Re: [Curdle] Some work for the group
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 15 December 2016 16:33 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7019D129A5D for <curdle@ietfa.amsl.com>; Thu, 15 Dec 2016 08:33:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U4aFmZipXqvu for <curdle@ietfa.amsl.com>; Thu, 15 Dec 2016 08:33:38 -0800 (PST)
Received: from mail-wm0-x242.google.com (mail-wm0-x242.google.com [IPv6:2a00:1450:400c:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBE81129A56 for <curdle@ietf.org>; Thu, 15 Dec 2016 08:33:37 -0800 (PST)
Received: by mail-wm0-x242.google.com with SMTP id g23so7563943wme.1 for <curdle@ietf.org>; Thu, 15 Dec 2016 08:33:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=ORJx3kiRFn2iYadytnbHS9q12TJeMMvX5RIPGrIPJBo=; b=N4YzYsE20i6mdee4a2t602cx92lgcp3ngTk2wH044MC9XSS3xla2ZORW8S6BTsXV0k dXZOXo4bGt7SbMjF8YkwjmTyId9gX2jkh5iGcl7lfi7Jf3PuXkFNFFU9gUEoO9ROgmHp NQ3GBchPWZ7S7e+hZhErCJSL/5XPprYweuxkzGU4vyleqKI6OgOlZb0VbvBfY0JHAXWt BWp/FxmeG3fomHE+qfNtFaQNptIxtf3sBJlos33wmXyOfHKR34l++WR7WC8HwnNM/oOB boK2pbsK24WU0k5YiCBfV2OE18kmL0H7yp2Q+8ZEBtExCShfS3NvVVGlBQq/lFIfOzgK LpxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=ORJx3kiRFn2iYadytnbHS9q12TJeMMvX5RIPGrIPJBo=; b=ke2uJH48bzE25CB1eXadVGxSE4JvIhRUK2kXWZyNMi0NERU8g9lV09rdC9rqqQpWOZ 61U0CPjP3NK9B1CONlr+u3UeYgB5PptQHm8zfGdM/f1vBmbXuViGkXBCls91RsBenY23 I1bMr8ieXb8yN3pEtmacOawbrNaLDrCU7dUz11P5SqFIet7psACkYk/ppnR1ruE3hpLF adRAA9pZZ59qneQRT34AqDmrcTjpIXNO3zBLoHtD4ErqpjoZUz4hfs3SbfOR1F/IYBmm CEfsort2B25VvJ4qeyTD5oHGDwYYVrJTBQ1iVKG38g4m+PqWPyH8jGlVxfzUSfKxRLmt aM7A==
X-Gm-Message-State: AIkVDXInGRCSgUW3XyODpOimElgS5KrJXyWlHeKzZW8tH9bFQJiOBCGrOqZlFG31KNdpzqnUqxAebWj2diu26w==
X-Received: by 10.28.211.72 with SMTP id k69mr2177773wmg.137.1481819616277; Thu, 15 Dec 2016 08:33:36 -0800 (PST)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.194.83.101 with HTTP; Thu, 15 Dec 2016 08:33:35 -0800 (PST)
In-Reply-To: <1481788992.2779.15.camel@redhat.com>
References: <D4701965.2CFAB%qdang@nist.gov> <1481295892.20432.16.camel@redhat.com> <0e1701d254c6$46509670$d2f1c350$@augustcellars.com> <1481788992.2779.15.camel@redhat.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 15 Dec 2016 11:33:35 -0500
X-Google-Sender-Auth: 3erEaZ2LS1gxWrERAlzM9GvHkb4
Message-ID: <CAMm+LwjaTJp3JeJCTqj2Fag9mMKCUk+jE6aJMsBy=b++miu9jQ@mail.gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: multipart/alternative; boundary="001a11470106d97cd80543b5032f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/Yy1_2P0Yq6JxD4yS4_4JlnnDcoQ>
Cc: "Dang, Quynh (Fed)" <quynh.dang@nist.gov>, "Salz, Rich" <rsalz@akamai.com>, Jim Schaad <ietf@augustcellars.com>, Curdle <curdle@ietf.org>
Subject: Re: [Curdle] Some work for the group
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Dec 2016 16:33:39 -0000
It looks to me as if in effect the prehash vs pure issue is going to settle out into a situation where all signatures are pure signatures at the specification level with an additional hash being introduced in the packaging layer where bulk data is involved. I have implemented most of the popular packaging formats and most of my API calls internally turn out to be for a 'sign and digest' operation rather than Sign-this-digest. Most cases the bulk data is being put through a digest that is then put into some other structure for signature. There is almost always some sort of metadata you want in there in addition to the content. Another way to look at this is that Ed255x is a drop in replacement for RSA Signature that removes the restriction on the size of the input data to be signed but not the requirement for it to be buffered. Most packaging formats end up being a signature over a small chunk of static data which in the case of streamed content are virtually always reference to external data.
- [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Phillip Hallam-Baker
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Phillip Hallam-Baker
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Jim Schaad
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Jim Schaad
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Phillip Hallam-Baker
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Brian Smith
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Brian Smith
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Ilari Liusvaara
- Re: [Curdle] Some work for the group Daniel Migault
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Dang, Quynh (Fed)
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Peter Gutmann
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group santosh.chokhani
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group santosh.chokhani
- Re: [Curdle] Some work for the group Salz, Rich
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Erwann Abalea
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Erwann Abalea
- Re: [Curdle] Some work for the group Santosh Chokhani
- Re: [Curdle] Some work for the group Santosh Chokhani
- Re: [Curdle] Some work for the group Carl Wallace
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Carl Wallace
- Re: [Curdle] Some work for the group Stephen Farrell
- Re: [Curdle] Some work for the group Yoav Nir
- Re: [Curdle] Some work for the group Peter Gutmann
- Re: [Curdle] Some work for the group Manger, James
- Re: [Curdle] Some work for the group Peter Gutmann
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Russ Housley
- Re: [Curdle] Some work for the group Peter Gutmann
- Re: [Curdle] Some work for the group Nikos Mavrogiannopoulos
- Re: [Curdle] Some work for the group Peter Gutmann
- Re: [Curdle] Some work for the group Salz, Rich