[TLS] Re: Fwd: New Version Notification for draft-reddy-tls-composite-mldsa-00.txt
Ilari Liusvaara <ilariliusvaara@welho.com> Fri, 22 November 2024 15:08 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0804BC1840DA for <tls@ietfa.amsl.com>; Fri, 22 Nov 2024 07:08:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6ZWGMoVkbUKu for <tls@ietfa.amsl.com>; Fri, 22 Nov 2024 07:08:15 -0800 (PST)
Received: from welho-filter1.welho.com (welho-filter1b.welho.com [83.102.41.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5ABD2C180B7E for <tls@ietf.org>; Fri, 22 Nov 2024 07:08:13 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter1.welho.com (Postfix) with ESMTP id 5BBEA1B832 for <tls@ietf.org>; Fri, 22 Nov 2024 17:08:12 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new, port 10024) with ESMTP id sVN9KrOVvrqQ for <tls@ietf.org>; Fri, 22 Nov 2024 17:08:12 +0200 (EET)
Received: from LK-Perkele-VII2 (87-92-153-79.rev.dnainternet.fi [87.92.153.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 0B43A28C for <tls@ietf.org>; Fri, 22 Nov 2024 17:08:10 +0200 (EET)
Date: Fri, 22 Nov 2024 17:08:10 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <Z0CeWqqR517ZBnRJ@LK-Perkele-VII2.locald>
References: <173158352910.1151051.1311275574279677136@dt-datatracker-5f77bcf4bd-4q5pd> <CAFpG3gcjtwNnKMKxaGNQvVUYgUZSr0JF3BqRqVOUYazwo6H2+g@mail.gmail.com> <63ae3170-fe68-4f28-a19b-63c4f17a6740@redhat.com> <CAFpG3gcCPjnGw9cRUHz=nm67rJ5QFo7YQ+TGOzFhbbRBiAGJ1w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAFpG3gcCPjnGw9cRUHz=nm67rJ5QFo7YQ+TGOzFhbbRBiAGJ1w@mail.gmail.com>
Sender: ilariliusvaara@welho.com
Message-ID-Hash: BWTTZBW2XMV3QGITBDBIVKUZHMKS23GT
X-Message-ID-Hash: BWTTZBW2XMV3QGITBDBIVKUZHMKS23GT
X-MailFrom: ilariliusvaara@welho.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Fwd: New Version Notification for draft-reddy-tls-composite-mldsa-00.txt
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/8I4HU_mx7SRLEWspg3RUP91paVI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
On Fri, Nov 22, 2024 at 07:34:18PM +0530, tirumal reddy wrote: > Thank you, Alicja, for the review. I agree with all your comments and have > raised a PR https://github.com/tireddy2/composite-mldsa/pull/1 to address > them. I think it would be better to have a footnote for the two SignatureScheme values that are not allowed in signature_algorithms than adding a whole new column. The TLS ExtensionType Values already has such footnote for non-standard behavior in where the ech_outer_extensions extension can appear. However, I do not think it is clear if clent is allowed to send the values in signature_algorithms or not. And if not, how is the server to handle the values appearing anyway? And the values are definitely not allowed to appear in CertificateVerify, but this is not stated. As reference, TLS 1.3 does allow PKCS#1 v1.5 signatures in signature_algorithms, but not in CertificateVerify. And there are no notes in the registry about that. -Ilari
- [TLS] Fwd: New Version Notification for draft-red… tirumal reddy
- [TLS] Re: Fwd: New Version Notification for draft… Alicja Kario
- [TLS] Re: Fwd: New Version Notification for draft… tirumal reddy
- [TLS] Re: Fwd: New Version Notification for draft… Ilari Liusvaara
- [TLS] Re: Fwd: New Version Notification for draft… tirumal reddy