[TLS] Re: WG Adoption Call for Use of SLH-DSA in TLS 1.3
tirumal reddy <kondtir@gmail.com> Fri, 06 June 2025 11:25 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id BA3D831BA244 for <tls@mail2.ietf.org>; Fri, 6 Jun 2025 04:25:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8igjXeihTxWn for <tls@mail2.ietf.org>; Fri, 6 Jun 2025 04:25:59 -0700 (PDT)
Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 64D6831BA239 for <tls@ietf.org>; Fri, 6 Jun 2025 04:25:59 -0700 (PDT)
Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-551fc6d4a76so2050987e87.0 for <tls@ietf.org>; Fri, 06 Jun 2025 04:25:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1749209158; x=1749813958; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=PjYVeaMAB1fPEg97cWsfsdHMuPBwmMcMiYUWKfBPQXc=; b=ZPrvTYLmjXobH2QsUpC9ESgLBBsiUBkbmRXp/lXSnYuACwktS+PWzTONa5PEEf+Waw OQgQK/OogTOizkl52pSErTvWR02uN6AJxWM35sEOjfUkJB43Qw4J+jCaPMYNEHLF+MFX w6cugPjjOBKDxu7H1prsLz29sEPBp/xXUcIbDxVBax3tAJKkGmzjj6bm3KPD5CV3epnE ClMiSXLyOciy9EViDtiOf1ojH2A3gBpBzpWO/e18x+vbZ4NjqWtTowKpEyXi0Yf3wT7L x+ZbAE6CkvjnswMAnwdOl1cjo6kE4dubMWW2CJY2atPnYSycMKDouDviEOIjyUY+czh2 kcMA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749209158; x=1749813958; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PjYVeaMAB1fPEg97cWsfsdHMuPBwmMcMiYUWKfBPQXc=; b=oyGhsESR+f/6JIgrp/7bS3KOfTBVfWUE29tT253hcqDkueb1JR3a9RkD+4cbLzlNKD yLJT1zU7C1HT3jUDwJlUzG8WwJBorRne3o8eoxsa04MRApe2DXsxSew7+O0qXaDv2siE PezDYG6tcdIsiB1BJKeOg+X7CZEJTsazMsk1Lom9pDmoTMTkexu7a/yQEtV4xKqKwjtO iy3lLqf1ion4D/b+vzqH5STT7tF5c9X5AelveI9CVDsPAZpKmlxxv2FAUvLpLhZSun64 iafNqy6tca8py/eEJ3GYjNGPdjm/vaJJCBQearPE6aBEolwFlfEw/hYbbWyLsAbKtxgu ntxg==
X-Forwarded-Encrypted: i=1; AJvYcCXy7TxROhz9o+wVBzZpDbap/b10zQZzGF+FYRK/oNwzVI0KbUIBgaqeAD3j1COtyo8E6cw=@ietf.org
X-Gm-Message-State: AOJu0YxOCo6gP+daMNJTQjtRq9oh7GzNdac6sJxAr9yvdxyHeW0dsavq eVYsnifqhQrleA1Ib8sv1X9bIXNa3zjOLwOawaa1oqvTujNo4/+G/aaH89yeBAUZiURwk/vLAm9 x2FvOARYvNFBJQASuVbmWhQ9cAaZYqxf0mgTR
X-Gm-Gg: ASbGncvKxIEfOsgycDJTGaGJvtGjyHrh584RwS8VF70EYWyqkRsw60+TK9K+Sb8ntZ9 4HBMj4l2Fr9znTDLhUMTchvdBSyz/TRdRjALY6yUR5lq2wQRqFXK70z8sw7ZdUiKK9DF7breppr SHqh6eaDwSpsOLHDZlhSPBv0eCZdkOc1u1qlA=
X-Google-Smtp-Source: AGHT+IH5NwXzb1B7b60bzn6dai6NbJlLK0k4u/mn5KFokK8cRbAMgGTlSJTbBgdkWu5OSWg8KLq5cVWAwMbWCUv9LBc=
X-Received: by 2002:a17:907:7249:b0:ad8:a88c:84e3 with SMTP id a640c23a62f3a-ade1aa472dbmr265040766b.33.1749209146083; Fri, 06 Jun 2025 04:25:46 -0700 (PDT)
MIME-Version: 1.0
References: <FAA80303-6B8C-43C8-A4F3-7CBFE708EE6E@sn3rd.com> <73ba70cc3eed4be09addaef36744758c@amazon.com> <CABcZeBOM3xdP8Y_WxObp+VUc=59AQfzU8T0w+toxzi=pMt2_9Q@mail.gmail.com> <IA1PR17MB64217F72BDC2C480777A390DCD93A@IA1PR17MB6421.namprd17.prod.outlook.com> <CABcZeBM5Om6RPQLeCXBdfg0Sq5a5BmoF3UiM82=+DvgTz4WR4A@mail.gmail.com> <CAL02cgTq2UK_UgT1vebCQABk5iTTuZPu+5Z3NqOH_2M=64gdZA@mail.gmail.com>
In-Reply-To: <CAL02cgTq2UK_UgT1vebCQABk5iTTuZPu+5Z3NqOH_2M=64gdZA@mail.gmail.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Fri, 06 Jun 2025 16:55:08 +0530
X-Gm-Features: AX0GCFsc45dYTlyNQYXhesVRMJMLvaSnKJstZD7cm3kEbxVcFkgtP-j5EnQu5CU
Message-ID: <CAFpG3geEfimuf4FeUdb3St6sVubM092bWuejiZJ42nBu=sBCsQ@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Content-Type: multipart/alternative; boundary="000000000000cb0c3b0636e57d13"
Message-ID-Hash: M2EFY43U3B3DCQRPWVK7NYXSQW2ZIQDL
X-Message-ID-Hash: M2EFY43U3B3DCQRPWVK7NYXSQW2ZIQDL
X-MailFrom: kondtir@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>, TLS List <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: WG Adoption Call for Use of SLH-DSA in TLS 1.3
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/K2a8ze2uCgoIH8lMq9fgsEmSqQg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
On Fri, 16 May 2025 at 21:17, Richard Barnes <rlb@ipv.sx> wrote: > On Fri, May 16, 2025 at 11:25 AM Eric Rescorla <ekr@rtfm.com> wrote: > >> On Fri, May 16, 2025 at 8:19 AM Salz, Rich <rsalz@akamai.com> wrote: >> >>> I am not thrilled about adoption, for the reasons that EKR and Panos >>> said. Further, I am concerned about us going back to the old days of >>> “register every algorithm” which took years to evolve away from. >>> >>> >>> >>> We can assign code points based on drafts and let the world experiment. >>> >>> >>> >>> Can the authors -- or anyone actually -- provide a specific example of >>> where they WANT to use SLH-DSA? Not COULD as the draft currently says. >>> >> >> This would be helpful to me as well. >> > > It would also be useful to understand why an RFC adds value over just > having an IANA code point. Since the registry is Specification Required > and FIPS 205 exists, someone could send email to IANA today and get code > points as soon as Yoav/Rich/Nick response to email. > While SLH-DSA is defined in FIPS 205, its integration into TLS still requires details that go beyond what FIPS specifies, including: a) Providing guidance on deployment contexts where SLH-DSA is appropriate, such as for long-lived TLS sessions or CA certificates, especially given its large signature sizes but strong PQ security assurances. b) Explaining why HashSLH-DSA is not included in this draft, since TLS already hashes the handshake transcript. c) Clarifying the use of deterministic versus hedged signing modes d) Addressing the operational implications of the 2^64 signature limit. We would like to see the draft adopted by the WG as lack of an RFC would likely stall adoption in SDOs such as 3GPP, which prefer referencing RFCs to advance their specifications. Cheers, -Tiru > > In general, the only value that algorithm registration RFCs add are (a) > clarifying any technical points, and (b) setting the "Recommended" field to > "Y". It doesn't look to me like the draft makes any technical points (just > says "do what FIPS 205 says"). Is "Recommended = Y" important enough to > merit the work? It seems like the algorithm proliferation points that > others have mentioned militate against it. Perhaps the best path is to > register code points with "Recommended = N" (no RFC needed), see if anyone > actually uses it, and then revisit the question of upgraded to "Y" after a > while. > > --Richard > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-leave@ietf.org >
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Watson Ladd
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Loganaden Velvindron
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … John Mattsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Quynh Dang
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Kampanakis, Panos
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … David Adrian
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Eric Rescorla
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Salz, Rich
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … David Adrian
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Salz, Rich
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Stephen Farrell
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Eric Rescorla
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Simon Josefsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Eric Rescorla
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Eric Rescorla
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Richard Barnes
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Simon Josefsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Eric Rescorla
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … David Benjamin
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … D. J. Bernstein
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Viktor Dukhovni
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Thom Wiggers
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … John Mattsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … John Mattsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Salz, Rich
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Simon Josefsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Viktor Dukhovni
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Martin Thomson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Simon Josefsson
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Peter C
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Alicja Kario
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Viktor Dukhovni
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … David Benjamin
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Watson Ladd
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Tschofenig, Hannes
- [TLS] WG Adoption Call for Use of SLH-DSA in TLS … Sean Turner
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Alicja Kario
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Salz, Rich
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Filippo Valsorda
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Aritra Banerjee (Nokia)
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Filippo Valsorda
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Viktor Dukhovni
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Filippo Valsorda
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Alicja Kario
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Alicja Kario
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Joseph Birr-Pixton
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Valery Smyslov
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Watson Ladd
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … tirumal reddy
- [TLS] Re: WG Adoption Call for Use of SLH-DSA in … Sean Turner