IETF Logo Mail Archive

Re: [COSE] Consensus Call: RSA 1.5

Justin Richer <jricher@mit.edu> Sat, 21 November 2015 17:42 UTC

Return-Path: <jricher@mit.edu>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 553CA1AD080 for <cose@ietfa.amsl.com>; Sat, 21 Nov 2015 09:42:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.786
X-Spam-Level:
X-Spam-Status: No, score=-4.786 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dzWGDsTkufMO for <cose@ietfa.amsl.com>; Sat, 21 Nov 2015 09:42:37 -0800 (PST)
Received: from dmz-mailsec-scanner-2.mit.edu (dmz-mailsec-scanner-2.mit.edu [18.9.25.13]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A34A41AD079 for <cose@ietf.org>; Sat, 21 Nov 2015 09:42:37 -0800 (PST)
X-AuditID: 1209190d-f79306d000006b70-ec-5650ad0c280b
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-2.mit.edu (Symantec Messaging Gateway) with SMTP id E2.D4.27504.C0DA0565; Sat, 21 Nov 2015 12:42:36 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id tALHgZev028869 for <cose@ietf.org>; Sat, 21 Nov 2015 12:42:36 -0500
Received: from artemisia.richer.local (static-96-237-195-53.bstnma.fios.verizon.net [96.237.195.53]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id tALHgYvA018354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <cose@ietf.org>; Sat, 21 Nov 2015 12:42:35 -0500
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: Justin Richer <jricher@mit.edu>
In-Reply-To: <D4508FC8-FD8C-4389-BE70-6775E7A1B635@mit.edu>
Date: Sat, 21 Nov 2015 12:42:34 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <A839662A-F2B0-421A-BABF-35AAA9E46BEE@mit.edu>
References: <D4508FC8-FD8C-4389-BE70-6775E7A1B635@mit.edu>
To: cose@ietf.org
X-Mailer: Apple Mail (2.2104)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrIIsWRmVeSWpSXmKPExsUixCmqrMuzNiDM4PYicYtpW6eyOjB6LFny kymAMYrLJiU1J7MstUjfLoEr49TKFywFL/kq9jYeZ29g/MTdxcjBISFgIrFhk14XIyeQKSZx 4d56ti5GLg4hgcVMEsvb5jJDOEcZJTa+v8EE4Xxlkvj08A4TSAuzgLrEn3mXmEFsXgE9iVe3 LrOC2MIC2hLbG26yg9hsAqoS09e0gNVzClhLTF7yiwXEZgGKfzx2hx1ijrbEsoWvoeZYSdw9 9ooNxBYCsh+cP8UCcqmIgKDE3U5ziEtlJXb/fsQ0gVFgFpIrZiG5YhaSqQsYmVcxyqbkVunm JmbmFKcm6xYnJ+blpRbpGunlZpbopaaUbmIEh6Qk7w7GdweVDjEKcDAq8fByFPiHCbEmlhVX 5h5ilORgUhLlrX0NFOJLyk+pzEgszogvKs1JLT7EKMHBrCTCm7AgIEyINyWxsiq1KB8mJc3B oiTOO/eLb5iQQHpiSWp2ampBahFMVoaDQ0mCd9EaoEbBotT01Iq0zJwShDQTByfIcB6g4Rwg NbzFBYm5xZnpEPlTjIpS4rx3VgMlBEASGaV5cL2glJHw9rDpK0ZxoFeEeb+CVPEA0w1c9yug wUxAg3/X+IIMLklESEk1MJbIFvwzvXff5bCLkeDUB8v6RSvKdsprVy4/pDtnTaUdu+mBiwz5 drw7ppipqcgt0/q9d9uegPVhihMlPy37f+U5k9vB9ZNjpE++LS2ya/jqd21zxRnrfHWjj4Lf p7xoEnM9FykXcunSr1OvEkOm3r+5nuF8s8bJCm+OL2ctec7/7ou02iWXsk2JpTgj0VCLuag4 EQDwHZmc9AIAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/cose/SnRFsw9LkDJumNDJVXs79sr8VMI>
Subject: Re: [COSE] Consensus Call: RSA 1.5
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Nov 2015 17:42:39 -0000

There’s consensus for dropping RSA 1.5 encryption support entirely, so that will be done.

There’s also enough support for supporting RSA 1.5 signatures that putting them into an auxiliary draft sounds like the best approach. The chairs would like to ask for volunteers to edit such an auxiliary draft.

 — Justin, your COSE chair

> On Nov 7, 2015, at 3:01 AM, Justin Richer <jricher@MIT.EDU> wrote:
> 
> At the Yokohama meeting, the chairs agreed to do a consensus call regarding the definition of RSA 1.5 algorithms within the messages draft or an auxiliary draft. This functionality is analogous to the RS* series of signature methods in JWS and the RSA1_5 encryption method in JWE. The five positions we are asking the working group to consider and voice their support for are:
> 
> A) Drop all support for RSA 1.5 signatures and encryption.
> B) Define RSA 1.5 support in an auxiliary draft.
> C) Define RSA 1.5 support in the main draft (note that this option was previously discussed on the list and did not find favor at the time, so if you want it back you’ll need to make a strong case).
> D) You need more information to decide.
> E) You don’t give a flying rat about RSA 1.5.*
> 
> Note that this is distinct from RSA PSS support which is being discussed in a separate thread.
> 
> The consensus call will remain open for two weeks from today, closing on November 21, 2015; at which time, hopefully we will have a clear answer and direction for our editor.
> 
> Thank you,
> — Justin & Kepeng, your COSE chairs
> 
> * I promised those in the room at Yokohama to offer a flying rat option, for which I am deeply sorry.
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose

v2.23.0 | Report a Bug | By Email