Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validation of <2048 keys
Petr Menšík <pemensik@redhat.com> Wed, 27 April 2022 12:17 UTC
Return-Path: <pemensik@redhat.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 846C1C2C33B8 for <dnsop@ietfa.amsl.com>; Wed, 27 Apr 2022 05:17:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.531
X-Spam-Level:
X-Spam-Status: No, score=-4.531 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.575, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.857, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QpglC1-_cmwp for <dnsop@ietfa.amsl.com>; Wed, 27 Apr 2022 05:16:56 -0700 (PDT)
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A959AC2C33D3 for <dnsop@ietf.org>; Wed, 27 Apr 2022 05:16:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1651061815; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MdXsGWxGkrM+f4rR0GW0PYn+hoFMR7ndIm5LwokRuQY=; b=XJTopF0QIAyPQckbe/xxpB/nLm4w6j2ZJNZHZ/8uzJvUzEIv0jd/smThJ3RnQ1M2y2qRV4 9o/J40OZexUYJat0C5BqK6YdwIbrvgaTh75kU3SS4KBp9XKymjfAyo2E0TDI6uIaWyfPjv euODKDvtYdGSIdxUoidjDqfZfa2Dj/A=
Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-616-clliSNfGPPWM-2owMKRuLw-1; Wed, 27 Apr 2022 08:16:54 -0400
X-MC-Unique: clliSNfGPPWM-2owMKRuLw-1
Received: by mail-wm1-f72.google.com with SMTP id m125-20020a1c2683000000b00391893a2febso671443wmm.4 for <dnsop@ietf.org>; Wed, 27 Apr 2022 05:16:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent :content-language:to:references:from:organization:subject :in-reply-to:content-transfer-encoding; bh=MdXsGWxGkrM+f4rR0GW0PYn+hoFMR7ndIm5LwokRuQY=; b=JRbsFi2pDwPbj2RR6dvO5Qdw+07G8RIV02DNljigzNEs04JXvHz2J9JrgL2+AxDjAN w0Ubc+Z0t4YA/y7e714Nlt8VbZDtq2FCv6dY8bZ9ecGODCeUaBv845TF2ZFNVE7TO+xW j1TMa7zhc+SCgXxqUkJN+OiyKh+cDw+Ca3XvaR2+Gerlzb3ugAJ1aZns2ppowI8+zhx1 JPhKwZV9TEZLrAxZUZoZfS5AiQ6xSVJ3GKWF5Ms63EuglObs6rbQxSPBZH5gsHE3fhBR +A6JXokXNbZzHV4e5f3AYbc8lqO2+9yZkNSzAfMBtxFvUjhziy81vIUHU7MMhVUGVFUQ R0DA==
X-Gm-Message-State: AOAM532BImfQ7WmHaJB+nU8Rz3w71DA+8KoKI20vZ8BvIGnxTd7mk0Wj O6wU/wx0plgTG6QVqbl/LWCUx3dc3/cuDYgKCzRNe/Vs/mRiyDpmUgMyLRgrg3WPLybnVXXZLc+ xSRG5Quf5Kvvr6awpSBeHe3yVdvyJMU4AgpqivMV+rRKwPNoJZNa3lA2gzA==
X-Received: by 2002:a05:600c:1e8a:b0:394:a8:234 with SMTP id be10-20020a05600c1e8a00b0039400a80234mr3281028wmb.117.1651061812805; Wed, 27 Apr 2022 05:16:52 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzzqBIbGCiXxsEDs5R/Y8dSYQCciCfucc2riXEKDlYLw9IvHXKrWkvlZSC2WZLCmWsFwaOz9Q==
X-Received: by 2002:a05:600c:1e8a:b0:394:a8:234 with SMTP id be10-20020a05600c1e8a00b0039400a80234mr3281008wmb.117.1651061812558; Wed, 27 Apr 2022 05:16:52 -0700 (PDT)
Received: from [10.43.2.33] (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id e4-20020adfa444000000b0020ac74da5c5sm13529038wra.87.2022.04.27.05.16.51 for <dnsop@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 27 Apr 2022 05:16:51 -0700 (PDT)
Message-ID: <1b18282e-b1d6-797f-644f-e0b6c59a0b03@redhat.com>
Date: Wed, 27 Apr 2022 14:16:50 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
To: dnsop@ietf.org
References: <356059e5-e973-3d6c-569c-9ff9d9fe16e6@redhat.com> <87v8uxh45n.fsf@miraculix.mork.no>
From: Petr Menšík <pemensik@redhat.com>
Organization: Red Hat
In-Reply-To: <87v8uxh45n.fsf@miraculix.mork.no>
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pemensik@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/-C5MFZp9M-XdTKW_prAxMSmqhjg>
Subject: Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validation of <2048 keys
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Apr 2022 12:17:00 -0000
Thank you for those references, they are very useful. I need to discuss our stance internally first. I think we should have a better response prepared. It may take a few days to formulate and explain our direction. Thanks, Petr On 4/25/22 12:02, Bjørn Mork wrote: > Petr Menšík <pemensik@redhat.com> writes: > >> Our crypto team is >> responsible for preparing RHEL 9 for FIPS 140-3 certification. They said >> there is legal obligation to stop using all RSA signatures with keys >> shorter than 2048 bits. > Either they're wrong or you're misquoting them by merging "signing" and > "verifying" into the confusing and misleading term "using". FIPS 140-3 > is a bit more specific than that, fortunately. > > See table 2 in > https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf > which shows the status of RSA keys with 1024 ≤ len(n) < 2048 for Digital > Signature Verification as "Legacy use". > > The text following that table provides more detail: > > Key lengths providing less than 112 bits of security that were > previously specified in FIPS 186 are allowed for legacy use when > verifying digital signatures. > > and > > RSA: See FIPS 186-239 and FIPS 186-4,40 which include modulus lengths > of 1024, 1280, 1536 and 1792 bits, may continue to be used for > signature verification but not signature generation > > > Bjørn > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Petr Menšík Software Engineer Red Hat, http://www.redhat.com/ email: pemensik@redhat.com PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB
- [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA validat… Petr Menšík
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bjørn Mork
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bill Woodcock
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Havard Eidnes
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Bill Woodcock
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Paul Wouters
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Petr Menšík
- Re: [DNSOP] FIPS 140-3 mode on RHEL 9 and RSA val… Petr Menšík