Hi, The new updated procedures for side-meetings as well as some of the formulations in my mail seems to caused some confusion.
This is a regular public side-meeting initiated by me John. Anybody can request a public side-meeting on any topic in one of the two side-meeting rooms including WebEx. Public side-meetings are not approved or even reviewed by the IESG, and have no formal standing. https://datatracker.ietf.org/meeting/122/agenda https://www.ietf.org/forms/side-meetings/ https://trello.com/b/R7yDMPyl Some backstory on this particular public side-meeting: I commented earlier in LAMPS and TLS that I thought it was inappropriate for IETF poeple to only invite NIST and that it would be good to invite more countries for dialogue. After that, several IETF participants and government officials said that they thought a public side-meeting on PQC would be a good idea. There has also been a lot of discussion and speculation in several groups on what different countries recommend and require. The side-meeting is a public meeting where _anybody_ from _any_ country is welcome. I do not represent the IETF in any way. I hope the meeting will lead to an open dialogue and increased understanding between IETF people and government officials. The plan is not to have long presentations, but if _anybody_ want to show a few slides to foster discussion they are very welcome to do so. Cheers, John From: John Mattsson <john.matts...@ericsson.com> Date: Friday, 28 February 2025 at 08:06 To: sp...@ietf.org <sp...@ietf.org>, IRTF CFRG <c...@irtf.org>, TLS@ietf.org <tls@ietf.org>, ip...@ietf.org <ip...@ietf.org>, j...@ietf.org <j...@ietf.org> Subject: PQC Dialogue with Government Stakeholders Side-Meeting at IETF 122 Bangkok Hi, There was significant interest from several countries to have a side-meeting on PQC at IETF 122 Bangkok, so Ericsson will organize such a meeting on Monday 17 March 15.15 - 16.45 Bangkok time in Meeting Room 2 [40 seats] (overlapping with Monday Session III). It is possible to attend remotely. https://trello.com/c/nH9exeWo Potential discussion topics are listed below. There might be a few short presentations to foster discussion, but the plan is to focus on dialogue and discussion between people in the IETF and government stakeholders. Cheers, John Preuß Mattsson Expert, Cryptographic Algorithms and Security Protocols, Ericsson Description Time: 15:15-16:45 Meeting Title: PQC Dialogue with Government Stakeholders IETF Webex: https://ietf.webex.com/meet/ietfsidemeeting2 Meeting Organizer: John Preuß Matsson, Ericsson and Alexander Engström, NDRE Email address: john.matts...@ericsson.com<mailto:john.matts...@ericsson.com> Meeting Description: Potential discussion topics: * Recommended PQC algorithms (KEMs and signatures) o ML-KEM, ML-DSA, SLH-DSA, FN-DSA, Classic McEliece, FrodoKEM, BIKE/HQC, XMSS/LMS, … o Security category 1,2,3,4,5? Does it depend on algorithm and use case? * Timelines for PQC migration o When should migration begin? When will it be required? o Does it depend on user, use case, protection lifetime, hardware vs software, migration complexity, value of the protected node and data, scheduled hardware replacement, etc.? * Hybridization or standalone PQC o Difference between KEMs and Signatures o Differences between algorithms (e.g., lattice-based vs. hash-based) o Differences between use cases (e.g., confidentiality vs. authentication) o Is hybridization a short-term necessity or a long-term strategy? * Hybridization of PQC KEMs o Single vs. multiple PQC algorithms? Role of symmetric keys? o KEM combiners: general-purpose vs. optimized designs o Which traditional curves? X25519/X448, NIST P-curves, Brainpool, … * Hybridization of signatures o Role of symmetric keys? o Signature combiners, general or optimized? o Desired properties: SUF-CMA? Other security properties? o Which traditional signatures? EdDSA, ECDSA, RSA? * KDF and hash functions o ML-KEM and ML-DSA mandate SHA-3. o Time to move away from SHA-2/HMAC/HKDF/MGF?
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
