IETF Logo Mail Archive

Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)

Benjamin Kaduk <kaduk@mit.edu> Thu, 25 November 2021 21:02 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A1D93A086F for <curdle@ietfa.amsl.com>; Thu, 25 Nov 2021 13:02:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D-kalE7svkVz for <curdle@ietfa.amsl.com>; Thu, 25 Nov 2021 13:02:38 -0800 (PST)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06F443A0875 for <curdle@ietf.org>; Thu, 25 Nov 2021 13:02:37 -0800 (PST)
Received: from mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 1APL2FVa010278 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 25 Nov 2021 16:02:20 -0500
Date: Thu, 25 Nov 2021 13:02:15 -0800
From: Benjamin Kaduk <kaduk@mit.edu>
To: Russ Housley <housley@vigilsec.com>
Cc: Daniel Minder <Daniel.Minder@utimaco.com>, Simon Josefsson <simon@josefsson.org>, "Roman D. Danyliw" <rdd@cert.org>, "daniel.migault@ericsson.com" <daniel.migault@ericsson.com>, Rich Salz <rsalz@akamai.com>, "curdle@ietf.org" <curdle@ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Message-ID: <20211125210215.GK93060@mit.edu>
References: <20211116105357.21FA01FCF52@rfc-editor.org> <5E5DECA1-8701-4E45-84D2-0C03D6438C69@vigilsec.com> <1940223ae4324f15a84963142aeddf8c@utimaco.com> <D29DF656-F826-4BC1-952B-BC3FC2451439@vigilsec.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <D29DF656-F826-4BC1-952B-BC3FC2451439@vigilsec.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/YzV1qabuGohI0DSJXuVJE4ArGHk>
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Nov 2021 21:02:43 -0000

Hi Russ, Daniel,

I updated the errata report in-place but left it in state "reported".
Can you please confirm that the current version is accurate?

I think it would qualify to mark as "verified" (rather than "hold for
document update") since the correction is clear and unambiguous.

Thanks,

Ben

On Tue, Nov 16, 2021 at 10:55:24AM -0500, Russ Housley wrote:
> I do think it is appropriate to make the one change noted below.
> 
> Since the ASN.1 module at the end of the document does not reference OneAsymmetricKey in any way, this error in the body of the document did not impact the implementation that I did in any way.
> 
> Russ
> 
> 
> > On Nov 16, 2021, at 10:11 AM, Daniel Minder <Daniel.Minder@utimaco.com> wrote:
> > 
> > Russ,
> > 
> > you are right. It seems I completely missed that header.
> > Since in section 7 there is no complete module definition and the "DEFINITIONS IMPLICIT TAGS" is missing here, one could perfectly argue that the "IMPLICIT" statement could be included for clarity.
> > 
> > I thought I came across a PKCS#8 / OneAsymmetricKey example in another RFC or a standard tool, but I cannot find it anymore. I was probably wrong here, too.
> > 
> > Please excuse the disturbance. I'm ok to reject the errata completely.
> > 
> > Thanks,
> > Daniel
> > 
> > -----Original Message-----
> > From: Russ Housley <housley@vigilsec.com>
> > Sent: Dienstag, 16. November 2021 15:13
> > To: Daniel Minder <Daniel.Minder@utimaco.com>
> > Cc: Simon Josefsson <simon@josefsson.org>; Roman D. Danyliw <rdd@cert.org>; Ben Kaduk <kaduk@mit.edu>; daniel.migault@ericsson.com; Rich Salz <rsalz@akamai.com>; curdle@ietf.org; RFC Editor <rfc-editor@rfc-editor.org>
> > Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)
> > 
> > Daniel:
> > 
> > RFC 5958 imports the definition of ATTRIBUTE from the PKIX-CommonTypes-2009 module in RFC 5912.
> > 
> > You will see at the top of the ASN.1 module in RFC 5958 the phrase "DEFINITIONS IMPLICIT TAGS".  This means that the definitions use implicit tagging unless the definition itself includes "EXPLICIT" to override the module default.
> > 
> > However, the PKIX-CommonTypes-2009 module in RFC 5912 has the phrase "DEFINITIONS EXPLICIT TAGS".  Thus, the Attributes SEQUENCE should have explicit tags as shown in the examples
> > 
> > Therefore, the only correction needed is the incorrect quote from RFC 5958 in Section 7 of RFC 8410.
> > 
> > ORIGINAL TEXT:
> > 
> >   OneAsymmetricKey ::= SEQUENCE {
> >      version Version,
> >      privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
> >      privateKey PrivateKey,
> >      attributes [0] IMPLICIT Attributes OPTIONAL,
> >      ...,
> >      [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
> >      ...
> >   }
> > 
> > CORRECTED TEXT:
> > 
> >     OneAsymmetricKey ::= SEQUENCE {
> >       version Version,
> >       privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
> >       privateKey PrivateKey,
> >       attributes [0] Attributes OPTIONAL,
> >       ...,
> >       [[2: publicKey [1] PublicKey OPTIONAL ]],
> >       ...
> >     }
> > 
> > Hope this helps,
> > Russ
> > 
> > 
> >> On Nov 16, 2021, at 5:53 AM, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
> >> 
> >> The following errata report has been submitted for RFC8410, "Algorithm
> >> Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure".
> >> 
> >> --------------------------------------
> >> You may review the report below and at:
> >> https://www.rfc-editor.org/errata/eid6738
> >> 
> >> --------------------------------------
> >> Type: Technical
> >> Reported by: Daniel Minder <daniel.minder@utimaco.com>
> >> 
> >> Section: 7 and 10.3
> >> 
> >> Original Text
> >> -------------
> >> Section 7 says
> >> 
> >>  OneAsymmetricKey ::= SEQUENCE {
> >>     version Version,
> >>     privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
> >>     privateKey PrivateKey,
> >>     attributes [0] IMPLICIT Attributes OPTIONAL,
> >>     ...,
> >>     [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
> >>     ...
> >>  }
> >> 
> >> 2nd example given in both section 7 and section 10.3:
> >> 
> >>  -----BEGIN PRIVATE KEY-----
> >>  MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
> >>  oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
> >>  Z9w7lshQhqowtrbLDFw4rXAxZuE=
> >>  -----END PRIVATE KEY------
> >> 
> >> ASN.1 dump of this private key in section 10.3:
> >> 
> >>  The same item dumped as ASN.1 yields:
> >> 
> >>    0 114: SEQUENCE {
> >>    2   1:   INTEGER 1
> >>    5   5:   SEQUENCE {
> >>    7   3:     OBJECT IDENTIFIER '1 3 101 112'
> >>         :     }
> >>   12  34:   OCTET STRING, encapsulates {
> >>         :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
> >>         :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
> >>         :     58 42
> >>         :     }
> >>   48  31:   [0] {
> >>   50  29:     SEQUENCE {
> >>   52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
> >>   64  15:       SET {
> >>   66  13:         UTF8String 'Curdle Chairs'
> >>         :         }
> >>         :       }
> >>         :     }
> >>  81  33:   [1] 00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
> >>                96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
> >>                E1
> >>         :   }
> >> 
> >> 
> >> Corrected Text
> >> --------------
> >> Correct definition in section 7:
> >> 
> >>  OneAsymmetricKey ::= SEQUENCE {
> >>    version                   Version,
> >>    privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
> >>    privateKey                PrivateKey,
> >>    attributes            [0] Attributes OPTIONAL,
> >>    ...,
> >>    [[2: publicKey        [1] PublicKey OPTIONAL ]],
> >>    ...
> >>  }
> >> 
> >> Example key in section 7 and 10.3:
> >> 
> >>  -----BEGIN PRIVATE KEY-----
> >>  MHQCAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
> >>  oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzoSMDIQAZv0QJaYTN/oVB
> >>  usFn3DuWyFCGqjC2tssMXDitcDFm4Q==
> >>  -----END PRIVATE KEY-----
> >> 
> >> 
> >> ASN.1 dump of this private key in section 10.3:
> >> 
> >>    0 116: SEQUENCE {
> >>    2   1:   INTEGER 1
> >>    5   5:   SEQUENCE {
> >>    7   3:     OBJECT IDENTIFIER '1 3 101 112'
> >>         :     }
> >>   12  34:   OCTET STRING, encapsulates {
> >>         :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
> >>         :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
> >>         :     58 42
> >>         :     }
> >>   48  31:   [0] {
> >>   50  29:     SEQUENCE {
> >>   52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
> >>   64  15:       SET {
> >>   66  13:         UTF8String 'Curdle Chairs'
> >>         :         }
> >>         :       }
> >>         :     }
> >>   81  35:   [1] {
> >>   83  33:     BIT STRING {
> >>                 00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
> >>                 96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
> >>                 E1
> >>                 }
> >>               }
> >>         :   }
> >> 
> >> 
> >> Notes
> >> -----
> >> OneAsymmetricKey is defined in RFC 5958. It does NOT define attributes and publicKey as IMPLICIT.
> >> 
> >> Instructions:
> >> -------------
> >> This erratum is currently posted as "Reported". If necessary, please
> >> use "Reply All" to discuss whether it should be verified or rejected.
> >> When a decision is reached, the verifying party can log in to change
> >> the status and edit the report, if necessary.
> >> 
> >> --------------------------------------
> >> RFC8410 (draft-ietf-curdle-pkix-10)
> >> --------------------------------------
> >> Title               : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure
> >> Publication Date    : August 2018
> >> Author(s)           : S. Josefsson, J. Schaad
> >> Category            : PROPOSED STANDARD
> >> Source              : CURves, Deprecating and a Little more Encryption
> >> Area                : Security
> >> Stream              : IETF
> >> Verifying Party     : IESG
> >> 
> >> _______________________________________________
> >> Curdle mailing list
> >> Curdle@ietf.org
> >> https://www.ietf.org/mailman/listinfo/curdle
> > 
> > 
> > 
> > ________________________________
> > 
> > Utimaco IS GmbH
> > Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
> > Seat: Aachen – Registergericht Aachen HRB 18922
> > VAT ID No.: DE 815 496 496
> > Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO
> > 
> > This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email.
>

v2.23.0 | Report a Bug | By Email