Re: [lamps] [EXT] Re: Call for Adoption of draft-ounsworth-pq-composite-sigs

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 17 April 2024 14:29 UTC

From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: LAMPS <spasm@ietf.org>
Thread-Topic: [EXT] Re: [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs
Thread-Index: AQHakM+qbvo2Pp6i9EWEnZ7V83uSfbFshbmA
Date: Wed, 17 Apr 2024 14:29:48 +0000
Message-ID: <090834BF-7BCB-44F1-8381-3012F15BF0D0@ll.mit.edu>
References: <dfbc62145d004111ac3a55f668e7d00d@amazon.com>
In-Reply-To: <dfbc62145d004111ac3a55f668e7d00d@amazon.com>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: VEWlF4NZ1Yag/z8rdUDMd8bFT3/pVyN7WbpttWHDfo2koNOXaTl7lRjXByNOx14iNy8vM3aGrQPyOv40l0arhdyj2QKLhSd1FAtvZZtq3JeMD8Xg6hebvz+sXQlBgoJCKuEsPAEFisYNNh7ATEa9C8GJANGFTaBVtLRZ2N5vIAjEHNaxr4SQWq/miJesTi13Pikgv9zNNDOeLxK7aPEVErZV2aONh5VZ1/uRmLkh6bk2c1S9v4WhaNrbLmHPXhVLnzvs4p6+OHNteF9HkQMRNu0M+RAQLZbOo2yqdK8G7hARAve26iOxZbPr9pkrerFsYmGow9rzFFzQ2+QxB35n++yEZU0KgBkjjibCAgxXhzsVaJ+w0jjFr8WWRkXdKdzmhYVA0giGGVeQMCOI9qYOBG7/nPHGUSlUi+YbTG3cAEgdgkhV0vot8rjW2EQ24yikjKTGVfr11pCz1GgnpaIciEEIct2GBx7M0ujWbr/DT203R0jZumDCa0yX2mq5NNryhC9zYZcoQ4sKYqGhv1YIbGVnfITh9gPutEZGorMXLN/1g3z6dXlTnSuI5GkiwvmqtMQUCs7NY2vRUW+JAESV1QKqKbBjtAAYyiFdE/5YqjpDK2+muhV1YwBYEHm6vTHuuumj2SwX9gk6FEmSHapA/YySfw0NaLX81t5hPUe7LDgp/518ZWfFlEg9g+UtR+rRPUm2eG0KZIXDy7BBdl9JK2VXBFSgtEGOGQ8acNhUQ6IN7edQS0oAzC/uQx8jzNyD5D2c/0HEmmaePbHVbM8XwuZ6NKnQeKdfHitxSsx8egtf7Sll3ap0KmuJaYPQmLn+PdhuFU94MKmgBOo2JOgx0XVvPa39j/n3MEveZb7Mq2BpHuf2hDbsMXloudz/NGw2mGepwj0LmE5LAXLSev6GfJm7Wny4nmw/1eApR1TdjfM57WP2Y4kbr3Eo1ZCDA3zdslxgRndE2FJVKQnNmBK5a8MNiDAXWthUHp9npdmF9UzYAHhG0Lz2xsfx/Yre9OcO/N6BMp7qZs/pMwm6ErtfqHfmzaHu66QEwzG14DH0XwIAusD16pJcSvGHlSHtkjw4eFp6CgHXy9JzFXGEKBLw+FbrbiqB8dAPSHZZ5Gdzk7NvADp3mNJhoSwmaZTKUnp+VqCeAlvAo1aeigpyQM7fNRCO5ca9uNJFLRmKAovYEsYIpa6VtFCM+MO+/tlJzivc7qSh1f9ZGQZCPi+RjK64JlRzM52iKTbkf3EqfkDZy96omsCLOwGBnCGe7sLkuo+R8EMbiKKlZby6DtzxVfXUlJECwapBPCzg37M9Dn5WIFofSZ6gR4JTOOYVLe895CeezIvwIx0t/3kC23bQXBnlhj/SIq/6o/GDQjcvpz+6N7w=
Content-Type: multipart/signed; boundary="Apple-Mail-A2A2C11F-FEC6-4CE0-9857-177591265540"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: be7c3457-6fc5-4478-3b72-08dc5eead61e
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2024 14:29:48.6908 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0P110MB1308
X-Proofpoint-GUID: KDbl7KW3uGYS-FIrnAZDDFeidewdCJrm
X-Proofpoint-ORIG-GUID: KDbl7KW3uGYS-FIrnAZDDFeidewdCJrm
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-17_11,2024-04-16_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 adultscore=0 malwarescore=0 spamscore=0 mlxscore=0 suspectscore=0 phishscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2404010000 definitions=main-2404170099
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/NKqsSg5hwZk7SIEklkPJpw7nadY>
Subject: Re: [lamps] [EXT] Re: Call for Adoption of draft-ounsworth-pq-composite-sigs
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2024 14:29:57 -0000

I concur with Panos and Stephen - and oppose the adoption: I don’t think it’s a needed or beneficial capability.

Regards,
Uri

> On Apr 17, 2024, at 10:00, Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org> wrote:
> 
> !-------------------------------------------------------------------|
>  This Message Is From an External Sender
>  This message came from outside the Laboratory.
> |-------------------------------------------------------------------!
> 
> I oppose adoption as well.
> 
> Some of the reasons:
> - Combining sigs is not as urgent of an issue, so we better have trust to whatever we deploy before we need them.
> - We can afford to wait for most signing use-cases, and those that can't, can use SLH-DSA which is conservatively secure.
> - Classical  and PQ sigs will coexist for a long time so any PQ signature security issue could be remediated by swapping back to classical.
> 
> 
> -----Original Message-----
> From: Spasm <spasm-bounces@ietf.org> On Behalf Of Stephen Farrell
> Sent: Wednesday, April 17, 2024 9:21 AM
> To: Russ Housley <housley@vigilsec.com>; LAMPS <spasm@ietf.org>
> Subject: RE: [EXTERNAL] [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs
> 
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
> 
> 
> 
> Hiya,
> 
>> On 16/04/2024 19:29, Russ Housley wrote:
>> At IETF 119, there was a short discussion of
>> draft-ounsworth-pq-composite-sigs.  The authors asked for a call for
>> adoption, and no one offered any reason not to move forward at that
>> time.
>> 
>> This message starts a two-week call for adoption of this document.
>> Please say whether you support adoption of this document by Tuesday,
>> 30 April 2024.
> 
> (Perhaps unsurprisingly;-) I oppose adoption.
> 
> I don't think we have a sufficient understanding of the costs of adding composite sigs to x.509 based PKIs, and how those costs will be distributed amongst the various parties involved, nor about what's likely or unlikely to be deployed, to fire ahead now and define a pile of new composite sig algs. To do proper engineering, we should IMO have such an understanding before we start spraying out new OIDs each of which imposes costs on participants in PKIs.
> 
> Cheers,
> S.
> 
> PS: I could also raise objections about lower level details of the draft but those could perhaps be handled after adoption, e.g. whether, and if so what kinds of, RSA sigs to include shouldn't be based on what's possible but on what's likely to get adopted esp. by real CAs, relying parties and key holders.
> 
> 
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm

Attachment: smime.p7s

Re: [lamps] Call for Adoption of draft-ounsworth-… Seo Suchan
[lamps] Call for Adoption of draft-ounsworth-pq-c… Russ Housley
Re: [lamps] Call for Adoption of draft-ounsworth-… Ira McDonald
Re: [lamps] Call for Adoption of draft-ounsworth-… Brockhaus, Hendrik
Re: [lamps] Call for Adoption of draft-ounsworth-… Scott Fluhrer (sfluhrer)
Re: [lamps] Call for Adoption of draft-ounsworth-… Stephen Farrell
Re: [lamps] Call for Adoption of draft-ounsworth-… Kampanakis, Panos
Re: [lamps] Call for Adoption of draft-ounsworth-… Hubert Kario
Re: [lamps] Call for Adoption of draft-ounsworth-… Russ Housley
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Santosh Chokhani
Re: [lamps] Call for Adoption of draft-ounsworth-… Tim Hollebeek
Re: [lamps] Call for Adoption of draft-ounsworth-… Daniel Van Geest
Re: [lamps] Call for Adoption of draft-ounsworth-… tirumal reddy
Re: [lamps] Call for Adoption of draft-ounsworth-… Bruckert, Leonie
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Mike Ounsworth
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Mike Ounsworth
Re: [lamps] Call for Adoption of draft-ounsworth-… Watson Ladd
Re: [lamps] Call for Adoption of draft-ounsworth-… Scott Fluhrer (sfluhrer)
Re: [lamps] Call for Adoption of draft-ounsworth-… Falko Strenzke
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Seo Suchan
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Watson Ladd
Re: [lamps] Call for Adoption of draft-ounsworth-… Michael Richardson
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Fries, Steffen
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Mike Ounsworth
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Santosh Chokhani
Re: [lamps] Call for Adoption of draft-ounsworth-… Brockhaus, Hendrik
Re: [lamps] Call for Adoption of draft-ounsworth-… Fries, Steffen
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXTERNAL] RE: [EXT] Re: Call for Ado… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: Call for Adoption of d… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Mike Ounsworth
Re: [lamps] Call for Adoption of draft-ounsworth-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] Call for Adoption of draft-ounsworth-… Brockhaus, Hendrik
Re: [lamps] Call for Adoption of draft-ounsworth-… Watson Ladd
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Carl Wallace
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: Call for Adoption of d… Mike Ounsworth
Re: [lamps] Call for Adoption of draft-ounsworth-… John Gray
Re: [lamps] Call for Adoption of draft-ounsworth-… Watson Ladd
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Watson Ladd
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Brockhaus, Hendrik
Re: [lamps] [EXTERNAL] RE: [EXT] Re: Call for Ado… Santosh Chokhani
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Carl Wallace
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Blumenthal, Uri - 0553 - MITLL
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Mike Ounsworth
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Seo Suchan
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Michael Richardson
Re: [lamps] Call for Adoption of draft-ounsworth-… David von Oheimb
Re: [lamps] Call for Adoption of draft-ounsworth-… Julien Prat
Re: [lamps] Call for Adoption of draft-ounsworth-… Russ Housley
Re: [lamps] Call for Adoption of draft-ounsworth-… Tim Hollebeek
Re: [lamps] Call for Adoption of draft-ounsworth-… Michael Richardson
Re: [lamps] Call for Adoption of draft-ounsworth-… Russ Housley
Re: [lamps] Call for Adoption of draft-ounsworth-… Michael StJohns
Re: [lamps] Call for Adoption of draft-ounsworth-… Michael Richardson
Re: [lamps] Call for Adoption of draft-ounsworth-… Russ Housley
Re: [lamps] Call for Adoption of draft-ounsworth-… Klaußner, Jan
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Carl Wallace
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Michael Richardson
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Watson Ladd
Re: [lamps] Call for Adoption of draft-ounsworth-… Stephen Farrell
Re: [lamps] Call for Adoption of draft-ounsworth-… Russ Housley
Re: [lamps] [EXTERNAL] Re: Call for Adoption of d… John Gray
Re: [lamps] [EXT] Re: Call for Adoption of draft-… Russ Housley
Re: [lamps] [EXTERNAL] Re: [EXT] Re: Call for Ado… Mike Ounsworth
Re: [lamps] [EXTERNAL] Re: Call for Adoption of d… Watson Ladd
Re: [lamps] [EXTERNAL] Re: Call for Adoption of d… Stephen Farrell
Re: [lamps] Call for Adoption of draft-ounsworth-… Kris Kwiatkowski

Re: [lamps] [EXT] Re: Call for Adoption of draft-ounsworth-pq-composite-sigs

Attachment: smime.p7s