Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02
Daniel Migault <daniel.migault@ericsson.com> Wed, 30 November 2016 19:37 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79286129984 for <curdle@ietfa.amsl.com>; Wed, 30 Nov 2016 11:37:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IeEr6bS4BCv5 for <curdle@ietfa.amsl.com>; Wed, 30 Nov 2016 11:37:24 -0800 (PST)
Received: from mail-io0-x231.google.com (mail-io0-x231.google.com [IPv6:2607:f8b0:4001:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E3E0129976 for <curdle@ietf.org>; Wed, 30 Nov 2016 11:37:24 -0800 (PST)
Received: by mail-io0-x231.google.com with SMTP id a124so367389228ioe.2 for <curdle@ietf.org>; Wed, 30 Nov 2016 11:37:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=Xc6gtampRujUaWKk7n5QxAi6SadFUaJZ3HHFYqEW3dM=; b=CsGKDcVmnKPJYBLUhdcaUzMkkYRITTupr8u8uw0H7NYi2PGn6zg++eiaqnZcIACy+g GfbWRmAvwDUQ0YCo7TLFHbE0Wruuj69k5O3dqowzchhUNROIgdqQ+KyE3Kb2IEgB/leh mnY+j8U6Gx3PvueL4WtOeKR7sNCsi0xLpb7vy+uIiibvXJWodQ49fo0B/PhqBvkYxk0l Q5Rou5ZI/AzXJaOrgtkhsPIh4DOM877Y1CzUhHAduOvucx7i224XxLUUi6AjrQtbPbdI +8dpUufmEtY2ePzO52RfgU/MIUNmaAuY87wpv7bikguuPu1LNWdm3ju7DI3moKJqPxfi s96g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=Xc6gtampRujUaWKk7n5QxAi6SadFUaJZ3HHFYqEW3dM=; b=HKj5RjnPXw2WhipR+bG3QiAeOG66kzgQfSbS+eAOI1M+SAGZJtnePKykXBfWd91rg2 ODnj5EaD67kzXustTYYVxMI+p6F0W8/B1ggwIiipZL42I/F9Sjag2cnMax0tgrqOYqZ5 /XDgYaYfC6cg3GoZjmCIn+nkEitf6MfHG1R50ZUY4ESe38veFDT2b6RDLNqtGYAfnF/i gNOJIp81TT8tJK1zNndGxziTefTOWCSpHGu4IGkWjm7EalM4YX2PfJtTffHyT9dWFMUL Dyj2IWBvbpD67cMh4qnh+9av0vWOGcP0JYbOGve4rJdhLQlqsGkIhmDtwen+Xq2ihGCp YTng==
X-Gm-Message-State: AKaTC030Gy8tKjPmklJ+U6JuW/OblOAgCY5ZsICGYZzXH9cCa25DgscXfU2zlEApXpwUia7psBZ+oOeeuKLl/w==
X-Received: by 10.36.89.6 with SMTP id p6mr30059281itb.48.1480534643623; Wed, 30 Nov 2016 11:37:23 -0800 (PST)
MIME-Version: 1.0
Sender: mglt.ietf@gmail.com
Received: by 10.107.59.214 with HTTP; Wed, 30 Nov 2016 11:37:23 -0800 (PST)
In-Reply-To: <072301d24424$86e93eb0$94bbbc10$@augustcellars.com>
References: <CADZyTk=t1z6e1WqLWDBDij_iviDKWU1i7fCh_rA6qRgkSMEF=Q@mail.gmail.com> <CADZyTknz1qtQ=xB93h5OtYRrMfpbT1u7-rb97YP9VmZC1uvVLQ@mail.gmail.com> <CAFewVt6nt0YDpnqmSoQFNRGutjCcCMhR1bet69rvs5_nYVqDwg@mail.gmail.com> <002f01d23975$c13182d0$43948870$@augustcellars.com> <CADZyTkkv+dFbB4PZ3cHroqXKyX_1wgRgDWUtAde1f84noUJJyg@mail.gmail.com> <072301d24424$86e93eb0$94bbbc10$@augustcellars.com>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Wed, 30 Nov 2016 14:37:23 -0500
X-Google-Sender-Auth: WY06IpNckyVKM_0Rsk_NjvDTyyM
Message-ID: <CADZyTkkJFfq8n5Aqa+W0MYfpf__TpoeOsEq_dcyMHHdA6rHxyw@mail.gmail.com>
To: Jim Schaad <ietf@augustcellars.com>
Content-Type: multipart/alternative; boundary="001a11445bf882cf31054289d5d1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/byvQVU6d1smf8JsQNszyPYKLqfo>
Cc: curdle <curdle@ietf.org>
Subject: Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2016 19:37:32 -0000
Hi Jim, I was thinking the second way. Given the first possibility it might be wise to restrict the responses. The current version mentions SHOULD NOT. Does anyone wants to comment on it ? If so provide feed back by the end of the week please. """ CAs MUST NOT use the pre-hash versions of the EdDSA algorithms for the creation of certificates or CRLs. This is implied by the fact that those algorithms are not listed in the previous paragraph. Additionally OCSP responders SHOULD NOT use the pre-hash versions of the EdDSA algorithms when generating OCSP responses. No restriction is placed on generation of OCSP requests. """ Yours, Daniel On Mon, Nov 21, 2016 at 1:24 PM, Jim Schaad <ietf@augustcellars.com> wrote: > I think that we cannot do a restriction on OCSP requests. One cannot know > in advance what the algorithm that a client wants to use. Allowing both > here is not a big problem for key usages. > > > > The question on OCSP responses has to do with if you think that the OCSP > responder is going to be using the same key as the CA or is independently > operated. In the first case the restriction to pure is justified. In the > second case the only reason for it is to restrict the set of things that > must be implemented. When I wrote the text I assumed that the first case > was more often the case, but I have no data to back that up. > > > > Jim > > > > > > *From:* Curdle [mailto:curdle-bounces@ietf.org] *On Behalf Of *Daniel > Migault > *Sent:* Monday, November 21, 2016 7:07 AM > *To:* Jim Schaad <ietf@augustcellars.com> > *Cc:* curdle <curdle@ietf.org>; Brian Smith <brian@briansmith.org> > > *Subject:* Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 > > > > Hi, > > My interpretation is that there is a consensus the CRL MUST NOT use > prehash scheme. Do we have any consensus for 1) OCSP request and 2) OCSP > response ? > > Yours , > > Daniel > > > > > > On Mon, Nov 7, 2016 at 11:08 PM, Jim Schaad <ietf@augustcellars.com> > wrote: > > > > > > *From:* Curdle [mailto:curdle-bounces@ietf.org] *On Behalf Of *Brian Smith > *Sent:* Monday, November 07, 2016 7:43 PM > *To:* Daniel Migault <daniel.migault@ericsson.com> > *Cc:* curdle <curdle@ietf.org> > *Subject:* Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 > > > > Daniel Migault <daniel.migault@ericsson.com> wrote: > > 5. Key Usage Bits > > > CAs MUST NOT use the pre-hash versions of the EdDSA algorithms for > the creation of certificates or CRLs. This is implied by the fact > that those algorithms are not listed in the previous paragraph. > Additionally OCSP responders SHOULD NOT use the pre-hash versions of > the EdDSA algorithms when generating OCSP responses. No restriction > is placed on generation of OCSP requests. > > > > This doesn't make sense to me. Isn't the goal of the prehash scheme was to > support the signing of large things on systems without large amounts of > memory? Why would CRLs (which may be large) be MUST NOT while OCSP > responses are SHOULD NOT? It seems like the MUST NOT should be on > certificates and OCSP responses and OCSP requests, which are all small. > IIRC, there was some debate on whether CRLs should be allowed to use the > prehash variants since CRLs could be large. I personally thing all of the > cases mentioned in this paragraph should be MUST NOT. > > > > [JLS] There was a discussion on this. In my opinion, there was not a > consensus that was reached at that time. I have been busy getting wine > done so I did not ever get back to trying a third time to figure out a > consensus for this. It will definitely be on the discussion list for the > F2F but I am more than willing to start a discussion here again. > > > > The reason that CRLs are current a MUST NOT is that certificates and CRLs > are almost always generated using the same key as the certificate is. We > do not want to be in the situation where the same key is used with > different algorithms, so allowing pre-hash schemes on CRLs also allows > pre-hash schemes on certificates. > > > > I could go either way for OCSP responses. > > > > Jim > > > > > > Cheers, > > Brian > > -- > > https://briansmith.org/ > > > > > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle > > > > _______________________________________________ > Curdle mailing list > Curdle@ietf.org > https://www.ietf.org/mailman/listinfo/curdle > >
- [Curdle] WGLC on draft-ietf-curdle-pkix-02 Daniel Migault
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Daniel Migault
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Brian Smith
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Jim Schaad
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Jim Schaad
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Daniel Migault
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Daniel Migault
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Jim Schaad
- Re: [Curdle] WGLC on draft-ietf-curdle-pkix-02 Daniel Migault