IETF Logo Mail Archive

[TLS] Re: ML-DSA in TLS

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 19 November 2024 02:28 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13B29C1840E6 for <tls@ietfa.amsl.com>; Mon, 18 Nov 2024 18:28:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.006
X-Spam-Level:
X-Spam-Status: No, score=-2.006 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3lIleO0Tn_om for <tls@ietfa.amsl.com>; Mon, 18 Nov 2024 18:28:04 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2106.outbound.protection.outlook.com [40.107.22.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E6A0C1840D5 for <tls@ietf.org>; Mon, 18 Nov 2024 18:28:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NSm0tqtwHrJjsfzS9JkxR4s+c+DhRgI7QGlTQW52y42dV6EbrduDB7+uIyPp1cRPms/0ScZ/vDja9mwZO0lHAycFb7nMS5voFYzVBp++Qpqgn4KzBRuByVv+3s9zXSiJyEJ0w9YAsaEzKA/Hv2ajukeZmNycgjhnXuy+vzHNn72DvFjdk5Xswlv4R6uPZYK19Er4MdtUNWF/uXBAE9E8IOS7ew4/l1dI1i0E1yIOegMD9uwSMesd1W/Uyxag1y59r2/3aKSSlw9/wWD6g4PJQMs7ig4rYAzceOGT/SZB1atT9x86Boqcy2/d6LXP6OvwVTXBtxuXKB3x0k88FgLUXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=z0YAgpcJn7YPLlI1xUntQ7cZ1UCsu/zfzVglRI6z1WU=; b=uvGKr7o75mNWzKHlw/vKv5E82nUzNs2Fry/0sjQsIp8lGwwzX9zuJwzRZoo4t94+31XMlydlRxi+cCYqynB3Mul6Ju7QF8eJWmI6jWR/KZRgHWL677vuwZg0q3DF8VMEvJPF3xTegC71CPy2dQHoRGuQVbaXkRz/4BJD53z19AAZ2RWxalOTKOwbcGKMnJDqs7HuPuobGqaCHXjIdixyKbgn7h7FcFe3+6Bdf0PxLEmT+1m05gpkbDqTPmwSuy6YrUg4KLgyONI/M4dh8p6abeJ2nwc00Rh/mulFCTebE+DSMPutc6elKvDMzi2Zs7+erydiypQmrD0silaXCu9XPw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z0YAgpcJn7YPLlI1xUntQ7cZ1UCsu/zfzVglRI6z1WU=; b=n35+hftVm+dKgD+eDsgB9USZt3IoDn6/p3BlzKYEo5aFGpMK4+v5UENKGxAy7tl4YCg/SO8SBCh/20W3GCZGB7BX6yFyLtyY2YT22Q+z5nHD5RjEUIBM5UcvWgu3GtKUsL4/74eGiSU8IFVbxmggrW1L4sjj06k9ByaqxN1s4IMRNyD0Zy/f5LAFawAD6+kr3iYBjEZ63qp9zE1BbpAf93xKmKFfZE6p/Ty1i06PTSlQoL7XBOTmXi7Gqy5iGpeWPbDEJFRNZNxApSuqW/dPhhbc3UGKAJm7UQpb4DVFXoSl9AeV3AvsclKzk8bb5PnnmmozMkYKkcNfQi9R+kLSFA==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by DB4PR02MB8534.eurprd02.prod.outlook.com (2603:10a6:10:38a::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8158.23; Tue, 19 Nov 2024 02:28:00 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%6]) with mapi id 15.20.8158.023; Tue, 19 Nov 2024 02:27:53 +0000
Message-ID: <a972e0fa-eb95-46e8-925b-d0006cc5b4f7@cs.tcd.ie>
Date: Tue, 19 Nov 2024 02:27:51 +0000
User-Agent: Mozilla Thunderbird
To: "TLS@ietf.org" <tls@ietf.org>
References: <20241116085703.138618.qmail@cr.yp.to> <9c978730-68d9-4a3f-9d3a-8e71a87ad719@redhat.com> <CAAWw3RhgZM68iRz3bhLdKZLsvBW0Bc_F1KMC5=ABY+o-LH-f7A@mail.gmail.com> <CAFR824wfVzrkx0w9=j6Hx-YUDwBkRAeCtFPdTtj80rFYSpO90w@mail.gmail.com>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <CAFR824wfVzrkx0w9=j6Hx-YUDwBkRAeCtFPdTtj80rFYSpO90w@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------eWaqV8iokL0HViCAoPI300aq"
X-ClientProxiedBy: DB3PR08CA0028.eurprd08.prod.outlook.com (2603:10a6:8::41) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|DB4PR02MB8534:EE_
X-MS-Office365-Filtering-Correlation-Id: 7a23da77-262f-410c-9c20-08dd0841c4ec
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|366016|10070799003;
X-Microsoft-Antispam-Message-Info: 8RKlscVwWp50Fmm1UVh8/U40NYTPBXP19PTv8SfcKa4FCQoEWtPdFqgWkdtcbAmjJlUDHfmagT1NRLRJlUDUfC5XPBB4Ak0fIs+tmjfzp/zYGNhRlxUfA8hD2R1Mm/kBk9U0n8vBo047qxGfw9EBepaSuR5r8g8h3gvIb9l1EU/2dnybHCnxJyP8PH30GniHJYeSJ/rgfQ5Q/bwCTWQ+TFMw5zBpBu8HnHdqztYtwxxyHscGxwExq3IFKeqKHBb3jqEb1JGfQSbqAGxnAouq/utC1CUM2LjSIMmBxH3q8nzCcT/uy77mmrYLxUzqYvNY2dOvdSn6zV19AWppEFmRdmWuF7Bn9yrikFQwhhowJDvXHEJOVZqFugO3yRvbcthDJovdb9tj7bzJv6vEujVolXVZqmWbbweGzGnrW4hC4v520R+IRL751lAY2P0AWRG8Q8KGPG+OqGvKF/uD0QWu6JIxHprd44OEcYcJsA1geTSfBuzzYjCiRrHrB12wx6L6ub0XgvWbtoXAhf/oo7y7rcxoJyhV3b52tWnqWYTKsXu/zb7BO09dZKOyNbdFK2eLOJSQY/oNebml5f2JTnb8uHH9q5ZhMvXoBHRvV1DWyFG7iHXPJ+BS2wa8dqU1v17ZsOYr1SRYNx9e3+8u6WjIckGDnUYM8hBeZavkmWl3EL4c69BYtuNG5vGnA0ftR7wzc3DMWRUtU+Jnh0DH25IhtdNN8JIEqvUpR5/Im+bILKrvG/KQsVyMLaO2+PM4sRfCftfaAPfUOWO+MEtXmwdSFKjz5Ay5mro7MSgExZGwrYvld62R3iqJ2k5HxOQbzpJpA0Za+UfTV7/XTwhsGJpDJIAS21S8wuQCyZe5FQuS+njcTTykF+JPkyh0C4qPw8ulshmGkGVMqY8So+XCEvOpusu/POax0qPPGE+x1kVahKxEbUZ+M02p8FZTBH2EaNZZvSpkyv/KWhWJOX8szPeVryrp9guBE8FUyq6SzuxsJM9Ebs1oFlJuCkrc8SQQqifTfLFyBHEGRmrCSzP8kYWUBzTy9PbTEMB9HhzgB0uWIY2nZUJclJaBIan6GN18n/rbi5P8axDRF3yhAovC9A3c7ExvmAcrlVe1jJmEsigqhEmIgc1Fc+PMHZj+vCBPTGns4/1S87k5ivQwEaeQ5xuM/IAxjVVOecr/1c1tMdWy5uJGV4+y1MPhaNBhFFOa8S0Cvpd4sxWjdgabO9usZ99AtLJM1zjHo2TGh96W2ZLXVmFdht+kyywu7PNCXB4fOkQEfygYHnBfGaNQMDGlMc2dIIUb32J+7yk0MOyNAdiseB4b9bHV2MW5A4cquiTKahSb
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(10070799003);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: djr1QDmv545oqe/tEerunqIfFAtEHRpwPkquTHQHfxyybqA2Cjz+Hja02cJYeyynQicb9igGv0r2hTGVHeec+oV8ZjnymGlnluUf8lc2qTOYtvu353lQ3LV6Ipru+fp0HYrcE55N7+jaxPEAvajzOcoSzYD1I6SOvTxwz0sw1fjWit0MVh9E3x5x7/zuge+XHn+K8A2algPL6pq4rmm4JPLIz7PAqLSu6hr8zwq6bpuaG3aTCAIcKZH/SBQ3AbEOblREiEhDBzlu1mb9UTS/p8RHydQ7KVxeXN8cWYkaWIFBGhvK+rsWTvMAf+D1/JQ1H0lWFQOnBv2zqncTmDR1K3eLskssR9l7zgclP7/J3v+ZOhSZOyqtgjpMATqxffyIjECOXICIKp90XBYrpChe8Vzi7z13xWJ+Fw6/AMEKNThgV7Y0ubCGumJdOtY5AxtJb33Ta2m7/6REd6CAqYlrP45G2G5kw2Bler0rB3liR/zbALwqhU65OAoEwB4VN0xe7r/cstG59URSZiODDREJ9n6wlLmzSXSIINObOhBvPJtTYNPO1C+CjcBBJ7XrUIpwdxtASZ01Gye5Gy9Ig+JBQSNgxgAJ2B21SkV16k64eqX5lcQkXBnMnjud1kzSd5auH5SCCifMRdJrIIkwJCVRZe7wRNMmgeP1hhQ3Gla1W6dJc4kqxmrne6oNQL72HuT6FpY4AVEEbWF8G41xapYq1cGzWJXYMHUkykEUmQMrgCS6Yfs2yduyL71egdBh9SoS7RLYqWtRZhGx4PmPUaxOprHXhbzLs5Bxb9SPiimc3mnqgSN0JLvvTy3c3/GIRLwwVY/EPjIZr+x2dgy5Gm4uueYLL8S2sjiBWDe2NnTnZwwevUcu/9AEuAoFJcwUmMWQ7mHC5QhrCpj6QFXEPw3ha6xPLm4IDX3iKzobK/tCCo4i5abcqTj0IIcJ+2qSXpyIgJFJyRhfLznN1g2vkH6w0t5AQSX9PkXCh3812ecvCKK8henlzqegLoKN/WUxN7f4ywXWzNpZYRVEXHtEvMBXKetmvR9nqRdD0PpJFJ0qUi0IV2jYFOHuDqEBGDbtPWe/FBDmgU2fCshZZpQLnC/jM3aF37QefxT0M9V5Ixor5dYc4TSrfGNfvDkRkTGqBkrcPDOKAu/owPrIWMby3HQQJxgbaCX3L5zQQ5dTmfbu9sy6fNdRgWEGWigAOgHnl0XMCpTRVp7j2wxULEbBq8hI7t7yP1mXhImfNtn1Dh9zX+DmSuTdw0yLVbW7sbroJ6WNTPoTSPVTjM1zoBGrnMib7EE8G+U57no6jrYtpKSZPn2u96Yb4KPeyyomDmr0MUL0TklabI9hI7kUpBUQutCx5gtYNy//DgWs2DV09J3HAs0fTx6jbxGWo44zy2e3twEZzVcU25jyD5MVVW4t3/039Zt8PbBYlS+6qtvJpv1aOrG+FoY1/1gp2tCAUtfBrcaNaT2fOsJ/Jw5ZWab4MaS3sLqifxCo6Bg3AgGZ+jiRrkyNILrapYDXaw9PHkAzLRCYQvjn6g16uGN+eT7B7oslCsSxjpsieKAIGyqYeAbPu+I/gZRJwL40UPiS8qiUjjuvmkSbjEzYQWnfjExCt3sg++n1heZ/dEWr0zU/N/6RhWSbl58r7xn98T486bD8vnhV
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 7a23da77-262f-410c-9c20-08dd0841c4ec
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Nov 2024 02:27:53.0246 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 351J3G7/RjW8oLPpQKCm+J3WCVAf9Ji/1UZSJl0gkAfZtkBZoWYxNXecha10ds3z
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR02MB8534
Message-ID-Hash: 4XLGIFEZJZAHXPFAKD7GI6Z7B7FIWP7R
X-Message-ID-Hash: 4XLGIFEZJZAHXPFAKD7GI6Z7B7FIWP7R
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: ML-DSA in TLS
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/l-lFMPBYynw7h6aE6B0-tZMiXaE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hiya,

I totally understand the commercial imperatives that cause
people to want to adhere to what governments would like to
see the IETF standardising, but...

On 19/11/2024 01:43, someone wrote:
> NSA is confident

The above, and similar arguments that NIST or BSI or whomever
would like X, does not mean there's a good technical argument
for X. However, if we ignore the technical arguments for and
against X (as we seem to be doing) we will not be serving the
best interests of the Internet, nor of the people who use it.

So, I'd encourage us all to please try prioritise the technical
arguments for and against each thing, and to not forget that
national signals intelligence agencies have a demonstrated
history of trying to use their influence to game this system,
as is inherent in their various charters.

Cheers,
S.

v2.29.0 | Report a Bug | By Email | System Status