__;!!FJ-Y8qCqXTj2!btMHx3oQg1XcdsmiDk3zQn-HVGxUExFHzJp0v2bwunfFVR3P8235FQ_QH4pzRkyD49fJSywzek8dgSw-P9DqGArWDMhf$> Abstract This document describes the conventions for using the four one-way hash functions in the SHA3 family with the Cryptographic Message Syntax (CMS). Please indicate whether you support adoption, and optionally indicate why, on the list by 17 November 2023. For the chairs, -Tim _______________________________________________ Spasm mailing list Spasm@ietf.org<mailto:Spasm@ietf.org> https://www.ietf.org/mailman/listinfo/spasm<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!btMHx3oQg1XcdsmiDk3zQn-HVGxUExFHzJp0v2bwunfFVR3P8235FQ_QH4pzRkyD49fJSywzek8dgSw-P9DqGMDI1k9b$> Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.
- [lamps] Adoption call for draft-housley-lamps-cms… Tim Hollebeek
- Re: [lamps] Adoption call for draft-housley-lamps… Mike Ounsworth
- Re: [lamps] Adoption call for draft-housley-lamps… Salz, Rich
- Re: [lamps] Adoption call for draft-housley-lamps… Kampanakis, Panos
- Re: [lamps] Adoption call for draft-housley-lamps… Russ Housley
- Re: [lamps] [EXTERNAL] Re: Adoption call for draf… Mike Ounsworth
- Re: [lamps] Adoption call for draft-housley-lamps… Kampanakis, Panos
- Re: [lamps] Adoption call for draft-housley-lamps… Mike Ounsworth
- Re: [lamps] Adoption call for draft-housley-lamps… Michael StJohns
- Re: [lamps] Adoption call for draft-housley-lamps… Kampanakis, Panos
- Re: [lamps] Adoption call for draft-housley-lamps… Michael StJohns
- Re: [lamps] Adoption call for draft-housley-lamps… Ilari Liusvaara
- Re: [lamps] Adoption call for draft-housley-lamps… Michael StJohns
- Re: [lamps] [EXTERNAL] Re: Adoption call for draf… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: Adoption call for draf… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: Adoption call for draf… Russ Housley
- Re: [lamps] Adoption call for draft-housley-lamps… Tim Hollebeek
- Re: [lamps] Adoption call for draft-housley-lamps… Kampanakis, Panos
- Re: [lamps] Adoption call for draft-housley-lamps… Tim Hollebeek