IETF Logo Mail Archive

Re: [Curdle] Key examples in draft-ietf-curdle-pkix-03

Benjamin Kaduk <kaduk@mit.edu> Sat, 17 December 2016 02:44 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BE511294DB for <curdle@ietfa.amsl.com>; Fri, 16 Dec 2016 18:44:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.896, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AiUapAe-tE0n for <curdle@ietfa.amsl.com>; Fri, 16 Dec 2016 18:44:02 -0800 (PST)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E580F127058 for <curdle@ietf.org>; Fri, 16 Dec 2016 18:44:01 -0800 (PST)
X-AuditID: 1209190c-b5fff700000004b7-b1-5854a66fc3fb
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 05.46.01207.F66A4585; Fri, 16 Dec 2016 21:44:00 -0500 (EST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id uBH2hx0U016942; Fri, 16 Dec 2016 21:43:59 -0500
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id uBH2htDW007816 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 16 Dec 2016 21:43:58 -0500
Date: Fri, 16 Dec 2016 20:43:55 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: David Benjamin <davidben@chromium.org>
Message-ID: <20161217024355.GT8460@kduck.kaduk.org>
References: <20161214105434.418FAADD1C@smtp.postman.i2p> <20161214121515.GA10791@LK-Perkele-V2.elisa-laajakaista.fi> <CAF8qwaCWAx8Vp67VZz4G5DQpTGf5DX-sMN+1i40acgCYT8_NVA@mail.gmail.com> <002501d25760$a75c0bb0$f6142310$@augustcellars.com> <CAF8qwaDzC8C0czSPrCdTgKH-3_YqW8KeVQ291p+SNcOo-NyGxg@mail.gmail.com> <CAF8qwaASPih==KC9NKSy6KtEeySjEf4ByM1JkzCuu2bF8EP1xQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAF8qwaASPih==KC9NKSy6KtEeySjEf4ByM1JkzCuu2bF8EP1xQ@mail.gmail.com>
User-Agent: Mutt/1.6.1 (2016-04-27)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrCIsWRmVeSWpSXmKPExsUixG6nrluwLCTCoOe6msXWhbOYLXZ/NbVY Pf07mwOzx8Y509k8ZjdcZPFYsuQnUwBzFJdNSmpOZllqkb5dAlfG1iXTWAqOc1asXjGbvYFx D3sXIyeHhICJxLeji9i6GLk4hATamCT2Helmh3A2MkocOnOJBcK5yiTxb98y1i5GDg4WAVWJ Pbf4QbrZBFQkGrovM4PYIgJaEg3fHrOB2MwCFhKn2m6BxYUF7CVe7zvGCGLzChhL3Gj/CrWt kVliR99ZFoiEoMTJmU9YIJq1JG78e8kEsotZQFpi+T8OkDCnQKDEun+zwOaICihLNMx4wDyB UWAWku5ZSLpnIXQvYGRexSibklulm5uYmVOcmqxbnJyYl5dapGuol5tZopeaUrqJERS4nJI8 OxjPvPE6xCjAwajEw3vgT3CEEGtiWXFl7iFGSQ4mJVHeh64hEUJ8SfkplRmJxRnxRaU5qcWH GCU4mJVEeJctBMrxpiRWVqUW5cOkpDlYlMR5L2W6RwgJpCeWpGanphakFsFkZTg4lCR4C5cC NQoWpaanVqRl5pQgpJk4OEGG8wANdwep4S0uSMwtzkyHyJ9iVJQS501bApQQAElklObB9YIS i0T2/ppXjOJArwjz7gNp5wEmJbjuV0CDmYAGW8wLBhlckoiQkmpgZKnjCz+40uSU9uKCOyfV 3S117Bm0Jux4EGzjc64lInuRqgV34kW7l0e/fV7d0aB1aIPqCfVJm5/O2Zb94kbF15NGTYlT 02cs7F0ZyXRHOu2I0KuU6dJBLyo2SM5P3pHbd2jOBtNP+zS5Ii22P5FL4frJriIm7Vam3P3L 5VfoNxGvhGmL6k49UGIpzkg01GIuKk4EAOq50qIHAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/9n0Vu-Vq6rDc4oE19VgPkS6-8EQ>
Cc: Jim Schaad <ietf@augustcellars.com>, curdle@ietf.org
Subject: Re: [Curdle] Key examples in draft-ietf-curdle-pkix-03
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Dec 2016 02:44:03 -0000

On Fri, Dec 16, 2016 at 07:18:11AM +0000, David Benjamin wrote:
> So we don't end up with two variants of this floating around (this thread
> gives one data point of the current text being misinterpreted), What do you
> think about these editorial changes?
> 
> 1. In the paragraph beginning "For the keys defined in this document
> [...]", add a sentence like "Note the opaque byte sequence is wrapped in
> OCTET STRINGs twice in total."
> 
> 2. EdPrivateKey sounds like this only applies to Ed* rather than both Ed*
> and X*. It should probably be renamed. But the best name I can come up with
> right now is PrivateKeyWrapper, which is terrible. Another option is to
> avoid defining a type and just say:
> 
>    For the keys defined in this document, the private key is always an
>    opaque byte sequence.  This is encoded in a OneAsymmetricKey
>    object by wrapping the sequence in an ASN.1 OCTET STRING
>    and placing its DER encoding in the 'privateKey' field. Note that
>    'privateKey' is itself an OCTET STRING, so the original byte
>    sequence is wrapped in OCTET STRINGs twice in total.

And/or have an appendix with an example of the full encoding for a given
dummy key?

-Ben

v2.23.0 | Report a Bug | By Email