Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09
Joel Höglund <joel.hoglund@gmail.com> Thu, 04 April 2024 16:38 UTC
Return-Path: <joel.hoglund@gmail.com>
X-Original-To: cose@ietfa.amsl.com
Delivered-To: cose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA038C1519B8 for <cose@ietfa.amsl.com>; Thu, 4 Apr 2024 09:38:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.074
X-Spam-Level:
X-Spam-Status: No, score=-1.074 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DOTGOV_IMAGE=1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BS9wyNqZAHZn for <cose@ietfa.amsl.com>; Thu, 4 Apr 2024 09:38:01 -0700 (PDT)
Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D53EDC15154E for <cose@ietf.org>; Thu, 4 Apr 2024 09:38:01 -0700 (PDT)
Received: by mail-pg1-x52e.google.com with SMTP id 41be03b00d2f7-5c6bd3100fcso928649a12.3 for <cose@ietf.org>; Thu, 04 Apr 2024 09:38:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712248681; x=1712853481; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=fdoS4sEw7MFbxtHvfNm8msspaPRckUBNdFZNoLcAPFA=; b=amwnyrxM3sGoY5cHQMx2bvLgKbyfXm9LSe+pxu/4uNH6BvYmvEV+blhLg5kq8/l9yM ISvA6mKTd/t113yxsxAOjff0IBOtB/eFIoaVi40TUd/oZD17LAckJegHnvn/F0c4p+N3 C5pgwkvPZ/is9J7Q2paD+fGV09r5jCk1XU1QpmPeMr6Dpi3Vbt4pxFuJTzXtcVjMKSXt 2DUpTElVjTD1wM1Fpqyl/htaspvEhTM1XiKHTICwlF42oJzKv5kajrgCellmyminFy3R Tm6UWz6esCD2UbzlEDfVwspIs3i0nvJ29QE1n5QrjRpdpIE28YmfEMzGW5fLkGb2Idzz AqpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712248681; x=1712853481; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fdoS4sEw7MFbxtHvfNm8msspaPRckUBNdFZNoLcAPFA=; b=DeI+hVDnP4QS0WHfpli0+D+wTZ3N7jwlg3W5Uiuv62k6MBDXiRPfJzfQh3ZMmabcUF x+pDhJ/m7GsbVyM46+oh/QHxaSCF3KiHuNjYh+RuYa0xj+03ULgIhX2/xuL8sXV/L6ss +TlyMbp/orWZB4403I8pW/gJo3fXRRvij+jgmqKgmeo10m+WOJSZtZDO0dKNTNzKyU9u jXBCXQg73V1aNNpqTKH7bQvAE6aB/IjhbknFOkV/Oc0NcAOo897Zdx5B+3Wljtxrnt3J UD0Ux/c0eXgD8lqA0hjWnO7q5dBhyHIiKW2/m3Gy6GiBDUvkdfF+TxCHmJaivG9q+P4y e4Tw==
X-Gm-Message-State: AOJu0YzOtVA+ugY9gJSyF+Macr8j0ERtJogajt2RYR6DcN42WjDVlmwR Oj/ymEaBcuGE9IP6HGmjx1OsZN+ZdOLLXZLk6fYmNUtFSer9NP5gxeFfdO8Xo6DTeZqyqK3UwpF U5nJ77WteWqchDxWXm2zxm1QDRbxbWttJiOo=
X-Google-Smtp-Source: AGHT+IFMKhNi1tapPCAIkEGN1yOL+1dOSOsuWCD8nLCF030oHe5hfsX/Ftf1s/9sHF6rS/z/q97OykbAFLGUfnN+ymU=
X-Received: by 2002:a17:90b:1016:b0:2a2:21a0:b151 with SMTP id gm22-20020a17090b101600b002a221a0b151mr2903532pjb.20.1712248681099; Thu, 04 Apr 2024 09:38:01 -0700 (PDT)
MIME-Version: 1.0
References: <CAN8C-_LT6sPPhj1Q7L5f-wmGFs92TiYNe_Y-GhbftErxELJ4Ew@mail.gmail.com> <fab09711-22ca-4769-a308-ad374773b2a9@htt-consult.com>
In-Reply-To: <fab09711-22ca-4769-a308-ad374773b2a9@htt-consult.com>
From: Joel Höglund <joel.hoglund@gmail.com>
Date: Thu, 04 Apr 2024 18:37:48 +0200
Message-ID: <CAHszGEK_+8VV9SNO1Csg7wSJcXetXP3K1FW+NmqLVMRdyf5Bug@mail.gmail.com>
To: Robert Moskowitz <rgm-sec@htt-consult.com>
Cc: cose <cose@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000677d55061547f62b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cose/w93ui0yoqfepsozXRnMRPdeg5Dg>
Subject: Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09
X-BeenThere: cose@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: CBOR Object Signing and Encryption <cose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cose>, <mailto:cose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cose/>
List-Post: <mailto:cose@ietf.org>
List-Help: <mailto:cose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cose>, <mailto:cose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 16:38:05 -0000
Dear Robert Moskowitz,
Thank you for your test certificates! The test.210627.1.swimsiging
certificate can be CBOR C509 encoded, the annotated diagnostic format is
given further below. Two comments:
- Specific Certificate Policies, such as the
"icaoIdentityAssuranceMediumDeviceHardware" with OID 1.3.27.16.1.2.0.1.8,
are not present in "9.6. C509 Policies Qualifiers Registry", but are
instead stored as raw bytes.
- The extended key usage "icaoSWIMSigning" with OID 1.3.27.16.1.4.1.1 is
not present in "9.8. C509 Extended Key Usages Registry" and is, like the
policy oid, stored as raw bytes.
The FAATestpNPEIssuingCA certificate, on the other hand, contains a
BMPString in its certificatePolicies extension, violating the draft
restrictions where only UTF8Strings can be handled, since the proposed cbor
encoding does not include any string type information, for compactness.
("If noticeRef is not used and any explicitText are encoded as UTF8String,
the extension value can be CBOR encoded", from 3.3.) If we get feedback
that not handling BMPStrings in this situation is a major drawback we are
open to discussing the potential to accommodate this as well!
Best Regards
Joel Höglund
test.210627.1.swimsiging in CBOR diagnostic format:
1, / version and certificate type /
h'1ED75CA0FADE19F98B003B8691B8FBFDCA002088', / serial number /
[ / issuer /
-4, "US", 8, "FAA", 9, "0124.ANGUTMPKI", 1, "FAA Testp NPE Issuing CA"
],
1624815253, 1687887252, / notBefore, notAfter /
[ / subject /
-4, "US", 8, "FAA", 9, "0124.ANGUTMPKI", 1, "test.210627.1swimsiging"
],
1, / subjectPublicKeyAlgorithm /
h'FE9C6FDC2F32C476815EF8FA0C60A2FC06E146C965FC18C8AA8004973ED09E1F2A',
[ / extensions /
7, h'D9B4E381E1E0EC11AB7555B89191C5434F9C3708', / authorityKeyIdentifier /
9, / authorityInfoAccess /
[
2, "http://test1carepository.faa.gov/testca/faa-testp-npe-issuing-ca.p7c",
1, "http://test1carepository.faa.gov/ocsp"
],
6, [h'2B1B100102000108'], / certificatePolicies /
8, [h'2B1B1001040101'], / extended key usage /
5, / cRLDistributionPoints /
[
"http://test1carepository.faa.gov/testcrl/faa-testp-npe-issuing-ca.crl"
],
1, h'2383FD0B117DFF487E6F3771427D0ADEC8C9E8F8', / subjectKeyIdentifier /
-2, 3 / key usage /
],
0, / signatureAlgorithm /
h'49857D185646F02D3FF9ABB34ABEDA4A896E3EAD9A2188ED906C491A980E3AC1D671CF5DB23820F49B1B62918BF43136717CD678CECB3988775BBB900A0CCECC'
On Tue, 19 Mar 2024 at 16:08, Robert Moskowitz <rgm-sec@htt-consult.com>
wrote:
> I am attaching test FAA SWIM certs (
> https://www.icao.int/APAC/Pages/swim.aspx).
>
> Both a regular dump and an ASN.1 dump. You will see: Signature
> Algorithm: ecdsa-with-SHA512
>
> at bytes 35 and 1021 in the issuing cert and 35 and 718 in the client
> cert. 10 bytes in each case, so only having it once saves 10 bytes, and I
> will take that to the bank.
>
> Please run this cert through your converter code and make sure it works,
> as this is a working cert used in SWIM testing. Lots I disapprove of in
> this cert, and I have sent my critique of it back in August. Still a
> struggle with conflicting directions on ICAO certs content. Problems (IMO)
> in the CP.
>
> On 3/19/24 03:37, Orie Steele wrote:
>
> From Mike O.:
>
> I asked Russ about the history of the duplicate signatureAlgorithm in
> X.509.
> The answer is that in like 1984 -- before PKCS#1 was invented, before
> hash-then-sign was invented -- there was concern that some future
> algorithms might sign by encrypting the TBSCertificate, and so you would
> need to know the signatureAlgorithm in order to decrypt the TBSCertificate.
> So the unprotected copy was put there literally as a hint for how to parse
> the signature value in cases where the contents of the
> TBSCertificate.signatureAlg is opaque.
>
> So, yeah, it's 100% an artifact of evolution. Please get rid of it in C509.
>
> --
>
>
> ORIE STEELE Chief Technology Officer www.transmute.industries
>
> <https://transmute.industries>
>
> _______________________________________________
> COSE mailing listCOSE@ietf.orghttps://www.ietf.org/mailman/listinfo/cose
>
>
> _______________________________________________
> COSE mailing list
> COSE@ietf.org
> https://www.ietf.org/mailman/listinfo/cose
>
- Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09 Orie Steele
- Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09 Robert Moskowitz
- Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09 Robert Moskowitz
- [COSE] Rust code for draft-ietf-cose-cbor-encoded… Robert Moskowitz
- Re: [COSE] Rust code for draft-ietf-cose-cbor-enc… Göran Selander
- Re: [COSE] draft-ietf-cose-cbor-encoded-cert-09 Joel Höglund
- Re: [COSE] Rust code for draft-ietf-cose-cbor-enc… Joel Höglund