Re: [Curdle] Confirming a change to draft-ietf-curdle-rsa-sha2-12

"Mark D. Baushke" <mdb@juniper.net> Mon, 12 March 2018 00:56 UTC

Return-Path: <mdb@juniper.net>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C89541270AB for <curdle@ietfa.amsl.com>; Sun, 11 Mar 2018 17:56:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.702
X-Spam-Level:
X-Spam-Status: No, score=-2.702 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEofVvlOwHJc for <curdle@ietfa.amsl.com>; Sun, 11 Mar 2018 17:56:46 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 361411270A0 for <curdle@ietf.org>; Sun, 11 Mar 2018 17:56:46 -0700 (PDT)
Received: from pps.filterd (m0108157.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w2C0ro44021427; Sun, 11 Mar 2018 17:56:45 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : date : message-id : sender : mime-version : content-type; s=PPS1017; bh=EpQbrm89xW4XXtuYDIimJKPs6SYWf1pgK1fp/s7sMCQ=; b=I80KIf80q7mOLjgjhORRLJpRLcJJgOhwx5Fvj4nXug9UNQxLHIBHOMAIyAl56q0NQi36 mHdMJsNnwG3bx5kjaF0BVxezcwhBZJYaNdhJjnPt9jo0aPm8dTQbM6tYyDNqoQvClGGR VNm/qmMUdKzKIq2cvEYSDL4nkYegKxAPxjxCgQiAICNhBjbdST29iQ5IyQK8NAye/I5B 7h2H3xuQDNgIXfDOy28z0wJLcj7s2rKGsNTmDTRkxV8c/S1MbIEoVXDyoEYByacF8s3K b+XVt4UMkumdncukJO7lrVyOCNV1tFdXS+rZeTvrQNUltMPnkTMA0MPil7PZoq3TSbHm Fw==
Received: from nam01-bn3-obe.outbound.protection.outlook.com (mail-bn3nam01lp0178.outbound.protection.outlook.com [216.32.180.178]) by mx0a-00273201.pphosted.com with ESMTP id 2gmfgshvyq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 11 Mar 2018 17:56:44 -0700
Received: from BN6PR05CA0005.namprd05.prod.outlook.com (10.174.92.146) by BN6PR05MB3666.namprd05.prod.outlook.com (10.174.94.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.588.7; Mon, 12 Mar 2018 00:56:42 +0000
Received: from BY2NAM05FT019.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e52::205) by BN6PR05CA0005.outlook.office365.com (2603:10b6:405:39::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.588.7 via Frontend Transport; Mon, 12 Mar 2018 00:56:42 +0000
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.12 as permitted sender)
Received: from p-emfe01a-sac.jnpr.net (66.129.239.12) by BY2NAM05FT019.mail.protection.outlook.com (10.152.100.156) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) id 15.20.588.11 via Frontend Transport; Mon, 12 Mar 2018 00:56:42 +0000
Received: from p-mailhub01.juniper.net (10.47.226.20) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Sun, 11 Mar 2018 17:56:29 -0700
Received: from eng-mail01.juniper.net (eng-mail01.juniper.net [172.17.28.114]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id w2C0uRRC030963; Sun, 11 Mar 2018 17:56:27 -0700 (envelope-from mdb@juniper.net)
Received: from eng-mail01.juniper.net (localhost [127.0.0.1]) by eng-mail01.juniper.net (Postfix) with ESMTP id 097A21144E; Sun, 11 Mar 2018 17:56:27 -0700 (PDT)
To: "Salz, Rich" <rsalz@akamai.com>
CC: "curdle@ietf.org" <curdle@ietf.org>
In-Reply-To: <4C40F019-21FB-46AC-95D3-CC94BB976AAB@akamai.com>
References: <4C40F019-21FB-46AC-95D3-CC94BB976AAB@akamai.com>
Comments: In-reply-to: "Salz, Rich" <rsalz@akamai.com> message dated "Sun, 11 Mar 2018 17:59:00 -0000."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Sun, 11 Mar 2018 17:56:27 -0700
Message-ID: <12087.1520816187@eng-mail01.juniper.net>
Sender: <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-HT: Tenant
X-Forefront-Antispam-Report: CIP:66.129.239.12; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(376002)(39380400002)(346002)(39860400002)(2980300002)(189003)(199004)(2950100002)(229853002)(305945005)(6916009)(47776003)(6266002)(6246003)(4326008)(7846003)(6392003)(4743002)(86362001)(50466002)(76176011)(356003)(336012)(68736007)(48376002)(316002)(51416003)(7696005)(69596002)(8676002)(97876018)(53416004)(81166006)(81156014)(5660300001)(8936002)(55016002)(478600001)(76506005)(7126002)(53936002)(16586007)(117636001)(97736004)(2906002)(2810700001)(106466001)(186003)(77096007)(26005)(105596002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR05MB3666; H:p-emfe01a-sac.jnpr.net; FPR:; SPF:SoftFail; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BY2NAM05FT019; 1:/oY6ZlCHUO9U8lsHeuSQahzlpk/sTjMrHLLRxDgCkeimX//Y90JjH1XHeDZlwrgVEJC4BNwmdLEt16KdVulGX48X1yC088SepUa/xU7v+2PrumurwAAd2x7oxi3XMczn
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: f4985091-0dc3-4cc4-2a11-08d587b41ecc
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060); SRVR:BN6PR05MB3666;
X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3666; 3:Wzf/J9gRTjA7ALjqnaUfx4gB6RPn3tXljAGNs/xGyetqBz3l/RBBBl/WTxJWzTMlmDRixNeD5+ioyjEEt+aQ55BBUBb6/80N36AiIyBXuqX3/3gS0HJBlW4qaVYffHjuwOWZdpVlsWscOd150FNGmn7+vwZis/uNK8G6kYk/rv6t0CaOMYMC3XdP30o31fpwub2YVv1sD6hI6j2djC42DdGu07Z19ynbh19Xx0EcCKd+2RgTnEfqmQ8O3bUWCRL5BGmdQmNxnvhPf2iSNkzpX3qwgLPSyN+DOijr3JVMnTKnpYboiy9OhcJ94iQeIij22RHZdFigcpNkpp/7+2x0TI3y2R9DPs+y/0EMqeYpPUU=; 25:nSW6nR1ZmpcG8N3p81Waf2pKO2A4NQXM0D1eII0GkFWe1PSn+wNzJ/cC9H040jHJ3odhTE2uUJ0SKLT8u7sdMzqRpDLYLIG1l37ROQtG4AFrHBtCEBYi85tkUOWZwTy5Wn6TyUwCkEH3YTvabhYmuN34RiErZ+qfv2nJXNhKasyVRj/Xp1YEJaykbUeNCZrJYXNxk86P5QVIN0/yJTMFPvcAZK3a7V+EhpN4V7JHPz2d/AYukcNfli8URXuORaNYg+GsbSQRC3UU2cvwjD9WLQuQ80LKEXb74l1LVcBdjTRlbI/f7rsMF0ppSAcQcafsx4iHI/qOKe7zTS/c89qx1g==
X-MS-TrafficTypeDiagnostic: BN6PR05MB3666:
X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3666; 31:ns2eRVGp8h6AJrutgPR5P9s3cNjIePzjRxTGTjn5PsETD7nNR+wp3FliGTcmETSCa/JRt6bhGQBjqoU0dEUUKkv97p6rV9XMBg24cmVYfc6phIbsBvoP98VbuF+FeOkN6zs7yhoJYCqKwrQSOyMt7W8DzwH8Udq291PJHk6k4O/RVVxq0NV+vLpIcy/6v8aEmpwfesp6JFAXtmjtfRU9SAxeQP1iHTaBrj51avSnlo8=; 20:5fH+NH2zi5ZRLfL6swfF63J1nr6A5DlFIQpb6/cGaLb23eHZSGole8Gks7/AAqF7wEkNVN56YH8LJcvwRABSbqFf3fYZmmuSjwjBI1Y0bQspC8Jh+I5Lsef+bkqtxvN3MvEkbkbO4Y843U9lFg2yz/nkQIwBWKh5e9mh7eBOHh0ZLLCNh8NuJ7zsDhM7W51jDTaANKyR+7NML/zYV+3aibs+JgC1YZgq1ikfGDIcFtGhFlS5mGCeNGVE6v9emaLs5xd6PyTK96miAwFdw2yGglrmY/B9iUIOEvse9NblV/22521HvAtGbC6XwMyU5XCxMyR1/VInHkFjm7eKkj2FRJXAakGFYR0HtcsNMsHZ5VH92/tDMsI362EhkrbRnRySQqsikzwDJJJZyz3dJLxSYgeBjEsY1unjoRjbd+k1tu516f3O5eJ36er/5yND9fm1lT5BZglluSABg6rBtsHjGPMe7fkMPJmH7Vu0D5e0VxNoQyNn9f36u5SnVAaqxb7l
X-Microsoft-Antispam-PRVS: <BN6PR05MB36661C4C41623C96999DD9EEBFD30@BN6PR05MB3666.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93003095)(10201501046)(3231220)(944501244)(52105095)(6055026)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123560045)(20161123558120)(6072148)(201708071742011); SRVR:BN6PR05MB3666; BCL:0; PCL:0; RULEID:; SRVR:BN6PR05MB3666;
X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3666; 4:S6LAuyvVFTqNf6Wz08oIj9y70SGYFxCLdbiONIKslubsF8DbODKibaNZYtmmBe1WwhNcu1g3u3g4BS5dfOSK7g7k9OwEllFKUG3vEsM20frf9/x85V+iwg/rxi8iEzkM0LgSiCzE4AJQFNs9vwwbTDtKEb2zVf6D4ktpioaC1TBh59pMr7/xWC8Fz0TjpD6z8b7v13gT0YUR7vezX1kFsqnhdbca8MxKHId6+jRou5b3j3AvzLUO5usEMA+NSw7iOANTfG6yjb3UpgSeJHNOUw==
X-Forefront-PRVS: 06098A2863
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR05MB3666; 23:CIYtdQDe7qpzjZ3VyIUDbkyptFgSnyBovoUX3v1iH?= =?us-ascii?Q?XTC/Ro/4JD4lYuLp6tZm0ynJYmiJD8A9ZGc4wcU8AtFgZWO9z7o/WOLMS2Tc?= =?us-ascii?Q?L389ycSajhuvmKJYvIpEtwpBwMolA/5Scdus9VpMCTa7IPr970tS9qm3PdnG?= =?us-ascii?Q?8cbPhYhiq0XU5wG9w3BtHO+9NvTwronawYayg4b/jmH4V+HotYJVawE0bWye?= =?us-ascii?Q?JzMl6SSa+/XAlBlgaH5+3Py2CkQRBM5Rq5MioFT6T4mwuh92JrPYrdxrdP5H?= =?us-ascii?Q?CxQTZ1Y8CIgD71x0QYex76jQhnjhUv5QWu/uPACekHLI83pIAdWJtUaczPiK?= =?us-ascii?Q?OroFGflb4/jgrxS/CzZB9OwRzvT2rbinuPFNiS0x/a0q2QHCfJOk1uTiNMwY?= =?us-ascii?Q?81UmCNFgI4afCoDWUuUMzLtDudWiGNR/NB7IwWGgo+LuDHcV4d7eHnnNQmC4?= =?us-ascii?Q?rZwbKN+YS8lyII0c+LSVon1KPFyU1Qn/0P/B8ivrlrAKydcHEhJsGWJ0LWjd?= =?us-ascii?Q?ifNd8M9Wd2ZTLG71SvUpgsmFqDBO+R9Y4nakjfi3DyeHbb/pEV5pNg7fHDIZ?= =?us-ascii?Q?FXGm2FzILT+5B181X2/jB3+6VncCn3qJOSxATuWq0c2Cj9b9tare8VSTOaIW?= =?us-ascii?Q?3gF3AukcQUmU4OBICoC7u2S7YDQSmPrFHE918QXxPeq71HCfbv6sfoscxqgk?= =?us-ascii?Q?WoNFzgM+Qp93FchEgClMle8wCWMwDG0sk0yBzGL6FFex0WLThPtyklv1dc/g?= =?us-ascii?Q?7xXV3rpCnz7uqZvYkMA4PRW/zw/CIFXcBneGnUkGODP0FwUa1i6WD8RCqaCP?= =?us-ascii?Q?Xd3pMLyJA+XuZYqqEPjhTaN3ZIIbD31BAU+x5eWztdduoqCK/VdKgk/a3jrs?= =?us-ascii?Q?U+DOrdVxqeGkGsRIuWhaW/6Z5BJuZm1I6qtOQFb2H5MvymcN7omIYOb+bM/2?= =?us-ascii?Q?mfSxlBRATojvNxzEPk0pHp2LKed+yWo05gmzfgt/sMHg5AJkooA+6z4TQaAm?= =?us-ascii?Q?id3CZfN2UQayqf7xKmRSOnQRF6cZgWLkVi/kAa3htOjC3lgQh/Z9O71mCGhr?= =?us-ascii?Q?3jQXHdLVijQ1CWR1gulziEgh35+kC62ZhNr/EzP4Ht+fzDs/z+1iJplvzaOm?= =?us-ascii?Q?uJ7uK/WSNlCsOR06C3SC19Q59V5nFATicHH5wzHPel0g5e27ipslzBEtRve8?= =?us-ascii?Q?T5p3IvlAeemegBOtNBNwx6IRh3WbmiO3NOf?=
X-Microsoft-Antispam-Message-Info: qXTCaBG6ZD/KGUAFZ00ra9zusqfp+y+IKmBEPhertP/vuE2erfQ4vBAESMKlP+8pUMT82txmxpIwb7cRRKdY6EpqzJw3hs1iVHMbPJd4QNPiIvRhZjWTl+Ipy8RN5+8vXtHrKbcK+nBuhN5TqvxryBOMYjXsWdxrH3TdS24v1fG2bcIvD0p7S5uB/C4ctQ0u
X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3666; 6:d78W+TU1tOHt8ANn1T3+lQ4+Hghoold2kh79DxXvZ7o6uAAS7NnMVC07Un8CnCksabZWlbFRRLxFu5IHqqoFoVXEhYD8Ulr/HJYoWPfLL/4aNxKpjDvHkkss4+bicfjrUMe2eDO6rPr0WrEJPFhUs4Zv667D+wVRjjCknyW4EDI0ZQYSGKftMyCJ+PFlZM4UUSfmU/84zfFybd1iG6hfEjjG63e3kRdLq/8LjsJily4TASGFK4Batx735AVVfY4kQRoUMsRE28wtl3h4VecWH3ThzrqL60ZGPjBSWpIriS0iLcWvsqdaCZ+OwVKBofXVerQyzCM9YerX5lYth+gGosVGCriv8A7OD/TrU+1ri+g=; 5:2HmyF64rQoT5OFXGwAldEPPBwh5Srw+zCX4l+L7xydune/T7V3yUhmfCqXBNVAA2mDC7ry1YSk95tydmzwUCA9ctyqGZQZLAxrINi5WIwZXISQ1dEdYujbRgOFzHxRUfJCpAcZHd4fZh+J8L8sgU/2KzHZtkc3mwJDlBipAlWik=; 24:HdJT+IbgahPhW0YgqbTctlwnTWLDx241VOW2QwS8qf0Ovxrw1ezp9bofuc0WM+4AXFg9xHFf1fkuBuCd+c0gvAsS3zdSHQkzQAzxeqRUYU4=; 7:H/WzirM9r+4ymOGMFScPwHTWWDGt2/yIJAEvSqD40AZwFtH5IA379QJ8ScpsEVc+k+3yIIXXoEW+FadOM90f348TlloJR+kEqNa5VoGxGqCVV9FfwCpBWv60CC7rstA5AWpls46H1JaMhusW3gCJ7OSGBpQyELA3CUinAEfw6HWpiDWF83NsP1lT/tL5eXBXtkwTeXtDb858ueNAp7VM8NCyxGYeGm7WePEDJPwurjn7amXub6VM+NpIMcXX0mnu
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Mar 2018 00:56:42.1165 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: f4985091-0dc3-4cc4-2a11-08d587b41ecc
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.12]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR05MB3666
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-11_15:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803120010
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/xiSrqzw4HUtfty9bSH3OwIBMKZU>
Subject: Re: [Curdle] Confirming a change to draft-ietf-curdle-rsa-sha2-12
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Mar 2018 00:56:48 -0000

Salz, Rich <rsalz@akamai.com> writes:

> Eric rightly pounts out that this is a tech change made during the
> final stage of RFC editing and that it should be confirmed by the WG.
> It's about MAY accepting fewer leading zero's.
> 
> Does anyone object?
> 
>     > > The value for 'rsa_signature_blob' is encoded as a string that
>     > > contains an octet string S (which is the output of RSASSA-PKCS1-v1_5)
>     > > and that has the same length (in octets) as the RSA modulus.  When S
>     > > contains leading zeros, there exist signers that will send a shorter
>     > > encoding of S that omits them.  A verifier MAY accept shorter
>     > > encodings of S with one or more leading zeros omitted.

Question:

If the octet string S begins with the most significant bit set, is it a
MUST or a SHOULD or a MAY to prepend a zero octet so that the number is
not considered to be negative?

Consideration:

RFC 8017 section 4.1 specifies x as a nonnegative integer to be
converted to an Octet String primitive. It is not clear if the octet
string S is to always be considered unsigned or not.

RFC4251 provides that an mpint is a multiple precision integer in two's
complement format, stored as a string, 8 bits per byte, MSB first.
Negative numbers have the value 1 as the most significant bit of the
first byte of the data partition. If the most significant bit would be
set for a positive number, the number MUST be preceded by a zero byte
[RFC4251, sectio 5, page 8.]. RFC4251 provides that a 'string'

If draft-ietf-curdle-rsa-sha2-12 would like to see the
rsa_signature_blob be treated as an mpint with a leading zero-byte for
strings that otherwise would look negative, why not just change the type
in section 3 to read:

The resulting signature is encoded as follows:

    string    "rsa-sha2-256" / "rsa-sha2-512"
    mpint      rsa_signature_blob

  The value for 'rsa_signature_blob' is encoded as a string containing
  S   - an octet string which is the output of RSASSA-PKCS1-v1_5, of
  length equal to the length in octets of the RSA modulus. As with any
  mpint, there may be a leading zero octet to ensure that S is considered
  a nonnegative number.

If I have misunderstood the rationale for the change, please let me
know.

	Thank you,
	-- Mark