Minutes of the January 9th, 2023 Meeting

[johngray-dev]

Happy New Year to everyone!

Round Table Discussion:

Michael Baentsch - Made some updates to OQS artifacts and the zip file. Also working on a docker container and issue #14 . Also sent a pull request on script updates and waiting to be merged. John Gray looked at it and Merged it.

Felipe Ventura - Making progress on the composite implementation in openSSL/OQS. Will sent a pull request to Michael to review when it is ready.

Markku - Will start putting together IETF draft for Falcon based on the latest Falcon updates by the Falcon team. We also had some discussion on hash-then-sign. Most likely a separate OID for pre-hashing will be used. Also a second draft discussing hash-then-sign with a security considerations section. It is proposed SHA2-512 or SHA3-512 is probably okay. Some discussion on whether encoding for ASN.1/CBOR or others should also be included. No conclusive decision made on that matter.

Corey - Some minor updates to inconsistent naming used in the Digicert implementations. Now they are consistent.

David Hook - Made updates to the check/gen scripts. Sent in a pull request a few weeks ago that has been approved. Just waiting to Merge. John Gray also reviewed and Merge the changes.

Carl Wallace - Made updates to the Rust implementation using new updated crypto packages in Rust.

Fraser Winterborn - We welcomed Fraser to the team! He is working with Kris and Markku and is interested in the work we are doing.

Kris - Nothing to update

John Gray - Working on explicit composite implementation and updating the composite signatures draft. Should be able to add some new explicit composite artifacts soon. Also updated the OIDS list for explicit composite

Discussion of current Issues

Issue #14 Michael has been doing work on this one
Issue #3 We decided not to pursue this now. Seems like algorithm OIDs will be coming soon, and if new implementation comes out, we can always assign a new OID. Michael Baentsch has marked this with a lable of "Future Work"

Discussed expanding the scope of the project to include CMP and CMS. Captured in new issues below.

New Issues

#24 More Exhaustive reporting Format - Corey mentioned it would be nice if the compatibility matrix was more granular so that each algorithm could have its own report on what artifact implementations worked with it. Corey will start looking at this one and coming up with a template for what this could look like.

#25 Example Scope to include CMP - Will expand the scope to define CMP messages. Similar to the above. I believe Alexander is interested in this one.

#26 Example Scope to include CMS - Will be used to define what types of CMS artifacts we want to include. For example, David Hook mentioned Kyber use-cases. David will take a look at this one.

Next meeting in Monday February 6th.