Re: [Suit] draft-atkins-suit-cose-walnutdsa

Derek Atkins <derek@ihtfp.com> Tue, 02 July 2019 14:15 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 416491200B6 for <suit@ietfa.amsl.com>; Tue, 2 Jul 2019 07:15:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W68s37Md00Wa for <suit@ietfa.amsl.com>; Tue, 2 Jul 2019 07:15:19 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FCE6120041 for <suit@ietf.org>; Tue, 2 Jul 2019 07:15:19 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id DCC7BE2044; Tue, 2 Jul 2019 10:15:16 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 31643-03; Tue, 2 Jul 2019 10:15:12 -0400 (EDT)
Received: from securerf.ihtfp.org (99-46-190-172.lightspeed.tukrga.sbcglobal.net [99.46.190.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (not verified)) by mail2.ihtfp.org (Postfix) with ESMTPS id 178BFE2040; Tue, 2 Jul 2019 10:15:12 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1562076912; bh=iielasGU5xa7UNgT7VhSAoL4KWmBQ3lsDYpUCTRr/74=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=KL9eMg6Xo/cP2/65fQkNGdhthJKVgl3pPi/A1lZmME8GmDpCqNpSBJ7JTchOmOXI2 B4+P1PhM9/iS0cr1TMIo3+eNdeJpX9wPJAazpJF2GndvaucsJtv6gbP5P8k0j+oSwW kb2bC3HTOMyeMkJwmZUeRO5/+uSJ2/MIPvS/+ogo=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.15.2/Submit) id x62EF6tJ015241; Tue, 2 Jul 2019 10:15:06 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Janos Follath <Janos.Follath@arm.com>
Cc: "suit\@ietf.org" <suit@ietf.org>
References: <AM0PR08MB33796BC8E8E7A039525EC5C3E8150@AM0PR08MB3379.eurprd08.prod.outlook.com>
Date: Tue, 02 Jul 2019 10:15:06 -0400
In-Reply-To: <AM0PR08MB33796BC8E8E7A039525EC5C3E8150@AM0PR08MB3379.eurprd08.prod.outlook.com> (Janos Follath's message of "Tue, 4 Jun 2019 13:35:02 +0000")
Message-ID: <sjm7e90zfo5.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/HKaPyIrA_ZVHXnxuzlI5nzuFZ1M>
Subject: Re: [Suit] draft-atkins-suit-cose-walnutdsa
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jul 2019 14:15:21 -0000

Dean Janos,

Sorry for the delay in responding; I've been on the road for most of
June and it's taking me a while to catch up on the ~10,000 emails that
piled up while I was (mostly) offline.

We have customers who are looking to use this technology today, so we
would like to do it in a standard way that others could understand.
Personally, I'm fine with an Informational (instead of Standards-track)
publication if that would make people happier.  Even so, the RFC Editor
would still require approval from this WG as it is within their (the
WG's) area.

There is no rule requiring the CFRG to approve informational documents.

Thanks,

-derek

Janos Follath <Janos.Follath@arm.com> writes:

> Dear Derek,
>
> I think that before standardising a new cryptographic scheme in IETF it
> would be prudent to have it approved by CFRG first, I believe this
> might even be a rule.
>
> If I remember correctly, then the Hash-based signature proposals have gone
> through some kind of an approval process. Has the CFRG approved WalnutDSA
> too?
>
> Regards,
> Janos
>
>> [Suit] draft-atkins-suit-cose-walnutdsa     
>
>>
>
>>      Derek Atkins <derek@ihtfp.com>
>>      Tue, 14 May  2019 13:05 UTC
>
>>
>> Hi everyone,
>>
>> I have submitted a new draft on how to use WalnutDSA in COSE, targeting
>> SUIT as a viable use-case.  WalnutDSA is in use for a secure boot
>> solution now; specifying how to use it in a standard way would help
>> others leverage the technology (or at least ensure there are no
>> conflicts with others).
>> 
>> I have tried to follow the framework of the Hash-based signature
>> integration (with Russ' approval).
>>
>> -derek
>> -- 
>>        Derek Atkins                 617-623-3745
>>        derek@ihtfp.com             www.ihtfp.com
>>        Computer and Internet Security Consultant
>
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
>
> _______________________________________________
> Suit mailing list
> Suit@ietf.org
> https://www.ietf.org/mailman/listinfo/suit
>

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant