IETF Logo Mail Archive

Re: [lamps] Call for adoption for the composite-related Internet-Drafts

Russ Housley <housley@vigilsec.com> Thu, 15 June 2023 13:33 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69FB9C14CE55 for <spasm@ietfa.amsl.com>; Thu, 15 Jun 2023 06:33:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SQCtKakdctpi for <spasm@ietfa.amsl.com>; Thu, 15 Jun 2023 06:33:11 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90923C14CF18 for <spasm@ietf.org>; Thu, 15 Jun 2023 06:33:11 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 86CBF189033 for <spasm@ietf.org>; Thu, 15 Jun 2023 09:33:10 -0400 (EDT)
Received: from smtpclient.apple (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 750F3189818 for <spasm@ietf.org>; Thu, 15 Jun 2023 09:33:10 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_5487182A-FE8A-4A07-8250-FC5458A25CDB"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Date: Thu, 15 Jun 2023 09:33:00 -0400
References: <C5B6AE84-DF32-4A80-92CF-DD51FB622C20@vigilsec.com>
To: LAMPS <spasm@ietf.org>
In-Reply-To: <C5B6AE84-DF32-4A80-92CF-DD51FB622C20@vigilsec.com>
Message-Id: <0C9CF151-D17C-4FC1-9310-CF3D3DDE68D6@vigilsec.com>
X-Mailer: Apple Mail (2.3731.600.7)
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/hR_oGBgpUj4oM-4TD_LkcoMYKRU>
Subject: Re: [lamps] Call for adoption for the composite-related Internet-Drafts
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jun 2023 13:33:13 -0000

Dear LAMPS WG:

The LAMPS WG Chairs do not think that the three Internet-Drafts have
achieved consensus for adoption.

This does not mean that the LAMPS WG will not do any work on composite
algorithms.  Recall that the current LAMPS includes:

   5.b. A lengthy transition from today's public key algorithms to
   PQC public key algorithms is expected. Time will be needed to gain
   full confidence in the new PQC public key algorithms.

   5.b.i. The LAMPS WG will specify formats, identifiers, enrollment,
   and operational practices for "hybrid key establishment" that
   combines the shared secret values one or more traditional
   key-establishment algorithm and one or more NIST PQC
   key-establishment algorithm or a PQC key-establishment algorithm
   vetted by the CFRG.  The shared secret values will be combined using
   HKDF (see RFC 5869), one of the key derivation functions in NIST
   SP 800-56C, or a key derivation function vetted by the CFRG.

   5.b.ii. The LAMPS WG will specify formats, identifiers, enrollment,
   and operational practices for "dual signature" that combine one or
   more traditional signature algorithm with one or more NIST PQC
   signature algorithm or a PQC algorithm vetted by the CFRG.

To address charter item 5.b.i, should the LAMPS WG adopt the "Composite
KEM For Use In Internet PKI" in draft-ounsworth-pq-composite-kem-02?

Please reply to this message by Wednesday, 28 June 2023 to voice your
agreement or disagreement with adoption by the LAMPS WG.

On behalf of the LAMPS WG Chairs,
Russ

> On May 30, 2023, at 3:42 PM, Russ Housley <housley@vigilsec.com> wrote:
> 
> Should the LAMPS WG adopt these three Internet-Drafts ...
> 
> 1) "Composite Signatures For Use In Internet PKI" in draft-ounsworth-pq-composite-sigs-09?
> 
> 2) "Composite Public and Private Keys For Use In Internet PKI" in draft-ounsworth-pq-composite-keys-05?
> 
> 3) "Composite KEM For Use In Internet PKI" in draft-ounsworth-pq-composite-kem-02?
> 
> This document was discussed in the LAMPS session at several IETF meetings.  The authors sent a note saying that they incorporated the feedback that they received at IETF 116.
> 
> Please reply to this message by Wednesday, 14 June 2023 to voice your agreement or disagreement with adoption by the LAMPS WG.
> 
> On behalf of the LAMPS WG Chairs,
> Russ
> 
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email