Markdown Version | Session Recording

Session Date/Time: 09 Nov 2023 12:00

openpgp

Summary

The OpenPGP working group session covered several key topics: a crypto refresh update, proposed re-chartering, a presentation and discussion about post-quantum cryptography (PQC), and a preview of HKP (Hockey Puck) updates. The main focus was on the PQC draft, including algorithm choices, composability, and adoption strategy. The group also discussed the implications of the re-chartering milestones and potential changes to the HKP draft.

Key Discussion Points

• Crypto Refresh: Two drafts have been released since IETF 117, primarily consisting of cleanup and errata fixes. The Area Director has initiated the IETF last call.
• Re-chartering: A prioritization poll identified post-quantum cryptography, supersede keys, persistent secret keys, and WKD/HKP as initial topics of interest. Proposed charter text has been submitted, with telechat review tentatively scheduled for November 30th at the earliest.
• Version 6 Interop Testing: implementations are now implementing aspects of version 6. Testing is done via SOP, a common interface to openpgp implementations.
• Post-Quantum Cryptography (PQC):
  • A presentation on the post-quantum draft (version 3) covered algorithm choices (ML-KEM/Dilithium, hybrid curves, SLH-DSA), signature and encryption bindings, and a request for adoption as a single draft.
  • Discussion points included:
    • Alignment of algorithm choices across IETF working groups (TLS, S/MIME). The lack of 512 elliptic curves in the current draft was pointed out.
    • Whether the group prefers composite signatures or independent signatures for classic and post-quantum algorithms.
    • If single algorithms should be allowed instead of composite schemes.
    • Whether the draft should be split into multiple drafts, one for each algorithm.
    • The decision of requiring V6 signing keys was questioned, along with the rationale for allowing SEIPD V1 for post-quantum encryption.
    • Parameterization for SLH-DSA and whether the parameters require individual code points or can be handled as a single algorithm.
    • Whether there are new specification requirements for using post quantum messages for applications.
    • Whether to wait for standardization from NIST before adopting algorithms into the openpgp draft.
• HKP (Hockey Puck): A preview of the HKP draft update was presented, focusing on:
  • Safely providing version 6 keys.
  • Anonymity padding.
  • Role separation and integration with WKD.
  • Authentication.
  • The version selection algorithm for providing HKP keys was questioned.

Decisions and Action Items

• Action Item: Chairs (Daniel & Steven) to start 2-3 threads on the mailing list regarding:
  • Whether the PQC work should be split into multiple drafts.
  • Whether additional normative or guidance text is needed for PQC adoption.
  • Highlight the change to remove face to face meeting expectations from the charter.
• Action Item: Roman will upload the revised draft charter after editorial changes to the data tracker.

Next Steps

• Discuss the two questions related to post quantum drafts to provide implementer feedback to the authors.
• Continue discussion on the mailing list.
• Wait for ISG review and charter approval.
• Authors will incorporate feedback and possibly split the PQC draft if necessary.