Re: [CFRG] OCB does not have an OID specified, that is a general problem

Neil Madden <neil.e.madden@gmail.com> Mon, 07 June 2021 14:02 UTC

Return-Path: <neil.e.madden@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94A683A1776 for <cfrg@ietfa.amsl.com>; Mon, 7 Jun 2021 07:02:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id soI92nb4HTWv for <cfrg@ietfa.amsl.com>; Mon, 7 Jun 2021 07:02:20 -0700 (PDT)
Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 867653A172A for <cfrg@irtf.org>; Mon, 7 Jun 2021 07:02:20 -0700 (PDT)
Received: by mail-wm1-x32f.google.com with SMTP id 3-20020a05600c0243b029019f2f9b2b8aso43886wmj.2 for <cfrg@irtf.org>; Mon, 07 Jun 2021 07:02:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=mwEvYBtid768Bgv7tfHrzsFiTZnRz7w4RSsj/vJ2K/Y=; b=GHjx2M1R49fFOqpT7KDnfZM4HZP9Ss6V+oE8bM59FzFV2QslHRzfKbLJc+mS3g57ZV BXLXggX5IgS1O055F8wzlKjVsYksuAK7/xzt2EWUsK/I6b2IVeXL+z2B4syk3FCRjIw8 8IvZhtFmZMxOQk6nhZk0UcHZK7+9mzK3KI0msT3Q2+z1cqO8KQbljwnANf7he5Req4Og K8/cUSjvencwoVrMQxYz+pf3QK639/Z3GHw/mN5Rqyt34xVN79b57noWuGOSKFjYW0WF 9zV5wXaoxXR6UkRvJIsNO805gHFms35wlgV++20XZpmFed7IuojQUWB2fiSh/jVgP/Sh wvOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=mwEvYBtid768Bgv7tfHrzsFiTZnRz7w4RSsj/vJ2K/Y=; b=HhBLo3lPLlo+VYT/IU0Ce2d9UqbefunKauJOsIUS/6wAC/0Mnoqarvdgurnrq0JaRs ItUihF4g7Du/2m3KFT1wPXwog8bWPEmOc7DVtr6qU23lbc7CWyAnCaPf6XI6+rd/lp8W l/uQF/ZbgJSUQkV4U/1hTm/5BPFzKhCrX7iNhxpRqElWWT8dRs7JaDFXx7A2ybZHzWNh kxDRl35L2mwaSRJ/i198iap2j/T7t7dJmw3nsW8hidcqY3A38QWtw/5euRRXiY3yFOcb AnMBy9N+cuijeNKcPyQrGSwqvFt3AuomLlta6gdCOMLcrE9+iyhaeeftRW6GMby++mQr +ZkA==
X-Gm-Message-State: AOAM533E6yKgKSM9bh9qMylxbuG+/JqUkRNK4We2/whMkhGs0gciOI4Z YcVBMdi46+lb3ZWzyTTrA3Q=
X-Google-Smtp-Source: ABdhPJw2vhgA6kEorG8Q+3EzStJvmRixmf6ab8sLWsZmfpTfQg4DyDlwY1AwRXoWkWk/Am16jTqJ8Q==
X-Received: by 2002:a05:600c:4282:: with SMTP id v2mr16904371wmc.18.1623074537024; Mon, 07 Jun 2021 07:02:17 -0700 (PDT)
Received: from [10.0.0.6] (113.87.75.194.dyn.plus.net. [194.75.87.113]) by smtp.gmail.com with ESMTPSA id b26sm17391587wmj.25.2021.06.07.07.02.15 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Jun 2021 07:02:16 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.6\))
From: Neil Madden <neil.e.madden@gmail.com>
In-Reply-To: <CAMm+Lwizfw6=T28gGOgeGZ=4CEHsQ5BoWcAt5mOWbyJHLVJmuQ@mail.gmail.com>
Date: Mon, 7 Jun 2021 15:02:14 +0100
Cc: IETF SAAG <saag@ietf.org>, IRTF CFRG <cfrg@irtf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <CE8CC19F-4D05-4E71-84E3-5087F3576E02@gmail.com>
References: <CAMm+Lwizfw6=T28gGOgeGZ=4CEHsQ5BoWcAt5mOWbyJHLVJmuQ@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
X-Mailer: Apple Mail (2.3608.120.23.2.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/GBF-rfYsXJ3BmxUa4rz4GZLFh3Y>
Subject: Re: [CFRG] OCB does not have an OID specified, that is a general problem
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 14:02:26 -0000

Unless there is a compelling reason to do so, I’d prefer that registering algorithm identifiers for JOSE be a manual (and rare) step. JOSE provides no way for consumers to advertise which Encryption Methods they support (“enc” - which is what OCB would be), so adding new options here can only harm interoperability.

(This is in contrast to key agreement algorithms - “alg” - as these can be advertised in the JSON Web Key metadata).

— Neil

> On 7 Jun 2021, at 13:51, Phillip Hallam-Baker <phill@hallambaker.com> wrote:
> 
> Raising this in SAAG because this raises a policy issue and CFRG because that is where the policy should be enforced. It is also relevant to LAMPS but trying to avoid cross posting as everyone on the LAMPS list is likely on SAAG.
> 
> 
> rfc7253 specifies OCB mode. But there is no OID specified to use OCB with CMS, nor are there identifiers for use with JOSE.
> 
> This is problematic to say the least. If an algorithm is worth publishing as an RFC, there should be definitive identifiers for general purpose packaging formats specified in that RFC.
> 
> I would like to propose that in future assignment of relevant OIDs and JOSE identifiers be considered a requirement for similar work. If a spec for a symmetric mode isn't sufficiently specified to enable interoperable implementation in CMS and JOSE, it is not sufficiently specified to be an RFC.
> 
> This would not cover TLS, IPSEC etc. since they have rather different considerations. Algorithms are curated and selected as suites for TLS for a start. 
> 
> I am not a fan of having multiple registries for specifying identifiers for algorithms. In fact if I had my way, there would be a single IANA text registry because while we could write a spec for a cryptographic algorithm and call it SMTP, that would be silly. 
> 
> It seems to me that one registry for the ASN.1 identifiers and one for text based identifiers is sufficient for all reasonable purposes. To the extent that XML signature and encryption are still a thing, well why don't we just specify a generic URN scheme for IANA registries and have done.
> _______________________________________________
> CFRG mailing list
> CFRG@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg