Re: [Curdle] AlgorithmIdentifier parameters in draft-ietf-curdle-pkix-03
str4d <str4d@i2pmail.org> Wed, 22 March 2017 06:02 UTC
Return-Path: <str4d@i2pmail.org>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB7ED126B7F for <curdle@ietfa.amsl.com>; Tue, 21 Mar 2017 23:02:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.519
X-Spam-Level: ****
X-Spam-Status: No, score=4.519 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_06_12=1.543, RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_SORBS_HTTP=0.001, RCVD_IN_SORBS_SOCKS=1.927, RCVD_IN_SORBS_WEB=1.5, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2qXe9-MUf8nE for <curdle@ietfa.amsl.com>; Tue, 21 Mar 2017 23:02:21 -0700 (PDT)
Received: from mail01.sigterm.no (mail01.sigterm.no [193.150.121.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E07F7124281 for <curdle@ietf.org>; Tue, 21 Mar 2017 23:02:20 -0700 (PDT)
Received: from smtp.postman.i2p (i2p-outproxy01.privacysolutions.no [193.150.121.66]) by postman.meeh.i2p (Postfix) with ESMTP id 5F0BA2E119C for <curdle@ietf.org>; Wed, 22 Mar 2017 07:02:15 +0100 (CET)
X-Virus-Scanned: clamav-milter 0.97 on milter.postman.i2p
X-Mailer: smtp.postman.i2p - Official I2P Mailer
From: str4d <str4d@i2pmail.org>
To: David Benjamin <davidben@chromium.org>, Daniel Migault <daniel.migault@ericsson.com>, "curdle@ietf.org" <curdle@ietf.org>, Russ Housley <housley@vigilsec.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <7d6cfe29-8d4c-436e-fe8a-0cbee915b29e@mail.i2p> <20170311061838.879BAADF28@smtp.postman.i2p> <2DD56D786E600F45AC6BDE7DA4E8A8C118BA5C93@eusaamb107.ericsson.se> <20170314174216.56419ADF21@smtp.postman.i2p>
MIME-Version: 1.0
In-Reply-To: <20170314174216.56419ADF21@smtp.postman.i2p>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="gj8u4X6nIJSFnnTCREp8qIdkMnCa5Oi2b"
Message-Id: <20170321233151.6B3F8ADF28@smtp.postman.i2p>
Date: Tue, 21 Mar 2017 23:31:51 +0000
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/V72VRwMqfk5WHH_9u8I9IUZ1TFE>
Subject: Re: [Curdle] AlgorithmIdentifier parameters in draft-ietf-curdle-pkix-03
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Mar 2017 06:02:22 -0000
On 03/15/2017 06:42 AM, David Benjamin wrote: > No, we should not relax the MUST NOT. We've learned from the previous > algorithms here that multiple options for encodings are an unnecessary > source of complexity and interop headaches. There should only be one > encoding and parsers need to enforce this to avoid an ecosystem mess. As the author of one such parser, I completely agree. Were this a fully-custom stack (like BouncyCastle when using their keystore, or a commercial offering), where I controlled everything below my parser, it wouldn't be a problem. But when the input to my parser is being transparently rewritten to a non-compliant encoding by standard libraries of the programming language itself, my hands are tied. How would the following language (or something to this effect) work as a compromise? In this document we defined six new OIDs for identifying the different curve/algorithm pairs. The curves being Curve25519 and Curve448. The algorithms being ECDH, EdDSA in pure mode and EdDSA in pre-hash mode. For all of the OIDs, the parameters MUST be absent. Regardless of the defect in the original 1997 syntax, implementations MUST NOT write out a parameters value of NULL, and MUST NOT accept a parameters value of NULL, EXCEPT where doing so is unavoidable due to legacy PKCS8 interpretation within the implementation language's standard libraries (such as Java's Sun security provider before version XX). I can comply with this, because my implementation will write the single correct encoding to any destination (keystore or otherwise, modulo whatever PKCS8 transformations that destination applies), but being a standalone Java parser it can't know whether it is receiving input from the default keystore or a compliant one. In a language where the default PKCS8 parser can be made compliant, the MUST NOT would remain enforced. Alternatively, the MUST NOT can be left as-is, and I will consider this a case of "know the rules you're breaking". My concern then would be my code being copied into other projects without this understanding (which I would attempt to alleviate via comments), or other independent Java implementations running up against this issue and just ignoring the MUST NOT entirely, leading to incorrect encodings being written out (avoidance of which AFAICT is the primary motivator for the MUST NOT). Cheers, Jack
- [Curdle] AlgorithmIdentifier parameters in draft-… str4d
- Re: [Curdle] AlgorithmIdentifier parameters in dr… Ilari Liusvaara
- Re: [Curdle] AlgorithmIdentifier parameters in dr… str4d
- Re: [Curdle] AlgorithmIdentifier parameters in dr… Ilari Liusvaara
- Re: [Curdle] AlgorithmIdentifier parameters in dr… str4d
- Re: [Curdle] AlgorithmIdentifier parameters in dr… str4d
- Re: [Curdle] AlgorithmIdentifier parameters in dr… Daniel Migault
- Re: [Curdle] AlgorithmIdentifier parameters in dr… David Benjamin
- Re: [Curdle] AlgorithmIdentifier parameters in dr… str4d
- Re: [Curdle] AlgorithmIdentifier parameters in dr… Russ Housley
- Re: [Curdle] AlgorithmIdentifier parameters in dr… David Benjamin
- Re: [Curdle] AlgorithmIdentifier parameters in dr… str4d