IETF Logo Mail Archive

Re: [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 17 April 2024 13:21 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E339C14F6A5 for <spasm@ietfa.amsl.com>; Wed, 17 Apr 2024 06:21:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yKaB7XKyUmqs for <spasm@ietfa.amsl.com>; Wed, 17 Apr 2024 06:21:21 -0700 (PDT)
Received: from EUR02-AM0-obe.outbound.protection.outlook.com (mail-am0eur02on2100.outbound.protection.outlook.com [40.107.247.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A79FCC14F6A0 for <spasm@ietf.org>; Wed, 17 Apr 2024 06:21:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gdWov6NqMHlX8rB+hkuTN3NjRLpvvqdtMsX+YWEVVKYLHjxasufGCJMy28mqS9fiZmCGUItWEo+ziyWjMxPtUdvJEA8UnhFizEjMPW4ItAz89lEXYEgzZb6GuC6u/u0+mEuXVMyJUHtzGmRYDhZGaAZCJ0ysPbnx8DmvebH5uMzjUMBYH1Bufdb8KbyVMvCwYgmHJcSYYAluvXpOp2ilRSTzine+s47VnFYsD82pg0nlP3IH0m1fEQU9q5ki67ZHJ4MbL0U5RJNn8IGDkR+7JHh4BQQBvTKZxu1wgaGmNswvOdA7oSJKnNd6ksLqehRSleKj1joruw+m+bF1PieOcQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=R8ovVi/oTXoy/XYP59uxGBY6BF38gar6b9u0z1if9Vk=; b=nJ0MwjhHr2b2S8NAgfIJshWVT1cj9YehM2U4xocESn+ki59xPIblCMJOrdex/7vZINONjyDm6FvbH18F9D7HJHfNYVjZnKOsZEvW0cSa9jmCxyoUMJ1tvNJZBYmdmljBIXQQpGbyFqZyr4RcUV/8SGREQg2XZSF9Pberb4M8L2gBk/J77CHimjqDMq14xQ+kWNmqnz9zyhkFsQIQ1NAPAAm+R4adcyv31Ucf+NVB4tRobsrTs/oab5+ofk5F5CgKx7xNaxYatfMgCH0iRuxbp8R6Kmj2Chzm+cg38Q0yaT+zQvARHeifSQrcX7h4bAe+K2tmdBw+ypYEXA+ONMA7lQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R8ovVi/oTXoy/XYP59uxGBY6BF38gar6b9u0z1if9Vk=; b=TZeudJgIxLJWVj/xJT1tf/6KfahbUtnjo+aj3d1tfIYNX4AALoTOtiytwRFh+yoIVoaGEZUADjZTIyQP1TixufqPvNsIo3zrvBXJrIx9VYuaZstFQygGC0bcP8mm7D6wWpnTM8SvDjccgdOU87OeR+7DZXNpzEMserEsBbzUQwQAPpj3VSFlpjmDkczIRiQH8TTwwRxs5TCRfjNMisknn1DmoBReNQ3ayfOVqiTMCUxKfTZA/uotT+yegL60Lxevx4XCmG76GQZtLt1kRfQMN7TXL/fVdmdkw39CsMTCmH61OFwFGZ+qE03Ur/o56FIL4BB+kAl0VzYPhLQZ3esP0A==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DU0PR02MB9371.eurprd02.prod.outlook.com (2603:10a6:10:417::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.37; Wed, 17 Apr 2024 13:21:16 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4421:1ca6:59b4:20c9%7]) with mapi id 15.20.7452.049; Wed, 17 Apr 2024 13:21:16 +0000
Message-ID: <bf61b0ba-543f-4f34-8ae5-a0f5f5030d72@cs.tcd.ie>
Date: Wed, 17 Apr 2024 14:21:14 +0100
User-Agent: Mozilla Thunderbird
To: Russ Housley <housley@vigilsec.com>, LAMPS <spasm@ietf.org>
References: <2EE41815-9EF3-4D6B-888A-385C3C91987A@vigilsec.com>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <2EE41815-9EF3-4D6B-888A-385C3C91987A@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------fDcp2fwZ7fZvzff4nORlIY3M"
X-ClientProxiedBy: DU6P191CA0019.EURP191.PROD.OUTLOOK.COM (2603:10a6:10:540::23) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|DU0PR02MB9371:EE_
X-MS-Office365-Filtering-Correlation-Id: 92782b4a-4f95-42e7-f448-08dc5ee1428d
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: nRuc7LlVetUMZzoXFi8sHtgJ3jQt1hMFHb81g/3fTu9/oo9GmfmDkEdThnu4asnIXd4qHcYBfSC7yOsK811l5TO2K6conM8DjprKtlFyLjUrmpkH5oHhSxS0y4t2uU4yOJwiOQjVZAMA5hE9kHGz1Zqbzj32D0YuI4cbQ/2S0K3d6RkC5LyWCEywvlBQuVkNKpy4j2kDnhky7bjFVvAiCnRQLuz76/kiCeSMGRIl8ptcpzRs6kAQJYv/R3bHHrGnWCHuwp7bWj2MKilA3zeS35gPMXGZrXnyUuTuYNFm1kMFSz78UEa36UXwPg0kvcbFImx4eHLR6luDaCqoCOqxroIlxg2OH3sGn+g02AsT0vKyA/42rUNt68/L2OUw1SRaPQfRRav8CAJW1i3AvaX5iqO2MtD/HHa5OdzJ4NxQMuBZZZsunaoAt9Y6AoSF38DFNpweAAY1e91noO+VPXNmkpJIlracDfKCXt6r20/PqLDoE0fJZMK8uSFwuFpYKSHz3O6u8qq/IfYe5b3XRqYiQPd6AFLt8SlFLA2QIgzVQwG+jIEGfmHsrYctlkRG6is9jrB1Y2woitETeFgz+yYgNrAF/9mSSoQLSLQw6gCrJhaZrLlMvqChszm9rVB/D4YmOoYRMzqBMOiol2tj24i2pmnp0h7m70Efuatoq2uCzJJ9NpxOzN6mRZLC7WfNHaiqxspItgS0tfTa4FsjaBStSHoDGSw2E/xqQrJX2wQEpDF8Ej3vxrl8n5UiRb98/F+MlgNwfXonTElDZJ5m26X4IC9swOJ+2LVohgsS/6el0pJ7dhtbyUM7H8f+oOjALH/cvU527syMV3bv9dUhSjHcI4AH44n//fUQhvFpE2VhlUYDlJMKqKvBqVG5fDN/htrwwOupxdGBQnsDWl0oYgvyQ5KdN+VhKrntbgWhobSV01klC4lJpiFWu7t+fli6bWgUBE0Tt+RVA9z4DPXi3y9odmqWFxN8t4uVXrmFOozneQtwvdFOB6zT5p14QpwC+66RoQgyOGrXgV9Asm7zeTwaqnLUTZAGlqTUxwpEdgwEG9hC5uEDLQ05PyVYOtpTYHybqu6vCYpUrzoigFNfaCPPiDQ3GSYjQR6uSvMXyoGR8uWO0VABJ2y8lBrGiIo3dycaaaTExUcF7lrg+0mkM3S1jWRe1wk5e6A1wad1/iLk94rkcfkU9/1STD2Db81v1nzMxwCxz0ii7+5n0CX+4xtNDCaWKmrZX217EIp/kPo9xVapqPaPXnd8tdIwKz1r+WJWG6I9M4z0Swm+1cFdxoZS1w==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376005)(1800799015)(366007); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 6/6vDnAXG8mO7Weay+3ct8rLzNKo3aJ67sPnzJ5BUpAmDNcF6axfzqmxyvkRkvmOaCMUhE0OtHBX521lBf4TAoarXrkz3eHDDMrNiPWmhCsJ0cSkrdlLo7Y3QH3ivYW38DGumHwiAgGVHvjMNd5dmbx9KACRf4f3tpsjHZru9rqhpZpVievVT9yVhNDJP6ZlH1kkUkYMZF7yetTrKiQquExNCSkVTtmBO43oy0BePrya2n1QkODV+kRCjZS9GQR71B0jRrYGalg8T4zmFS44BySDmvhsMTZv6sZNQlYuEWH6OeuyiYeL1C2TqQhwVu3K2b2rJ5KpG9eCooA/cNCuVYMKEv0FSetfA8rrFg64wnrhk9sHrZdZvtKJFrrUG6Rz5WnUBD8CUAYx0MloJ2FxsZ1KwQWLEk3noIuP6sdoI1ClSFRPcAe5KZUg9UZXc4gMkm7srtjttPhzn3VrghfgSQODl3C8sjJf/pIT81D1/vk3UcUoi7arw+NGdXjICRODbbUqgrb5yai7ilrkNt5PkxrVeHMPSDm98gt9+q5PuBL/SnKLm4K4tDXzEjAOIS3MZGYtW7p4d2iy5HH3mDtS5Bo0N2ldIpWO4qX3K8sq/V8/kQ8Xd+dEbHowXfGrGbI6ENvQd/3YJscjXQAl/PMWim0g+dN7fTLyBHBA+Rjm5WADFt/qPtuVhPX4KZ7LM21zFe7hwnRm8gKoma1ZGGI8iFurbQ0WePlZcYox+MmJF7cHJS76F3Nm/tVGi8Xf70MA/DNw7BRjAG3M6zzGANh2qzSLqx6sBQV1mNkL2hxtZwMC7+Nc4LDrjxiw3bxbdyRrPR0MaJHpZji8IZek2hGqg7VE4q/Ux9FucJ9AEmkuug7l+IALkUxZNS7flW375oyjkNMP0ZsfNq1Dt8x9qMiaAnMrSf4Bg/ZG1yMwuf+0kl0fmmI4d4NoI5xJsJTU40Js2GpDgUQTJx6ZWPCNPvYh3Q6NIuiDtM6eLZBim8At5eCI4T7+ECOUMA/6F4XwIQoQCB+Ckkw5srrtrXtA1KpILfdl9rh7/HaDBMh/3dk9krhIbSrRqOL0+J9kKUjq8CgPW5Dae3w/GPbuY2iVFoMI2EKj66+Nh/bivG0RLbe8gzll84iXlF5gID6kVI8r9k2ykQPtW2qVQQShwjt/zwXik6Wbo2Ioht6RbMAAXBB6qCojlHYrvlpRPi1ShRz8GVqtUKh45+dVM1J+pzij16rJvE5KzoNks65xjHEutdIrOh1teZlVQGwJFqJvEqVFTwOZ8oEEWqLX/wBchvWnXyNHKOx4FEVPyvSo/SwB5829NiNUzhvaCj3R7vDnSBMcwxljiBgqghyV4GR0f50pFAO62DO6xjPPdzwvjAOhJ73AwzGDGobKpHBLsLrzw1/87ylgMfy/FR20aSn1WAcJyNIKXEJTdcnpjjSTnGFCkYdnqA7Z6Zl3azaF4T9NyiomCZgCTn3tq3OnaeWgUGCXL1rGYRF8dtwvasDqwLs8oRnbxyDYODiZuWcskqJX9juyQ3mvCRsiiaVJrAXuSmWCvMxXwEOxCfjCN8EYJ607Oiaba4Nz3A8IYPRV3OxWDZRUnVU8QOh6Ie2Eb9XpTM9u12xvJnTRLOz3N5sp7sBeJi4JPm87XOE5JB8nBHT8v11U/Z3L
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 92782b4a-4f95-42e7-f448-08dc5ee1428d
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Apr 2024 13:21:16.2198 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 3GL6ilB0jsVN0BLcbOEm2RWirR+NToL5YigxaVvCA91+pWY7v8wxWwFBiYVvee4J
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR02MB9371
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/SJQkU4_JPJeY1jlrYNx5CUxYNUM>
Subject: Re: [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2024 13:21:25 -0000

Hiya,

On 16/04/2024 19:29, Russ Housley wrote:
> At IETF 119, there was a short discussion of
> draft-ounsworth-pq-composite-sigs.  The authors asked for a call for
> adoption, and no one offered any reason not to move forward at that
> time.
> 
> This message starts a two-week call for adoption of this document.
> Please say whether you support adoption of this document by Tuesday,
> 30 April 2024.

(Perhaps unsurprisingly;-) I oppose adoption.

I don't think we have a sufficient understanding of the
costs of adding composite sigs to x.509 based PKIs, and
how those costs will be distributed amongst the various
parties involved, nor about what's likely or unlikely to
be deployed, to fire ahead now and define a pile of new
composite sig algs. To do proper engineering, we should
IMO have such an understanding before we start spraying
out new OIDs each of which imposes costs on participants
in PKIs.

Cheers,
S.

PS: I could also raise objections about lower level
details of the draft but those could perhaps be handled
after adoption, e.g. whether, and if so what kinds of,
RSA sigs to include shouldn't be based on what's possible
but on what's likely to get adopted esp. by real CAs,
relying parties and key holders.

v2.23.0 | Report a Bug | By Email