[lamps] IETF 104 LAMPS draft minutes

Tim Hollebeek <tim.hollebeek@digicert.com> Fri, 19 April 2019 14:17 UTC

Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DB5B120166 for <spasm@ietfa.amsl.com>; Fri, 19 Apr 2019 07:17:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com header.b=bn1+QjZZ; dkim=pass (1024-bit key) header.d=digicert.com header.b=NnFD87WV
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2HZTuCnXF48t for <spasm@ietfa.amsl.com>; Fri, 19 Apr 2019 07:17:33 -0700 (PDT)
Received: from us-smtp-delivery-173.mimecast.com (us-smtp-delivery-173.mimecast.com [216.205.24.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A5D612014C for <spasm@ietf.org>; Fri, 19 Apr 2019 07:17:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=mimecast20190124; t=1555683451; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=UZ/4D8S0sO9435GSB2hY6O9Jhs6XXvgrL5vDiekTFLs=; b=bn1+QjZZf38KHSrYRGiYtMWllOOV5tCKrSqONZU1siWOpwwQM4nAiiygvXSln6EUVhpNM+pi1QfddrMBESDpMGFj4a3XfTGaaUyd+GEi47MJ2leJcEzGrkAVhzZs9QIfAj5p9HHah6DUStmhVeUZCWV0YfUVmLlWIskzviMJ/2M=
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (mail-sn1nam04lp2055.outbound.protection.outlook.com [104.47.44.55]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-125-ZqqgnKG_NkWhDsjN4RL5oQ-1; Fri, 19 Apr 2019 10:17:28 -0400
X-MC-Unique: ZqqgnKG_NkWhDsjN4RL5oQ-1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UZ/4D8S0sO9435GSB2hY6O9Jhs6XXvgrL5vDiekTFLs=; b=NnFD87WVhI67aOsqCxSMApu+VCfx48XV4dywlzsNEQOex0HQ3/ErgKInw7snWb/V5wsyazRZBE+JNGMwFPCGKY62GnNhfi05/tkumbE0sgan8g6d29r08vzJJnoV4k4YIIw6/AZ/0Tf3njJmuQXXrFHbA8JYdmG5BnuWX2CMilw=
Received: from BN6PR14MB1106.namprd14.prod.outlook.com (10.173.161.15) by BN6PR14MB1745.namprd14.prod.outlook.com (10.171.178.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.14; Fri, 19 Apr 2019 14:17:26 +0000
Received: from BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::294e:1bc:bb2b:e728]) by BN6PR14MB1106.namprd14.prod.outlook.com ([fe80::294e:1bc:bb2b:e728%6]) with mapi id 15.20.1792.018; Fri, 19 Apr 2019 14:17:26 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: SPASM <spasm@ietf.org>
Thread-Topic: IETF 104 LAMPS draft minutes
Thread-Index: AdT2unNwLwqp4PqJSg2WTYzXAPnTpQ==
Date: Fri, 19 Apr 2019 14:17:26 +0000
Message-ID: <BN6PR14MB11062AE6D59CF1E7BA0B8B3183270@BN6PR14MB1106.namprd14.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=tim.hollebeek@digicert.com;
x-originating-ip: [98.111.253.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 17404ad2-b27b-4b96-5349-08d6c4d1bfa1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(49563074)(7193020); SRVR:BN6PR14MB1745;
x-ms-traffictypediagnostic: BN6PR14MB1745:
x-microsoft-antispam-prvs: <BN6PR14MB174527F01FECF4C777FF691C83270@BN6PR14MB1745.namprd14.prod.outlook.com>
x-forefront-prvs: 0012E6D357
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(376002)(396003)(136003)(346002)(366004)(189003)(199004)(86362001)(14454004)(53936002)(33656002)(9686003)(7696005)(5660300002)(44832011)(99286004)(6306002)(6916009)(102836004)(66556008)(476003)(76116006)(256004)(478600001)(66476007)(54896002)(186003)(6506007)(26005)(14444005)(486006)(2906002)(52536014)(66066001)(81166006)(81156014)(68736007)(74316002)(8676002)(790700001)(316002)(3846002)(8936002)(6116002)(7736002)(71190400001)(97736004)(66616009)(25786009)(6436002)(71200400001)(55016002)(99936001)(66446008)(66946007)(73956011)(64756008); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR14MB1745; H:BN6PR14MB1106.namprd14.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: +E44T1PjHe2ZOQaoarRnxT0McyDll8pH0CvsFBdMC9hiR3BKfTGLfAzo2NlwbY/xw1knoiIulU25ArhMrMxSKUxmwmx32wW1FV62RhFjr1lOU5rQI2CZT97dr9IBDvbxCqV7cDy9m49f9WcCvI/LtAFmnFuS2s41S0R++yVhrGmPlMUYnujTkpec/5lHFbBBgD5jv0cAIgduvDw+qy00s+Xc3oonWNYIna8KgR+mniLpCUmMPXPTsT9MGQGm6SYdjY8GmgBdXUDHtb5ViF5QVmYTYLWZGthzsvRmNsh36sjYmoWeHGHjhlY8EmWCljR+TDCtP+3rLafE40ejXOolqYDFJSSuy1RTjM8h+UqTkyhr4utEAwcmt+Dx54RE8WNnj0TJRlWO1/Sawdt0xuyxL1GDrB9kWtqsPexxrxhB/m8=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=2.16.840.1.101.3.4.2.1; boundary="----=_NextPart_000_00D8_01D4F699.0F209610"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 17404ad2-b27b-4b96-5349-08d6c4d1bfa1
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Apr 2019 14:17:26.0983 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR14MB1745
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ylojhrgYmQ9UGipMxNn8-jOzTow>
Subject: [lamps] IETF 104 LAMPS draft minutes
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2019 14:17:37 -0000

The following draft minutes have been uploaded to the datatracker.  

If anyone has any comments or corrections, let me know.

 

LAMPS Session at IETF 104

Tuesday, 26 March 2019 at 11:20

 

Minutes from notes taken by Daniel Kahn Gillmor

 

 

Executive Summary

 

There are currently five documents with the IESG, and the only active 

working group document is ready for WG Last Call.  There were no comments

on these documents.  Two drafts exist related to a pending re-charter

to address e-mail header protection.  These drafts will be consolidated

if the re-charter is approved.  Two presentations were made on quantum

safe certificates and signatures.  Concerns about tradeoffs between

number of signatures and key generation time were discussed, as well as

single tree vs multi tree issues.  A lightweight profile for CMP was

presented and will be discussed on the list.  Work needs to be coordinated

with ACE.

 

0)  Minute Taker, Jabber Scribe, Bluesheets

 

Participants were reminded about the NOTE WELL.

 

 

1)  Agenda Bash

 

No agenda changes.

 

 

2) Documents with the IESG

    a)  draft-ietf-lamps-rfc6844bis (Jacob and Phillip)

   b)  draft-ietf-lamps-hash-of-root-key-cert-extn (Russ)

    c)  draft-ietf-lamps-pkix-shake (Panos and Quynh)

    d)  draft-ietf-lamps-cms-shakes (Quynh and Panos)

    e)  draft-ietf-lamps-cms-hash-sig (Russ)

 

No comments were made on any of the documents with IESG.

 

 

3)  Documents in WG Last Call

 

4)  Active Working Group Documents

    a)  draft-ietf-lamps-cms-mix-with-psk (Russ)

 

No comments from the mic line.  Tim will start the WG Last Call on the 

document.

 

 

5)  Documents related to the pending re-charter

    a)  draft-luck-lamps-pep-header-protection (Bernie)

 

DKG commented that we need to explicitly state how encryption-only e-mail 

messages must be handled.

 

Massimiliano Pala (CableLabs) suggested that encryption-only messages could 

have guidance to display with no security indicators.

Alexey Melnikov says that we need to make sure we document existing problems


with legacy clients.  If all other things are equal, and there are different


side effects on UI for legacy clients.

 

DKG raised concerns about MIME structure constraints, will send the concerns


to the list.

 

    b)  draft-melnikov-lamps-header-protection (Alexey)

 

It was suggested that this might be a good topic for the next hackathon.

 

Krista (pEp implementer): MIME libraries needed to be hacked.  With the 

wrapping approach, you had an easier implementation.  The "memory hole" 

approach required hacking the MIME library.

 

Krista: for legacy clients, though, the visual representation of wrapped 

messages is worse.

 

DKG: let's consolidate these drafts, and if the charter is updated we can
make 

it draft-ietf-lamps-*.

 

 

6)  Other Business (if time allows)

    a)  draft-vangeest-x509-hash-sigs (Daniel)

 

DKG: streaming API for verification is problematic -- emitting content 

before establishing verification encourages data misuse.

 

Jim Schaad: It's possible that we need streaming for verification (but not

an HSM concern -- agree that verification is expected to be done on normal 

hardware)

 

Massimiliano: if the HSM can export hash state to the client, and get it 

back, then you can avoid streaming.

 

Tim Hollebeek: injecting hash state into the HSM changes the security model
of 

the HSM.

 

Qunyh Dang: why do we need multiple trees?  why not one flat layer?  Some 

side-channel attacks are applicable to multi-level trees that aren't
relevant 

to single-level trees.  Can forward to the mailing list.

 

Scott Fluhrer: one XMSS tree can only do one million signatures.  LMSS is 

limited to 32 million.

 

Qunyh: we could change the algorithm parameters to change the limits.

 

Tim: those parameters affect key generation time.

 

Russ Housley: possibly weeks to generate the key.

 

Scott: on my multicore system took 1.5hrs to generate a 25-deep tree.

 

Qunyh: i'm tentatively OK, will send side-channel concern to the list.

 

    b)  quantum-safe certificates (Scott)

 

Massimiliano: i'm concerned that the draft shares similarities with

some IP we have.  IPR: we published a disclosure -- royalty-free

with reciprocity.

 

Mike Ounsworth: (editor on this draft) will follow up with

Massimiliano, we hadn't meant to slight anyone. re: IPR we're all

on the same page, interested in this being completely free/open.

 

    c)  lightweight profile of CMP (Hendrik)

 

Russ: this is currently not in the charter.  if folks are interested, 

we'd need to recharter.

 

Massimiliano: we have use cases where there is a struggle to come

up with a profile that all the devices understand.  see also work

in the EMU WG about provisioning credentials through EAP

 

Sean Turner: ACE is looking at exactly this sort of thing. If we

adopt this, we're stepping on toes.  Please coordinate.

 

Russ: we'll discuss on the list.

 

    d)  draft-pala-composite-crypto (Max)

 

Not presented due to time constraints.

 

7)  Wrap Up