IETF Logo Mail Archive

Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)

Russ Housley <housley@vigilsec.com> Tue, 16 November 2021 14:13 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B39983A0064 for <curdle@ietfa.amsl.com>; Tue, 16 Nov 2021 06:13:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxsrBwfqOneg for <curdle@ietfa.amsl.com>; Tue, 16 Nov 2021 06:13:03 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 669113A0062 for <curdle@ietf.org>; Tue, 16 Nov 2021 06:13:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 108D1300BE3 for <curdle@ietf.org>; Tue, 16 Nov 2021 09:13:05 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 3vvahtuxzxcV for <curdle@ietf.org>; Tue, 16 Nov 2021 09:12:57 -0500 (EST)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 803C23001A8; Tue, 16 Nov 2021 09:12:55 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <20211116105357.21FA01FCF52@rfc-editor.org>
Date: Tue, 16 Nov 2021 09:12:52 -0500
Cc: Simon Josefsson <simon@josefsson.org>, "Roman D. Danyliw" <rdd@cert.org>, Ben Kaduk <kaduk@mit.edu>, daniel.migault@ericsson.com, Rich Salz <rsalz@akamai.com>, curdle@ietf.org, RFC Editor <rfc-editor@rfc-editor.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <5E5DECA1-8701-4E45-84D2-0C03D6438C69@vigilsec.com>
References: <20211116105357.21FA01FCF52@rfc-editor.org>
To: daniel.minder@utimaco.com
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/sdk_KGcdRgw7K4Ld7lm8c194qyA>
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (6738)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2021 14:13:09 -0000

Daniel:

RFC 5958 imports the definition of ATTRIBUTE from the PKIX-CommonTypes-2009 module in RFC 5912.

You will see at the top of the ASN.1 module in RFC 5958 the phrase "DEFINITIONS IMPLICIT TAGS".  This means that the definitions use implicit tagging unless the definition itself includes "EXPLICIT" to override the module default.

However, the PKIX-CommonTypes-2009 module in RFC 5912 has the phrase "DEFINITIONS EXPLICIT TAGS".  Thus, the Attributes SEQUENCE should have explicit tags as shown in the examples

Therefore, the only correction needed is the incorrect quote from RFC 5958 in Section 7 of RFC 8410.

ORIGINAL TEXT:

   OneAsymmetricKey ::= SEQUENCE {
      version Version,
      privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
      privateKey PrivateKey,
      attributes [0] IMPLICIT Attributes OPTIONAL,
      ...,
      [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
      ...
   }

CORRECTED TEXT:

     OneAsymmetricKey ::= SEQUENCE {
       version Version,
       privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
       privateKey PrivateKey,
       attributes [0] Attributes OPTIONAL,
       ...,
       [[2: publicKey [1] PublicKey OPTIONAL ]],
       ...
     }

Hope this helps,
 Russ


> On Nov 16, 2021, at 5:53 AM, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
> 
> The following errata report has been submitted for RFC8410,
> "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid6738
> 
> --------------------------------------
> Type: Technical
> Reported by: Daniel Minder <daniel.minder@utimaco.com>
> 
> Section: 7 and 10.3
> 
> Original Text
> -------------
> Section 7 says
> 
>   OneAsymmetricKey ::= SEQUENCE {
>      version Version,
>      privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
>      privateKey PrivateKey,
>      attributes [0] IMPLICIT Attributes OPTIONAL,
>      ...,
>      [[2: publicKey [1] IMPLICIT PublicKey OPTIONAL ]],
>      ...
>   }
> 
> 2nd example given in both section 7 and section 10.3:
> 
>   -----BEGIN PRIVATE KEY-----
>   MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
>   oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB
>   Z9w7lshQhqowtrbLDFw4rXAxZuE=
>   -----END PRIVATE KEY------
> 
> ASN.1 dump of this private key in section 10.3:
> 
>   The same item dumped as ASN.1 yields:
> 
>     0 114: SEQUENCE {
>     2   1:   INTEGER 1
>     5   5:   SEQUENCE {
>     7   3:     OBJECT IDENTIFIER '1 3 101 112'
>          :     }
>    12  34:   OCTET STRING, encapsulates {
>          :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
>          :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
>          :     58 42
>          :     }
>    48  31:   [0] {
>    50  29:     SEQUENCE {
>    52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
>    64  15:       SET {
>    66  13:         UTF8String 'Curdle Chairs'
>          :         }
>          :       }
>          :     }
>   81  33:   [1] 00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
>                 96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
>                 E1
>          :   }
> 
> 
> Corrected Text
> --------------
> Correct definition in section 7:
> 
>   OneAsymmetricKey ::= SEQUENCE {
>     version                   Version,
>     privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
>     privateKey                PrivateKey,
>     attributes            [0] Attributes OPTIONAL,
>     ...,
>     [[2: publicKey        [1] PublicKey OPTIONAL ]],
>     ...
>   }
> 
> Example key in section 7 and 10.3:
> 
>   -----BEGIN PRIVATE KEY-----
>   MHQCAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
>   oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzoSMDIQAZv0QJaYTN/oVB
>   usFn3DuWyFCGqjC2tssMXDitcDFm4Q==
>   -----END PRIVATE KEY-----
> 
> 
> ASN.1 dump of this private key in section 10.3:
> 
>     0 116: SEQUENCE {
>     2   1:   INTEGER 1
>     5   5:   SEQUENCE {
>     7   3:     OBJECT IDENTIFIER '1 3 101 112'
>          :     }
>    12  34:   OCTET STRING, encapsulates {
>          :     04 20 D4 EE 72 DB F9 13 58 4A D5 B6 D8 F1 F7 69
>          :     F8 AD 3A FE 7C 28 CB F1 D4 FB E0 97 A8 8F 44 75
>          :     58 42
>          :     }
>    48  31:   [0] {
>    50  29:     SEQUENCE {
>    52  10:       OBJECT IDENTIFIER '1 2 840 113549 1 9 9 20'
>    64  15:       SET {
>    66  13:         UTF8String 'Curdle Chairs'
>          :         }
>          :       }
>          :     }
>    81  35:   [1] {      
>    83  33:     BIT STRING {
>                  00 19 BF 44 09 69 84 CD FE 85 41 BA C1 67 DC 3B
>                  96 C8 50 86 AA 30 B6 B6 CB 0C 5C 38 AD 70 31 66
>                  E1
>                  }
>                }
>          :   }
> 
> 
> Notes
> -----
> OneAsymmetricKey is defined in RFC 5958. It does NOT define attributes and publicKey as IMPLICIT.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> can log in to change the status and edit the report, if necessary. 
> 
> --------------------------------------
> RFC8410 (draft-ietf-curdle-pkix-10)
> --------------------------------------
> Title               : Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use in the Internet X.509 Public Key Infrastructure
> Publication Date    : August 2018
> Author(s)           : S. Josefsson, J. Schaad
> Category            : PROPOSED STANDARD
> Source              : CURves, Deprecating and a Little more Encryption
> Area                : Security
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle

v2.23.0 | Report a Bug | By Email