IETF Logo Mail Archive

Re: [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs

Russ Housley <housley@vigilsec.com> Wed, 17 April 2024 14:55 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2429DC14F6E2 for <spasm@ietfa.amsl.com>; Wed, 17 Apr 2024 07:55:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=vigilsec.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mfut__JPkkcA for <spasm@ietfa.amsl.com>; Wed, 17 Apr 2024 07:55:14 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 060D1C14F5F4 for <spasm@ietf.org>; Wed, 17 Apr 2024 07:55:14 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id BBDD117A058 for <spasm@ietf.org>; Wed, 17 Apr 2024 10:55:12 -0400 (EDT)
Received: from smtpclient.apple (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id A336E17A053 for <spasm@ietf.org>; Wed, 17 Apr 2024 10:55:12 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
Date: Wed, 17 Apr 2024 10:55:01 -0400
References: <2EE41815-9EF3-4D6B-888A-385C3C91987A@vigilsec.com> <bf61b0ba-543f-4f34-8ae5-a0f5f5030d72@cs.tcd.ie> <dfbc62145d004111ac3a55f668e7d00d@amazon.com> <fafe0335-3fa6-486f-a8cf-6dae7074d731@redhat.com>
To: LAMPS <spasm@ietf.org>
In-Reply-To: <fafe0335-3fa6-486f-a8cf-6dae7074d731@redhat.com>
Message-Id: <5C395E31-D8C5-402C-A5C3-40E9509A0B03@vigilsec.com>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vigilsec.com; h=from:content-type:content-transfer-encoding:mime-version:subject:date:references:to:in-reply-to:message-id; s=pair-202402141609; bh=cMZMwRmF0/mwunF2b0euBLF8OjR3zmbYA39ZRNIcLeU=; b=mE6O8cM2VZzJTd0FV5Qyd8WVIm+8x4pSEibQgWwywLc9tcta1INHJdX9VKLLc/HISPtNZbXhteBu/xfAx+xRC5rQLnc/n/Xmy6OW2tfOu/5krfCeYZ92KTg7Igrsj4F6mOXopqX0GEcyljxI9mGSf84lTbHTgvclj3DzIqjwapAwHF6KwRK84MyfJsXAcYt3PGY2t+M8mQX0uRNrKd5KkbhVojHeeQV6Kvk8rqRGEh7FcRlpUtRNitUywauISzi3UV9+lGY8s4scijK4Fwe3BddNUsMUdcPRBP30u4msSxHA5qIYQFPGFJ1zrgq2gAO/J0CWHNf2QJAHPgVMQr6N6g==
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Y209PBHcdeYSrdHVyYCu58Lt7bE>
Subject: Re: [lamps] Call for Adoption of draft-ounsworth-pq-composite-sigs
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2024 14:55:18 -0000

> On Apr 17, 2024, at 10:25 AM, Hubert Kario <hkario@redhat.com> wrote:
> 
> On Wednesday, 17 April 2024 15:59:50 CEST, Kampanakis, Panos wrote:
>> I oppose adoption as well. 
>> Some of the reasons: - Combining sigs is not as urgent of an issue, so we better have trust to whatever we deploy before we need them.
>> - We can afford to wait for most signing use-cases, and those that can't, can use SLH-DSA which is conservatively secure. - Classical  and PQ sigs will coexist for a long time so any PQ signature security issue could be remediated by swapping back to classical. 
> 
> To add to that, signatures that need to remain secure for a long
> period of time (legal documents and such) can already use multiple
> time-stamps to prove using both classical and post-quantum crypto
> that the original classical signature was created before
> cryptographically relevant quantum computers were created.

In a side discussion, I learned that some people involved in this thread are unaware of the Evidence Record Syntax (ERS) specified in RFC 4998.

Abstract

   In many scenarios, users must be able prove the existence and
   integrity of data, including digitally signed data, in a common and
   reproducible way over a long and possibly undetermined period of
   time.  This document specifies the syntax and processing of an
   Evidence Record, a structure designed to support long-term non-
   repudiation of existence of data.

Russ

v2.23.0 | Report a Bug | By Email