[{"author": "Aron Wussler", "text": "
Is there seriously a column in front of the camera?
", "time": "2023-07-28T19:00:28Z"}, {"author": "Stephen Farrell", "text": "yeah odd room setup
", "time": "2023-07-28T19:00:43Z"}, {"author": "Daniel Gillmor", "text": "yes, this room layout is remarkable
", "time": "2023-07-28T19:00:44Z"}, {"author": "Mike Ounsworth", "text": "The Mic line is in between the column and the camera, yes.
", "time": "2023-07-28T19:00:55Z"}, {"author": "Daniel Gillmor", "text": "i think the camera will catch who is standing at the mic, but not the rest of the room
", "time": "2023-07-28T19:01:04Z"}, {"author": "Daniel Gillmor", "text": "thanks @Mike Ounsworth for the demo
", "time": "2023-07-28T19:01:13Z"}, {"author": "Aron Wussler", "text": "... Amazing!
", "time": "2023-07-28T19:01:20Z"}, {"author": "Aron Wussler", "text": "Hi Mike!
", "time": "2023-07-28T19:01:26Z"}, {"author": "Thom Wiggers", "text": "privacy preserving mic line
", "time": "2023-07-28T19:01:44Z"}, {"author": "Kai Engert", "text": "there are people in the room!
", "time": "2023-07-28T19:01:45Z"}, {"author": "Mike Ounsworth", "text": "Thom Wiggers said:
\n\n\nprivacy preserving mic line
\n
But we fixed that with the onsite meetecho tool
", "time": "2023-07-28T19:02:13Z"}, {"author": "Aron Wussler", "text": "You know, here we get only pretty good privacy
", "time": "2023-07-28T19:03:26Z"}, {"author": "Benjamin Kaduk", "text": "\n\nwe should start distracting ourselves
\n
Ooh, shiny!
", "time": "2023-07-28T19:15:06Z"}, {"author": "Benjamin Kaduk", "text": "-ter is more fun than -bis-bis anyway
", "time": "2023-07-28T19:16:48Z"}, {"author": "Benjamin Kaduk", "text": "(or, if you want to really push the etymology, -tris)
", "time": "2023-07-28T19:17:21Z"}, {"author": "Mike Ounsworth", "text": "@Aron Wussler , @Falko Strenzke The change to non-composite hybrids (especially non-composite encryption) is interesting. Could we chat offline about the motivations of that direction?
", "time": "2023-07-28T19:23:54Z"}, {"author": "Aron Wussler", "text": "Sure, we can schedule a call and have a chat, even if I don't have strong motivations to go towards the non-composite PQC encryption. I've done some experiments and the overhead is really minimal. SPHINCS+ is a bit of a different animal
", "time": "2023-07-28T19:30:15Z"}, {"author": "Mike Ounsworth", "text": "@Aron Wussler I guess I just want to wrap my head more fully around this:
\n\n", "time": "2023-07-28T19:32:32Z"}, {"author": "Mike Ounsworth", "text": "Furthermore, the OpenPGP protocol also allows for parallel encryption to different keys held by the same recipient. .. a non-composite multi-algorithm public-key encryption is realized where the recipient has to decrypt only one of the PKESK packages in order to decrypt the message.
\n
(deleted)
", "time": "2023-07-28T19:35:42Z"}, {"author": "Kai Engert", "text": "Would the system performing the re-encryption and forwarding be able to read the message?
", "time": "2023-07-28T19:36:24Z"}, {"author": "Kai Engert", "text": "(We can get that answered offline)
", "time": "2023-07-28T19:36:44Z"}, {"author": "Mallory Knodel", "text": "Wouldn't there be a wider case for additional keys beyond forwarding, say if work is done on forward secrecy?
", "time": "2023-07-28T19:36:52Z"}, {"author": "Aron Wussler", "text": "@mike> Furthermore, the OpenPGP protocol also allows for parallel encryption to different keys held by the same recipientYeah, that's an OR. Just have to decrypt one to get the session key.> I will find that you are not (currently) registering code points for KyberCorrect
", "time": "2023-07-28T19:39:21Z"}, {"author": "Aron Wussler", "text": "Damn formatting
", "time": "2023-07-28T19:39:36Z"}, {"author": "Kai Engert", "text": "another use case: Be able to drop old smartcards
", "time": "2023-07-28T19:40:00Z"}, {"author": "Aron Wussler", "text": "@kai: no, the proxy preserves E2EE and is not able to read the message. It can only choose which messages to forward (or not to forward) thus causing a denial of service
", "time": "2023-07-28T19:40:39Z"}, {"author": "Mike Ounsworth", "text": "(I deleted my second message when I found the codepoints for kyberKem768, kyberKem1024 in 5.1.2)
", "time": "2023-07-28T19:40:48Z"}, {"author": "Aron Wussler", "text": "@mallory: I think someone proposed to have \"pretty good forward secrecy\" or even a double ratchet, but there is no draft out yet AFAIK. That's still a good topic in the rechartering for sure
", "time": "2023-07-28T19:42:51Z"}, {"author": "Aron Wussler", "text": "Also @kai: it's hard to use this mechanism to drop old smartcards, as we need the secret to compute the transformation parameter, and usually HSMs don't allow that kind of access :(
", "time": "2023-07-28T19:43:59Z"}, {"author": "Mallory Knodel", "text": "@aron could work on fs be leveraged by your work on auto-forwarding (a gentle suggestion for a slight shift in the name of the draft)? i'm looking at your draft now and i wonder how autoforwarding is fundamentally different than an email between n+1, rather than n people, where the +1 is the forwardee.
", "time": "2023-07-28T19:45:26Z"}, {"author": "Kai Engert", "text": "Aron Wussler said:
\n\n\nAlso @kai: it's hard to use this mechanism to drop old smartcards, as we need the secret to compute the transformation parameter, and usually HSMs don't allow that kind of access :(
\n
sorry if I was misleading. My \"use case\" comment refered to Daniel's presentation about symmetric re-encryption.
", "time": "2023-07-28T19:46:18Z"}, {"author": "Cory Myers", "text": "Interested in the OpenPGP <->
double-ratchet line of thinking, if there\u2019s anything public to link to yet.
@daniel are there good reasons why a user might want their symmetric key attached to the user agent rather than their asymmetric key? say the former being different and differently generated on different devices.
", "time": "2023-07-28T19:48:17Z"}, {"author": "Cory Myers", "text": "\u201cConsent\u201d- or \u201cinvitation\u201d-based certification?
", "time": "2023-07-28T19:51:57Z"}, {"author": "Benjamin Kaduk", "text": "Maybe the keyholder could make some kind of countersignature to attest that they endorse the attachment of the certification to their certificate
", "time": "2023-07-28T19:52:03Z"}, {"author": "Mike Ounsworth", "text": "Benjamin Kaduk said:
\n\n\n(or, if you want to really push the etymology, -tris)
\n
@dkg \"-tris\" not \"-tird\"
", "time": "2023-07-28T19:57:01Z"}, {"author": "Falko Strenzke", "text": "@Mike: yes sure, we can talk about non-composites (what that exactly refers to here I am not sure though)
", "time": "2023-07-28T20:00:42Z"}, {"author": "Pieter Kasselman", "text": "Cross-device security BCP: https://datatracker.ietf.org/doc/draft-ietf-oauth-cross-device-security/
", "time": "2023-07-28T20:06:57Z"}, {"author": "Stephen Farrell", "text": "thanks pieter
", "time": "2023-07-28T20:07:13Z"}, {"author": "Mallory Knodel", "text": "I find the organisational CA use case really interesting and potentially very useful.
", "time": "2023-07-28T20:07:45Z"}, {"author": "Mallory Knodel", "text": "Might be related to the revocation clean up work, too.
", "time": "2023-07-28T20:08:03Z"}, {"author": "Mallory Knodel", "text": "The universe is expanding, Stephen, metaphorically and actually :)
", "time": "2023-07-28T20:09:20Z"}, {"author": "Aron Wussler", "text": "Ask LAMPS how to do a charter :)
", "time": "2023-07-28T20:09:41Z"}, {"author": "Roman Danyliw", "text": "We need both the charter text + the milestones with it.
", "time": "2023-07-28T20:10:11Z"}]