Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-assign all code points #561

Open
baentsch opened this issue Nov 3, 2024 · 8 comments
Open

Re-assign all code points #561

baentsch opened this issue Nov 3, 2024 · 8 comments
Labels
help wanted Extra attention is needed

Comments

@baentsch
Copy link
Member

baentsch commented Nov 3, 2024

As correctly questioned in #556 (comment) the code points in this project are not aligned with IANA, most notably code points from non-standardized algorithms are not in the "Reserved for private use" space.

This issue is to suggest changing that -- ideally in a long-term easily maintainable manner, best fully automatic during algorithm changes done to the underlying liboqs.
@baentsch baentsch added the help wanted Extra attention is needed label Nov 3, 2024
@baentsch baentsch mentioned this issue Nov 3, 2024
Closed
@pi-314159
Copy link
Member

pi-314159 commented Nov 12, 2024
edited
Loading

Talking about resigning codepoints: Since Chrome 131 was released today (Edge 131 this Thursday) and Firefox 132 was released on October 29, we can drop Kyber support. Additionally, to simplify maintenance efforts, we can reverse the order of all X25519 hybrids.

I suggest doing this with the liboqs 0.12.0 or 1.0 release.

@baentsch @bhess

@baentsch
Copy link
Member Author

Following the mantra "less code is more secure code" I'm all for simplification and easing maintenance and would be OK dropping all Kyber support (incl. "hybrid order juggling") for good (also making the implementation effort for this issue quicker). Objections, @dstebila @SWilson4 ?

@dstebila dstebila mentioned this issue Nov 12, 2024
Open
@dstebila
Copy link
Member

I've created open-quantum-safe/liboqs#1989 about dropping Kyber support.

@baentsch
Copy link
Member Author

Another code point proposal to track/implement: https://datatracker.ietf.org/doc/html/draft-tls-westerbaan-mldsa-00

baentsch referenced this issue Nov 23, 2024
@baentsch
update MLKEM code points (#511)
8abfecd 
* update X25519-MLKEM768 code point

Signed-off-by: Michael Baentsch <[email protected]>

* further MLKEM (O)ID updates

Signed-off-by: Michael Baentsch <[email protected]>

* set p256_mlkem768 code point as per standard

Signed-off-by: Michael Baentsch <[email protected]>

---------

Signed-off-by: Michael Baentsch <[email protected]>
@tomato42
Copy link

I think that ML-DSA codepoints are especially important, so I've filed #578 to track them.

@baentsch
Copy link
Member Author

I think that ML-DSA codepoints are especially important, so I've filed #578 to track them.

Well, this doesn't really fit this issue: Adapting the ML-DSA code points and OIDs is run-of-the-mill business that has nothing to do with the "general overhaul" (beyond non-standardized IDs) that this issue suggests: As the code base gets updated to actually include the standardized code (in this case, as per #568) the corresponding code points (and OIDs) get updated. That said, your issue really should be a PR feedback... Just used it that way :)

@tomato42
Copy link

@baentsch aah, I took #561 (comment) as you wanting to use this issue for cleanup in general, sorry about that 🙂

will take a look at #568

@baentsch
Copy link
Member Author

@baentsch aah, I took #561 (comment) as you wanting to use this issue for cleanup in general, sorry about that 🙂

I wouldn't want to clean up things that are not even available for tidying :-)

will take a look at #568

Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tomato42 @dstebila @baentsch @pi-314159