[TLS] Re: New Version Notification for draft-tls-reddy-slhdsa-00.txt
Peter C <Peter.C@ncsc.gov.uk> Mon, 04 November 2024 13:39 UTC
Return-Path: <Peter.C@ncsc.gov.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46566C1A07F5 for <tls@ietfa.amsl.com>; Mon, 4 Nov 2024 05:39:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.709
X-Spam-Level:
X-Spam-Status: No, score=-2.709 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.453, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H8rj2NbBprKs for <tls@ietfa.amsl.com>; Mon, 4 Nov 2024 05:39:17 -0800 (PST)
Received: from GBR01-LO4-obe.outbound.protection.outlook.com (mail-lo4gbr01on2082.outbound.protection.outlook.com [40.107.122.82]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 481D8C207974 for <tls@ietf.org>; Mon, 4 Nov 2024 05:39:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KhmF0FxNXBcSKUZvJYJzWF4Ad9ZRiVD++A19JJiixXNdVJqXobjJU8A+1EW9UdPFwinw5hEmAlwCAAw/SPhDvRWK7w7sejbfmFHo08RPBsyMuw/gXXPYxuIn8L8lGsuGew0Fx66yIAJzNEoYvcT+dsTF60Ai8VmLtRUtPvN1TrrH2kOUINmIMh1hZc7elMdJ+3EZKAWpvkqVinunfKIC0lbrGsqYVFeRmEhLxQusewnbqpL5Ou3tSHcdr8/Kxf3TRG4JGmD4eDKS3j44Yl8HnOfuVEgF/l8k1S9O/3k26gdvFOV8p9kVlNQ4EbPcNI3Llz6taHwddJc+vwufXBjsLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LRWB3p0eukN/iyAr1bF/iX231qdGjHAylgbHcCqXsHs=; b=i32cekxq19GBpCW8EtT5Vprt+b+E/CG26AEDSfpXdXfdBvKrMGYX/HyToRPiBFtmAH+k9tv3gOlWAWK9qqCcqVYN2QSGnSugKz9rw74yQiFjLL2Wd0H/RhpGJUGX1AMTLJBySxXInt++7q2u5FofZlk7BiGcHePUEK9ow6RvW4QI12TyEN78Fx/4CozSRmwGGPKxOnismwjmn8TXwpbIROoYQs8+c3QwMbU6uHMP0zKh3WzedN8ye3i+nPS2syXbgFjrvdwRlIPS6sjLwK12rrphWoDQjdWMEjMH9j9Ii81RpHIVSr+cFX5nOPU4Cx/Eupse/TWq0jHiDvnGp43Cyg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LRWB3p0eukN/iyAr1bF/iX231qdGjHAylgbHcCqXsHs=; b=E8ncMmevQ54KxXweKM8lP8PL7I/6KlWOzIJjmrT/9rgRSSL13JyKpS9FyobjZmgC7eB1w62cmkBLVxLNnx00P/PpsdoU7ebH6EP5GyGcaHhRsi35HSLcEOckP+cGdLvHWNXsNGJZxFt1GvlVoPZCa+2p88hljeHLtrdLXbmshiYMfcgVX4sb6HmwfKBtZDFqJYPYlUrG05sMId07C7gdtjZER8qiKew5qoin8v8ZGLmp/DA9JVdh2tPBxIGpBtTeaIrtjIRRpzgVTUIbZepp3vR1bwxXe9IcIMUBc8i8wrZyBNhlkhnsYuBR07/5Mi6eFxC0KVK1LyP/CR5jetU/MQ==
Received: from LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:334::12) by CWXP123MB5690.GBRP123.PROD.OUTLOOK.COM (2603:10a6:400:199::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8114.31; Mon, 4 Nov 2024 13:39:13 +0000
Received: from LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM ([fe80::9bc5:c138:8ad8:525a]) by LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM ([fe80::9bc5:c138:8ad8:525a%7]) with mapi id 15.20.8114.028; Mon, 4 Nov 2024 13:39:12 +0000
From: Peter C <Peter.C@ncsc.gov.uk>
To: tirumal reddy <kondtir@gmail.com>
Thread-Topic: [TLS] Re: New Version Notification for draft-tls-reddy-slhdsa-00.txt
Thread-Index: AQHbLeHqpgVjvoLhL0e3MlULvOyzobKlqXVwgAENigCAAGCJIA==
Date: Mon, 04 Nov 2024 13:39:12 +0000
Message-ID: <LO0P123MB7055F1C3EE46D7ED454C01CBBC512@LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM>
References: <173059258404.346831.5910867006750037698@dt-datatracker-84cf84bdcc-hlxgg> <CAFpG3ger7FN0YHLFh02AQFD9UD0Bq8Kv0DcdPW8F1vn+1OapnA@mail.gmail.com> <83D930D6-FCB0-4C4B-B15D-8B2FEBE83028@vigilsec.com> <LO2P123MB7051227463A7583A1E6C023DBC502@LO2P123MB7051.GBRP123.PROD.OUTLOOK.COM> <CAFpG3gdsh548fd4Piaor-2oVJVjPz-FZnT1Bg78KACecRyWTNg@mail.gmail.com>
In-Reply-To: <CAFpG3gdsh548fd4Piaor-2oVJVjPz-FZnT1Bg78KACecRyWTNg@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ncsc.gov.uk;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: LO0P123MB7055:EE_|CWXP123MB5690:EE_
x-ms-office365-filtering-correlation-id: 98a78889-d2d1-4a3a-a7ce-08dcfcd6119e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018|8096899003;
x-microsoft-antispam-message-info: XiiJ9Y0mYjo2gf+mv1jqrNSagSGq6cnFebLQs4z9UCqxQv1PnJvRQR5Gq9THRCpZNoysENLB9gqOKB8vMkTAY4+CYmsFxemwYRSzU4SKdHDO3y5EVfn8xgbVdT9LasgA3sdj367tAeSIvj2jIbAzlrkrmnYylwi3KzmDcLxcpoJiPZnvTHu7F1A/6GPR5YbsBAQyhJeco5KImc8namqvG//ZHfpynZz+zq6MJk9FVscNo6kM5WY4a/6pq8tNkDI6thzaI81nQhiEgYjA/89+C9xE884FsJHH56P/nixCplYMBqmlnrBsOjBt7e/hWVjscKG5/M1QhFM8CwqvRg+BhXJJffdS/3OokBQ6EaJBnoWUnwfR5QviD2SW5768neY6JGgmoyXR2x7ob0NELQzDJecW44Y60PBZR52DyBn9PyLp8lu56CXNs4SDMpLboh8vF5DFUgqLh5L9cQ6/NNQgn96x3rdBdQVaFnh9+TqzWd3FoR01BA/oFDWyHj2F0GWhiiuJ1CZWwenQgCjqBh6jNZqE+EhqIcCm6+K4MYYXTHUUQY3z7E6HPBJnD0Uuo6wW7+QWghF7p/ABNRsrE4uTV7Tp5e25yqnRm2OqaWprF1alvpSA3BtBYqBLlmpSbSsacRRxaqfYTt3XpxY5VREdxkJGro+Y2KPlKCGku9f1OTW0R2mfLXV/q/AbGcBcal4UccGbHclnfAxCwJ2fl+uUfX17Mz8/kbl+XsYbGG/T5P7zwkHFeCSVQVFEA4URCzugy9l0bhhkBPx0GLPLcBTm+pS4i6wMSThQHXrY1VhZjbCgVYklz0m0sLbQMRFQfa1wZDbzGXl8ryTaQL0wVrzF2A5R4umCv9DVMG324xFgS2iyUvI4A6RN09K1yPA/yFIK9/9IhV20jQsxofH/i4fBf56dQHws0Wj+KVdClbjiCE/33mDzwVBOgR6/lSvRCzSAWUXNsJnAWdMeAPWYySQs4PvtVdcdnJKlv8sVvvW9JTm8omgtzzumV5Pwso6LfHskC+MgWj4NboOcpB08DBMtXQOCdkNCXnXvyoYOqjcdHtahVT+AeiUQYL/LCiXsXl4i4UWercWhAJQDIzmxNO7iWgB+GhZbT0ighBKQg8/xFftgFW3wedhGm3uhDcjAyKfjTUeCvhPp7Ua+akhoYlw1xqulOWGwFsgzPuYF99eqi72NlH/xKo6REmM+Ks+a0fbhOEga0QLAIJxos7/T/5Wm5bThD/G2aV/wg+UOSddu0T/l4D9yTCon+Em07+PKg6sSplLMqKW+jxwY0XEuOI5kYW50Ru4UEZPpvtQN+clGTv9ue9WQV3i2lbC4dbLn9MG0
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018)(8096899003);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: YT3HzN8OOyBzuZYdxL0Fy4pk6M0oIkyBiW7k9lXg7vNuFLXhLhDtIg49fP9hbqU2hoVss//gjtEvxz4twPA4XXv0q6OF+nibF92U6KOLZfBcmrQrAUsf9J2QrClKRwlFyMmUZCYNPYHDyC13v3x4PtKgQJrkMpbaI2lw7uHyAhspMRyKgMoV8tc444Ut5ccVEfYjA3PIfkV1gtlVzLz5sAmC6lU152Vf+HP6TLPjIqQ+D4cgCY4eBb1h8uZNgkT4lW38sd5cPwKwcorvlYV0UvS8LGxkjt2KQ5YvrgewUUrps1ts1/h99hceo+J20F9XUQxbzi+cXEqIDZGatBsJbdZZEIRMdmW81w4s53g2Cz1tzy9PRgjA6LWfwhz5gxYbc95YgoW6kNoY66uB2o25HzzUlJppkyeY3SX315GU3ii009RmmjLNOOukd8UklCmKMkk00ORnzJtYeIGXbL6lTg5nHcxZ9NT6wXGsMgT9CGTIFNYVlYOTzxwpc5QATkuKxlcntb0YscaCO6/sxAejIqCTvUKV/oSLJMVYmSB1sdKFXYgzjcaE8Rk7gqyVOh7+eHLqsdDrcW0A3LMT72sazDeOw0qf50Ri6/i+M+TEAE1CKUNG+QZFMuTOyUTAFNj5ivBX+Y9LIHbGFzyhSJgm43Cyvlj445VwVPgQ3Vs1JUAKWezk6HjhvgJKUUIC7rSNoaGurIfcGKWd0ElYVYvXO9Hr36RhFaAbLxFo+TG37vtNzctEN29ep6orEms7zRpOI+vAq+urk5SZOcv+4NTq0cS1gsakN4zeNIokR7yZl+LZ8+oYXpjgBudz1/ykyg8YEc5oEespnERm+yfzc9Mtz93XfxSJebAG08erwj2R445QHBeBi6mZ5T7QNddGu25fCIk08G8eOaGradL9AraBJYy0yndC0rVCpUCHJmS4NwEvMH7FhHRhE/7js3DkoHLKKbjWcKM4D+8gsr/VWVwEzg0iWXx7rTWWnNSA/ozQV1giDI9Z8jUmD24g5Pz0yXXf62X3iwkX+POOAz3j7JpVnpMLZ5QtUwqFVIrcoMFhSfkHxdUVKZT+GyU8Nxi93o0HjdULMNYO4yQ92jTlmfBZWY+ZR/QNvro6oY13vNNadhTStGOKnVo0ptvqpba5/+yNjEvTDQO0YyMOzbXnubTBEWnXcDvWd5sgVSIbl6BFDV61Au9pBD3gPcQ/iDvhO6czH605rFDLw7WFRxro+6CW4id1j1Zbtsz6E3LnDzm8E9jg29Q0gU290UPMYyEgCem2SMmd2Esk1R73Up/Hys8XGrQLy+SxMaH/+ONHBR/DYvEFbDgk2llwssUPcxB4WPjf+3wqRDtq1157fHGh2DUH2T9VNqfQ+kMiYsjD8wZTNONRQ41/7n38bPGLJkREaAnyQEMZJYkUmqzbu/ihWzXY1ecnYKCfIpkF8uOQmKw9Iihl7OclFfSpHDdkQ7FBwr70erRCff4nyfMqsiZih3pjjzIanBtlHdflaBw9BTBAB8P9Io6U2+8qhnanKe1Ybvh5NiVJ3evdq71AdP2vDaUkH7epnyY7NvtOC1pyjlBAAvd1y8UvuCqTef4710M36VBp
Content-Type: multipart/alternative; boundary="_000_LO0P123MB7055F1C3EE46D7ED454C01CBBC512LO0P123MB7055GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO0P123MB7055.GBRP123.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 98a78889-d2d1-4a3a-a7ce-08dcfcd6119e
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2024 13:39:12.8319 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fKXzpSEucg2upoEuvvbA/ygpYiEIHu4ViYbAHreqZHhKYHfv3mOI8F9Oq1nK1/eGPitvD964PLoxT0JHqq6k+g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CWXP123MB5690
Message-ID-Hash: 5L47KPBUU5VHIP7NZJZNJBS5SC3HDFKE
X-Message-ID-Hash: 5L47KPBUU5VHIP7NZJZNJBS5SC3HDFKE
X-MailFrom: Peter.C@ncsc.gov.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF TLS <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: New Version Notification for draft-tls-reddy-slhdsa-00.txt
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/8xxbxYF0i0vFBzkrWe483Q0dI1o>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Tirumal Reddy wrote: > SLH-DSA is not proposed for the end-entity certificates, it is preferred > for CA certificates (please see the 3rd paragraph in > https://www.ietf.org/archive/id/draft-tls-reddy-slhdsa-00.html#section-2) Yes, except the introduction says: "This memo specifies how SLH-DSA can be negotiated for authentication in TLS 1.3 via the 'signature_algorithms' and 'signature_algorithms_cert' extensions." which certainly implies end-entity certificates with SLH-DSA public keys. I realise that a single SignatureScheme registry is used for both extensions, so if you are not proposing SLH-DSA end-entity certificates then you need to be more explicit that it is not recommended for use in signature_algorithms. Peter From: tirumal reddy <kondtir@gmail.com> Sent: 04 November 2024 07:16 To: Peter C <Peter.C@ncsc.gov.uk> Cc: IETF TLS <tls@ietf.org> Subject: Re: [TLS] Re: New Version Notification for draft-tls-reddy-slhdsa-00.txt Hi Peter, Please see inline On Sun, 3 Nov 2024 at 22:17, Peter C <Peter.C@ncsc.gov.uk<mailto:Peter.C@ncsc.gov.uk>> wrote: Tiru, Is SLH-DSA considered a practical option for TLS end-entity certificates? Under realistic network conditions, TLS handshakes with full SLH-DSA certificate chains seem to be about 5-10 times slower than traditional certificate chains and, in some cases, can take on the order of seconds. See, for example, the results in https://eprint.iacr.org/2020/071, https://eprint.iacr.org/2021/1447, https://mediatum.ub.tum.de/1728103 and https://thomwiggers.nl/post/tls-measurements/. I agree that there's an argument for using SLH-DSA in root certificates, but I'm surprised it's being proposed for the full chain. SLH-DSA is not proposed for the end-entity certificates, it is preferred for CA certificates (please see the 3rd paragraph in https://www.ietf.org/archive/id/draft-tls-reddy-slhdsa-00.html#section-2) -Tiru Peter From: Russ Housley <housley@vigilsec.com<mailto:housley@vigilsec.com>> Sent: 03 November 2024 11:13 To: tirumal reddy <kondtir@gmail.com<mailto:kondtir@gmail.com>> Cc: IETF TLS <tls@ietf.org<mailto:tls@ietf.org>> Subject: [TLS] Re: New Version Notification for draft-tls-reddy-slhdsa-00.txt Thanks for doing this work. I hope the TLS WG will promptly adopt it. Russ On Nov 2, 2024, at 8:15 PM, tirumal reddy <kondtir@gmail.com<mailto:kondtir@gmail.com>> wrote: Hi all, This draft https://datatracker.ietf.org/doc/draft-tls-reddy-slhdsa/ specifies how the PQC signature scheme SLH-DSA can be used for authentication in TLS 1.3. Comments and suggestions are welcome. Regards, -Tiru ---------- Forwarded message --------- From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> Date: Sun, 3 Nov 2024 at 05:39 Subject: New Version Notification for draft-tls-reddy-slhdsa-00.txt To: Tirumaleswar Reddy.K <kondtir@gmail.com<mailto:kondtir@gmail.com>>, John Gray <john.gray@entrust.com<mailto:john.gray@entrust.com>>, Scott Fluhrer <sfluhrer@cisco.com<mailto:sfluhrer@cisco.com>>, Timothy Hollebeek <tim.hollebeek@digicert.com<mailto:tim.hollebeek@digicert.com>> A new version of Internet-Draft draft-tls-reddy-slhdsa-00.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-tls-reddy-slhdsa Revision: 00 Title: Use of SLH-DSA in TLS 1.3 Date: 2024-11-02 Group: Individual Submission Pages: 8 URL: https://www.ietf.org/archive/id/draft-tls-reddy-slhdsa-00.txt Status: https://datatracker.ietf.org/doc/draft-tls-reddy-slhdsa/ HTML: https://www.ietf.org/archive/id/draft-tls-reddy-slhdsa-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-tls-reddy-slhdsa Abstract: This memo specifies how the post-quantum signature scheme SLH-DSA [FIPS205] is used for authentication in TLS 1.3.
- [TLS] Re: [EXT] Re: New Version Notification for … Blumenthal, Uri - 0553 - MITLL
- [TLS] Fwd: New Version Notification for draft-tls… tirumal reddy
- [TLS] Re: Fwd: New Version Notification for draft… Ilari Liusvaara
- [TLS] Re: New Version Notification for draft-tls-… John Mattsson
- [TLS] Re: New Version Notification for draft-tls-… tirumal reddy
- [TLS] Re: New Version Notification for draft-tls-… tirumal reddy
- [TLS] Re: New Version Notification for draft-tls-… tirumal reddy
- [TLS] Re: New Version Notification for draft-tls-… Peter C
- [TLS] Re: New Version Notification for draft-tls-… Alicja Kario
- [TLS] Re: New Version Notification for draft-tls-… Peter C
- [TLS] Re: New Version Notification for draft-tls-… Peter C
- [TLS] Re: New Version Notification for draft-tls-… Kampanakis, Panos
- [TLS] Re: New Version Notification for draft-tls-… D. J. Bernstein
- [TLS] Re: New Version Notification for draft-tls-… Bas Westerbaan
- [TLS] Re: Fwd: New Version Notification for draft… tirumal reddy
- [TLS] Re: New Version Notification for draft-tls-… Russ Housley
- [TLS] Re: New Version Notification for draft-tls-… Alicja Kario
- [TLS] Re: New Version Notification for draft-tls-… Peter C