[Curdle] [Errata Rejected] RFC8410 (5709)

RFC Errata System <rfc-editor@rfc-editor.org> Mon, 06 May 2019 21:46 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F1771201ED; Mon, 6 May 2019 14:46:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q5apNf3moQpM; Mon, 6 May 2019 14:46:27 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40989120021; Mon, 6 May 2019 14:46:27 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 28212B80A62; Mon, 6 May 2019 14:46:25 -0700 (PDT)
To: lijun.liao@gmail.com, simon@josefsson.org, ietf@augustcellars.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: kaduk@mit.edu, iesg@ietf.org, curdle@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20190506214625.28212B80A62@rfc-editor.org>
Date: Mon, 06 May 2019 14:46:25 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/9JdeDTN1mt0r9_-tnQ-yZRnjXI4>
Subject: [Curdle] [Errata Rejected] RFC8410 (5709)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 May 2019 21:46:31 -0000

The following errata report has been rejected for RFC8410,
"Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata/eid5709

--------------------------------------
Status: Rejected
Type: Editorial

Reported by: Lijun Liao <lijun.liao@gmail.com>
Date Reported: 2019-04-29
Rejected by: Benjamin Kaduk (IESG)

Section: 10.2

Original Text
-------------
-

Corrected Text
--------------
-

Notes
-----
The example certificate is a self-signed certificate containing X25519 public key. Unlike standard EC public key, the public key for key exchange is NOT the same as the one for digital signature in curve25519. That means, for the same private key, the public keys for X25519 and for Ed25519 are different. As a result, the public key in the self-signed certificate can NOT be used to verify the signature. In this context, please replace the example certificate by one containing the Ed25519 public key.
 --VERIFIER NOTES-- 
X25519 keys are only capable of key agreement, not signing, so by necessity a self-issued X25519 certificate cannot be self-signed.  This document specifies, among other things, how to encode  X25519 public keys into X.509 certificates, and so the example is accordingly a self-issued but not self-signed certificate.  The issuing certificate has the same subject name but a different key (and key type).

--------------------------------------
RFC8410 (draft-ietf-curdle-pkix-10)
--------------------------------------
Title               : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure
Publication Date    : August 2018
Author(s)           : S. Josefsson, J. Schaad
Category            : PROPOSED STANDARD
Source              : CURves, Deprecating and a Little more Encryption
Area                : Security
Stream              : IETF
Verifying Party     : IESG