<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Texto de globo Car";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.EstiloCorreo17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.TextodegloboCar
{mso-style-name:"Texto de globo Car";
mso-style-priority:99;
mso-style-link:"Texto de globo";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="ES" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Quantum cryptography is being discussed under ETSI for some time. There´s going to be another summit soon
<a href="http://www.etsi.org/news-events/events/1072-ws-on-quantumsafe-2016">http://www.etsi.org/news-events/events/1072-ws-on-quantumsafe-2016</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">And here´s more info:
<a href="http://www.etsi.org/technologies-clusters/technologies/quantum-safe-cryptography">
http://www.etsi.org/technologies-clusters/technologies/quantum-safe-cryptography</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black"><br>
Responsable del Área técnica<br>
<a href="mailto:i-barreira@izenpe.eus">i-barreira@izenpe.eus</a> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma","sans-serif";color:black">945067705</span><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:navy"><img border="0" width="589" height="99" id="Imagen_x0020_1" src="cid:image001.jpg@01D1DDC3.F6CD35A0" alt="Descripción: firma_email_Izenpe_eus"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea.
Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#888888;mso-fareast-language:ES-TRAD"><br>
</span><span style="font-size:7.5pt;font-family:"Tahoma","sans-serif";color:#888888;mso-fareast-language:ES-TRAD">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe
por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><span style="font-family:"Calibri","sans-serif";color:navy;mso-fareast-language:ES-TRAD"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">De:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> public-bounces@cabforum.org [mailto:public-bounces@cabforum.org]
<b>En nombre de </b>philliph@comodo.com<br>
<b>Enviado el:</b> miércoles, 13 de julio de 2016 16:05<br>
<b>Para:</b> Peter Bowen<br>
<b>CC:</b> CABFPub<br>
<b>Asunto:</b> Re: [cabfpub] Quantum Computing is now a concern.<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Well obviously we can’t move forward without an agreed upon standard. Which is why this isn’t just an issue for the browser providers.<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">The forum is really not the issue, wherever we decide to discuss it will be the forum. The advantage of using IRFT/IETF for this particular discussion is that most of us already know how it works. It is also fairly easy to call an interim
or preparatory meeting under IETF Note Well and keep the IPR situation straight.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">There is already a proposal for a Lamport signature specification in IRTF. And there is a specification for use of Merkle Tree algs in CMS. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><a href="https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/">https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><a href="https://tools.ietf.org/html/draft-housley-cms-mts-hash-sig-03">https://tools.ietf.org/html/draft-housley-cms-mts-hash-sig-03</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Now these may or may not meet our needs. It is not even clear what our needs are at this point. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Peter’s list looks like the sort of thing that the IETF Security ADs are going to find very useful in deciding whether this is work IETF or IRTF should spend time on. And while they do not make decisions on what IRTF works on, the decision
to move work from IRTF to IETF is their call.<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Jul 12, 2016, at 8:55 PM, Peter Bowen <<a href="mailto:pzb@amzn.com">pzb@amzn.com</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt;font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<p class="MsoNormal"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""><br>
On Jul 12, 2016, at 4:51 PM, Robert Relyea <<a href="mailto:rrelyea@redhat.com">rrelyea@redhat.com</a>> wrote:<br>
<br>
On 07/12/2016 09:30 AM, Adam Langley wrote:<br>
<br>
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""><br>
I agree that we do not have a great post-quantum, public-key signature scheme available yet and that hash-based signatures are a good idea in some contexts.<br>
<br>
Did you envision that software would start supporting these signatures immediately? If so, then any certificate chains that take advantage of that would have to be hash-based from top to bottom because that's the only PQ primitive that would be supported. You've
also specified a stateful signature scheme were doing things like moving a CA key from one HSM to another, or installing a leaf certificate on multiple servers, compromises the private key. (And that's assuming that there exist any HSMs that support hash-based
signatures, which I don't think is the case.)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""><br>
I share Adam's concern here. We need to have standards defined and accepted and software needs to support these signatures before we start deploying them.<o:p></o:p></span></p>
</blockquote>
<p class="MsoNormal"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""><br>
While I agree that it is very much time to be looking at Quantum-resistent algorithms, I share Bob’s concerns and think that this highlights an opportunity for the Forum. We do not have clear guidance for people who want to propose new algorithms to be included
in the guidelines. I think we should agree on some basic requirements that any algorithm should meet in order to be considered by the Forum. Meeting these requirements does not guarantee acceptance, but any algorithm which does not meet these should not
be considered until they are met.<br>
<br>
I propose:<br>
<br>
1) The public key information requirements must be defined in a published RFC. This includes the format (e.g. ASN.1 for the Subject Public Key Info), Object Identifier(s), and any parameter validation requirements.<br>
<br>
2) Guidance must exist on acceptable parameters. For example, it might be valid to have a parameter that is 8 bits in size, but maybe current cryptographic strength recommendations call for 160 bits or more.<br>
<br>
3) If the algorithm is proposed to use for signing certificate:<br>
a) Requirements for private key storage are published. This includes certification schemes for the storage systems.<br>
b) The signature scheme for signing PKIX/X.509 objects is published in a RFC, including the applicable signatureAlgorithm object identifiers<br>
<br>
4) At least one application supplied by Application Software Supplier (Browser) member of the Forum must implement the algorithm.<br>
<br>
Thanks,<br>
Peter<br>
_______________________________________________<br>
Public mailing list<br>
</span><a href="mailto:Public@cabforum.org"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif"">Public@cabforum.org</span></a><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif""><br>
</span><a href="https://cabforum.org/mailman/listinfo/public"><span style="font-size:13.5pt;font-family:"Helvetica","sans-serif"">https://cabforum.org/mailman/listinfo/public</span></a><o:p></o:p></p>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</body>
</html>