IETF Logo Mail Archive

Re: [Curdle] draft-ietf-curdle-pkix-07 intended status

Ilari Liusvaara <ilariliusvaara@welho.com> Fri, 05 January 2018 16:33 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 484D612704A for <curdle@ietfa.amsl.com>; Fri, 5 Jan 2018 08:33:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rVJVsrEXW4Cw for <curdle@ietfa.amsl.com>; Fri, 5 Jan 2018 08:33:42 -0800 (PST)
Received: from welho-filter3.welho.com (welho-filter3.welho.com [83.102.41.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC9351267BB for <curdle@ietf.org>; Fri, 5 Jan 2018 08:33:41 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter3.welho.com (Postfix) with ESMTP id 0475A5DE99; Fri, 5 Jan 2018 18:33:39 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter3.welho.com [::ffff:83.102.41.25]) (amavisd-new, port 10024) with ESMTP id PjXnW4pbZNEZ; Fri, 5 Jan 2018 18:33:38 +0200 (EET)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 78EAF286; Fri, 5 Jan 2018 18:33:36 +0200 (EET)
Date: Fri, 05 Jan 2018 18:33:36 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Daniel Migault <daniel.migault@ericsson.com>
Cc: "curdle@ietf.org" <curdle@ietf.org>
Message-ID: <20180105163336.GA4683@LK-Perkele-VII>
References: <20180102153825.GA19225@LK-Perkele-VII> <2DD56D786E600F45AC6BDE7DA4E8A8C118D356CC@eusaamb107.ericsson.se>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <2DD56D786E600F45AC6BDE7DA4E8A8C118D356CC@eusaamb107.ericsson.se>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/pGO7i8bJf4cs8mzwAZkVnSZVFNo>
Subject: Re: [Curdle] draft-ietf-curdle-pkix-07 intended status
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2018 16:33:44 -0000

On Tue, Jan 02, 2018 at 04:37:55PM +0000, Daniel Migault wrote:
> Hi IIlari, 
> 
> Thank you for the follow up. I just received a few days ago a
> notification to complete the "Document Quality" section in the
> shepherd writeup which requires a a status on the implementations.
> I sent a few hours a go a request to the co-authors of known
> implementations. If you are aware of such implementations, feel
> free to create a new project at [1]. 
> 
> You can also let us know on the mailing (with associated URLs)
> these projects so I can complete code stand as well as the shepherd
> writeup.  I am happy to complete it today 😉
> 
> For the status you are correct but I believe it should not cause any issue. 

I do not have/know full implementation, however I do have a partial
implementation in context of TLS:

- Ed25519/Ed448 PKIX public keys in certificates.
- (Ed25519/Ed448 TLS exchange signatures -- covered by TLS docs)
- Ed25519/Ed448 PKIX certificate signatures.

And GnuTLS 3.6.1 supports at least:

- Ed25519 PKIX private keys (at least v1)
- Ed25519 PKIX public keys in certificates
- (Ed25519 TLS exchange signatures -- covered by TLS docs)
- Ed25519 PKIX certificate signatures.


My implementation interoperates with GnuTLS 3.6.1 on TLS handshake
with both Ed25519 server signature and  certificate signature.

- Server: My implementation, all settings at defaults.
- Client: GnuTLS 3.6, all settings at defaults except trustpile
  replaced with custom one.
- Certificate 0: EE, Ed25519 key, Ed25519 signature.
- Certificate 1: CA, Ed25519 key, RSA-PSS-SHA256 signature.
- Certificate 2: CA, RSAEncryption key, RSA-PKCS1-SHA256 signature.
- Certificate 3: CA, RSAEncryption key, self-signed. [Not sent].
- Negotiated TLS versionn: TLS 1.2 + RENEGO + EMS.

(The key exchange used is ECDHE_ECDSA for technical reasons, however,
there are no actual ECDSA used anywhere).


Client status at end of handshake:

- Description: (TLS1.2)-(ECDHE-X25519)-(EdDSA-Ed25519)-(CHACHA20-POLY1305)
- Session ID: (empty)
- Ephemeral EC Diffie-Hellman parameters
 - Using curve: X25519
 - Curve size: 256 bits
- Version: TLS1.2
- Key Exchange: ECDHE-ECDSA
- Server Signature: EdDSA-Ed25519
- Cipher: CHACHA20-POLY1305
- MAC: AEAD
- Options: extended master secret, safe renegotiation,
- Handshake was completed


Server status at end of handshake:


Handshake complete, crypto parameters:
 - TLS version:              1.2
 - Encryption:               Chacha20-Poly1305
 - PRF:                      SHA-256
 - Key Exchange:             X25519
 - Server Signature:         Ed25519
 - Triple Handshake attack:  Fixed
 - OCSP stapling:            No
 - Certificate Transparency: No


-Ilari

v2.23.0 | Report a Bug | By Email