Re: [lamps] [EXTERNAL]Re: Call for Presentations at the LAMPS Interim Meeting on 28 Jan 2021
Mike Ounsworth <Mike.Ounsworth@entrust.com> Wed, 13 January 2021 22:49 UTC
Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D08953A1488 for <spasm@ietfa.amsl.com>; Wed, 13 Jan 2021 14:49:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qR2HhpbCC3ib for <spasm@ietfa.amsl.com>; Wed, 13 Jan 2021 14:49:38 -0800 (PST)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-eopbgr760110.outbound.protection.outlook.com [40.107.76.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B34CD3A1486 for <spasm@ietf.org>; Wed, 13 Jan 2021 14:49:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=j1OA7629bKeaUZem6PIaRmXq0bI9OzXqySq7V3QV/YJmcgWwkyi30iYohd4LsluOUAsl4VD2fg4unfaoQN3kgvrtjPv3F84+Byyi7j3XulGGBlU9HXqDzshwIK6q+szORJmGHGrlNb3gdjM5Ym9ns8WcLkFvOOuYMXDHFSIePK4npf1KVz8pGzLmYQP1KaGoo8nOELqW+HQrMgE5MNOVvfzDhfub5T70OYAV1c8qHELEX4OlL+dAsOFOx31mz4L4gS5pDExyk38zHwGH2zcksRILdm1gZWiuu8weJv2ysq4/iPe0/O7NLKk+AQxja1dsmWeL48RonP96KHsqsiHCPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZNHQPmx+a2vWPi+VktBkq4nSDlgGLR0qlXv4vXNMUQ4=; b=LVTcqmYmuPYlEvdb3xyniSf29gw289889csvnI+JAMEXU2Zmc1LO94jL9Mj0n4VIjwk5FakyZ5spPC+6EQPyhxh/cj24HVd4NlIuJYVYbu6ztzvSyIltB3b4rfkuvl5GsVso2nwZtB3+8YCtrxU+Nd1BhO+E1zm2t2Ze+afDpKFiI3A+JX+W7x+jbc3juZMX6fMPcYEkGtsfSRaaODe3EqwQzD51tPkSQfMnQsiAReD7osnQ5Y5FcSrmsYRBMEsF/9Ez2CehuB/GtM5RL9+oXAO6kfJkykNIKlz9nlsZ1tVrG3AJLAUSpQ8+kSULVCC7DgW16poWmPVMvDIiEI8ufg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZNHQPmx+a2vWPi+VktBkq4nSDlgGLR0qlXv4vXNMUQ4=; b=CbEaCHzcVfY9gBP3kzZxjfVE9M1SkMLLOTKHo06fNGqR2V9UFp7STrMJas86z2meHly0H4LvB7c7+nWT/2LZlKWSDN0ijt2kEEucR5gU7q8ymbi7qR/eiMJKl223Nj7OxNzNdsXfXY0zeGmu3cWT3XISN2L63m1rQ0g/x3W4ejUVb8qMVeP7onSJhbyp7rDe/V4gz/9SQo9bjxTPJckVKVdgU8/wrKLmtMQ1/ua3+ozgvZrcwiPKa/upe8EJlKnf7KhES4j5c67eYoc37esk2BLn0Tey7gAM/rHsSeTXB8Ioi4TthiblbwB3rGIV4TJvo1EHC6HKI2lN48ghH5gndQ==
Received: from DM6PR11MB4380.namprd11.prod.outlook.com (2603:10b6:5:14e::20) by DM5PR11MB1417.namprd11.prod.outlook.com (2603:10b6:3:a::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.12; Wed, 13 Jan 2021 22:49:37 +0000
Received: from DM6PR11MB4380.namprd11.prod.outlook.com ([fe80::15ab:1cac:c06:c1f8]) by DM6PR11MB4380.namprd11.prod.outlook.com ([fe80::15ab:1cac:c06:c1f8%7]) with mapi id 15.20.3742.012; Wed, 13 Jan 2021 22:49:37 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Russ Housley <housley@vigilsec.com>
CC: LAMPS <spasm@ietf.org>
Thread-Topic: [lamps] [EXTERNAL]Re: Call for Presentations at the LAMPS Interim Meeting on 28 Jan 2021
Thread-Index: AQHW6fuhRgkZZS9UCkmrJePvPeP61aomJPfw
Date: Wed, 13 Jan 2021 22:49:37 +0000
Message-ID: <DM6PR11MB43800BF75B25756CBC241C539FA90@DM6PR11MB4380.namprd11.prod.outlook.com>
References: <2C7FE71D-D3DA-49CF-B133-EAC979309951@vigilsec.com> <D95BD95A-ED8C-4275-AE4F-463A41A6C85C@vigilsec.com> <BN7PR11MB254730455D173EB9769B6632C9A90@BN7PR11MB2547.namprd11.prod.outlook.com> <6452.1610560502@localhost> <DM6PR11MB4380C66B31D31C4B13912D859FA90@DM6PR11MB4380.namprd11.prod.outlook.com> <9CE4E955-97C8-49C2-8FE2-375C576930B8@vigilsec.com>
In-Reply-To: <9CE4E955-97C8-49C2-8FE2-375C576930B8@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=entrust.com;
x-originating-ip: [72.139.200.247]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f8918cd8-d1f0-40ba-2dde-08d8b815812f
x-ms-traffictypediagnostic: DM5PR11MB1417:
x-microsoft-antispam-prvs: <DM5PR11MB14172FCE17F6C0BF23D8CFEE9FA90@DM5PR11MB1417.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /eebnnyUamE3GNgciYJFMaxh6pfGjA2K/NaT5gqiurmHyykrBXbMgk4JloM6qKXDbNXr+bJMjCoaTsN8nosE1NYgdS6Wwn5ELaF57dVxxP+VgU9VA0DdSdHu6ARavkSbl/t8z1C6kNqAZbFzPs+C9XALJnF3ZipSDZgnM/jZ93/nmWWtMMbqs1DiHfmn4Kf44YlyrdtjiCcF1CSsYjBjrRb9CRoHaHSp+PtHu8NrpLApqYcTYliYSHT3g6RH9AjpthIPm2ePqAmedS5C3Ty+R3B8mmUO2Zv/8TqtDa8sCxOzr31fD8SPOsCeT6ytsEBGvJl/1jODlD227uw9u/o4my9SkF55mMn2jo32vc6cQHB+pkAYMUHLL1s/hwXa7srTXYLlezzxxlZ2iFh4LSP5mWH1rD+k4JhLGxiuggC9PyS3FcKwsMi0OK3CIZEp4CgEjDLkdDBs18KcVGrelnQ/Cem8bMLr9qYDFPNPR/j/qJnd+kGHlYlXdyhQxzZ9CKlSOhSnUeqPFrgmqyYFOgkSfg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB4380.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(136003)(39860400002)(396003)(53546011)(6506007)(64756008)(52536014)(5660300002)(8676002)(8936002)(83080400002)(4326008)(66476007)(9686003)(7696005)(66946007)(316002)(76116006)(478600001)(83380400001)(66556008)(186003)(66574015)(2906002)(26005)(71200400001)(86362001)(966005)(66446008)(6916009)(33656002)(55016002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: VfbhRS39EFVqA49lgbvuUThzEfUJ6XFbELAmGMdHvS/Z+1vEKhQslf6BZqViCjMVig7aO76XLca20qkebUbzNIOVHNn8HllOrSgLSZMiyVoc95ei+5BHRwSsdKX8kQ8t580YE5lB9DVnxpbencWygjRdt0gY6qpOg282cSQZYmHf8iPdTep2RzZUfUogBLYQyNa5ansndml11U7oDJCy6bEXy/JTcZU2GI9nOy/0icqkcGz3dk28CRClpw3pPuC67+sY0Dw5JZ9evZtrZ6daTGvU6WZ4MBClA+mZ8sIuOhngieyiNLwQNo+SH8B4Jc/zeWOQN5YrDfDhfbL1zWe635xqJxnsG/y4nPJwuxa/gA6L1BONTdyA/0lpXc51ye/N9StzgubkHaled31RQjGHsRy+3QAlUtftlB08ZlqK+3vvy8AGrzxTOe4w20w4TFu/saK15svlwkY2sVVBzP+CQG6M5+thHWsG09xCChNXJ8CCp1ytcDCB0UY45h0n5tVcSfwidWs+wY03KAeY2/yi//9YS+NcYANJabV0wHmKsTQLIgWZVrE7FVYIrYw0SinWQJY3UlMGjZtAUqgInPI93avuf+Xkiqsw1jGtzps6/EUmWbS4eIylwwcJN6TX7bb0V58GwaSehArM9I2DqJ0DmvHSVgt4A9dlz/pMBudlXpgtnTtER0nJg3h2h/VNprSqUOWvlJLoanZKrwn75krP3A+BZqUMb5TqxcBZ+Bjzf7mg+RlMHcJqKowk3CmnY306d1bm3G6WOVxEJUkRZJ+MfEh3s/LOuiUTb0pgFrnHYtmqhjcqS3N/PJ8ZiUMMrwqTi2P683OVKIUxZiwcKYiE2qWo27vz38QWIPobuKTrxmKRBHS7QVeiULm8wJ8wGSK/7qxBx5dewqdEbZsQ9P35jJl4Pk4TShiQVyLBQX1vWuFmwAfOy+vIsv8R4/QpXahpOVbKiADAlX7y2l544u/Ph9aLsIGDr4vvtRzzmL8rTKk=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4380.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f8918cd8-d1f0-40ba-2dde-08d8b815812f
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2021 22:49:37.3752 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ive87LeKZyBdrwJ0nl3k7w6mHFL3M48+FXdlngv7+ZvUjotNXPidsHE237r1kh/eOpgabPmA116vyGmHTDffNkjBhYviKOzDplrTQAE99dI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1417
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/CSae7UELuDC9mX6BfGizF9l51q4>
Subject: Re: [lamps] [EXTERNAL]Re: Call for Presentations at the LAMPS Interim Meeting on 28 Jan 2021
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2021 22:49:41 -0000
Hi Russ, Yes, I'm happy to present on the 28th. I want to make sure I've got the right list of topics that people are interested in knowing. So far it sounds like my presentation should be: - The general suggestion that LAMPS re-charter to work on hybrid key exchange and dual signature mechanisms for CMS and PKIX protocols, ie fulfill NIST's call for such mechanisms. - Overview of the composite keys and signatures draft. - Use-cases for composite certificates. - Use-cases for composite keys and / or signatures independently of certificates. Are there other topics that I'm the right position to present on? --- Mike Ounsworth -----Original Message----- From: Spasm <spasm-bounces@ietf.org> On Behalf Of Russ Housley Sent: January 13, 2021 4:30 PM To: Mike Ounsworth <Mike.Ounsworth@entrust.com> Cc: LAMPS <spasm@ietf.org> Subject: Re: [lamps] [EXTERNAL]Re: Call for Presentations at the LAMPS Interim Meeting on 28 Jan 2021 Mike: I do not see them as orthogonal. If one uses the composite signature structure {RSA,PQ} on the wire, and the public keys are in separate certificates, I cannot see how the validation works out. Maybe I am missing something. Can you put together some sides for the Interim meeting on the 28th to explain more fully? Russ > On Jan 13, 2021, at 2:04 PM, Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org> wrote: > > At the risk of over-complicating everything, we see the One-Cert vs Two-Cert discussion as in some senses orthogonal to our composite keys and signatures draft (draft-ounsworth-pq-composite-sigs). > > I think that shoehorning this into a "one-cert vs two-cert" discussion is missing some of the potential value of the Composite proposal. > > In writing the composite draft, we were careful to not make it a certificates draft, and instead stick strictly to public key, private key, and signature OIDs and ASN.1 encodings. At present, we are just looking at composite key and signature formats so that there is an obvious and standardized way to meet the NIST call for putting dual signatures on <thing>; whatever <thing> is. > > For example, someone way want to combine both approaches and have a Two-Cert ecosystem where one of the certs is Composite: > > Cert1: {RSA} > Cert2: {RSA, PQ} > > > Another example of them being orthogonal is a case where you have separate certificates {RSA}, {PQ}, but for protocol simplicity you want to use the composite signature structure {RSA,PQ} on the wire. > > Our draft (draft-ounsworth-pq-composite-sigs) is really trying to be orthogonal from the One-Cert vs Two-Cert question. > > --- > Mike Ounsworth > > -----Original Message----- > From: Spasm <spasm-bounces@ietf.org> On Behalf Of Michael Richardson > Sent: January 13, 2021 11:55 AM > To: LAMPS <spasm@ietf.org> > Subject: [EXTERNAL]Re: [lamps] Call for Presentations at the LAMPS > Interim Meeting on 28 Jan 2021 > > > Panos Kampanakis \(pkampana\) <pkampana=40cisco.com@dmarc.ietf.org> wrote: >> I have been on both sides of the argument, Classical+PQ signatures or >> parallel (classical, PQ). Recently I have been thinking that we >> probably can't avoid keeping classical PKI for backwards >> compatibility which probably makes the Classical+PQ sigs less appealing. > > First, I think that we need better terms to explain the two options. > Russ has used "One Certificate" and "Two Certificate". > > I think that in the "One Certificate" case, that the PQC and traditional (He said "traditional", and Panos said "classical", btw) CA signers would sign both BQC and traditional keys. Right? > > >> Especially for live protocols >> like TLS, this argument is even more relevant especially since the >> big cert would be penalizing the classical peer with unnecessary PQ sig data. > > It seems that for live protocols we can negotiate, and the server can send only what is needed, so there are really no byte-size issues. > >> But I have heard some arguments for classical+PQ for non-TLS >> usecases. An example could be SW Signing. I would argue that >> PKCS#7/CMS can include multiple sigs (in SignerInfo) in the >> SignedData as clarified in RFC4853, so even for SW Signing we may not >> need Composite or Hybrid Classical+PQ Signatures. > > That seems to be the parallel case, isn't it? > > I have a different concern to ask as well: > Are hash-based signatures in the classical or PQC category? > >> I gave this presentation at the NIST NCCoE Virtual Workshop on >> Considerations in Migrating to Post-Quantum Cryptographic Algorithms: >> https://www.nccoe.nist.gov/sites/default/files/10-Housley-NCCoE-Works >> hop-Tra >> nsition-to-PQC-Certificates.pdf > >> This short presentation still captures my view. Are there people >> with a different view that would like time on the agenda at the LAMPS >> Interim on 28 Jan? I would like to make sure that all point of view are heard. > > Russ' preference is for "Two Certificate" case. > I think that it is equivalent to having RSA and ECDSA ecosystems alive, which I think we have managed reasonably well. > So I don't think that I have a diverging view. > > -- > Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm _______________________________________________ Spasm mailing list Spasm@ietf.org https://www.ietf.org/mailman/listinfo/spasm
- [lamps] Timing for LAMPS Interim Meeting Russ Housley
- Re: [lamps] Timing for LAMPS Interim Meeting Russ Housley
- [lamps] Call for Presentations at the LAMPS Inter… Russ Housley
- Re: [lamps] [EXTERNAL] Call for Presentations at … Mike Ounsworth
- Re: [lamps] [EXTERNAL] Call for Presentations at … Russ Housley
- Re: [lamps] Call for Presentations at the LAMPS I… Panos Kampanakis (pkampana)
- Re: [lamps] Call for Presentations at the LAMPS I… Michael Richardson
- Re: [lamps] Call for Presentations at the LAMPS I… Michael Richardson
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Mike Ounsworth
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Mike Ounsworth
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Russ Housley
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Michael Richardson
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Mike Ounsworth
- Re: [lamps] [EXTERNAL]Re: Call for Presentations … Ilari Liusvaara