<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma",sans-serif;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Segoe UI",sans-serif;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
p.Textodeglobo, li.Textodeglobo, div.Textodeglobo
{mso-style-name:"Texto de globo";
mso-style-link:"Texto de globo Car";
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.TextodegloboCar
{mso-style-name:"Texto de globo Car";
mso-style-priority:99;
mso-style-link:"Texto de globo";
font-family:"Tahoma",sans-serif;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:70.85pt 85.05pt 70.85pt 85.05pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><a name="_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">NIST and NSA have also released information on PQC.<o:p></o:p></span></a></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><a href="http://www.nist.gov/itl/csd/nist-kicks-off-effort-to-defend-encrypted-data-from-quantum-computer-threat.cfm"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">http://www.nist.gov/itl/csd/nist-kicks-off-effort-to-defend-encrypted-data-from-quantum-computer-threat.cfm</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><a href="https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm</span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#5B9BD5"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#5B9BD5">Kenneth Myers<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#1F497D">Supporting US GSA Federal PKI Management Authority<o:p></o:p></span></b></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white">Protiviti | Government Solutions | Manager<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white">DC | +1 571-469-9038 |
</span><a href="mailto:Kenneth.Myers@GSA.gov"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#0563C1;background:white">Kenneth.Myers@GSA.gov</span></a><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white">Alexandria |
</span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555">+1 571-366-6120
<span style="background:white">| </span></span><a href="mailto:Kenneth.Myers@Protiviti.com"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#0563C1;background:white">Kenneth.Myers@Protiviti.com</span></a><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555"><br>
<span style="background:white">Connect: </span></span><a href="https://www.linkedin.com/in/kennethmy"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#0563C1;background:white">LinkedIn</span></a><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white">
| Thought Leadership: </span><a href="http://www.protiviti.it/en-US/Pages/Insights.aspx"><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#0563C1;background:white">Protiviti.com</span></a><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#555555;background:white"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Barreira Iglesias, Iñigo [mailto:i-barreira@izenpe.eus]
<br>
<b>Sent:</b> Thursday, July 14, 2016 05:37<br>
<b>To:</b> philliph@comodo.com; Peter Bowen <pzb@amzn.com><br>
<b>Cc:</b> CABFPub <public@cabforum.org><br>
<b>Subject:</b> Re: [cabfpub] Quantum Computing is now a concern.<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Quantum cryptography is being discussed under ETSI for some time. There´s going to be another summit soon
<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.etsi.org_news-2Devents_events_1072-2Dws-2Don-2Dquantumsafe-2D2016&d=CwMFAw&c=19TEyCb-E0do3cLmFgm9ItTXlbGQ5gmhRAlAtE256go&r=v6QfMBgWaMWhsB_PpBwwzxPtUwSffCWXSAR0gp0RFbY&m=-HxUg6Rd32J1XfJR5ifj2p5dJc8g_ZOLjbTNkP_wsE0&s=G5PytwWRzJuJxA0DAE6bkI7-3MIDZfKDFfRkkkoY7dI&e=">
http://www.etsi.org/news-events/events/1072-ws-on-quantumsafe-2016</a></span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">And here´s more info:
<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.etsi.org_technologies-2Dclusters_technologies_quantum-2Dsafe-2Dcryptography&d=CwMFAw&c=19TEyCb-E0do3cLmFgm9ItTXlbGQ5gmhRAlAtE256go&r=v6QfMBgWaMWhsB_PpBwwzxPtUwSffCWXSAR0gp0RFbY&m=-HxUg6Rd32J1XfJR5ifj2p5dJc8g_ZOLjbTNkP_wsE0&s=wi-Tl5dh2PbKiMLgigQF2jRlYW9OzZSHf2InJTcRQsE&e=">
http://www.etsi.org/technologies-clusters/technologies/quantum-safe-cryptography</a></span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma",sans-serif;color:black">Iñigo Barreira</span></b><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma",sans-serif;color:black"><br>
Responsable del Área técnica<br>
<a href="mailto:i-barreira@izenpe.eus">i-barreira@izenpe.eus</a> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:8.5pt;font-family:"Tahoma",sans-serif;color:black">945067705</span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:navy"><img border="0" width="589" height="99" id="Imagen_x0020_1" src="cid:image001.jpg@01D1DE03.A868BE80" alt="Descripción: firma_email_Izenpe_eus"></span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES-TRAD" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:9.75pt"><span lang="ES" style="font-size:7.5pt;font-family:"Tahoma",sans-serif;color:#888888;mso-fareast-language:ES-TRAD">ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea.
Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ!</span><span lang="ES" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#888888;mso-fareast-language:ES-TRAD"><br>
</span><span lang="ES" style="font-size:7.5pt;font-family:"Tahoma",sans-serif;color:#888888;mso-fareast-language:ES-TRAD">ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted
lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente.</span><span lang="ES"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span lang="ES" style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span lang="ES"><o:p></o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span lang="ES" style="font-size:10.0pt;font-family:"Tahoma",sans-serif">De:</span></b><span lang="ES" style="font-size:10.0pt;font-family:"Tahoma",sans-serif">
<a href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a> [<a href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>]
<b>En nombre de </b><a href="mailto:philliph@comodo.com">philliph@comodo.com</a><br>
<b>Enviado el:</b> miércoles, 13 de julio de 2016 16:05<br>
<b>Para:</b> Peter Bowen<br>
<b>CC:</b> CABFPub<br>
<b>Asunto:</b> Re: [cabfpub] Quantum Computing is now a concern.</span><span lang="ES"><o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES">Well obviously we can’t move forward without an agreed upon standard. Which is why this isn’t just an issue for the browser providers.<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES">The forum is really not the issue, wherever we decide to discuss it will be the forum. The advantage of using IRFT/IETF for this particular discussion is that most of us already know how it works. It is also fairly easy
to call an interim or preparatory meeting under IETF Note Well and keep the IPR situation straight.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES">There is already a proposal for a Lamport signature specification in IRTF. And there is a specification for use of Merkle Tree algs in CMS. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__datatracker.ietf.org_doc_draft-2Dmcgrew-2Dhash-2Dsigs_&d=CwMFAw&c=19TEyCb-E0do3cLmFgm9ItTXlbGQ5gmhRAlAtE256go&r=v6QfMBgWaMWhsB_PpBwwzxPtUwSffCWXSAR0gp0RFbY&m=-HxUg6Rd32J1XfJR5ifj2p5dJc8g_ZOLjbTNkP_wsE0&s=kX4HvKLT_4QzjfMmfZgCjIw1FOB8Son1LS2mfzwUCbw&e=">https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs/</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dhousley-2Dcms-2Dmts-2Dhash-2Dsig-2D03&d=CwMFAw&c=19TEyCb-E0do3cLmFgm9ItTXlbGQ5gmhRAlAtE256go&r=v6QfMBgWaMWhsB_PpBwwzxPtUwSffCWXSAR0gp0RFbY&m=-HxUg6Rd32J1XfJR5ifj2p5dJc8g_ZOLjbTNkP_wsE0&s=o7ics3iq5VXUi4w7ldYb3qxqrMYFuAJQbBElqh0k0rU&e=">https://tools.ietf.org/html/draft-housley-cms-mts-hash-sig-03</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES">Now these may or may not meet our needs. It is not even clear what our needs are at this point. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES">Peter’s list looks like the sort of thing that the IETF Security ADs are going to find very useful in deciding whether this is work IETF or IRTF should spend time on. And while they do not make decisions on what IRTF works
on, the decision to move work from IRTF to IETF is their call.<o:p></o:p></span></p>
</div>
<div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span lang="ES">On Jul 12, 2016, at 8:55 PM, Peter Bowen <<a href="mailto:pzb@amzn.com">pzb@amzn.com</a>> wrote:<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt;font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<p class="MsoNormal"><span lang="ES" style="font-size:13.5pt;font-family:"Helvetica",sans-serif"><br>
On Jul 12, 2016, at 4:51 PM, Robert Relyea <<a href="mailto:rrelyea@redhat.com">rrelyea@redhat.com</a>> wrote:<br>
<br>
On 07/12/2016 09:30 AM, Adam Langley wrote:<br>
<br>
<br>
</span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES" style="font-size:13.5pt;font-family:"Helvetica",sans-serif"><br>
I agree that we do not have a great post-quantum, public-key signature scheme available yet and that hash-based signatures are a good idea in some contexts.<br>
<br>
Did you envision that software would start supporting these signatures immediately? If so, then any certificate chains that take advantage of that would have to be hash-based from top to bottom because that's the only PQ primitive that would be supported. You've
also specified a stateful signature scheme were doing things like moving a CA key from one HSM to another, or installing a leaf certificate on multiple servers, compromises the private key. (And that's assuming that there exist any HSMs that support hash-based
signatures, which I don't think is the case.)</span><span lang="ES"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="ES" style="font-size:13.5pt;font-family:"Helvetica",sans-serif"><br>
I share Adam's concern here. We need to have standards defined and accepted and software needs to support these signatures before we start deploying them.</span><span lang="ES"><o:p></o:p></span></p>
</blockquote>
<p class="MsoNormal"><span lang="ES" style="font-size:13.5pt;font-family:"Helvetica",sans-serif"><br>
While I agree that it is very much time to be looking at Quantum-resistent algorithms, I share Bob’s concerns and think that this highlights an opportunity for the Forum. We do not have clear guidance for people who want to propose new algorithms to be included
in the guidelines. I think we should agree on some basic requirements that any algorithm should meet in order to be considered by the Forum. Meeting these requirements does not guarantee acceptance, but any algorithm which does not meet these should not
be considered until they are met.<br>
<br>
I propose:<br>
<br>
1) The public key information requirements must be defined in a published RFC. This includes the format (e.g. ASN.1 for the Subject Public Key Info), Object Identifier(s), and any parameter validation requirements.<br>
<br>
2) Guidance must exist on acceptable parameters. For example, it might be valid to have a parameter that is 8 bits in size, but maybe current cryptographic strength recommendations call for 160 bits or more.<br>
<br>
3) If the algorithm is proposed to use for signing certificate:<br>
a) Requirements for private key storage are published. This includes certification schemes for the storage systems.<br>
b) The signature scheme for signing PKIX/X.509 objects is published in a RFC, including the applicable signatureAlgorithm object identifiers<br>
<br>
4) At least one application supplied by Application Software Supplier (Browser) member of the Forum must implement the algorithm.<br>
<br>
Thanks,<br>
Peter<br>
_______________________________________________<br>
Public mailing list<br>
</span><span lang="ES"><a href="mailto:Public@cabforum.org"><span style="font-size:13.5pt;font-family:"Helvetica",sans-serif">Public@cabforum.org</span></a></span><span lang="ES" style="font-size:13.5pt;font-family:"Helvetica",sans-serif"><br>
</span><span lang="ES"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__cabforum.org_mailman_listinfo_public&d=CwMFAw&c=19TEyCb-E0do3cLmFgm9ItTXlbGQ5gmhRAlAtE256go&r=v6QfMBgWaMWhsB_PpBwwzxPtUwSffCWXSAR0gp0RFbY&m=-HxUg6Rd32J1XfJR5ifj2p5dJc8g_ZOLjbTNkP_wsE0&s=EFHypcFu0UtPNfl_G0pm0hZ4INrSonKJiRz6KXW9UEw&e="><span style="font-size:13.5pt;font-family:"Helvetica",sans-serif">https://cabforum.org/mailman/listinfo/public</span></a><o:p></o:p></span></p>
</div>
</blockquote>
</div>
<p class="MsoNormal"><span lang="ES"> <o:p></o:p></span></p>
</div>
</div>
</div>
NOTICE: Protiviti is a global consulting and internal audit firm composed of experts specializing in risk and advisory services. Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer
attestation services. This electronic mail message is intended exclusively for the individual or entity to which it is addressed. This message, together with any attachment, may contain confidential and privileged information. Any views, opinions or conclusions
expressed in this message are those of the individual sender and do not necessarily reflect the views of Protiviti Inc. or its affiliates. Any unauthorized review, use, printing, copying, retention, disclosure or distribution is strictly prohibited. If you
have received this message in error, please immediately advise the sender by reply email message to the sender and delete all copies of this message. Thank you.
</body>
</html>