IETF Logo Mail Archive

Re: [Curdle] [Technical Errata Reported] RFC8410 (5696)

"Santosh Chokhani" <santosh.chokhani@gmail.com> Wed, 17 April 2019 13:53 UTC

Return-Path: <santosh.chokhani@gmail.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13506120156 for <curdle@ietfa.amsl.com>; Wed, 17 Apr 2019 06:53:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UO7_29TwoHx2 for <curdle@ietfa.amsl.com>; Wed, 17 Apr 2019 06:53:45 -0700 (PDT)
Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D49D120104 for <curdle@ietf.org>; Wed, 17 Apr 2019 06:53:45 -0700 (PDT)
Received: by mail-pf1-x42b.google.com with SMTP id b3so12158346pfd.1 for <curdle@ietf.org>; Wed, 17 Apr 2019 06:53:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:references:in-reply-to:subject:date:message-id :mime-version:content-transfer-encoding:thread-index :content-language; bh=3ssBi8xadDhZfMeMJXTn6tIWw7Ynb2NTmBvoB0x45ZE=; b=DC5ur3/73nqJwYPPRnfXDwCv64XS6T2nKBww8q16axf2SV2QdumnKyxPtJBEAWo+q6 GwaY+JW9H+7/VcPZl1t0oaEB9G2vYsrdPAsns6Pok3aqAM4auPgjCZ9UNK1kus8sAcKF QuMcBV+FMfF+PaZ3qCRC+CBeUrdN5+9J9LgRhgHxHT5L6etDm7Y9KVnnueb9iFW2C2Re rlLxiBRIRhU9tsPjGIH1bibLXd4+hsArwA4w4pJnr3Xz7U1e8VTsIISQ4CYtbgXVpa9+ /1r5zkkxoa/UDVWPVAVlNMbow3hfpGIpeIoVCGzWp21mqJoS31Bk2Ooc1e/HAV0wm36C 5Z9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:references:in-reply-to:subject:date :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=3ssBi8xadDhZfMeMJXTn6tIWw7Ynb2NTmBvoB0x45ZE=; b=D4lu2r6jPCwXF7RBw7tsbLUYFDbhl27KEDxroEhoZyTNTdJA1f8iJD9X7Op6lDMm8p B7sj/oTcSzzq4PT87fEuK2igyF3/l1F6PwMcTg2jdH91c91ZN58Kqt8B92hKIMfuGeH9 RlR8052FL6sPxKtLvk5+ZNY61TMrnaUVjhElBOgC/jOVbWCe8ijG72w58NTV6Tf8mzvx DGyHh0HKuwq5IzJj1eSUI2dql9INjrOuuNSpPhbJgvPSSDaNA1b+SYcyYJMIaGbGXj70 UlUjXz+1hGrsUJpq7M4pr2yPUHlmllZf6UXykyGO7NNua8wfYvLZ6HmKNJtMwpi0lfd+ 07Sw==
X-Gm-Message-State: APjAAAXUL8l+13Uuz4NuUxRaLirNsxBRsuLKNkphuPLwGLBfbPoz5eaj bULuUvCvC1TcRLuF69fPqDmQvESh
X-Google-Smtp-Source: APXvYqyBnb4urjju6bn1IvPO5KKl9RnFxT0H1XWTzKiXNawFMBEKHTTwy1vDb4/8K3YvlcnWXdrHdg==
X-Received: by 2002:a63:c112:: with SMTP id w18mr84045096pgf.200.1555509224762; Wed, 17 Apr 2019 06:53:44 -0700 (PDT)
Received: from SantoshBrain ([2600:8800:6800:58f0:e47a:b119:647:c981]) by smtp.gmail.com with ESMTPSA id g5sm42046089pfo.53.2019.04.17.06.53.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 17 Apr 2019 06:53:43 -0700 (PDT)
From: Santosh Chokhani <santosh.chokhani@gmail.com>
To: 'Russ Housley' <housley@vigilsec.com>
Cc: 'RFC Editor' <rfc-editor@rfc-editor.org>, "'Roman D. Danyliw'" <rdd@cert.org>, 'Simon Josefsson' <simon@josefsson.org>, daniel.migault@ericsson.com, 'Rich Salz' <rsalz@akamai.com>, 'Jim Schaad' <ietf@augustcellars.com>, curdle@ietf.org, "'LIJUN.LIAO@huawei.com'" <LIJUN.LIAO@HUAWEI.COM>, 'Ben Kaduk' <kaduk@mit.edu>
References: <20190417130322.DF98CB82BAF@rfc-editor.org> <CEAF6932-72F1-4BA0-90C9-42B014AA2DAC@vigilsec.com> <022201d4f521$363efad0$a2bcf070$@gmail.com> <A0A0D4DB-9443-432D-8836-5936A77212FC@vigilsec.com>
In-Reply-To: <A0A0D4DB-9443-432D-8836-5936A77212FC@vigilsec.com>
Date: Wed, 17 Apr 2019 09:53:42 -0400
Message-ID: <027801d4f524$f8b11690$ea1343b0$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQLUA8nUwpstT/Ye8zWBxjlp5t/4tAH7IQXgAXYF7NMAncbPAaQhyN3Q
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/z5tAJ5aUgyXrhtJO8qiWF0L0ehI>
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (5696)
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2019 13:53:48 -0000

Agree Russ in the sense that I have never seen a CA not issue CRL also.  It
might delegate CRL issuance to other authorities as well, but I have not
seen an implementation where a CA does not generate a CRL and does not
provide it to at least one RP, be it OCSP Responder.

But if these folks are implementing a CA without CRL issuance, they might
want this.  

On the other hand, I do not see CA having all these other bits as well.
There is no security issue if the CA has CRL issuance bit even if it does
not issue a CRL.

So, I could go either way on this Errata since it does not move the security
needle for me.

-----Original Message-----
From: Russ Housley [mailto:housley@vigilsec.com] 
Sent: Wednesday, April 17, 2019 9:38 AM
To: Santosh Chokhani <santosh.chokhani@gmail.com>
Cc: RFC Editor <rfc-editor@rfc-editor.org>; Roman D. Danyliw <rdd@cert.org>;
Simon Josefsson <simon@josefsson.org>; daniel.migault@ericsson.com; Rich
Salz <rsalz@akamai.com>; Jim Schaad <ietf@augustcellars.com>;
curdle@ietf.org; LIJUN.LIAO@huawei.com; Ben Kaduk <kaduk@mit.edu>
Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (5696)

Santosh:

This is the exact way we have described the appropriate key usage bits since
RFC 3279.  If this has confused any implementer over the last decade and a
half, I have not heard about it.

Russ


> On Apr 17, 2019, at 9:26 AM, Santosh Chokhani <santosh.chokhani@gmail.com>
wrote:
> 
> Russ,
> 
> But if the CA is using a key to sign CRL, in the context of that key 
> it is not a CA personality but a CRL issuer personality.
> 
> -----Original Message-----
> From: Curdle [mailto:curdle-bounces@ietf.org] On Behalf Of Russ 
> Housley
> Sent: Wednesday, April 17, 2019 9:12 AM
> To: RFC Editor <rfc-editor@rfc-editor.org>
> Cc: Roman D. Danyliw <rdd@cert.org>; Simon Josefsson 
> <simon@josefsson.org>; daniel.migault@ericsson.com; Rich Salz 
> <rsalz@akamai.com>; Jim Schaad <ietf@augustcellars.com>; 
> curdle@ietf.org; LIJUN.LIAO@huawei.com; Ben Kaduk <kaduk@mit.edu>
> Subject: Re: [Curdle] [Technical Errata Reported] RFC8410 (5696)
> 
> I do not think this is correct.  A CA could, for example, use one key 
> for signing certificates and a separate key for signing CRLs.
> 
> Russ
> 
> 
>> On Apr 17, 2019, at 9:03 AM, RFC Errata System 
>> <rfc-editor@rfc-editor.org>
> wrote:
>> 
>> The following errata report has been submitted for RFC8410, 
>> "Algorithm Identifiers for Ed25519, Ed448, X25519, and X448 for Use 
>> in the Internet
> X.509 Public Key Infrastructure".
>> 
>> --------------------------------------
>> You may review the report below and at:
>> http://www.rfc-editor.org/errata/eid5696
>> 
>> --------------------------------------
>> Type: Technical
>> Reported by: Lijun Liao <LIJUN.LIAO@HUAWEI.COM>
>> 
>> Section: 5
>> 
>> Original Text
>> -------------
>>  If the keyUsage extension is present in a certification authority  
>> certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage  
>> extension MUST contain one or more of the following values:
>> 
>>         nonRepudiation;
>>         digitalSignature;
>>         keyCertSign; and
>>         cRLSign.
>> 
>> Corrected Text
>> --------------
>>  If the keyUsage extension is present in a certification authority  
>> certificate that indicates id-Ed25519 or id-Ed448, then the keyUsage  
>> extension MUST contain keyCertSign, and zero, one or more of the  
>> following values:
>> 
>>         nonRepudiation;
>>         digitalSignature; and
>>         cRLSign.
>> 
>> Notes
>> -----
>> The usage keyCertSign must be set in a CA certificate.
>> 
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". If necessary, please 
>> use "Reply All" to discuss whether it should be verified or rejected.
>> When a decision is reached, the verifying party can log in to change 
>> the status and edit the report, if necessary.
>> 
>> --------------------------------------
>> RFC8410 (draft-ietf-curdle-pkix-10)
>> --------------------------------------
>> Title               : Algorithm Identifiers for Ed25519, Ed448, X25519,
> and X448 for Use in the Internet X.509 Public Key Infrastructure
>> Publication Date    : August 2018
>> Author(s)           : S. Josefsson, J. Schaad
>> Category            : PROPOSED STANDARD
>> Source              : CURves, Deprecating and a Little more Encryption
>> Area                : Security
>> Stream              : IETF
>> Verifying Party     : IESG
>> 
>> _______________________________________________
>> Curdle mailing list
>> Curdle@ietf.org
>> https://www.ietf.org/mailman/listinfo/curdle
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle
> 
> _______________________________________________
> Curdle mailing list
> Curdle@ietf.org
> https://www.ietf.org/mailman/listinfo/curdle

v2.23.0 | Report a Bug | By Email