IETF Logo Mail Archive

Re: [Curdle] AlgorithmIdentifier parameters in draft-ietf-curdle-pkix-03

str4d <str4d@i2pmail.org> Sat, 11 March 2017 07:35 UTC

Return-Path: <str4d@i2pmail.org>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FED412953D for <curdle@ietfa.amsl.com>; Fri, 10 Mar 2017 23:35:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.451
X-Spam-Level:
X-Spam-Status: No, score=-0.451 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_BRBL_LASTEXT=1.449, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X7RMJvqumfKd for <curdle@ietfa.amsl.com>; Fri, 10 Mar 2017 23:35:16 -0800 (PST)
Received: from mail01.sigterm.no (mail01.sigterm.no [193.150.121.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAC5F12951B for <curdle@ietf.org>; Fri, 10 Mar 2017 23:35:15 -0800 (PST)
Received: from smtp.postman.i2p (unknown [193.150.121.26]) by postman.meeh.i2p (Postfix) with ESMTP id 50A992E10AE for <curdle@ietf.org>; Sat, 11 Mar 2017 08:35:10 +0100 (CET)
X-Virus-Scanned: clamav-milter 0.97 on milter.postman.i2p
To: curdle@ietf.org, Russ Housley <housley@vigilsec.com>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <7d6cfe29-8d4c-436e-fe8a-0cbee915b29e@mail.i2p>
X-Mailer: smtp.postman.i2p - Official I2P Mailer
From: str4d <str4d@i2pmail.org>
MIME-Version: 1.0
In-Reply-To: <7d6cfe29-8d4c-436e-fe8a-0cbee915b29e@mail.i2p>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="bKPr5cxTWBBkOAoG0sQk57lm355SQb8ck"
Message-Id: <20170311061838.879BAADF28@smtp.postman.i2p>
Date: Sat, 11 Mar 2017 06:18:38 +0000
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/_PVIhbKf7za07JG9f4SP21F0qpI>
Subject: Re: [Curdle] AlgorithmIdentifier parameters in draft-ietf-curdle-pkix-03
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Mar 2017 07:35:17 -0000

On 02/19/2017 02:14 AM, str4d wrote:
> Hi all,
> 
> In draft-ietf-curdle-pkix-03 there is very clear language around the
> expected behaviour of parser implementations regarding
> AlgorithmIdentifier parameters:
> 

[snip]

> The problem is that the Sun AlgorithmId class always adds a NULL when
> encoding if there are no parameters, for compatibility with Solaris [4].
> So AFAICT it is presently impossible for me to write an implementation
> that simultaneously:
> 
> - follows draft-ietf-curdle-pkix-03 correctly
> - can retrieve EdDSA keys from a default Java keystore
> 
> Is anyone in the WG aware of a workaround for this, or have links to
> past WG discussion on this point? I would think that Oracle should at
> least be made aware of this issue, but even if they changes this in Java
> 10, that doesn't help my implementation run on earlier Java versions.
> The only alternatives I see at this point are:
> 
> - Remove the NULL restriction from draft-ietf-curdle-pkix-03
> - Require that my library not be used with incompatible keystores (but
> a) I have yet to find a way to enforce this via the JCA, other than just
> refusing to implement support for PKCS8EncodedKeySpec, which is not
> particularly usable, and b) I don't yet know of a keystore that *will*
> implement this properly)

I have found the correspondence in the Curdle WG ML that added the NULL
restriction; I have copied in the relevant members to hopefully jog this
conversation. If there is no further discussion, then I will have no
alternative but to be non-compliant with the eventual RFC, as I have
been unable to find a way for my library to work with the default Java
keystore :(

Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> >   Implementaions MUST NOT accept any of these OIDs with the
> >   parameters field present, even if parameters has a value
> >   of NULL.
> >
> >If we can convince the early implementations to hard-fail on that,
> >we can discourage anyone from generating those values in newer
> >implementations.
>
> +1.  For once there's no argument for supporting existing broken
> implementations, we can get it right from the start

I apologise for providing one :/

Cheers(-ish),
Jack

v2.23.0 | Report a Bug | By Email