IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Re: draft-ounsworth-pq-composite-sigs-11

Mike Ounsworth <Mike.Ounsworth@entrust.com> Thu, 08 February 2024 18:43 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A782C14F6E9 for <spasm@ietfa.amsl.com>; Thu, 8 Feb 2024 10:43:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.806
X-Spam-Level:
X-Spam-Status: No, score=-2.806 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Se4Ozjwh8G29 for <spasm@ietfa.amsl.com>; Thu, 8 Feb 2024 10:43:07 -0800 (PST)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C488FC14F5FF for <spasm@ietf.org>; Thu, 8 Feb 2024 10:43:06 -0800 (PST)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 418IfxrP002322; Thu, 8 Feb 2024 12:42:57 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h= from:to:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=mail1; bh=zXR9q63Ye7z6/oG4ZjXi2R/j ZlQx2VgUWXOZEJL41E8=; b=FuiVtSxQxRPY4xg2CgolUbYdXto4XlOFt5qeA6LH MTJlHaMfc1kdff+u+61HNIQSWFc5UQrhG2VmVT3fj1+Vv+nIdurblOlfhRt6qj7y Rv9qbtiO3AgZeLO7485by2OebZymJ6YDABopMdGlJZlKSoCDys3tvhdncT/s6eRb C4jBnxnDdkXCK38T6iHiC8SkDfNMk0YoZ0AoWlI3kBvUQns6nrrO+vtM9W2vorcD IWhCldhT1m938WkXaqUj+zlng52zxmnDIUc2+OYU+ZoAOIih6bmLo9ydmZmBiA8B EiE67i5id6zVyuYhh2CW4Kp0xRe5OHdyxaNCMkFKWk3Dkw==
Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2168.outbound.protection.outlook.com [104.47.59.168]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3w1k23s6p8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 08 Feb 2024 12:42:56 -0600 (CST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RnyEDAUk0z8ULDzLBxiush6cUH9CLMmAQs7r6UE0l/vAYhmHGIXBNbFLl6GPEQ79CKEa4siMc5hdikN2MpNZmOX4gBjMYjGu5FtgbgvlB2Cl1dtQ8PjAusPQb/aw+PuvtR3N/CLu1ePVbKnTGxi9J6pQTi19m37Ahggxs5COdX5dNEXOs4+Kjbgbw3rUGU6UYkV/URD26go8QRlGoGAyA9hBeNZMmogs7aBWvfeJvPpppiBwnDZvUI81if+IqyWyVjrL6wnUUq8GlptanYczD21iyrrKy3Nr2APPkk18OOeAxjrc8kQWnDHZ9vUXKo5snOfxhJbLYnTOmC4CMkC6Hg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zXR9q63Ye7z6/oG4ZjXi2R/jZlQx2VgUWXOZEJL41E8=; b=bSMmHonrnr1CfaJIsVtJ5WaPDishXQ4Wfte1W83Ylb76nd8pYQxaJxBmlMaMq7jeOwR5wVqPeXl1XfRFp+xpgq6wrylorzTbx6g/noHq46AXY0XMCFHNkIl67L0RoKx8gUR05ehEFjp/xaUI108w8tcJrBXxaa8HA2UAc5ngRMVJz8knvFjNun7+4OpZCzArMTYGAE/wpKPiT3lR9GzpKz7MTM4a7Y1Bp1QMyorbyoDL2Bzt2P3DU5Rdfh9Ifz34RLc95wiwvnCiJKELebnI3DSJC8CrXD/upap4yeKP/aIT3JB3lym1R/7TL/K2706ZNS4Wp+nw6qi0veBSonCXhQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by LV8PR11MB8461.namprd11.prod.outlook.com (2603:10b6:408:1e6::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7249.38; Thu, 8 Feb 2024 18:42:48 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d401:ba56:87f2:7eb8]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::d401:ba56:87f2:7eb8%6]) with mapi id 15.20.7270.024; Thu, 8 Feb 2024 18:42:46 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Kris Kwiatkowski <kris@amongbytes.com>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [EXTERNAL] Re: [lamps] draft-ounsworth-pq-composite-sigs-11
Thread-Index: AQHaWhSXVHL9GeRflkufYbl0qndSgbEAkjgQgAAqwoCAAANnUIAABYkAgAABC1A=
Date: Thu, 08 Feb 2024 18:42:46 +0000
Message-ID: <CH0PR11MB5739CD0DDEADCAD5AA72DC619F442@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <1751D067-A337-4611-A638-02DB5F90394A@amongbytes.com> <d3abe6ed-4150-43fb-b6f4-d3402ae41599@cs.tcd.ie> <CH0PR11MB5739F82A580E1B892DF90DF69F442@CH0PR11MB5739.namprd11.prod.outlook.com> <08a4e633-6972-4a7d-a295-5ffea82df6dc@cs.tcd.ie> <CH0PR11MB5739A9F75E71C5B99D980D479F442@CH0PR11MB5739.namprd11.prod.outlook.com> <4f3c3b15-6635-4afd-8df0-c5c3827e6f69@cs.tcd.ie>
In-Reply-To: <4f3c3b15-6635-4afd-8df0-c5c3827e6f69@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: CH0PR11MB5739:EE_|LV8PR11MB8461:EE_
x-ms-office365-filtering-correlation-id: e7913f79-af57-4869-26a6-08dc28d5be62
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 32G8IaMT0l8ecsbXfCkbpbrFjj+n2QB2fxOR52J2ih5C1/H34wi+1bs1QXZ30gw8QK1T0zUri7E4C81PnXLkrhl5wuYgM8CoqDq6/9rVNUEPuy5tyDXfSOWN1TxG0BGv5HdjO4q3VeVVDJ0P62Bh140gUM45nHc8E2VEmrxa9ghC1/bQh3UCxS6AjLI7wOKm1iR0Dc2vr/GGDdku9rLvU03+rXddP0aHM+E8bx0pclweSlLcEKblFYJTCSR6qAxF/HGN2bFZSckUepWwPpFEyj/x4tSfL1yGcJF8cwAIEChNQGC4SCfX9do/yrm+xxnj/DsZ6wE/e0dTyFth+evl2ivNjWZQHayN5IfIUjR4e7YlhGcLES6DK6DdCm6LWNsPZun6Q0GS76E/rHIauLeGnhPWFO0KT/oLDD6zOskYUYY9HWawiDNPKPEEjSQbH/LWQwWhyJZygpc22IqH1j8U16qczalUB+M2fpp+JqsaJQYhaZKXCdI6Ohf8JL+g9YEm1BmZHqLJEPTVgBthvulQITmx/iKJ6h2tpB8pYHH1N1+ZONIe2xO5x2qWGtV6SuCLrbIlezFVyW05iHjViO51oCLEcWggdSutSZIr5bymBbA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366004)(136003)(396003)(39860400002)(376002)(346002)(230273577357003)(230922051799003)(64100799003)(451199024)(186009)(1800799012)(41300700001)(66476007)(478600001)(66556008)(6506007)(8676002)(76116006)(64756008)(66946007)(66446008)(53546011)(7696005)(966005)(9686003)(71200400001)(296002)(316002)(38070700009)(8936002)(99936003)(110136005)(122000001)(86362001)(38100700002)(83380400001)(26005)(33656002)(5660300002)(52536014)(2906002)(55016003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4JJLnBZjT3B+VXwXkPug60Yt1wNGZtZH3PPG0MuuKfTd7kMav3dIgdEviF+ljuXW5j+5BcUZYvJMNij0V70Em9w78Gn2g296qsj7o+fuuJF4zL6vIsFnpKaH9E3jvXnZUmyv5PpKXg6NjJbBhXLgRKl+lqLbuVZwDAJ8GEVZydFt3CBfuvEqVhFXQGdHllSyuZ3fxTJ/CYUyxUSpQMKT9IKrfcyPz/2otS8R5piSjbSjfWQNSsT+0ENuF57JHnSN1u0+BAEWr6ILsviLihS+sHghaee8PEZo5jEyA+iLWHsDcGWW8p2/wY3kz9zvRhhtS/sR5VHQ9WnUoYnG6URU642Bpf+dGJ0fZahkfwUX9BUrOwMFC3elI6eGfWN6Cf6g33znRPN6nV/LGudD0mS8OFnWvz9CCd2BFrC+hQsXkqUDk6EuRaURcowF9IpS3Da+xaa9Qxwoh0L//8cZaCe7dMy/zo8yakX0FJmfsBkKYMt221F0kxr6Sh+o2K+9TYq99dUk1fNPrCBj2elhD+MFJbDvChVXQxu+CsTKp0xQikPVLpNjjJRi6Me/UIenwC+atWzxtPbpcL6s+RlNh1FVOeb9AM+0PMks+frnO0wCW8ysbHBVDyj+Am4H7qvR4J/5QaWZpbXz/WhexPGM89q9ax0VAIS3Bh85NhYAawkbO7rm/thkcVUYKp6cTVYHlGlBddOs46E+lUyfaQygpbl0Fv/hXKPG7YgHQMVEFPc6O3ex6y8Gg90TwnfwM1N5SvkWzu4rZsur0WLLvsQhFgE0l9QOFxF/K34798RklZxeUmqoNt/vdplfdmjnx+rzVVD1+d75/hed2tcZbEj3wkUJg6dS97O+nPkahiMvXB9uqjQEHJU46yFnhOU54Yf9B7+0t06uApR0XlUwUKhQzeQSoZ0Po/TE/gvjnYmMHBoinCzwuz/8mIqIHehOKzVGktuVg52QOSF0d09ZCUmIfzJuYtsPOnn4zT5mal/dI8YFyc2JgUQtFD4gDthocjEOoO50hbPN596cmQOmDiG6Q+6TpZcYkY0kCAO6JCrX5EKtVaXVp0PXZBJZox3tNTIX0d52lUWW4Wg1L0X65WAxPzMuN+d3fLPyQS3Ba2Q3RQNlunI90MvVHIryjgTJ2b3d5Cf3hNIPO6aBdaklCvlTt+qVcS1zJG+PLDQSDwOAjM4C9qy4cqspCCOV6R243w6BOBGPX6xZ2VU5d5iQnKm91aca/RNQsThacUBLJ26ifiBAiwBL9uonIQAktVQw4jzd4vXfEI3U2XkhDyzeaCPxYnRl2uhdUK6ZMINZNueX8cxtJUhCxMQxNlGWfPmY5rHL8JPxoEKebacMJyFbQYuv4yFaRsbu2IgPjlLxPD9tO+UOiarpiWequ4RtGoZqYwU5HJ9x/ixak2byLftXrqhdA+J5KlsUyK5RX+XcYWaG7tgov7/DUgCDI3lQSlOLRASrjnUT9NNzvfJwrYJfnLo9+/dWgLglNNBZ65leQLM/oLQSxj87Zqbn69lXel1DjL0xf/nhy+IWlvrlkesR3vNVwcL+h3ih3sdyi5iFEGthPCMuq5/jQRd/ARpvf6prDTBbbMur
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0433_01DA5A8C.508ED470"
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e7913f79-af57-4869-26a6-08dc28d5be62
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Feb 2024 18:42:46.6991 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nkV1sN0I2e7qnLPQ3W+HAviZyrbo8nMKzCGFGxNeJNWSJ+Z+MuGCCjkplpPlQdjcsMkP1z8/pyG4PAyybKf1TvLLf+STN3xqF5ugMzyTIvY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR11MB8461
X-Proofpoint-GUID: DMeV1oDaqNeGXF-LcGs2u1c8Eg673U_p
X-Proofpoint-ORIG-GUID: DMeV1oDaqNeGXF-LcGs2u1c8Eg673U_p
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-02-08_08,2024-02-08_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 lowpriorityscore=0 phishscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 impostorscore=0 mlxlogscore=999 clxscore=1015 suspectscore=0 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2401310000 definitions=main-2402080098
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/sLh2GGFDkwqZ4oCU6_4TjUCDLIc>
Subject: Re: [lamps] [EXTERNAL] Re: draft-ounsworth-pq-composite-sigs-11
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2024 18:43:11 -0000

> I'm not currently being a detractor. I'm asking for someone to document a case where these hybrid signing algorithms are needed and needed now. If that's not doable then I find that fairly telling.

The BSI has documented it. Here is their document:
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Brochure/quantum-safe-cryptography.pdf

The French Cybersecurity Agency (ANSSI), Federal Office for Information Security (BSI), Netherlands National Communications Security Agency (NLNCSA), and
Swedish National Communications Security Authority, Swedish Armed Forces have documented it. Here is their document:
https://cyber.gouv.fr/sites/default/files/document/Quantum_Key_Distribution_Position_Paper.pdf

I am unclear why you don't accept this as proof-of-need.


I am also unclear why proof-of-need is a requirement for RFC publication. Are you trying to tell me that the IETF has never once published an RFC that didn't end up getting used in production? There is a government recommendation document specifically citing this I-D as an example of "good". Surely that is enough by itself to meet the IETF's bar for usefulness.

I have seen NSA documents (I'm thinking of draft-ietf-lamps-cert-binding-for-multi-auth) be adopted with a justification that boils down to "DoD wants this for internal use". That is less justification than we have for composite sigs, yet somehow that was acceptable, and this is not?

---
Mike Ounsworth

-----Original Message-----
From: Stephen Farrell <stephen.farrell@cs.tcd.ie> 
Sent: Thursday, February 8, 2024 12:32 PM
To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; Kris Kwiatkowski <kris@amongbytes.com>; spasm@ietf.org
Subject: Re: [EXTERNAL] Re: [lamps] draft-ounsworth-pq-composite-sigs-11


Hiya,

On 08/02/2024 18:26, Mike Ounsworth wrote:
> Hi Stephen,
> 
>> Other agencies have recommended against hybrid KEMs by times, and we happily ignore that.
> 
> I fully disagree. We are not ignoring that at all.
> LAMPS has draft-ietf-lamps-kyber which instructs how to use Kyber by itself in CMS, which fulfills the requirements from people who do not want hybrids. And similarly draft-ietf-lamps-dilithium-certificates for pure Dilithium signatures.
> My understanding is that the IETF does not play politics; if multiple governments have conflicting technical requirements, then we should produce separate mechanism to satisfy each. It is clear to me that there exists a need for this motivated by BSI and ANSSI recommendations. Full stop.
> 
> 
> I have written some text into the composite signatures draft that I think addresses this. It is currently on a github pull request:
> 
> https://github.com/EntrustCorporation/draft-ounsworth-composite-sigs/p
> ull/131
> 
> It adds the following text to the Introduction:
> 
> + In particular, certain jurisdictions are recommending or requiring that PQC lattice schemes only be used within in a PQ/T hybrid. As an example, we point to [BSI2021] which includes the following recommendation:
> 
> + "Therefore, quantum computer-resistant methods should not be used 
> + alone - at least in a transitional period - but only in hybrid mode, 
> + i.e. in combination with a classical method. For this purpose, 
> + protocols must be modified or supplemented accordingly. In addition, 
> + public key infrastructures, for example, must also be adapted"
> 
> + In addition, [BSI2021] specifically references this specification as a concrete example of hybrid X.509 certificates.
> 
> + A more recent example is [ANSSI2024], a document co-authored by 
> + French Cybersecurity Agency (ANSSI), Federal Office for Information 
> + Security (BSI), Netherlands National Communications Security Agency (NLNCSA), and Swedish National Communications Security Authority, Swedish Armed Forces which makes the following statement:
> 
> + “In light of the urgent need to stop relying only on quantum-vulnerable public-key cryptography for key establishment, the clear priority should therefore be the migration to post-quantum cryptography in hybrid solutions”
> 
> + This specification represents the straightforward implementation of the hybrid solutions called for by European cyber security agencies.
> 

That's about the closest I've ever seen to a pure argument from authority. I don't think we ought base IETF work on such a well known fallacy.

> 
> To flip the burden of proof back onto the detractors: 

I'm not currently being a detractor. I'm asking for someone to document a case where these hybrid signing algorithms are needed and needed now. If that's not doable then I find that fairly telling.

S.


> if you think that this work should not proceed, then please justify why the IETF does not need to produce a mechanism to fulfil this recommendation from multiple governments. Or perhaps the IETF already has a mechanism that satisfies this requirement, but if so, I am not aware of one -- for example all of the Multi-Cert mechanisms that I am aware of operate in an OR mode, and are therefore not "hybrids" as defined in the above-referenced BSI recommendations document.
> 
> ---
> Mike Ounsworth
> 
> -----Original Message-----
> From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
> Sent: Thursday, February 8, 2024 12:00 PM
> To: Mike Ounsworth <Mike.Ounsworth@entrust.com>; Kris Kwiatkowski 
> <kris@amongbytes.com>; spasm@ietf.org
> Subject: Re: [EXTERNAL] Re: [lamps] 
> draft-ounsworth-pq-composite-sigs-11
> 
> 
> Hiya,
> 
> On 08/02/2024 15:31, Mike Ounsworth wrote:
>> Not to be flippant, but I think the answer is "everywhere".
> 
> You may be unsurprised to hear that I disagree.
> 
>> The current recommendations (at least from some European governments) 
>> are to not use lattice schemes in isolation, but only in hybrids. So 
>> anywhere that uses long-term keys (ex.: certs for CAs, S/MIME, Code 
>> Signing, Document Signing, any-other-thing Signing, etc) and wants to 
>> migrate to Dilithium *should* migrate to a dilithium+ecc or
>> dilithium+rsa composite.
>>
>> Would it address your comment if we add text to the Intro to that 
>> effect that references the various government calls for hybrids?
> 
> Not for me, no. Other agencies have recommended against hybrid KEMs by times, and we happily ignore that. We should also be doing the engineering work to determine what's needed where and when. So I think we need a demonstration that these kinds of hybrid signing algs are needed, and needed now. I've not seen that myself, especially in a context where pq signing algs seem to be evolving a lot.
> 
> S.
> 
>>
>> --- Mike Ounsworth
>>
>> -----Original Message----- From: Spasm <spasm-bounces@ietf.org> On 
>> Behalf Of Stephen Farrell Sent: Wednesday, February 7, 2024 4:25 PM
>> To: Kris Kwiatkowski <kris@amongbytes.com>; spasm@ietf.org Subject:
>> [EXTERNAL] Re: [lamps] draft-ounsworth-pq-composite-sigs-11
>>
>>
>> Hiya,
>>
>> On 07/02/2024 22:07, Kris Kwiatkowski wrote:
>>> * Is there a document describing real-world use cases for this draft?
>>> I’m aware of draft-vaira-pquip-pqc-use-cases, but really I’m looking 
>>> for use cases where draft-ounsworth-pq-composite-sigs will be 
>>> clearly very useful/necessary to have.
>>
>> I'd also be v. interested in that, and didn't find such text when I 
>> looked a few months back. (And I think such text is very much
>> needed.)
>>
>> Cheers, S.

v2.23.0 | Report a Bug | By Email