[RZERC] Potential SSAC Comments on NIST Choice of Post Quantum Crypto Algorithms

Mon Dec 2 18:55:54 UTC 2019

> On Dec 2, 2019, at 12:41 PM, Kim Davies <kim.davies at iana.org> wrote:
> 
> I concur with the view that this is not in RZERC's purview at this time. To quote our purpose from the charter:
> 
> 	The Committee is expected to review proposed architectural changes to the content of the DNS root zone

It could be argued that the addition of new algorithms IS a proposed architectural change.

While I do not believe RZERC should make a full blown dissertation on this, I would be in favor of a “+1, as it pertains to the root zone” message from RZERC on the SSAC document.

Best,
-Howard

> , the systems including both hardware and software components used in executing changes to the DNS root zone, and the mechanisms used for distribution of the DNS root zone. The Committee shall, as determined necessary by its membership, make recommendations related to those changes for consideration by the ICANN Board.
> 
> It seems we are quite some way from entertaining proposed changes to the root zone architecture.
> 
> kim
> 
> "RZERC on behalf of Wessels, Duane via RZERC" <rzerc-bounces at icann.org on behalf of rzerc at icann.org> wrote:
> 
> 
> 
>> On Nov 25, 2019, at 2:31 PM, Peter Koch <pk at DENIC.DE> wrote:
>> 
>> Russ, all,
>> 
>> thanks for the heads up and sharing.
>> 
>> On Sun, Nov 24, 2019 at 01:59:05AM +0800, Russ Mundy wrote:
>> 
>>> I think that I mentioned at our last meeting that SSAC was probably going to submit a comment to NIST related to their ongoing post quantum crypto algorithm selection activity. I recently learned that comments are due by Dec 6 so I wanted to ask on the mail list if RZERC had interest in ‘joining’ in on the SSAC comment - If there is interest from RZERC, I’ll be happy to coordinate & provide more detail.
>> 
>> I could imagine a number of spots in the root zone maintenance/provisioning scheme where
>> longevity, PQC and algorithm agility could become relevant, but looking at
>> <https://csrc.nist.gov/Projects/post-quantum-cryptography/workshops-and-timeline>
>> without having followed that process anywhere near close, I wonder what RZERC could add
>> to an SSAC statement. So, I'd be curious to learn what SSAC's areas of concern are.
> 
> 
>    Peter,
> 
>    I don't know if you had a chance to see John Levine's TechDay presentation (https://static.ptbl.co/static/attachments/232986/1572893313.pdf?1572893313) which has a table showing key and signature sizes for the PQC algorithms under consideration.  Most of them have either (very) large keys or (very) large signatures, or both.  I'm guessing that's where SSAC's concerns are.
> 
>    Personally, my feeling is that developing comments to the NIST selection falls out-of-scope for RZERC, and I would generally trust SSAC to come up with something good.  That said, if SSAC believes there is a benefit to having RZERC join with them in their comment, and of course if RZERC has full consensus on the comment, then I would support doing so.  But the schedule is very tight.
> 
>    DW
> 
> 
> 
> 
> _______________________________________________
> RZERC mailing list
> RZERC at icann.org
> https://mm.icann.org/mailman/listinfo/rzerc
> 
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/rzerc/attachments/20191202/d74edd50/signature.asc>