IETF Logo Mail Archive

Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)

Daniel Minder <Daniel.Minder@utimaco.com> Tue, 16 November 2021 15:13 UTC

Return-Path: <prvs=0954a48b03=daniel.minder@utimaco.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A5283A05DC for <curdle@ietfa.amsl.com>; Tue, 16 Nov 2021 07:13:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=utimaco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YbNr0e-AZJWQ for <curdle@ietfa.amsl.com>; Tue, 16 Nov 2021 07:12:55 -0800 (PST)
Received: from mx2.utimaco.com (mx2.utimaco.com [93.159.251.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BA8D3A05A9 for <curdle@ietf.org>; Tue, 16 Nov 2021 07:12:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=utimaco.com ; s=dkim1; h=Content-Transfer-Encoding:Content-Type:MIME-Version:In-Reply-To: References:Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=dUQ5RVWsssK0sA94DBV0Bd3iJabIivdW7Vb3cAye2ok=; b=E/JpJRP3Rinz4cwYKjEJaSn500 kj/+/ySUQhH6aFZTazKyaSd2n4frXQlmUrmDO2ubUZl+OXgPE1QBx91MIz1Mz+NXK4IJhq8mZR83p 0ITHmoit9C71nLnRrMklAANvUrmlapKm+mIdWn1IrYUCouhwaz7x3l/KeQ9k/M5GHr3Md5KOl60w7 FISSaJMSx7/g8ksZSAT/O7thcXRRwsOffHY5Mr8CNJ9MCz35Ct44sB7owmWcog3xvCZCi3rgSAAWQ ORioNjXFr8GL08Jz2i1BgphL8lMhDDziqvI2RmDtav31ctkbzb/ZgWiTnnIh92ZHmi48OkEyjSdC6 SwasGReQ==;
Received: from [172.20.92.60] (port=58104 helo=de-ac-sr-smgw1.uti.local) by mx2.utimaco.com with esmtps (TLS1.2) tls TLS_ECDH_anon_WITH_AES_256_CBC_SHA (Exim 4.94.2) (envelope-from <Daniel.Minder@utimaco.com>) id 1mn08S-00027A-03 for curdle@ietf.org; Tue, 16 Nov 2021 16:12:36 +0100
Received: from de-ac-sr-smgw1.uti.local (de-ac-sr-smgw1.uti.local [127.0.0.1]) by de-ac-sr-smgw1.uti.local (Postfix) with ESMTP id EA9CA182271 for <curdle@ietf.org>; Tue, 16 Nov 2021 16:12:35 +0100 (CET)
From: Daniel Minder <Daniel.Minder@utimaco.com>
To: Russ Housley <housley@vigilsec.com>
CC: Simon Josefsson <simon@josefsson.org>, "Roman D. Danyliw" <rdd@cert.org>, Ben Kaduk <kaduk@mit.edu>, "daniel.migault@ericsson.com" <daniel.migault@ericsson.com>, Rich Salz <rsalz@akamai.com>, "curdle@ietf.org" <curdle@ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
Thread-Topic: [Curdle] [Technical Errata Reported] RFC8410 (6738)
Thread-Index: AQHX2thFgOAn0Fs9YkmSChSrLQbigKwGIaEAgAAfVXA=
Date: Tue, 16 Nov 2021 15:11:45 +0000
Message-ID: <1940223ae4324f15a84963142aeddf8c@utimaco.com>
References: <20211116105357.21FA01FCF52@rfc-editor.org> <5E5DECA1-8701-4E45-84D2-0C03D6438C69@vigilsec.com>
In-Reply-To: <5E5DECA1-8701-4E45-84D2-0C03D6438C69@vigilsec.com>
Accept-Language: de-DE, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.17.0.164]
x-c2processedorg: 35941bba-ece4-4902-98a7-5f032c87e04d
MIME-Version: 1.0
X-CompuMailGateway: Version: 7.00.0.21112.i686 COMPUMAIL Date: 20211116151233Z
Content-Language: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/ceKabWU7mqXoFc9UyUhZszkEI20>
X-Mailman-Approved-At: Tue, 16 Nov 2021 07:15:10 -0800
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2021 15:14:38 -0000

Russ,

you are right. It seems I completely missed that header.
Since in section 7 there is no complete module definition and the "DEFINITIONS IMPLICIT TAGS" is missing here, one could perfectly argue that the "IMPLICIT" statement could be included for clarity.

I thought I came across a PKCS#8 / OneAsymmetricKey example in another RFC or a standard tool, but I cannot find it anymore. I was probably wrong here, too.

Please excuse the disturbance. I'm ok to reject the errata completely.

Thanks,
Daniel

-----Original Message-----
From: Russ Housley <housley@vigilsec.com>
Sent: Dienstag, 16. November 2021 15:13
To: Daniel Minder <Daniel.Minder@utimaco.com>
Cc: Simon Josefsson <simon@josefsson.org>; Roman D. Danyliw <rdd@cert.org>; Ben Kaduk <kaduk@mit.edu>; daniel.migault@ericsson.com; Rich Salz <rsalz@akamai.com>; curdle@ietf.org; RFC Editor <rfc-editor@rfc-editor.org>
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)

Daniel:

RFC 5958 imports the definition of ATTRIBUTE from the PKIX-CommonTypes-2009 module in RFC 5912.

You will see at the top of the ASN.1 module in RFC 5958 the phrase "DEFINITIONS IMPLICIT TAGS".  This means that the definitions use implicit tagging unless the definition itself includes "EXPLICIT" to override the module default.

However, the PKIX-CommonTypes-2009 module in RFC 5912 has the phrase "DEFINITIONS EXPLICIT TAGS".  Thus, the Attributes SEQUENCE should have explicit tags as shown in the examples

Therefore, the only correction needed is the incorrect quote from RFC 5958 in Section 7 of RFC 8410.

ORIGINAL TEXT:

   OneAsymmetricKey ::= SEQUENCE {
      version Version,
      privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
      privateKey PrivateKey,
      attributes [0] IMPLICIT Attributes OPTIONAL,
      ...,
      [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
      ...
   }

CORRECTED TEXT:

     OneAsymmetricKey ::= SEQUENCE {
       version Version,
       privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
       privateKey PrivateKey,
       attributes [0] Attributes OPTIONAL,
       ...,
       [[2: publicKey [1] PublicKey OPTIONAL ]],
       ...
     }

Hope this helps,
 Russ


> On Nov 16, 2021, at 5:53 AM, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
>
> The following errata report has been submitted for RFC8410, "Algorithm
> Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure".
>
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid6738
>
> --------------------------------------
> Type: Technical
> Reported by: Daniel Minder <daniel.minder@utimaco.com>
>
> Section: 7 and 10.3
>
> Original Text
> -------------
> Section 7 says
>
>   OneAsymmetricKey ::= SEQUENCE {
>      version Version,
>      privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
>      privateKey PrivateKey,
>      attributes [0] IMPLICIT Attributes OPTIONAL,
>      ...,
>      [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
>      ...
>   }
>
> 2nd example given in both section 7 and section 10.3:
>
>   -----BEGIN PRIVATE KEY-----
>   MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
>   oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
>   Z9w7lshQhqowtrbLDFw4rXAxZuE=
>   -----END PRIVATE KEY------
>
> ASN.1 dump of this private key in section 10.3:
>
>   The same item dumped as ASN.1 yields:
>
>     0 114: SEQUENCE {
>     2   1:   INTEGER 1
>     5   5:   SEQUENCE {
>     7   3:     OBJECT IDENTIFIER '1 3 101 112'
>          :     }
>    12  34:   OCTET STRING, encapsulates {
>          :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
>          :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
>          :     58 42
>          :     }
>    48  31:   [0] {
>    50  29:     SEQUENCE {
>    52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
>    64  15:       SET {
>    66  13:         UTF8String 'Curdle Chairs'
>          :         }
>          :       }
>          :     }
>   81  33:   [1] 00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
>                 96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
>                 E1
>          :   }
>
>
> Corrected Text
> --------------
> Correct definition in section 7:
>
>   OneAsymmetricKey ::= SEQUENCE {
>     version                   Version,
>     privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
>     privateKey                PrivateKey,
>     attributes            [0] Attributes OPTIONAL,
>     ...,
>     [[2: publicKey        [1] PublicKey OPTIONAL ]],
>     ...
>   }
>
> Example key in section 7 and 10.3:
>
>   -----BEGIN PRIVATE KEY-----
>   MHQCAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
>   oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzoSMDIQAZv0QJaYTN/oVB
>   usFn3DuWyFCGqjC2tssMXDitcDFm4Q==
>   -----END PRIVATE KEY-----
>
>
> ASN.1 dump of this private key in section 10.3:
>
>     0 116: SEQUENCE {
>     2   1:   INTEGER 1
>     5   5:   SEQUENCE {
>     7   3:     OBJECT IDENTIFIER '1 3 101 112'
>          :     }
>    12  34:   OCTET STRING, encapsulates {
>          :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
>          :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
>          :     58 42
>          :     }
>    48  31:   [0] {
>    50  29:     SEQUENCE {
>    52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
>    64  15:       SET {
>    66  13:         UTF8String 'Curdle Chairs'
>          :         }
>          :       }
>          :     }
>    81  35:   [1] {
>    83  33:     BIT STRING {
>                  00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
>                  96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
>                  E1
>                  }
>                }
>          :   }
>
>
> Notes
> -----
> OneAsymmetricKey is defined in RFC 5958. It does NOT define attributes and publicKey as IMPLICIT.
>
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or rejected.
> When a decision is reached, the verifying party can log in to change
> the status and edit the report, if necessary.
>
> --------------------------------------
> RFC8410 (draft-ietf-curdle-pkix-10)
> --------------------------------------
> Title               : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure
> Publication Date    : August 2018
> Author(s)           : S. Josefsson, J. Schaad
> Category            : PROPOSED STANDARD
> Source              : CURves, Deprecating and a Little more Encryption
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle



________________________________

Utimaco IS GmbH
Germanusstr. 4, D.52080 Aachen, Germany, Tel: +49-241-1696-0, www.utimaco.com
Seat: Aachen – Registergericht Aachen HRB 18922
VAT ID No.: DE 815 496 496
Managementboard: Stefan Auerbach (Chairman) CEO, Malte Pollmann CSO, Martin Stamm CFO

This communication is confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Please inform us immediately and destroy the email.

v2.23.0 | Report a Bug | By Email