IETF Logo Mail Archive

[COSE] draft-looker-cose-bls-key-representations

Anders Rundgren <anders.rundgren.net@gmail.com> Thu, 24 March 2022 08:51 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67E133A1569 for <cose@ietfa.amsl.com>; Thu, 24 Mar 2022 01:51:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CGc5PkU8sDio for <cose@ietfa.amsl.com>; Thu, 24 Mar 2022 01:51:42 -0700 (PDT)
Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC87A3A1570 for <cose@ietf.org>; Thu, 24 Mar 2022 01:51:41 -0700 (PDT)
Received: by mail-wr1-x430.google.com with SMTP id d7so5564875wrb.7 for <cose@ietf.org>; Thu, 24 Mar 2022 01:51:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:content-language :from:to:references:in-reply-to:content-transfer-encoding; bh=7dl09DCQC0ns4BbGImuvNL49qSE7uma4w4XIJKD8EvI=; b=NAZnxq+/0hF6weoV/rzLszYgUOARdyXOr9bIbeQTeTvIUWpGR/e7BOw9cEAinCAQ6W Tr2q2qS5NBdB/YBIXavmw8IBtqPlSjSpoD2F6MN9hLs4ckziMpKAUoeeBsVw52UFTzZe qNZTUPpkqqyT8vCUDfPSnEa/Ntdmnx0OVuOJccBhTsHTMgbuEvXo5qw88yNjkCz8F9B0 XBRoPrkbR9oAVSCgp438wwVs2sT8iFFiog7aOi3jjikX8PqZwf9SaxIl1vZco02ZCMCG 8PLE+aTugUjkbdXFqEcW/+STTnXr3ORbwTiU+3JgbAdAN4KGLUIHoI4258lcq1RtHaQq C6vA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:from:to:references:in-reply-to :content-transfer-encoding; bh=7dl09DCQC0ns4BbGImuvNL49qSE7uma4w4XIJKD8EvI=; b=ivx6DPiJ/pQo8lUpuvWbERp7p13sSBVsLK4tg9in1l8zc+ZPx5d1Lvx7sL46WiQMQF 2eXFgCN+CC3xTbmF7KqZ/e9WumhCAd5ejAPApu1HUtm8/wkzNwA/qWUMlCNWeZITUDIo q2GczaGVGhQpFWnpk4gVjh6FeBzaKz3019vF8nDUqgVALcmSvzrSp6C6+0mjdr867znN RVfwK+6SWgxWfXietb4j2QthzBvMgpDi768VN301mrsNhokCGnonZ207+qKP3PVHfOgf HybNKIcnmIbg/r/0amrBHK7Nd/pdvQMPBI0ZapvkprZw+qfvagp2Xs8kib0WXHrZTxHl elWQ==
X-Gm-Message-State: AOAM532IP2KUHcfnLFPlS27A1ai2uLbcuB0ryswHxi0C0wnb5AtE4G4/ 5lF8P1xUbo7VcfUmg7y20sJArXraYiI=
X-Google-Smtp-Source: ABdhPJziI/kqcedUIdAeTopLvMDK5OL9SWGpChu56kkfucHK6eW/raDCzWYQ1isaOIjlar+RtbYSiw==
X-Received: by 2002:adf:e0ce:0:b0:1ef:706d:d6b9 with SMTP id m14-20020adfe0ce000000b001ef706dd6b9mr3720676wri.71.1648111899749; Thu, 24 Mar 2022 01:51:39 -0700 (PDT)
Received: from [192.168.1.67] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id n14-20020a7bcbce000000b0038c7776a300sm5719742wmi.0.2022.03.24.01.51.38 for <cose@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 24 Mar 2022 01:51:39 -0700 (PDT)
Message-ID: <0cadb78a-8e61-d5fd-3ad5-58891d183bce@gmail.com>
Date: Thu, 24 Mar 2022 09:51:38 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Content-Language: en-US
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: "cose@ietf.org" <cose@ietf.org>
References: <95B75634-B147-4756-A950-C6B139CF3ADD@ericsson.com> <9DF382AC-12A8-47A5-AAE7-2B0D75EAA669@island-resort.com> <EDFDB6E4-2BDE-4E2E-9CF0-D771E2DEF3C6@ericsson.com> <823C00C2-4F6C-4DF5-99B0-87D8524D4A9C@island-resort.com> <C059B669-4C5D-4980-A665-96A39F4457C3@island-resort.com> <Yjr1XF5A2Cl2Jn1s@LK-Perkele-VII2.locald> <SY4P282MB1274D757E003725775C9CB9B9D189@SY4P282MB1274.AUSP282.PROD.OUTLOOK.COM> <c7464103-2935-235c-3821-68baac7ea67b@gmail.com>
In-Reply-To: <c7464103-2935-235c-3821-68baac7ea67b@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/FONL7TWJEXnfPMlRTNqrnV7bepA>
Subject: [COSE] draft-looker-cose-bls-key-representations
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2022 08:51:47 -0000

This I-D should IMHO hook into the previous PQK versus OKP discussions.

Since we apparently need additional RFCs for each new crypto system, the only gain with overloading OKP is saving one IANA registration.

In this particular case, I would strongly recommend defining "kty" as "BLS".

Code-wise this is close to a no-issue:
   switch(keyType) {
     case "EC":
        ...

     case "RSA":
        ...

     case "OKP":
     case "BLS":
         ...

However, this is a big simplification because in object oriented platforms like Java, BLS keys would anyway be represented by specific classes in the same way as Ed25519/Ed448 and X25519/X448 are today.  That is, possible code sharing isn't for real, while confusion is.

Related: https://mail.openjdk.java.net/pipermail/security-dev/2022-March/029495.html

thanx,
Anders

v2.23.0 | Report a Bug | By Email