Re: [Curdle] [Errata Held for Document Update] RFC8410 (5696)
Roman Danyliw <rdd@cert.org> Wed, 04 May 2022 14:21 UTC
Return-Path: <rdd@cert.org>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEEDBC159498; Wed, 4 May 2022 07:21:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t3IPnHzORcK6; Wed, 4 May 2022 07:21:24 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0106.outbound.protection.office365.us [23.103.209.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF095C15948F; Wed, 4 May 2022 07:21:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=CfE6ch/SUIQZx0icrdVzx43ogHypSAyQQuZQwA/tt4Sd9maz1dyqkpQ2wkUxcoI6EnFirHCNXMUDPhXYn144pFKpYslj7k+t6nRcbJUlqCVYfxPdehGWsJTVc+cfJQBpMAoUPwG/N12O0G6QzHeeGUMdJkUR9MwYIQP4v2X/YddxuAL8AijIBtxdqZQ9BEi9o2E4iomgPRZ8/RP4EoWejyGNO/ec9T9S0cBhQs/oO8mK5PJRe0uJD8exxKYuhCMO8YCoPQMLP8gKOnvej/Xud8wYV1T7Gxn1ZjmgLZEmQH+7jw6QH/MbuKcIOb/Eph9h4WVCvDB8u3QT1aQnc2RZnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VZa6dutSUBrYKWowmO7CIPlUD7tw9j3+nsPdJplwGHc=; b=aet8IQ60ciB7UXOzkhqzM7zCYPmD2xcjA4hm8PMqAsUieswzYdaQgVS1teLjdO2T49EHT15FgO9E0zix4Wt7m/jBj0lbQu+MQTNHD0Hiuyw7BBHcYnh21PS0MGQopHPopv5YuHKSu5WH1x8/OBAJX2a/f2DJCg26cgzJbyj77ZMqyazKTi4WLnqt5ON9mpKmaT9EAnkAPoedaiZJJLw+7/gX3dn2zEPPqoO/j/Am6IdHhuhZCbpdDFV+1sc274jQGkMcEHuZH1S+JC4YeznBvjL7qqmecNn0+dTNXslMpleqp2H1kMF0a8N5x4fxYTopVFrjtMM3jn5H7yy95QeKRg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VZa6dutSUBrYKWowmO7CIPlUD7tw9j3+nsPdJplwGHc=; b=Oq9WbHQg9llBBXRnUTuWE5tYFC0V19dYL3vct8dNR4irzv2kWG9qOIKEa/6OUyM+JcLLEzVd5cymyyz4Nth6ejU0OOwqJlg8Mt3pYATVFuRnpEmjfCiXYd+zZJXL4srnN4eFiRGBqYQoZgPlo1xNSujA8GNfwyYjRh2EpHgO2Ds=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1157.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:179::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.14; Wed, 4 May 2022 14:21:18 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61d4:e6f0:d8e4:7722]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61d4:e6f0:d8e4:7722%6]) with mapi id 15.20.5186.028; Wed, 4 May 2022 14:21:18 +0000
From: Roman Danyliw <rdd@cert.org>
To: Sean Turner <sean@sn3rd.com>
CC: "LIJUN.LIAO@huawei.com" <LIJUN.LIAO@huawei.com>, "simon@josefsson.org" <simon@josefsson.org>, "ietf@augustcellars.com" <ietf@augustcellars.com>, "iesg@ietf.org" <iesg@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>
Thread-Topic: [Curdle] [Errata Held for Document Update] RFC8410 (5696)
Thread-Index: AQHYWOJDSGqDzlcV3ku0amKZKeOU2q0Oz4gAgAACXRA=
Date: Wed, 04 May 2022 14:21:18 +0000
Message-ID: <BN2P110MB11075EE2B653CB726D1CE515DCC39@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <20220425202243.DD9A41210B8@rfcpa.amsl.com> <E4952000-A2FB-4F4F-A3A7-9B79A9311069@sn3rd.com>
In-Reply-To: <E4952000-A2FB-4F4F-A3A7-9B79A9311069@sn3rd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7e5235b8-b3ea-4796-88fa-08da2dd95b46
x-ms-traffictypediagnostic: BN2P110MB1157:EE_
x-microsoft-antispam-prvs: <BN2P110MB11574BA9E470F17AFD5E33FDDCC39@BN2P110MB1157.NAMP110.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: bT1ZYxFQBFdsjXpYZQ6xwJIDvmdKWVLnWQfDPAaAqMpawlpBNjAkGMqIxraWJAZXEISHRzpVf9zHanw1VvGVPiFOAvxec4rQO41h7GvzeeZhE+FSPiLvsVQ2UrsTJN+IUZRZsXPh7cEh5CCHL1eDUL6XrU8G9XUMJhvThOguU+edotsYlyWWkHbcNalSiGLy25dONH1VwM7kS6CW6pIlOzHF1OcQreq7vh39JDqDXSEMn71VLj9368aWrAb/KH+2whyqYkOrp5FeAp/NrIugyO10H8VtnHMcDdmkNuO/t2up0C4txGQ3zB6herVIuQ5pWkfcED4zCTfwDHr6Y3uk6AH/Sx87Nhn2+ucYbnWS9mf27FHDmIr4JLeELB/G0qWfJFNZR18Y+t5g5DiLrlnMVXHhruaeOdl/GD6f4xManW6+xfH3BkX5N3oUnsG/6tlwZidbCtvku+r8+aYQI5q0MyI/w2KysFyowv+wN+f5JQppt/f9mb4JScyMFKe/BD3YmhTMBtWiThLotW1+LkXa7eTAmD5qRxviJhXIKV27s7T5/VJdTBq19pU3+6q34eVTuQmO/g3VE6uUqqmNDJZxdIxFO9EPp2y9qmstxeO8Tz8F5Mik/I/YFXosFWrRrECEqTFntq+4NvvPQw3UDXTd+0fTxcqoOGUFvJ73r1waibMKJacqQ5CKVdVXhW++gdJKMlqgyUxxNuwRI5gquvT3yA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(366004)(66574015)(186003)(54906003)(6916009)(83380400001)(498600001)(966005)(53546011)(9686003)(55016003)(8936002)(7696005)(6506007)(82960400001)(15650500001)(26005)(71200400001)(122000001)(52536014)(5660300002)(38070700005)(33656002)(38100700002)(86362001)(166002)(2906002)(76116006)(64756008)(66946007)(66556008)(4326008)(8676002)(66476007)(66446008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: B5a5C0nCOemJjtVmak6fuPfhZiLloeJ2rOTtgn8YdrqazpHuqkitS/OQPSF6gjcoYl0/razUpTyPKSPUUvLd6Glf5yF7sX1FLt60OTwozrLuQDy8+zMKk4T2yqLP/SgJFAIUvWo4UbkZIsWU5RAQazBx8fovqFiXygW44H/w3qT7ClPxGiWYmDk+PntbW9AzpEH54L3hyWXSQuOaPfBkfqAh3jdEKRAhcneThpPs7CCOuzRjAaBRhVEWBDG8npmCfQIZ+w/7hwLhD1l3rWG6F9f5tNLYlz95zdhA0o06CXglAf8mxKC3NPSix4RnWMhDbEFzkzXjVHQz38QvuHbGj3ETsquBBseN9yXS4jNhvq6mO0Lxtr4te0vdSgektrjrueGFFU9x+/2BPE6MhNnIo5ZXVXbEcDdzTLcDEwoZL9I=
Content-Type: multipart/alternative; boundary="_000_BN2P110MB11075EE2B653CB726D1CE515DCC39BN2P110MB1107NAMP_"
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 7e5235b8-b3ea-4796-88fa-08da2dd95b46
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 May 2022 14:21:18.8692 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1157
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/OPBGYYB_FRXwI-nS06wMSNZVa3g>
Subject: Re: [Curdle] [Errata Held for Document Update] RFC8410 (5696)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2022 14:21:29 -0000
Hi Sean! We’re on the same page. That’s exactly what I already did (and what this message is saying). I saw you had referenced this errata in draft-ietf-lamps-8410-ku-clarification (thank you for merging it in), but at the time it was only tagged as ‘reported’ so I changed it to HFDU. Roman From: Sean Turner <sean@sn3rd.com> Sent: Wednesday, May 4, 2022 10:10 AM To: Roman Danyliw <rdd@cert.org> Cc: LIJUN.LIAO@huawei.com; simon@josefsson.org; ietf@augustcellars.com; iesg@ietf.org; curdle@ietf.org Subject: Re: [Curdle] [Errata Held for Document Update] RFC8410 (5696) Can probably mark this one as HFDU as we are fixing this in: https://datatracker.ietf.org/doc/draft-ietf-lamps-8410-ku-clarifications/ spt Sent from my iPhone On Apr 25, 2022, at 16:22, RFC Errata System <rfc-editor@rfc-editor.org<mailto:rfc-editor@rfc-editor.org>> wrote: The following errata report has been held for document update for RFC8410, "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid5696 -------------------------------------- Status: Held for Document Update Type: Technical Reported by: Lijun Liao <LIJUN.LIAO@HUAWEI.COM<mailto:LIJUN.LIAO@HUAWEI.COM>> Date Reported: 2019-04-17 Held by: Roman Danyliw (IESG) Section: 5 Original Text ------------- If the keyUsage extension is present in a certification authority certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage extension MUST contain one or more of the following values: nonRepudiation; digitalSignature; keyCertSign; and cRLSign. Corrected Text -------------- If the keyUsage extension is present in a certification authority certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage extension MUST contain keyCertSign, and zero, one or more of the following values: nonRepudiation; digitalSignature; and cRLSign. Notes ----- The usage keyCertSign must be set in a CA certificate. -------------------------------------- RFC8410 (draft-ietf-curdle-pkix-10) -------------------------------------- Title : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure Publication Date : August 2018 Author(s) : S. Josefsson, J. Schaad Category : PROPOSED STANDARD Source : CURves, Deprecating and a Little more Encryption Area : Security Stream : IETF Verifying Party : IESG _______________________________________________ Curdle mailing list Curdle@ietf.org<mailto:Curdle@ietf.org> https://www.ietf.org/mailman/listinfo/curdle
- [Curdle] [Errata Held for Document Update] RFC841… RFC Errata System
- Re: [Curdle] [Errata Held for Document Update] RF… Sean Turner
- Re: [Curdle] [Errata Held for Document Update] RF… Roman Danyliw
- Re: [Curdle] [Errata Held for Document Update] RF… Sean Turner