IETF Logo Mail Archive

Re: [lamps] Spencer Dawkins' No Objection on charter-ietf-lamps-02-00: (with COMMENT)

Russ Housley <housley@vigilsec.com> Wed, 23 May 2018 20:10 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD3812D77B for <spasm@ietfa.amsl.com>; Wed, 23 May 2018 13:10:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9uBMolC_cUsu for <spasm@ietfa.amsl.com>; Wed, 23 May 2018 13:10:46 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9551512E87B for <spasm@ietf.org>; Wed, 23 May 2018 13:10:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 7E47E300A30 for <spasm@ietf.org>; Wed, 23 May 2018 16:01:14 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id RhDfIhqnWXAw for <spasm@ietf.org>; Wed, 23 May 2018 16:01:12 -0400 (EDT)
Received: from a860b60074bd.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id BCAAF30044B; Wed, 23 May 2018 16:01:12 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <32DD6ED8-F2C9-4193-98FA-BC7876634318@akamai.com>
Date: Wed, 23 May 2018 16:01:13 -0400
Cc: IESG <iesg@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <65287CF3-4150-4A07-99D8-D3855901CB94@vigilsec.com>
References: <152709922899.26838.11074435093932176947.idtracker@ietfa.amsl.com> <41e7a726-0175-7e3d-d35c-d413bf01ea12@nostrum.com> <32DD6ED8-F2C9-4193-98FA-BC7876634318@akamai.com>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Nk7AamjHeXBN6ngkAxJjX8pgebc>
Subject: Re: [lamps] Spencer Dawkins' No Objection on charter-ietf-lamps-02-00: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 20:10:50 -0000

> On May 23, 2018, at 3:40 PM, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote:
> 
>>   My understanding is that the intention is "near-term from now." The idea 
>    is that LAMPS should develop something that you could use, say, next 
>    year to encrypt email you send so that, 15 years from now when someone 
>    finally builds a 4,000 qubit machine, they can't dig out your (then) 
>    14-year-old email and decrypt it.
> 
> Kenny Paterson gave a talk at a recent IETF where he said, basically, that the IETF should wait until NIST is done with their post-quantum evaluation/competition.  Are we sure we want to disagree with him?  Or is it just because digest-based signatures are well-understood that we're willing to do so.

Rich:

That is not quite what he said.  Kenny said that we should not adopt a post-quantum secure algorithm.  Kenny did not say we should not find ways to use pre-shared secrets to bolster the security of the techniques we are already using.

Another example where we are mixing the pre-shared secret is draft-ietf-ipsecme-qr-ikev2.

Russ

v2.23.0 | Report a Bug | By Email