[{"author": "Aron Wussler", "text": "

Is there seriously a column in front of the camera?

", "time": "2023-07-28T19:00:28Z"}, {"author": "Stephen Farrell", "text": "

yeah odd room setup

", "time": "2023-07-28T19:00:43Z"}, {"author": "Daniel Gillmor", "text": "

yes, this room layout is remarkable

", "time": "2023-07-28T19:00:44Z"}, {"author": "Mike Ounsworth", "text": "

The Mic line is in between the column and the camera, yes.

", "time": "2023-07-28T19:00:55Z"}, {"author": "Daniel Gillmor", "text": "

i think the camera will catch who is standing at the mic, but not the rest of the room

", "time": "2023-07-28T19:01:04Z"}, {"author": "Daniel Gillmor", "text": "

thanks @Mike Ounsworth for the demo

", "time": "2023-07-28T19:01:13Z"}, {"author": "Aron Wussler", "text": "

... Amazing!

", "time": "2023-07-28T19:01:20Z"}, {"author": "Aron Wussler", "text": "

Hi Mike!

", "time": "2023-07-28T19:01:26Z"}, {"author": "Thom Wiggers", "text": "

privacy preserving mic line

", "time": "2023-07-28T19:01:44Z"}, {"author": "Kai Engert", "text": "

there are people in the room!

", "time": "2023-07-28T19:01:45Z"}, {"author": "Mike Ounsworth", "text": "

Thom Wiggers said:

\n
\n

privacy preserving mic line

\n
\n

But we fixed that with the onsite meetecho tool

", "time": "2023-07-28T19:02:13Z"}, {"author": "Aron Wussler", "text": "

You know, here we get only pretty good privacy

", "time": "2023-07-28T19:03:26Z"}, {"author": "Benjamin Kaduk", "text": "
\n

we should start distracting ourselves

\n
\n

Ooh, shiny!

", "time": "2023-07-28T19:15:06Z"}, {"author": "Benjamin Kaduk", "text": "

-ter is more fun than -bis-bis anyway

", "time": "2023-07-28T19:16:48Z"}, {"author": "Benjamin Kaduk", "text": "

(or, if you want to really push the etymology, -tris)

", "time": "2023-07-28T19:17:21Z"}, {"author": "Mike Ounsworth", "text": "

@Aron Wussler , @Falko Strenzke The change to non-composite hybrids (especially non-composite encryption) is interesting. Could we chat offline about the motivations of that direction?

", "time": "2023-07-28T19:23:54Z"}, {"author": "Aron Wussler", "text": "

Sure, we can schedule a call and have a chat, even if I don't have strong motivations to go towards the non-composite PQC encryption. I've done some experiments and the overhead is really minimal. SPHINCS+ is a bit of a different animal

", "time": "2023-07-28T19:30:15Z"}, {"author": "Mike Ounsworth", "text": "

@Aron Wussler I guess I just want to wrap my head more fully around this:

\n
\n

Furthermore, the OpenPGP protocol also allows for parallel encryption to different keys held by the same recipient. .. a non-composite multi-algorithm public-key encryption is realized where the recipient has to decrypt only one of the PKESK packages in order to decrypt the message.

\n
", "time": "2023-07-28T19:32:32Z"}, {"author": "Mike Ounsworth", "text": "

(deleted)

", "time": "2023-07-28T19:35:42Z"}, {"author": "Kai Engert", "text": "

Would the system performing the re-encryption and forwarding be able to read the message?

", "time": "2023-07-28T19:36:24Z"}, {"author": "Kai Engert", "text": "

(We can get that answered offline)

", "time": "2023-07-28T19:36:44Z"}, {"author": "Mallory Knodel", "text": "

Wouldn't there be a wider case for additional keys beyond forwarding, say if work is done on forward secrecy?

", "time": "2023-07-28T19:36:52Z"}, {"author": "Aron Wussler", "text": "

@mike> Furthermore, the OpenPGP protocol also allows for parallel encryption to different keys held by the same recipientYeah, that's an OR. Just have to decrypt one to get the session key.> I will find that you are not (currently) registering code points for KyberCorrect

", "time": "2023-07-28T19:39:21Z"}, {"author": "Aron Wussler", "text": "

Damn formatting

", "time": "2023-07-28T19:39:36Z"}, {"author": "Kai Engert", "text": "

another use case: Be able to drop old smartcards

", "time": "2023-07-28T19:40:00Z"}, {"author": "Aron Wussler", "text": "

@kai: no, the proxy preserves E2EE and is not able to read the message. It can only choose which messages to forward (or not to forward) thus causing a denial of service

", "time": "2023-07-28T19:40:39Z"}, {"author": "Mike Ounsworth", "text": "

(I deleted my second message when I found the codepoints for kyberKem768, kyberKem1024 in 5.1.2)

", "time": "2023-07-28T19:40:48Z"}, {"author": "Aron Wussler", "text": "

@mallory: I think someone proposed to have \"pretty good forward secrecy\" or even a double ratchet, but there is no draft out yet AFAIK. That's still a good topic in the rechartering for sure

", "time": "2023-07-28T19:42:51Z"}, {"author": "Aron Wussler", "text": "

Also @kai: it's hard to use this mechanism to drop old smartcards, as we need the secret to compute the transformation parameter, and usually HSMs don't allow that kind of access :(

", "time": "2023-07-28T19:43:59Z"}, {"author": "Mallory Knodel", "text": "

@aron could work on fs be leveraged by your work on auto-forwarding (a gentle suggestion for a slight shift in the name of the draft)? i'm looking at your draft now and i wonder how autoforwarding is fundamentally different than an email between n+1, rather than n people, where the +1 is the forwardee.

", "time": "2023-07-28T19:45:26Z"}, {"author": "Kai Engert", "text": "

Aron Wussler said:

\n
\n

Also @kai: it's hard to use this mechanism to drop old smartcards, as we need the secret to compute the transformation parameter, and usually HSMs don't allow that kind of access :(

\n
\n

sorry if I was misleading. My \"use case\" comment refered to Daniel's presentation about symmetric re-encryption.

", "time": "2023-07-28T19:46:18Z"}, {"author": "Cory Myers", "text": "

Interested in the OpenPGP <-> double-ratchet line of thinking, if there\u2019s anything public to link to yet.

", "time": "2023-07-28T19:46:32Z"}, {"author": "Mallory Knodel", "text": "

@daniel are there good reasons why a user might want their symmetric key attached to the user agent rather than their asymmetric key? say the former being different and differently generated on different devices.

", "time": "2023-07-28T19:48:17Z"}, {"author": "Cory Myers", "text": "

\u201cConsent\u201d- or \u201cinvitation\u201d-based certification?

", "time": "2023-07-28T19:51:57Z"}, {"author": "Benjamin Kaduk", "text": "

Maybe the keyholder could make some kind of countersignature to attest that they endorse the attachment of the certification to their certificate

", "time": "2023-07-28T19:52:03Z"}, {"author": "Mike Ounsworth", "text": "

Benjamin Kaduk said:

\n
\n

(or, if you want to really push the etymology, -tris)

\n
\n

@dkg \"-tris\" not \"-tird\"

", "time": "2023-07-28T19:57:01Z"}, {"author": "Falko Strenzke", "text": "

@Mike: yes sure, we can talk about non-composites (what that exactly refers to here I am not sure though)

", "time": "2023-07-28T20:00:42Z"}, {"author": "Pieter Kasselman", "text": "

Cross-device security BCP: https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/

", "time": "2023-07-28T20:06:57Z"}, {"author": "Stephen Farrell", "text": "

thanks pieter

", "time": "2023-07-28T20:07:13Z"}, {"author": "Mallory Knodel", "text": "

I find the organisational CA use case really interesting and potentially very useful.

", "time": "2023-07-28T20:07:45Z"}, {"author": "Mallory Knodel", "text": "

Might be related to the revocation clean up work, too.

", "time": "2023-07-28T20:08:03Z"}, {"author": "Mallory Knodel", "text": "

The universe is expanding, Stephen, metaphorically and actually :)

", "time": "2023-07-28T20:09:20Z"}, {"author": "Aron Wussler", "text": "

Ask LAMPS how to do a charter :)

", "time": "2023-07-28T20:09:41Z"}, {"author": "Roman Danyliw", "text": "

We need both the charter text + the milestones with it.

", "time": "2023-07-28T20:10:11Z"}]