[lamps] Re: Mohamed Boucadair's Discuss on draft-ietf-lamps-cms-composite-sigs-04: (with DISCUSS and COMMENT)
mohamed.boucadair@orange.com Mon, 18 May 2026 09:09 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: spasm@mail2.ietf.org
Delivered-To: spasm@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 0290DEFF2FAB; Mon, 18 May 2026 02:09:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1779095393; bh=gzwKY2LGxWe6q3bEYDPTjXqm4fsYbhBkg4lMreBOIqI=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=XUkPLHrkSKn0quqm2TAHWLxQLd3mwbrCsm7EGwVgsOb/bMeXh9O+7fb7DyTnhb803 7sqDMggaTGW0rirTIj4M/NPb4NrmUxPXOYXx5s08dEIryhjh87LBvRaYZtP4FX1rMk zIT9kAUGdxcVRIIPzUTKhy3s2lyX/GAzWEzRY+HA=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level:
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BX2gKhH3krOB; Mon, 18 May 2026 02:09:52 -0700 (PDT)
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.126.238]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C2B90EFF2FA6; Mon, 18 May 2026 02:09:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; i=@orange.com; q=dns/txt; s=orange002; t=1779095392; x=1810631392; h=to:cc:subject:date:message-id:references:in-reply-to: mime-version:content-transfer-encoding:from; bh=nnuSS9sGG5mjdXKQfCuneRB8sF9zlXn+fyvbGklvmqs=; b=b2xv3DN2PvGMP0h3QZxiBQhIyaSxPU5ZkHF9N6gtpJVi5wsf6XdKMY0H K3yVZH6K/ZfkApQQaLQOS9K++De/fJf7N3Up5J3oL5U7YUMXv9YZM7M+9 vVCV0b9B1pYFGRUS8Eyg7Qv+8Z1ZjV0E8FX8wjhrDHZMJjOxeAkmc2JO6 NOIQ8mgw+kZ1qK/NXL2YBKgLP4s80UZenszySVTT//sm6DsEV7FP3gmNb QihmG1SbbsFD48DoD6X5aDhN3TB14rk5nILYdMelNYfau46VqBvnX+e66 FTKXnHat5vh6WYaax8uxblicGlkomo6T1ZtuAXZc07osjcKpL2XzF2q3Q g==;
X-CSE-ConnectionGUID: t6EGzvY8QWKPgwjacHxDNg==
X-CSE-MsgGUID: YfgZqTOSSe68rJSrdbLZ/w==
Received: from unknown (HELO opfedv1rlp0d.nor.fr.ftgroup) ([x.x.x.x]) by smtp-out.orange.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 18 May 2026 11:09:45 +0200
Received: from unknown (HELO opzinddimail14.si.fr.intraorange) ([x.x.x.x]) by opfedv1rlp0d.nor.fr.ftgroup with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 18 May 2026 11:09:41 +0200
Received: from opzinddimail14.si.fr.intraorange (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id AE8281BC8263; Mon, 18 May 2026 11:09:40 +0200 (CEST)
Received: from opzinddimail14.si.fr.intraorange (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id A027B1BC8262; Mon, 18 May 2026 11:09:40 +0200 (CEST)
Received: from smtp-out365.orange.com (unknown [x.x.x.x]) by opzinddimail14.si.fr.intraorange (Postfix) with ESMTPS; Mon, 18 May 2026 11:09:40 +0200 (CEST)
Received: from mail-francecentralazlp17012050.outbound.protection.outlook.com (HELO PR0P264CU014.outbound.protection.outlook.com) ([40.93.76.50]) by smtp-out365.orange.com with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 18 May 2026 11:09:40 +0200
Received: from PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:52c::5) by PAPP264MB7086.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:56d::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9913.11; Mon, 18 May 2026 09:09:39 +0000
Received: from PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM ([fe80::8b83:578b:5221:8deb]) by PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM ([fe80::8b83:578b:5221:8deb%4]) with mapi id 15.21.0025.022; Mon, 18 May 2026 09:09:39 +0000
From: mohamed.boucadair@orange.com
X-CSE-ConnectionGUID: VcQg1a19Tgy3BefQEdK8nA==
X-CSE-MsgGUID: khrZ9hw3SIy8kpjvtf+tpA==
X-TM-AS-ERS: 10.218.35.128-127.9.0.1
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-DDEI-TLS-USAGE: Used
X-CSE-ConnectionGUID: G44wC9EFRD22Vl9M356gYA==
X-CSE-MsgGUID: M/j0S64ER7eSDR3+0hwjoQ==
IronPort-Data: A9a23:ma1k5K2FVKtKpVF2AfbD5U1xkn2cJEfYwER7XKvMYLTBsI5bpzZSn WdJWm6OOvjZajOjLY9wO4q2pENX6JWHn4MxSQU5qSg9HnlHl5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7zdOCn9z8ljPvgqoPUUIbsIjp2SRJvVBAvgBdin/9RqoNziLBVOSvV0 T/Ji5OZYgTNNwJcaDpOtfre8UM35ZwehRtD1rAATaES1LPhvylNZH4vDfnZB2f1RIBSAtm7S 47rpJml/nnU9gsaEdislLD2aCUiGtY+6iDX1xK684D76vRzjnRaPpQTbZLwWm8O49m9pO2d/ f0W3XCGpaXFCYWX8AgVe0Ew/yiTpsSq8pefSZS0mZT7I0Er7xIAzt02ZHzaM7H09c5YXT1R3 q01BgohNEq9g7OTm+/lRdhF05FLwMnDZOvzu1lY92nhV6h6aq2bGvmM4sJE1jAtgMwIBezZe 8cSdTtoalLHfgFLPVAUTpk5mY9EhFGjK3sJ8xTK++xquwA/zyQpuFTpGN/SetWPSMkTlEGFr WvK9mXjKhYAPdqQxHyO9XfEaurnxHmrBthJT+zknhJsqHjUxDQoVkE7bwS2mtWD0Q3mW81dL HVBr0LCqoBprxb3EbERRSaQrHeCvxMYHcRZFeI35RqR4qHO8h6FAW4JXiIEc9EtqdU3WS1s3 ViM9/voCCdgmLyYVXzb8a2bxRu+IyEbMSoDaDMKCA8M5sH45Yo2lVfESdN7F7W0ktCwAjD/2 BiLoTQwwbIJgqYj16Km5lTKkhqyp5fIShU47UPcWWfNxgdwYZa+Ioeo4FnB9t5BIZqXCF6bs xAsgNCX9+UmDJyRmmqKWuplIV2yz/OMMTmZj0RmGZIs/Dmr52SqeYlC5Cknex8waJ5ZIXnuf VPZvh5X6NlLJny2YKRrYoW3TcM30aznEtejXffRBjZTXnRvXCDboD5FNGO+5Uy3ynYowIRkZ MmUQO/5WB72Fp9bICyKq/A1/4VD+8zT7WbaRJS+wQ6u17GTb3OTVa0MNFKcavhgs/vd+l2Iq 5BYKteAzAhZXKvmeC7L/IUPLFcMa38mGZTxrM8RfemGSuaHJI3DI6CPqV/CU9U790iwqgsu1 iriMqO/4Aau7UAr0S3QNhhehErHBP6TV07XwhDAzX7zgCJ/Pu5DHY8adpAteqIg+vArxvluV 5E4Ril0OdwWEm6v021EMfHV8tY+HDz13ljmF3T+P1ACk2tIHFWhFinMJVG3rHFm4+venZdWn oBMISuHGMdfHlk/VJiJAB9tpnvo1UUgdCtJdxOgCrFulI/EquCG9wSZYicLHvwx
IronPort-HdrOrdr: A9a23:Ysp9kqGmFljf7in+pLqE2MeALOsnbusQ8zAXPiFKOGVom6mj/P xG88576feJ4wxhOk3I9ertBED4exPhHMdOkOos1NSZLW/bURWTQb2KhLGKqwEIcxeVygc378 ldmsZFZ+EYQmIK6PoTe2KDYrIdKEPtytHOudvj
X-Talos-CUID: 9a23:fIYglmnqZ5vTuThwp2yexDr0c63XOVKBkGj7cmKWM0ozEoORGHrLpf1rouM7zg==
X-Talos-MUID: 9a23:QBVdnAWHA+YxJOfq/BqrhmlZaptF2fujM2w3ytZeu9aGMhUlbg==
X-IronPort-AV: E=Sophos;i="6.23,241,1770591600"; d="scan'208";a="128623394"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gh2kKLTFYvaeu95QX5AlmF8k3hTzk68IyxTeF6B17+7NXT6lsTCPE6tFWtUR5JDRNBx96y7nfcv35aVtEhyyMTeDkG4gJ2gx+u6nKNz90ZRi0jrOIOW/0AwZicWp2fMKEWmnD+dLacsq5OzMo7oju9j6XYDR7YrI1eyqqUxE43B89hZFdlnYl+MNBKLnzQkbjGiEUxE1wFxFf6nGXHZs0GYi7X6DH87GanExFOV9Sm72S+cXu3a/H2wIYrHlEXfnCQ7aInXxMPHWRcawyYOOR9M4l7kzJzVlMlPazzH/IPiwef8MiyFtTvcVpZL3KfkNyD1RqAZOkc3uB6b4hRfBxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=htU/yaITNlj/Ld+rGqvtDdPAsGXqmr3NQoXcJsU1+M4=; b=NXuM25sGt5FDikaOtzB4ecrdClfqDJG7JkSDrBogdL/ec4mwPCyJpR9gyZ+RfsMPJsdZphszU76aiRInxkyVr+VUcFhW9Q4J0TRTOuRRCQNfqb09oW0NAF5BqwliRcxoDsq0TSjTM0iJrbXJAEZxGzI0oXV+DOBpaKNDtCeB2s4ovHFPEZ1SFtFOXRYLLsSM8C8ctlDyR8PK/hAawrCCNH3ew4NESApM+001bHakPS/rWSFHqcZsFsbr+6IK9q1ylijMgAbWm3KQ4XfRrEEghqh4vk2W1J2nk2aF9NQOHvFt6G2SrRJtYUFabeHrDSbBxI+8QaoC4s6U/jj+C+o02Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=orange.com; dmarc=pass action=none header.from=orange.com; dkim=pass header.d=orange.com; arc=none
To: Daniel Van Geest <daniel.vangeest@cryptonext-security.com>, The IESG <iesg@ietf.org>
Thread-Topic: Mohamed Boucadair's Discuss on draft-ietf-lamps-cms-composite-sigs-04: (with DISCUSS and COMMENT)
Thread-Index: AQHc1Yq8GYadgwWvI0uRcF+U72jHMbYMV14AgAdIZ1A=
Date: Mon, 18 May 2026 09:09:39 +0000
Message-ID: <PAUP264MB67564FD884E8533CB933C1C488032@PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM>
References: <177721444445.1812759.17960201873533318419@dt-datatracker-b45949c58-5szpr> <c09864e6-76ec-4e68-be03-788ae7e623ca@cryptonext-security.com>
In-Reply-To: <c09864e6-76ec-4e68-be03-788ae7e623ca@cryptonext-security.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=6d23284d-976c-4ae9-ab4a-a35d67e746f6;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2026-05-18T09:05:58Z;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20;MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Tag=10, 0, 1, 1;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_ContentBits=0;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Enabled=true;MSIP_Label_f47c794b-e3ab-43f0-9e0f-29fc3e503192_Method=Standard;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=orange.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PAUP264MB6756:EE_|PAPP264MB7086:EE_
x-ms-office365-filtering-correlation-id: 564594c6-12ac-4e6c-8d22-08deb4bd30a8
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|38070700021|13003099007|56012099003|18002099003|22082099003|4133799003|11063799003|4143699003;
x-microsoft-antispam-message-info: 3rL45o+R7D6CkHkxMX/HvqicT7X3U2T6hQaZeqHzwt8+Dw2Azfu9mHowF6lGhZA/FYGtqt5ErZOjbEYcHoKntj/FCIVsO50g23+8fLB5Qr6m1oA6EKaoziwouO+xKgtCOdRnfGrd0K1LNwgfcMX9H9krSXZ/EjfF2ZSnlt3+wbGmJoOTqoiaQexib5R3XoxEkKiVPQkaQQqp8EN6lzyN1lnitUgNn4DkIF31Xe+kK3aQoGc6qxv8+nNyPJGvroy6LDgYuo9na3DMyFbl6eWjWUNxC6crx5vJlrXrFMvz3oS0bPSi2tWXb7Zo7XyLZDjrKlNsgohuJnZ8SOqgLQgNIdjKK1G4fTqnfi070Hctu8V4EeXx2QpOXuHgqbCLZ+hmpRG0CmDFYgaGCyzgScpxJ93OuoLt/pK+oZBvIILZVA7DB6q0TxRUwEX8al8kPCfjR/KJBuarDW8jWOVN/5usblhj8o28f9PzAfdPQtFrjcnbMQG8JE0VCPfJPoP0B8IoAM5F3YiO36m96x74/z3kXxZgPq/kMNgPJpj713G3wrJv+rkgnDgxE4xFWYm9TTjaQDcEKlEaNz90r6o2RTCvhz0vYuxzmTGCaiUybTq5NOaVilYxbctIPn35ZgXW7nQ15YXgeUMOMQOxFBgbVv7AxH2ACv5TbhU2COvCl0QgsQNfmAkho3UjjNuTC1kP4JWF52LIWxNUXPtg9LXZBD3wxw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(38070700021)(13003099007)(56012099003)(18002099003)(22082099003)(4133799003)(11063799003)(4143699003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: atwT0PEF0J1/XVkDFiuI0I4zWpMb4gpjZkkLULQOsyIoI3V/cME7B96thvUKrw/tAd/WlyTxKSJrPVbYVAYk3SxlQdgRkKicHKMWfcH6ui904DD+FVWczSOi4JpRTrj5OX8WCTBY6MMU6fmHWBfBbCxHHr2eA6nG08clSC3rMzCoYlyQfV7GrZ56nCUpXM+i3XwuTkGOZI1sRo8OJw+AwViXQShM6V1/zIn1ttszN+gRntYPxIK40PEYBFqmJWNr0jiYX8Yl0gDQqNNsBEVlTD8Jq9CTeqIY+ZpiCOSXhMfZqVG/VIQEFL35vEYRpuE3b2Am/A3e9oUnQo7GvlNxULiRbWRz03ARaPe3HeLqxIgsn3qzpeysvqangHtkcNzwpRoKbtaKA2E6Hwz/uftX4ccR1Faf6DbX3D1n6HezaiYB7CxmhuD2WEPDUCRaisHhcnol8nBL6Gc9gb4DR92jE7nBw44tPAfs6oSdinpnIavKaz6+1hp37EA7gItA9L3hGQXXrpogLRiCEqLOZcvmYvryv69p66LLA9wdtV4A+9QyhfNhMbL8AakQfy5nWoaMt6XcbkOx0xMLUi6ece/XycfrVZudA/A3KRsMqrvNJM3fs9SC2MVzLhtwdm3cdxUEzjJsYzgBoL+ujh2LNhXcOOjGuMwmXhMhGI+jqh7bj0SELFHw5Dbc9FCphiVRgcGJAsUL/4yiQ9WDx+MLm7dBEP7jHRRSnM148o1SMut5CLJYltzHHTRPNnqChtKSvj1DEwkk0WJzLxDitvckxAoVy3HlLUEs0gZuDiJ1UKJf2P4DvKXxwvzs0RR1mR+EUyFKWDfQ9q2SFcJ6x0PT1XSUQFyV8+dCaahhxH23Ye6QzcLmvsY4jU4/7JVjROgQ9g0fuRYbLqX37ITaZp914ayexVqBS8HtGTlDAyBxMqU620SONvjj3ayiA/BzG2ZwEnpdz2CPfkbuBrM0Cs74cCZrxcyoElgEHwAZMd5j1IADAK+hyPIEJpgnimbUw4GPqc81J3X3RF25uTfIiI5FoPeiVkyfGiJDFZHY3oaOaIkeBPPKurlzOLVkgt7HNLS8RhVfaPAJxxA/nG65vT9oAEG39zdYeLDNZ5wTrBYTh2TU327r+C0wQZsHeXImvfOmMKZZSKeOHbhWIMQXEQmq4fl3mZ+7KMiH8jH+3saD5kXQsyZrHJng7LJve+MrX03dEGiuMzs7m9vPReJwZqOvQ0FidOQBVLi9q2ogmPSr50IBX21w484J3CzS7bfovFsd4H5VlQr7v8QRxFw1v1TUOXLaADA+cW55jtcjiiMBBgd1+14zYO9mm1h73oJxr9SkrfzN4gXKk8Nq/sn1DTwj65SusLd4KBKNH8omOmRTFY2+fAGrMU1HLa26ArvUjBbyu1FPH9eqqIGFf9Xi/zaknWT5TczqFl2GX0udb+ls2chkBRhjkOUtt4h1Ac0wvGBmThM8eiTODUnFBlhxdKexHWwfE/S3QCBUdB1k27VdX7ift2Oay/1Mq7NyT5svRdxOX+24y2r+Hoo0OEuGty4QDCl24nyhsr8qtz0czX7aWJhPAln8jtdKCxu9EAL2Wmb2l7AJDYNELZLhOXCseMmmMnRLW93IY8EM8koJ5Lp8nDiyBgaLWZG0Jq6XMSnqmPXLl/xn/2Bw4N5x21MebvCn34QDAKV1rdoKn6V7yuB+UwQHQSowapO0NdgvMnwQuPx79wiceTp33Zqzx2Pn5EzzXprWSw==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
X-Exchange-RoutingPolicyChecked: dRFI/YO0xq9jfBhtr8ldVUS2mLXn99kkNgRbbhkftWHBJrB37ge+f4PVDoq0pj0QuyK+9RNZAzRL9m7/KzkvM76NaPTzOt9KXZsxUSj1FnRC0pAQIqesEPzU86eKu/2YzmjF/YUjBGGxQCdRL/m2vyCQqBC0Tzp29bRbgSI2JITco5yHTD8+Pp/m1T6Xbz37y3udKX9HZWqYr8B7ulRw1XkUnXGHfekxcSYlqj9sV8BnrfutIjMZo9T2UiGQJk1BG9P1URcE0PXQF5t6NdGDnoEhWXHPih042svTIWYMm0rmrXb4b+4hII2z/AHjNzOCG1KVOHr9MBZiDPYemX5dcA==
X-OriginatorOrg: orange.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PAUP264MB6756.FRAP264.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 564594c6-12ac-4e6c-8d22-08deb4bd30a8
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 May 2026 09:09:39.1157 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zyHHeFIxGJgjzWOyVzIiYRi+m3/qwc0cSExJmf8uiTlSavdaxbupmsqZHdCwQMzvDF9DX0L33tFfkaXl2w1RcCf4fzUdWm3YjdsvzA6XGGw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAPP264MB7086
X-TM-AS-ERS: 10.218.35.128-127.9.0.1
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-TMASE-Version: DDEI-5.1-9.1.1004-29950.006
X-TMASE-Result: 10--46.146600-10.000000
X-TMASE-MatchedRID: oll/cJ/dUC6kmOzIPyadd/3HYajuypjfKQNhMboqZlr7fZJfDdCIXPGG 5PZMzxForpyextBSI2t3ZVcbJy0H7hRLQnD6pjPPleLXPzO3VNHQ2dRRUyVMpuchHA04zz3zfd4 xuFGlTT1L3iG65EPz1Icr1PluqvvrYVRIfIQwLJdBDn6Fjq77jtSgyJTgyLvlkjwV0YFQQG26PD 0Fdea44DTA39BhNJvaFHrXEPiNXJsol39hmeEcdx1kSRHxj+Z5IfyQNHR2naZ1x9TrfLzE8HIC7 9QvqIMft/w+sxk1xuNn4BoOXgNxILMwnTKgkbsODucmLkpvD3xI8ITdrGs3tspMaxSP9tTCujVR kDgmq7Mi1Xie56NAtZf2ahEXzBb38VPT7FT7X/wiLmf+ghTG/67YaZ2V2aJQvBi1vSDtjC1Lmdv YEvtJ1do3unK+BJySbpzUxHwpedr3Wd39qyEjJgTtNEP9j0LPR8s92weZBueZzZUoBpXxqaOVnJ m7BXhKuzW0mXOtDbnx/63Gn5H1wzwiMjvl5y9vFwooSeuNnY5SHjB5Y+o5ZJJWGHk6K50ke/yRs GtjVJwZzt4lZ/HlzSJGTi+NXJ8LsB2/Q/fV6TMLsPjFXByaSoicWa5gNEV9b5gOVClDdczdlak2 7ZJzYX7vQbj1Rh/znJMsjDCLmxOR9GF2J2xqM+C6PmPkjrt/Y2fxc+IAshu2s0ar5ZAS9AkB1QM f/SYNJy3YeVy0eU6loxNCvGaqPSq2rl3dzGQ1DBbGvtcMofyUTGVAhB5EbQ==
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
X-TMASE-INERTIA: 0-0;;;;
X-TMASE-XGENCLOUD: 62651b63-4f7d-4613-8ae6-a9da82ce504b-0-0-200-0
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: 2V4E2WADWX2PFAD7MBEH3CJ2YJT6R54Q
X-Message-ID-Hash: 2V4E2WADWX2PFAD7MBEH3CJ2YJT6R54Q
X-MailFrom: mohamed.boucadair@orange.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-spasm.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-lamps-cms-composite-sigs@ietf.org" <draft-ietf-lamps-cms-composite-sigs@ietf.org>, "housley@vigilsec.com" <housley@vigilsec.com>, "lamps-chairs@ietf.org" <lamps-chairs@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [lamps] Re: Mohamed Boucadair's Discuss on draft-ietf-lamps-cms-composite-sigs-04: (with DISCUSS and COMMENT)
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/W9CxP8UxjEsRKjDdFPb73wZ4G9E>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Owner: <mailto:spasm-owner@ietf.org>
List-Post: <mailto:spasm@ietf.org>
List-Subscribe: <mailto:spasm-join@ietf.org>
List-Unsubscribe: <mailto:spasm-leave@ietf.org>
Hi Daniel, all, Thank you for the follow-up. I reviewed both the PR and the clarifications below. Look good to me. Will update my ballot once the new version is published. Thanks. Cheers, Med > -----Message d'origine----- > De : Daniel Van Geest <daniel.vangeest@cryptonext-security.com> > Envoyé : mercredi 13 mai 2026 19:52 > À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>; > The IESG <iesg@ietf.org> > Cc : draft-ietf-lamps-cms-composite-sigs@ietf.org; > housley@vigilsec.com; lamps-chairs@ietf.org; spasm@ietf.org > Objet : Re: Mohamed Boucadair's Discuss on draft-ietf-lamps-cms- > composite-sigs-04: (with DISCUSS and COMMENT) > > Hi Mohamed, thank you for your review. Comments inline, and here > is the PR that addresses some of your > comments: https://github.com/lamps-wg/cms-composite-sigs/pull/14 > On 4/26/2026 3:40 PM, Mohamed Boucadair via Datatracker wrote: > > Mohamed Boucadair has entered the following ballot position for > > draft-ietf-lamps-cms-composite-sigs-04: Discuss > > > > When responding, please keep the subject line intact and reply > to all > > email addresses included in the To and CC lines. (Feel free to > cut > > this introductory paragraph, however.) > > > > > > Please refer to > > > https://fra01.safelinks.protection.outlook.com/?url=https%3A%2F%2F > www. > > ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot- > positi > > > ons%2F&data=05%7C02%7Cmohamed.boucadair%40orange.com%7Ca117577efa9 > c4ac > > > 5f4f708deb1186240%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C639 > 1429 > > > 15466852521%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOi > IwLj > > > AuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C% > 7C%7 > > > C&sdata=pckvDWKbHaOiZ7AI32iilQyE156MdY2eoad%2BAA6ue04%3D&reserved= > 0 > > for more information about how to handle DISCUSS and COMMENT > positions. > > > > > > The document, along with other ballot positions, can be found > here: > > > https://fra01.safelinks.protection.outlook.com/?url=https%3A%2F%2F > data > > tracker.ietf.org%2Fdoc%2Fdraft-ietf-lamps-cms-composite- > sigs%2F&data=0 > > > 5%7C02%7Cmohamed.boucadair%40orange.com%7Ca117577efa9c4ac5f4f708de > b118 > > > 6240%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C6391429154668644 > 92%7 > > > CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCI > sIlA > > > iOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=% > 2ByY > > RnREZ9mNVMewUatqX0Vard6mRgNbSUMimzYAhB3I%3D&reserved=0 > > > > > > > > ---------------------------------------------------------------- > ------ > > DISCUSS: > > ---------------------------------------------------------------- > ------ > > > > Hi Mike, John, Jan, and Daniel, > > > > Thank you for the effort put into this well-written > specification. > > > > Thanks to Niclas Comstedt for the OPSDIR review. > > > > I trust the various modules and examples were validated. > > > > Please find some easy-to-fix DISCUSS points: > > > > # ASN.1. > > > > CURRENT: > > CMS values are generated using ASN.1 [X680], using the Basic > Encoding > > Rules (BER) and the Distinguished Encoding Rules (DER) > [X690]. > > > > .. > > > > 4. ASN.1 Module > > > > Please move both [X680] and [X690] to be listed as normative as > these are need for the module. > Fixed > > # Terminology > > > > This document is consistent with the terminology defined in > > [RFC9794]. > > > > This makes 9794 as normative to understand the terminology. > > > > Alternatively, you may follow the approach in draft-ietf-lamps- > pq-composite-sigs#Section 1.1. > This draft actually uses little-to-no terminology from RFC 9794. > The little it used was just "traditional" which, while relevant to > implementers of Composite ML-DSA, isn't relevant to users of > Composite ML-DSA in CMS. Text using "traditional" has been > tweaked and the reference to RFC 9794 has been removed. > > ---------------------------------------------------------------- > ------ > > COMMENT: > > ---------------------------------------------------------------- > ------ > > > > # Please expand ML-DSA to Module-Lattice-Based Digital Signature > > Algorithm > > (ML-DSA) in the title and abstract > Done > > # Cite references > > > > CURRENT: > > [FIPS204] with traditional algorithms RSASSA-PKCS1-v1.5, > RSASSA-PSS, > > ECDSA, Ed25519, and Ed448. > > > > Can we have reference for each of these algos? > Done > > # Cite as a reference > > > > OLD: At the time RFC 5652 was published, > > > > NEW: At the time [RFC5652] was published, > Done > > # Pre-hash mode: Remid Rationale > > > > CURRENT: > > Composite ML-DSA operates only in a "pre-hash" mode. > > > > May add a pointer to rfc9882#3.1 or to rfc9881#section-8.3 to > remind > > the rationale? > Unlike ML-DSA, which offers both pre-hash and pure modes, > Composite ML-DSA offers only pre-hash modes, so a similar > rationale to RFC 8992 or RFC 8991 shouldn't be necessary. We have > nothing to rationalize, in CMS we couldn't have done it any other > way. The text is tweaked to make it clearer that Composite ML-DSA > only provides a pre-hash mode. > > # Explain when one may deviate from list for the following > SHOULD > > > > CURRENT: > > The SignedData digestAlgorithms field includes the > identifiers of the > > message digest algorithms used by one or more signer. When > signing > > with a Composite ML-DSA algorithm, this list of identifiers > SHOULD > > include the corresponding digest algorithm from Table 1. > Text has been added, not to explain when one may deviate but to > explain what might happen if one deviates. > > # Operational Considerations > > > > 9882#section 5 includes a discussion about operational > considerations. > > I think these are applicable here as well. > > > > As this document "borrows heavily from" RFC9882 per the ACK > Section > > ;-), I suggest to also barrow the ops part as well. > Unlike ML-DSA, Composite ML-DSA only operates in pre-hash mode. > Thus the message being transmitted to an HSM will always be small, > whether it's the digest being transmitted to an HSM which fully > implements Composite ML-DSA or an internal M' being transmitted to > an HSM implementing the ML-DSA component of Composite ML-DSA (and > this detail would only be relevant to an implementer of draft- > ietf-lamps-pq-composite-sigs, not of this draft). > > > > Cheers, > > Med > > > > > > ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [lamps] Mohamed Boucadair's Discuss on draft-ietf… Mohamed Boucadair via Datatracker
- [lamps] Re: Mohamed Boucadair's Discuss on draft-… Russ Housley
- [lamps] Re: Mohamed Boucadair's Discuss on draft-… mohamed.boucadair
- [lamps] Re: Mohamed Boucadair's Discuss on draft-… Russ Housley
- [lamps] Re: Mohamed Boucadair's Discuss on draft-… Daniel Van Geest
- [lamps] Re: Mohamed Boucadair's Discuss on draft-… mohamed.boucadair