Re: [COSE] FW: [jose] draft-jones-cose-rsa
Mike Jones <Michael.Jones@microsoft.com> Mon, 09 January 2017 20:02 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AC49129575 for <cose@ietfa.amsl.com>; Mon, 9 Jan 2017 12:02:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 89dzNr4jZ3-3 for <cose@ietfa.amsl.com>; Mon, 9 Jan 2017 12:02:48 -0800 (PST)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0114.outbound.protection.outlook.com [104.47.33.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A164C128824 for <cose@ietf.org>; Mon, 9 Jan 2017 12:02:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7oduI/m7ytRG8bWLMKDxhW0Xek99bZRn9qUbQddNv0E=; b=LOkf2UovIRH+W/IS6XZsvvPZqB4RB15wwS+zDHLEh6n4JzYFN9YW9vsGHexWxMpWW3OpN08vrZcTU0YUs7OHhaWJwQfIQoPbWurnwxjRQCptfqxh3RKEwexCKh+QGVDks5xxM2WEcxst6gXLiTEiIO2x3+BiWlIAcnWRZaUyIH4=
Received: from BN3PR03MB2355.namprd03.prod.outlook.com (10.166.74.150) by BN3PR03MB2354.namprd03.prod.outlook.com (10.166.74.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.803.11; Mon, 9 Jan 2017 20:02:46 +0000
Received: from BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) by BN3PR03MB2355.namprd03.prod.outlook.com ([10.166.74.150]) with mapi id 15.01.0803.021; Mon, 9 Jan 2017 20:02:46 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>, Justin Richer <jricher@mit.edu>
Thread-Topic: [COSE] FW: [jose] draft-jones-cose-rsa
Thread-Index: AdJj3G5A8Mg3MokbT1CbCGHSigaDpAGYwxgAABwd2wAAAGY5AAAAVeoQ
Date: Mon, 09 Jan 2017 20:02:46 +0000
Message-ID: <BN3PR03MB2355979876F156F04847CFC0F5640@BN3PR03MB2355.namprd03.prod.outlook.com>
References: <012d01d26487$8fb4d080$af1e7180$@augustcellars.com> <009a01d26a3f$7ccc1880$76644980$@augustcellars.com> <fc7d6964-7f85-5abd-7675-e7f01f9551ba@mit.edu> <CAHbuEH6UB-Ww=5sGzhJgbEqQtnpQ_y7dvYtgsn=Rrp-+1dooGA@mail.gmail.com>
In-Reply-To: <CAHbuEH6UB-Ww=5sGzhJgbEqQtnpQ_y7dvYtgsn=Rrp-+1dooGA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [107.18.133.67]
x-ms-office365-filtering-correlation-id: 9e9dfc85-b792-4744-c14f-08d438ca7b22
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:BN3PR03MB2354;
x-microsoft-exchange-diagnostics: 1; BN3PR03MB2354; 7:4HpOD91fNwNZDAdTDD8Ednk1tySgNbDaw4aAy+WfCXiH8UsYqap/Ci3MMDeU02X5/Um9BldPhajlXRP6YNgnUHxHSUJnd7tpL36bhtcn+nNcP+q8OodTQbkzeEqhe5c8OzgPrfpKlxi4dQFKvkkMSyg5So+K7tQAyGrePIP6U617H7tx0MsHLTeoWWobfIURterFEjseIEeKvbEHteOGbqISXASSp0c5W74e4paU+jmMGv9S47H/ulj48yqUAO6ve6E8mvAb2mhvp3AEa4wMsm7kjEDMDZOkcRTKIanzw075GykV3TnVxlLYWKqpyGEvWHfmFsrrUM/4cofoBnw/L/X5F1fcR9URu38dx9FfFJAiNK1tRWwfnIeLuubxRCIzMvzOUrmOznCrXtFshQPmDpir3l+gBh9W9Sq+MVMQJPuWwy/N3KourfF5QCM/wb8GlxIrqOFrH1Iersy0lzDBKFmgRQjRA6LQS/82wwjLIlw=
x-microsoft-antispam-prvs: <BN3PR03MB2354AE5CA3D8031B861A1DBDF5640@BN3PR03MB2354.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123562025)(20161123560025)(20161123564025)(20161123555025)(6047074)(6072148); SRVR:BN3PR03MB2354; BCL:0; PCL:0; RULEID:; SRVR:BN3PR03MB2354;
x-forefront-prvs: 0182DBBB05
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(39450400003)(39410400002)(39850400002)(39840400002)(39860400002)(189002)(13464003)(24454002)(199003)(377454003)(8990500004)(3846002)(39060400001)(7906003)(3660700001)(2171001)(74316002)(81156014)(54356999)(81166006)(8676002)(19609705001)(55016002)(99286003)(68736007)(33656002)(101416001)(50986999)(8936002)(3280700002)(66066001)(229853002)(92566002)(4326007)(7696004)(86612001)(10090500001)(105586002)(86362001)(54896002)(7736002)(54906002)(6306002)(76176999)(122556002)(5005710100001)(2906002)(9686003)(6506006)(93886004)(230783001)(38730400001)(77096006)(2900100001)(189998001)(5660300001)(5001770100001)(10290500002)(6436002)(2950100002)(790700001)(102836003)(97736004)(6116002)(25786008)(106356001)(606005); DIR:OUT; SFP:1102; SCL:1; SRVR:BN3PR03MB2354; H:BN3PR03MB2355.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN3PR03MB2355979876F156F04847CFC0F5640BN3PR03MB2355namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Jan 2017 20:02:46.3294 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR03MB2354
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/s8lgrwpXUoRoKIl6M-kkfZAsys4>
Cc: Jim Schaad <ietf@augustcellars.com>, cose <cose@ietf.org>
Subject: Re: [COSE] FW: [jose] draft-jones-cose-rsa
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jan 2017 20:02:51 -0000
I had requested AD sponsorship because of how simple the draft is. It registers a few numbers in registries being created by the COSE Messages draft and defines the layout of RSA keys (in a way that’s completely parallel to the JOSE layout, but using CBOR rather than JSON). It uses no new algorithms. It didn’t seem to rise to the occasion of needing a working group – especially when there remain COSE WG members such as Jim willing to take the time to give constructive feedback. BTW, I plan to respond to Jim’s note in detail later in the week. For the first half of the week, I’m on another medical sojourn for my wife in Boston. Cheers, -- Mike From: COSE [mailto:cose-bounces@ietf.org] On Behalf Of Kathleen Moriarty Sent: Monday, January 9, 2017 11:50 AM To: Justin Richer <jricher@mit.edu> Cc: Jim Schaad <ietf@augustcellars.com>; cose <cose@ietf.org> Subject: Re: [COSE] FW: [jose] draft-jones-cose-rsa If the work can be done in a WG, that is preferred. On Mon, Jan 9, 2017 at 2:38 PM, Justin Richer <jricher@mit.edu<mailto:jricher@mit.edu>> wrote: +1 on the CURDLE question. -- Justin On 1/9/2017 1:13 AM, Jim Schaad wrote: I just figure out that I sent this to the wrong list - maybe the names are too close together. -----Original Message----- From: jose [mailto:jose-bounces@ietf.org<mailto:jose-bounces@ietf.org>] On Behalf Of Jim Schaad Sent: Sunday, January 01, 2017 3:34 PM To: draft-jones-cose-rsa@tools.ietf.org<mailto:draft-jones-cose-rsa@tools.ietf.org> Cc: jose@ietf.org<mailto:jose@ietf.org> Subject: [jose] draft-jones-cose-rsa Comments: 0. Should this be done in curdle rather than as AD sponsored? 1. As per previous mail, remove values assignments in tables 1, 2, and 3 unless you have cleared them with the appropriate registry experts. I am less worried about table 4 but you should clear that as well. 2. Kill RSAES-OAP w/ SHA-1. We are not doing SHA-1 currently with any of the CBOR algorithms. In section 3.1.1.1 - what are the properties that are needed here for SHA-1 so we can ensure that the statement is true. Also, rename this to be s/ SHA-1 not w/ Default. There are no defaults for COSE. 3. Text in 3.1.1.1 and 2.1.1 should be more consistent in how it is written. 4. in the abstract be more specific about which RSA algorithms are being supported. For example, you are not doing 1.5 or KEM. 5. Why does 3.1.1.1 have a size and 2.1.1 not have one. This should be consistent. 6. section 3.1.1.1 should be encryption operation not decryption operation. 7. Section 3.1.1.1 - this text does not make sense "One potential denial of service operation is to provide encrypted objects using either abnormally long or oddly sized RSA modulus values." Should probably refer to keys not encrypted objects. 8. There is a requirement of minimum encoding lengths - what purpose does this serve? Is there a security problem here or is it just a nice to have because of message size? 9. Missing some security considerations. 10 Section 2.1.1 s/hash functions are not truncated/hash function outputs are not truncated/ _______________________________________________ jose mailing list jose@ietf.org<mailto:jose@ietf.org> https://www.ietf.org/mailman/listinfo/jose _______________________________________________ COSE mailing list COSE@ietf.org<mailto:COSE@ietf.org> https://www.ietf.org/mailman/listinfo/cose _______________________________________________ COSE mailing list COSE@ietf.org<mailto:COSE@ietf.org> https://www.ietf.org/mailman/listinfo/cose -- Best regards, Kathleen
- [COSE] FW: [jose] draft-jones-cose-rsa Jim Schaad
- Re: [COSE] FW: [jose] draft-jones-cose-rsa Justin Richer
- Re: [COSE] FW: [jose] draft-jones-cose-rsa Kathleen Moriarty
- Re: [COSE] FW: [jose] draft-jones-cose-rsa Mike Jones
- Re: [COSE] draft-jones-cose-rsa Mike Jones
- Re: [COSE] draft-jones-cose-rsa Jim Schaad
- Re: [COSE] draft-jones-cose-rsa Mike Jones