IETF Logo Mail Archive

Re: [Curdle] draft-ietf-curdle-pkix-00: a simplification proposal

Rob Stradling <rob.stradling@comodo.com> Fri, 22 July 2016 20:54 UTC

Return-Path: <rob.stradling@comodo.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3096812B01D for <curdle@ietfa.amsl.com>; Fri, 22 Jul 2016 13:54:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VBrioTHckQJG for <curdle@ietfa.amsl.com>; Fri, 22 Jul 2016 13:54:20 -0700 (PDT)
Received: from mmextmx1.mcr.colo.comodoca.net (mmextmx1.mcr.colo.comodoca.net [IPv6:2a02:1788:402:c00::c0a8:9cd5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECB0312D629 for <curdle@ietf.org>; Fri, 22 Jul 2016 13:54:19 -0700 (PDT)
Received: (qmail 1889 invoked by uid 1004); 22 Jul 2016 20:54:17 -0000
Received: from ian.brad.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.202) by mmextmx1.mcr.colo.comodoca.net (qpsmtpd/0.84) with ESMTP; Fri, 22 Jul 2016 21:54:17 +0100
Received: (qmail 19959 invoked by uid 1000); 22 Jul 2016 20:54:16 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Fri, 22 Jul 2016 21:54:16 +0100
To: Ilari Liusvaara <ilariliusvaara@welho.com>, Erwann Abalea <Erwann.Abalea@docusign.com>
References: <CADZyTkn1uxWMaJ2J7OMr6dJckvH1Ynzq3NZu6tSbBDR80Qgf9A@mail.gmail.com> <1553247361.41476124.1465542998520.JavaMail.zimbra@redhat.com> <015201d1caa9$ce55ac60$6b010520$@augustcellars.com> <CAF8qwaByGGP-GAUFUPjLQfhyZGbxn3UPK4BdQNNmRkYHAOR9Mg@mail.gmail.com> <2DD56D786E600F45AC6BDE7DA4E8A8C117F26424@eusaamb107.ericsson.se> <alpine.GSO.1.10.1606252348160.18480@multics.mit.edu> <20160722113642.GA24793@LK-Perkele-V2.elisa-laajakaista.fi> <6F0EA612-DB5F-43A4-899C-36C2956B5D3F@docusign.com> <20160722181825.GA26572@LK-Perkele-V2.elisa-laajakaista.fi> <7C22F8A6-88C0-469F-8D4F-BCBF11922B11@docusign.com> <20160722200830.GA26782@LK-Perkele-V2.elisa-laajakaista.fi>
From: Rob Stradling <rob.stradling@comodo.com>
Message-ID: <2647b6bd-e756-92e8-bf54-cdf9b0588fbc@comodo.com>
Date: Fri, 22 Jul 2016 21:54:16 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <20160722200830.GA26782@LK-Perkele-V2.elisa-laajakaista.fi>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/jYdfzrLoqGTK20l7cj399FA9uKA>
Cc: "curdle@ietf.org" <curdle@ietf.org>, Daniel Migault <daniel.migault@ericsson.com>
Subject: Re: [Curdle] draft-ietf-curdle-pkix-00: a simplification proposal
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2016 20:54:24 -0000

On 22/07/16 21:08, Ilari Liusvaara wrote:
<snip>
>>>> Using ASN.1 and RFC5912 modules:
>>>>
>>>> -- We need to contact Thawte Consulting, or Verisign, or whoever now
>>>> owns the 1.3.101 OID arc, as OID hijacking is not allowed.
>>>
>>> 1.3.101.100 was used in the IETF -00 draft. I think I heard it got
>>> allocated for EdDSA.
>>
>> I haven’t found an authoritative source for this.
>> It’s not the first time, 1.3.6 belongs to DoD, but 1.3.6.1 was « self-allocated » in RFC1065.
>
> Didn't find anything authoritative, but I did find that Simon
> switched to that OID (from much longer one) in persoal -02 draft.

Symantec own Thawte.  I persuaded Symantec to offer to reserve/delegate 
a range of OIDs under 1.3.101 for EdDSA (see [1]).  Simon accepted the 
offer and provisionally allocated some OIDs (see [2]).

After further discussion (private email exchange between Simon, myself 
and Rick Andrews) it was decided to start the OID range at 1.3.101.100. 
This was for two reasons:
   1) to avoid clashing with any OIDs that Thawte Consulting might have 
allocated many years ago.  For example, I found evidence that 
1.3.101.1.4 and 1.3.101.1.4.1 had been allocated previously.
   2) because the printable ASCII for the DER encoding of these OIDs is, 
frankly, irresistable (see [3]).  :-)

It's not clear from my records if Rick reserved/delegated 
1.3.101.100...1.3.101.115 or 1.3.101.100..1.3.101.127 for EdDSA.  It 
won't be hard to clarify that with Symantec though.

Please don't use any 1.3.101.x.y OIDs until we've run out of 1.3.101.x 
OIDs.  There's no point wasting bytes.


[1] https://www.ietf.org/mail-archive/web/tls/current/msg16798.html

[2] https://www.ietf.org/mail-archive/web/tls/current/msg16835.html

[3] https://www.ietf.org/mail-archive/web/tls/current/msg16586.html

>>>> id-EdXKeyAgreementAlgorithm OBJECT IDENTIFIER ::= { iso(1)
>>>> identified-organization(3) thawte(101) 102 }
>>>
>>> I don't know what 1.3.101.102 is…
>>
>> That’s why there’s a commentary saying it needs to be discussed.
>> sa-Ed* make use of the pk-Ed* keys.
>> There’s no defined use of pk-X* keys, and they’re used for key agreement.
>
> X.509 SPKI is used for more purposes than just X.509.
>
>> Since in the message I replied to, you proposed the following DER encoded sigalg:
>> 30 06 06 04 2B 65 64/65 01       Ed25519
>> It seemed you wanted to use 1.3.101.101 for signature algorithms, so I expanded to 1.3.101.102 for key agreement algorithms.
>> But again, it’s a subject of discussion.
>
> Back when I wrote that, I had missed that reuse is OK. And as I noted
> then one should use those 64 values.
>
>
>
> -Ilari
>
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
>

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
   3rd Floor, 26 Office Village, Exchange Quay,
   Trafford Road, Salford, Manchester M5 3EQ

This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed.  If you have received this email in error please notify the 
sender by replying to the e-mail containing this attachment. Replies to 
this email may be monitored by COMODO for operational or business 
reasons. Whilst every endeavour is taken to ensure that e-mails are free 
from viruses, no liability can be accepted and the recipient is 
requested to use their own virus checking software.

v2.23.0 | Report a Bug | By Email