IETF Logo Mail Archive

Re: [dnsext] Adopting draft: draft-hoffman-dnssec-ecdsa-04.txt

Alex Bligh <alex@alex.org.uk> Fri, 07 January 2011 15:24 UTC

Return-Path: <alex@alex.org.uk>
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BCC223A68F1 for <dnsext@core3.amsl.com>; Fri, 7 Jan 2011 07:24:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iOrI+bLoK-+G for <dnsext@core3.amsl.com>; Fri, 7 Jan 2011 07:24:07 -0800 (PST)
Received: from mail.avalus.com (mail.avalus.com [89.16.176.221]) by core3.amsl.com (Postfix) with ESMTP id B723A3A68F7 for <dnsext@ietf.org>; Fri, 7 Jan 2011 07:24:07 -0800 (PST)
Received: from [192.168.100.15] (87-194-71-186.bethere.co.uk [87.194.71.186]) by mail.avalus.com (Postfix) with ESMTPSA id 4210CC562F3; Fri, 7 Jan 2011 15:26:12 +0000 (GMT)
Date: Fri, 07 Jan 2011 15:26:11 +0000
From: Alex Bligh <alex@alex.org.uk>
To: Phillip Hallam-Baker <hallam@gmail.com>, cet1@cam.ac.uk
Message-ID: <359091FCD895EA0C271718D9@Ximines.local>
In-Reply-To: <AANLkTimnz9CBDbjXc0V2=zdM6PZnSs4_+ZaEL8CCVbXk@mail.gmail.com>
References: <4D014A84.5070204@ogud.com> <4D2390DE.8050409@ogud.com> <4D23A061.3060501@vpnc.org> <4D248950.3040208@ogud.com> <4D248A72.5010404@vpnc.org> <a06240801c94a3ed54f9e@10.31.200.116> <Prayer.1.3.3.1101051839410.18449@hermes-2.csi.cam.ac.uk> <AANLkTimnz9CBDbjXc0V2=zdM6PZnSs4_+ZaEL8CCVbXk@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Cc: Edward Lewis <Ed.Lewis@neustar.biz>, Paul Hoffman <paul.hoffman@vpnc.org>, dnsext@ietf.org
Subject: Re: [dnsext] Adopting draft: draft-hoffman-dnssec-ecdsa-04.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Alex Bligh <alex@alex.org.uk>
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jan 2011 15:24:08 -0000

--On 7 January 2011 09:32:56 -0500 Phillip Hallam-Baker <hallam@gmail.com> 
wrote:

> All non-mandatory crypto would use ASN.1 OIDs to declare the algorithm
> type. In the case of DNSSEC this would require an approach similar to
> the one that the OID based CERT type uses. There would be a code point
> reserved for identifying the algorithm by ASN.1 oid and a defined
> mechanism for squeezing in the OID as a prefix to the crypto material.
...
> The only interoperability concern should be that applications that
> support a common algorithm be able to use it to communicate. That
> means that they all use the same code points to identify the same
> algorithm.
...
> The fact that the OID registry is open and has no gating factor is a
> good thing. No gate means no endorsement. If we had used ASN.1 OIDs to
> identify algorithms there would be no RFC 5933, there would be no
> mention of GOST in RFCs at all unless there was a decision to adopt it
> as a mandatory to implement algorithm (which the GRU would not want in
> any case since their whole purpose requires use of a different
> algorithm).


Q: is there sufficient standardisation within the ASN.1 OIDs that if a new
crypto type FOO comes along, then 2 implementations, working solely from
the OID, they can necessarily interoperate? IE will they thoroughly specify
whether FOO options X and Y have to be supported, wire format, etc? To
illustrate what I mean, I include below a section from the OpenSSH-5.7
testing release notes. I know ssh != DNSSEC, but I suspect support for a
new algorithm might not be as simply described as whether a single ID.

-- 
Alex Bligh




 * Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
   and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA
   offer better performance than plain DH and DSA at the same equivalent
   symmetric key length, as well as much shorter keys.

   Only the mandatory sections of RFC5656 are implemented, specifically
   the three REQUIRED curves nistp256, nistp384 and nistp521 and only
   ECDH and ECDSA. Point compression (optional in RFC5656) is NOT
   implemented.

   Certificate host and user keys using the new ECDSA key types are
   supported - an ECDSA key may be certified, and an ECDSA key may act
   as a CA to sign certificates.

   ECDH in a 256 bit curve field is the preferred key agreement
   algorithm when both the client and server support it. ECDSA host
   keys are preferred when learning a host's keys for the first time.

v2.23.0 | Report a Bug | By Email