[Dots] New draft - guide to creating an ECDSA pki
Robert Moskowitz <rgm-sec@htt-consult.com> Wed, 30 August 2017 14:01 UTC
Return-Path: <rgm-sec@htt-consult.com>
X-Original-To: dots@ietfa.amsl.com
Delivered-To: dots@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E178132E9C for <dots@ietfa.amsl.com>; Wed, 30 Aug 2017 07:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dhGX-ahkKE0r for <dots@ietfa.amsl.com>; Wed, 30 Aug 2017 07:00:55 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [50.253.254.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1F7E132E3D for <dots@ietf.org>; Wed, 30 Aug 2017 07:00:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 9991262161 for <dots@ietf.org>; Wed, 30 Aug 2017 10:00:54 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id S-psk4YhM4AG for <dots@ietf.org>; Wed, 30 Aug 2017 10:00:48 -0400 (EDT)
Received: from lx120e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 06606621A2 for <dots@ietf.org>; Wed, 30 Aug 2017 10:00:47 -0400 (EDT)
To: "dots@ietf.org" <dots@ietf.org>
From: Robert Moskowitz <rgm-sec@htt-consult.com>
Message-ID: <e16401b8-e5bb-430f-856b-3d747ec17f33@htt-consult.com>
Date: Wed, 30 Aug 2017 10:00:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dots/5oKoXEpZ-Ex-_DnEZ4H13SbP8xE>
Subject: [Dots] New draft - guide to creating an ECDSA pki
X-BeenThere: dots@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of DDoS Open Threat Signaling \(DOTS\) technology and directions." <dots.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dots>, <mailto:dots-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dots/>
List-Post: <mailto:dots@ietf.org>
List-Help: <mailto:dots-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dots>, <mailto:dots-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Aug 2017 14:01:03 -0000
I have spoken to the need for Identities in DOTS agents. This implies using X.509 certificates and making sure they work in your product. But getting decent certificates for PoC and testing has been challenging. To this end, I have created a guide and put it together in an ID. I am interested in working with those participating in the Hackathon to put together the DOTS Hackaton PKI. Bob -------- Forwarded Message -------- Subject: New Version Notification for draft-moskowitz-ecdsa-pki-00.txt Date: Wed, 30 Aug 2017 06:53:03 -0700 From: internet-drafts@ietf.org To: Robert Moskowitz <rgm@labs.htt-consult.com>, Liang Xia <frank.xialiang@huawei.com>, Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, Liang Xia <Frank.xialiang@huawei.com> A new version of I-D, draft-moskowitz-ecdsa-pki-00.txt has been successfully submitted by Robert Moskowitz and posted to the IETF repository. Name: draft-moskowitz-ecdsa-pki Revision: 00 Title: Guide for building an ECC pki Document date: 2017-08-30 Group: Individual Submission Pages: 26 URL: https://www.ietf.org/internet-drafts/draft-moskowitz-ecdsa-pki-00.txt Status: https://datatracker.ietf.org/doc/draft-moskowitz-ecdsa-pki/ Htmlized: https://tools.ietf.org/html/draft-moskowitz-ecdsa-pki-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-moskowitz-ecdsa-pki-00 Abstract: This memo provides a guide for building a PKI (Public Key Infrastructure) using openSSL. All certificates in this guide are ECDSA, P-256, with SHA256 certificates. Along with common End Entity certificates, this guide provides instructions for creating IEEE 802.1AR [IEEE.802.1AR_2009] iDevID Secure Device certificates. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Dots] New draft - guide to creating an ECDSA pki Robert Moskowitz
- Re: [Dots] New draft - guide to creating an ECDSA… Robert Moskowitz
- Re: [Dots] New draft - guide to creating an ECDSA… Panos Kampanakis (pkampana)
- Re: [Dots] New draft - guide to creating an ECDSA… Robert Moskowitz