Re: [CFRG] OCB does not have an OID specified, that is a general problem

Richard Outerbridge <outer@interlog.com> Mon, 07 June 2021 14:34 UTC

Return-Path: <outer@interlog.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A0663A189E for <cfrg@ietfa.amsl.com>; Mon, 7 Jun 2021 07:34:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CSSURkW3cjXQ for <cfrg@ietfa.amsl.com>; Mon, 7 Jun 2021 07:34:21 -0700 (PDT)
Received: from mail-1.ca.inter.net (mail-1.ca.inter.net [208.85.220.69]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83CA43A18A0 for <cfrg@irtf.org>; Mon, 7 Jun 2021 07:34:21 -0700 (PDT)
Received: from localhost (offload-3.ca.inter.net [208.85.220.70]) by mail-1.ca.inter.net (Postfix) with ESMTP id 5ED012EA3C6; Mon, 7 Jun 2021 10:34:20 -0400 (EDT)
Received: from mail-1.ca.inter.net ([208.85.220.69]) by localhost (offload-3.ca.inter.net [208.85.220.70]) (amavisd-new, port 10024) with ESMTP id IjmdUAfTt9X0; Mon, 7 Jun 2021 10:11:26 -0400 (EDT)
Received: from [192.168.168.101] (bras-base-toroon0246w-grc-16-70-53-126-140.dsl.bell.ca [70.53.126.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: outer@interlog.com) by mail-1.ca.inter.net (Postfix) with ESMTPSA id 6941A2EA06A; Mon, 7 Jun 2021 10:34:19 -0400 (EDT)
From: Richard Outerbridge <outer@interlog.com>
Message-Id: <105F02F8-E74E-436B-A637-58F1DDCDAF3B@interlog.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_02E055A9-784F-4163-B615-C73B56DCB655"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
Date: Mon, 7 Jun 2021 10:34:19 -0400
In-Reply-To: <773badc5fdc04c41a5ceea7ad4fe29fe@cert.org>
Cc: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>, Phillip Hallam-Baker <phill@hallambaker.com>, IETF SAAG <saag@ietf.org>, IRTF CFRG <cfrg@irtf.org>
To: Roman Danyliw <rdd@cert.org>
References: <CAMm+Lwizfw6=T28gGOgeGZ=4CEHsQ5BoWcAt5mOWbyJHLVJmuQ@mail.gmail.com> <B73FB6B1-3EFC-4AEA-9A99-8C047F478944@akamai.com> <773badc5fdc04c41a5ceea7ad4fe29fe@cert.org>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/qpksFEyS1QFDO7jfw53OWmcTHIM>
Subject: Re: [CFRG] OCB does not have an OID specified, that is a general problem
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 14:34:28 -0000

Hmm …
__outer

> On 2021-06-07 (158), at 09:53:10, Roman Danyliw <rdd@cert.org> wrote:
> 
> Hi!
>  
> From: saag <saag-bounces@ietf.org <mailto:saag-bounces@ietf.org>> On Behalf Of Salz, Rich
> Sent: Monday, June 7, 2021 9:45 AM
> To: Phillip Hallam-Baker <phill@hallambaker.com <mailto:phill@hallambaker.com>>; IETF SAAG <saag@ietf.org <mailto:saag@ietf.org>>; IRTF CFRG <cfrg@irtf.org <mailto:cfrg@irtf.org>>
> Subject: Re: [saag] [CFRG] OCB does not have an OID specified, that is a general problem
>  
> rfc7253 specifies OCB mode. But there is no OID specified to use OCB with CMS, nor are there identifiers for use with JOSE.
>  
> For this particular case, a request to the IANA expert will get an OID.  (He’s a co-chair of LAMPS :)
>  
> I would like to propose that in future assignment of relevant OIDs and JOSE identifiers be considered a requirement for similar work. If a spec for a symmetric mode isn't sufficiently specified to enable interoperable implementation in CMS and JOSE, it is not sufficiently specified to be an RFC.
>  
> That’s a reasonable thing to ask for, and something that could be caught by SECDIR or AD review. 

[ … ]

> [Roman] Agreed in the general case for the IETF stream.  For RFC7253, this review would have been during IESG conflict review because that document was IRTF stream (which doesn’t have an SECDIR review, AD review or even an IESG ballot).
>  
> Roman
>  
> _______________________________________________
> CFRG mailing list
> CFRG@irtf.org <mailto:CFRG@irtf.org>
> https://www.irtf.org/mailman/listinfo/cfrg <https://www.irtf.org/mailman/listinfo/cfrg>