Re: [Curdle] AD Review: draft-ietf-curdle-cms-eddsa-signatures-05.txt
Russ Housley <housley@vigilsec.com> Mon, 08 May 2017 19:39 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4593E12969E for <curdle@ietfa.amsl.com>; Mon, 8 May 2017 12:39:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dokz8YY94u9F for <curdle@ietfa.amsl.com>; Mon, 8 May 2017 12:39:48 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F9FF127871 for <curdle@ietf.org>; Mon, 8 May 2017 12:39:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id B6D6E300523 for <curdle@ietf.org>; Mon, 8 May 2017 15:39:47 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id lnPilaSXwZlB for <curdle@ietf.org>; Mon, 8 May 2017 15:39:44 -0400 (EDT)
Received: from new-host-6.home (pool-108-45-101-150.washdc.fios.verizon.net [108.45.101.150]) by mail.smeinc.net (Postfix) with ESMTPSA id C97A33004D8; Mon, 8 May 2017 15:39:44 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CABcZeBMRYwdQnxUuBrCEsM-BeTFfARg3ZFn=tWh+5FMdv2WGYw@mail.gmail.com>
Date: Mon, 08 May 2017 13:09:16 -0400
Cc: curdle <curdle@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <1E003270-BDF4-4894-85AE-DBFCF456EE5C@vigilsec.com>
References: <CABcZeBMRYwdQnxUuBrCEsM-BeTFfARg3ZFn=tWh+5FMdv2WGYw@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/cXHyRls-Gos3E3rT5M6XzniTXQk>
Subject: Re: [Curdle] AD Review: draft-ietf-curdle-cms-eddsa-signatures-05.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2017 19:39:51 -0000
> TECHNICAL > S 3.1 and 3.2. > - The text here I think means "you can provide this hash and > if you do the parameters field of the hash MUST be absent". > Is that correct? I’m not sure what part of these sections you are asking about. The answer is different for Ed25519 and Ed448. When signing with Ed25519, the digestAlgorithm SHOULD include id-sha512, and when the digestAlgorithm is provided, the algorithm parameters field MUST be absent. When signing with Ed448, the digestAlgorithm SHOULD include id-shake256-len, and when the digestAlgorithm is provided, the algorithm parameters field MUST also be present, and the parameter MUST contain 512, encoded as a positive integer value. > - Is there some reason to not prescribe exactly one form here? > I.e., require id-sha512 (etc.) or require it not be there? CMS provides the digestAlgorithm to facilitate stream process, but CMS does not require that is be provided. This just follows past convention. > - Also, TLS has converged on talking about an "identity" hash > for the PureEd forms. Was this discussed and rejected? Where “identity” means pass the whole to-be-hased input, I assume. That approach would work for signed-data without signed attributes, but I do not recall anyone suggesting it in this context. > EDITORIAL > RFC 7748 uses "curveXXX" not “CurveXXX" Fixed. > S 2.1 > Each algorithms are identified by an object identifier, and the > algorithm identifier may contain parameters if needed. > > Each algorithm is Fixed. > S 2.4. > Please note that || means “concatenation" Fixed. Russ
- [Curdle] AD Review: draft-ietf-curdle-cms-eddsa-s… Eric Rescorla
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Russ Housley
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Russ Housley
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Jim Schaad
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Russ Housley
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Salz, Rich
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Nikos Mavrogiannopoulos
- Re: [Curdle] AD Review: draft-ietf-curdle-cms-edd… Russ Housley