IETF Logo Mail Archive

[DNSOP] Specification of DNSKEY "Private-key-format"

Mukund Sivaraman <muks@mukund.org> Thu, 29 August 2019 12:56 UTC

Return-Path: <muks@mukund.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D5B412007C for <dnsop@ietfa.amsl.com>; Thu, 29 Aug 2019 05:56:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mukund.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oj-6UPdB6vVJ for <dnsop@ietfa.amsl.com>; Thu, 29 Aug 2019 05:56:30 -0700 (PDT)
Received: from mail.akira.org (mail.akira.org [IPv6:2a01:4f8:13b:607::228]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A95712004A for <dnsop@ietf.org>; Thu, 29 Aug 2019 05:56:30 -0700 (PDT)
Received: from jurassic.lan.banu.com (unknown [60.243.81.75]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.akira.org (Postfix) with ESMTPSA id 4C7BB79000B1; Thu, 29 Aug 2019 12:56:28 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mukund.org; s=mail; t=1567083388; bh=Nt9a0fwb2aIJ8wJ7KNOuhJrSVW3WpEhB/MPFz+cXr/g=; h=Date:From:To:Subject:From; b=RtSK559bKtqnqjLRJRLIrOUQvVFcqmGYEQ4d9xLFgOY1lAmovRQUqUXnv5NGjL3dd Zarp8dFROG+/oQZoP1IDBspjoZh4LY9kSPk63ppZ+m209zw4NCB0eQXg0ScvrFbfAr epcMQ9cH10QVSIM0IM2pLRUsBq659P/3uE03V7Yk=
Date: Thu, 29 Aug 2019 18:25:02 +0530
From: Mukund Sivaraman <muks@mukund.org>
To: dnsop@ietf.org
Message-ID: <20190829125502.GA2048@jurassic.lan.banu.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.12.0 (2019-05-25)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/7CgEhtMP6KYEUrxYerFepTqXFp8>
Subject: [DNSOP] Specification of DNSKEY "Private-key-format"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Aug 2019 12:56:32 -0000

A tool such as BIND's dnssec-keygen generates the following formatted
private keys:

[muks@naina ~]$ cat Kexample.org.+008+10638.private
Private-key-format: v1.3
Algorithm: 8 (RSASHA256)
Modulus: 3GqHtpNGJk9obM8cIeQa5RqYJNd7ZMJ3tdOIauC8Rz7G3dhxQtTDWwW6vAg3xptDCR/s3l3FaSFTkXyoqqY2/zLTNWUqY2R043xs5ZXSZAwS7ZIUinjLU7m6glz9S1dM6r0h6qTl4NJ+u8Smib26cFEmSZBS/BUBYwc11XEtrwCDvZbZxgAehXXteE+zoUs/vp7HWFNJZkww9c4S1DBIwX/t3bV0fiCdv5gpptUmsjnd/2j9xhdrLm9SGMUYewlaF9hSjQ64PpFo34jErCarBXcr8aH9jYclydmMYlL7m6mFPWTWgZFBDkGdxhQnn9YMgq0ItHzABR12Usflj1PUVw==
PublicExponent: AQAB
PrivateExponent: rTknuSvbGKaVidXm5Rewr1cMNQAIILLYg9RfxKckMNW8UoMU2BIACdvh2n6W3wYMU/J8JHILgEjJtXAD2kFQvZUC+lasTnqXhmS17GSneSsoAP8qF31BRmaTlnpgMkLE10KWkiLP6rVjFkxBGcU67aRI881x+lzDv0DeZQVSgtHt+ZaogkJ7BH2etfKuDOxPuzvvNoh8Zaglm7zgzSh6fuFZxsIMSu7+FgTiqLTqs3O5wM6p494GbI5O3TbMZqCF+1B+uWfAblXwqbfQBQ6oZdG5WaHVSck27b5PVzd64JI/4bbLxpZoywE4xgkn8jyKl08XVGUmFHzGhE6dMJVIcQ==
Prime1: +FczIRoxjyJjRmoESH4Z7oZxvvkZHUE7wah/vUYvTs/LPZN/R0EZDA/HvLPN6vUtnkswnnkJKMN7YDSaciApbwvdlkPERBGgLn/SDBQTWzSAj7X0qu6v5EwOcZyVRUlnd2pBTuooKPB/A63RuIV5RNDbTcq6Hj9gejULF4kc6sk=
Prime2: 4zbZfUU30lknXPlsB3zyOEkFsJj2/O4p3KqDaQsd+vTSsQ4GqhwQhASk21LowgMCSskKAo0FJG2z7yFPHpdy/7q54G0vRD7iMU37ZK8+eO8WmAqS2c/hlfGJpioYGm9HjdFGyD6QWTTY+Yo3TOecv/Yfu3ZhVYsX4iFrgGplNh8=
Exponent1: QfAdQkfLKt8Nju+tTXY1+nA2GWfYdD0S2buclyvgecOQijv0in3NYbd66C6xmRYaU7JRKXKnrOwigQvWikDh33s+DZzWquAnMNF9evmFnizVidLdMNmJWEuddisGM0xnLXzH9GUV3rDkeJyZV64Q4eW2pPQT8N4RBsG4vToJtIk=
Exponent2: oWTcqDb6p9fcNhaVvdvq0kBMYlzFVHR4F96m6X6UFSbCYjHsWfkFYkFKOOBzpRwuDKExEw7IkE+8eCfY44oAjdY9IkVsRbXFRfB2mdZBMfXivq0EEuOvAatIc1eDN4PD9+CnvqVyM2tulBKxpVb/6PsTHz2/ddwPYvkKO3VX31E=
Coefficient: XbZCrBF9whoQEFDNlPnYCRYEM5Wq2TN0essxYsnv0fObssnzv3jJh5NGSzy+2+/gWPvYYe9vtPHhdYhdeRQ//iK1CnP3KlfsMluNXoslC00l+NHnQuu6qHCL5BxfIB8voiq2/NkjRAZufh1g4md1I/BMhA8pdoQs2bElxv6Mewc=
Created: 20190829125147
Publish: 20190829125147
Activate: 20190829125147
[muks@naina ~]$

I have looked around for a specification for this format, but I fail to
find one. Where is this specified? Has it ever been described in some
document?

		Mukund

v2.23.0 | Report a Bug | By Email