Re: [COSE] questions for the WG from 8152bis AUTH48
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 18 February 2022 17:49 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5A0243A12F2
for <cose@ietfa.amsl.com>; Fri, 18 Feb 2022 09:49:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id s5PqJkDIWJv8 for <cose@ietfa.amsl.com>;
Fri, 18 Feb 2022 09:49:49 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 992023A0CA4
for <cose@ietf.org>; Fri, 18 Feb 2022 09:49:48 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by tuna.sandelman.ca (Postfix) with ESMTP id DC28938B01;
Fri, 18 Feb 2022 12:58:02 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1])
by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 6AAdSyLu_SRm; Fri, 18 Feb 2022 12:58:01 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247])
by tuna.sandelman.ca (Postfix) with ESMTP id 0EDEE38A21;
Fri, 18 Feb 2022 12:58:01 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail;
t=1645207081; bh=oXnJ6YFYg5qSphh4yQ6IrY00Dv2Anvs3juNiUqFrP0c=;
h=From:To:Subject:In-Reply-To:References:Date:From;
b=aOUG82O0cGrMITA30jYqGDmmmXcQcjKkdS595WDD5Ds2/xj/J9x0sZnQ+olsdHKrx
8KCFJnvYiu7hLuzEGYa/yJnYVkaqXDYctewqt0MHtQFBXakmiurx//PP/EZ7aOhzH8
w8Cc1y1fuay8341w8LPtB6Kc1nzr9cQFemwDjMjhCOlWfzpvH4miEtso2koRw+3Ae8
y+oZWpN7bHaZ6Bsq1MhZxBhhz+eaYmMNFeCJubtLLPjiMpqctZ5QPzqD92Dla+2CEP
R0zFCITyHpT0+2/C2zXP1CSG8n6o/++Q2etTomDT4DaecCwkmW8UCwPCNQ1koSxOH5
vFlmHj3PweW9w==
Received: from localhost (localhost [IPv6:::1])
by sandelman.ca (Postfix) with ESMTP id 5E5C7624;
Fri, 18 Feb 2022 12:49:45 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Benjamin Kaduk <kaduk@mit.edu>, cose@ietf.org
In-Reply-To: <20220218045949.GN12881@kduck.mit.edu>
References: <20220218045949.GN12881@kduck.mit.edu>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0;
<'$9xN5Ub#
z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"
Date: Fri, 18 Feb 2022 12:49:45 -0500
Message-ID: <25498.1645206585@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/SbTcJIhJYNcww2ORoyGX9CVTpTM>
Subject: Re: [COSE] questions for the WG from 8152bis AUTH48
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>,
<mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>,
<mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Feb 2022 17:50:05 -0000
Benjamin Kaduk <kaduk@mit.edu> wrote: > The chairs and I are continuing to work through the AUTH48 process for > the 8152bis drafts, and a couple topics have come up that would benefit > from some broader input. Thanks for this. > In > https://datatracker.ietf.org/doc/html/draft-ietf-cose-rfc8152bis-struct-15#section-7.1 > we we have a table of "Key Operation Values", discussing the various > operations that are possible. Some of them include the statement > "Requires private key fields", and for operations like "sign" or > "unwraap key" this is pretty obviously true. But for "derive key" and > "derive bits" this is less clear to me. In particular, my > understanding is that I can do the derivation operations by combining a > public key I control and a public key received from the peer. My reading of this is that it is about some kind of DH key operation. Do you think of your g^x as being public or derived from private? The x is obviously private, and you need it to compute (g^y)^x. I'm not sure what other method derives keys from two public things without each party also having some private parts. > That, in > turn, seems to imply that the serialized public key that I receive from > the peer would be intended to be used for a derivation operation but > would not contain the private key fields. Here, I think you are asking if the COSE Key Common Parameters would contain private keys? I don't get that impression... the kid would identity what private components are being referenced. > Are we supposed to indicate > the derivation operations in the "key_ops" field of such a > public-key-only COSE_Key? I believe we are supposed to, and so have > directed the RFC Editor to just remove the statement about "requires > private key fields" for those two entries. This seems low-risk in that > the statement itself is mostly informative, so we're either removing a > false statement or removing something that's informative but obvious > when you go to implement it. Do people agree with that interpretation > of the "key_ops" for public-key-only key objects destined for > derivation operations? I agree with you conclusion, but I'm not sure that I agree we got there the same way. > The other question is in -algs; in > https://datatracker.ietf.org/doc/html/draft-ietf-cose-rfc8152bis-algs#section-8 > we start off with a rather awkward sentence "There are some situations > that have been identified where identification of capabilities of an > algorithm or a key type need to be specified." > In particular (at least > to me), the "identification ... needs to be specified" seems like the > verb tenses don't even match up properly, or something of that nature, > but I can't properly describe exactly what seems off. The current > proposal from the RFC Editor is to dramatically replace this sentence > with the bland "The capabilities of an algorithm or key type need to be > specified in some situations". Does anyone object to that change? I can live with that. The repeated use of "identified" / "identification" is really really awkward, and I think uselessly obtuse. Maybe more detail from core-oscore-groupcomm would help the reader. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [COSE] questions for the WG from 8152bis AUTH48 Benjamin Kaduk
- Re: [COSE] questions for the WG from 8152bis AUTH… Michael Richardson
- Re: [COSE] questions for the WG from 8152bis AUTH… Ilari Liusvaara
- Re: [COSE] questions for the WG from 8152bis AUTH… Marco Tiloca
- Re: [COSE] questions for the WG from 8152bis AUTH… Göran Selander