Re: What ASN.1 got right

Michael Thomas <mike@mtcc.com> Tue, 02 March 2021 20:55 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D65213A1075 for <ietf@ietfa.amsl.com>; Tue, 2 Mar 2021 12:55:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WKtmcDO0iXul for <ietf@ietfa.amsl.com>; Tue, 2 Mar 2021 12:55:57 -0800 (PST)
Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 817FF3A1073 for <ietf@ietf.org>; Tue, 2 Mar 2021 12:55:57 -0800 (PST)
Received: by mail-pg1-x536.google.com with SMTP id n10so14690736pgl.10 for <ietf@ietf.org>; Tue, 02 Mar 2021 12:55:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=Z5togWTvdOyGxE9sE8DgggxjUa4eYCxosmkg8H9RfI8=; b=WpPqRZsDuK3u8e6ZFl4dNPTbhVDt1+3AYxhkRQEs0dxMdWSaHK4uSEhkUwfJKbw4+J 5mIka5QPGlxkeDV2PA32Wrz1Z1QrOARbec30lY4Rn5UPCYwe7W6ltY6kCrsjfSdI8WCM ztxNxhTrEalJruNF8Bfsq+od1CbvdyI+LPxgkzrk83WQCAs1/iEJNHsse4O+0mumuIpf lGPVZva/h4c8yaPqPQKbHuX/L7thqD8MUJnz5zqDQbxTNtHifzSZEkJyg4b2wR3yxWiv hgnfdEEH+7ipQezsZvAmFncfjSg93AH0JUqpFuZggx+bBvylz/YKKcT/WzKzrpKUV0x+ M8aQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=Z5togWTvdOyGxE9sE8DgggxjUa4eYCxosmkg8H9RfI8=; b=MNoOT8J/DjNYSq1VhnOULqDnL9Y9gisr3traRtjBfW3ENJz2DzyLLl0pecBrsO4SMT qf3wVOCwtW8xkZDIhG3XLOc03I3u5cuN1fs+U+sL6c256IEjsJiLnuVWPoZrdcI4S/Sd RqnBZzTFPcU77ogRjJvulIndpDu8gN4R06GoN5vh0kAFfc8fUEUSQcK+0SubpG5BCkT5 dQAq1FhpiwpsJ9TclJi7iJl5vPzFhXuvQlxI4xONsyTsjq+MicRtwthw8UNVhsaojrs8 3VxdIdKbmIfyXkGoPJMM8LhB0Jdw7YFz9bpfQ1GpAGKUQ2DBCLX/lwACa20Bvp+hgDCu Hcjg==
X-Gm-Message-State: AOAM532abhl9UPWccy2upanE4us76BYM1JofuJon6rpJNgl5HUbhCAb8 M12XH185YQVWLDwh+xK7dRBmgOiRQnf6RQ==
X-Google-Smtp-Source: ABdhPJyM74v6q7Q2Nk8i8KhTZ3liFE0FtBYa64j9pcf3ezd8j2E+3Xp/NRILb3/2eUvQciRPTmwH9A==
X-Received: by 2002:a63:db10:: with SMTP id e16mr8613930pgg.234.1614718555804; Tue, 02 Mar 2021 12:55:55 -0800 (PST)
Received: from mike-mac.lan ([206.107.197.192]) by smtp.gmail.com with ESMTPSA id w1sm13884465pgs.15.2021.03.02.12.55.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 02 Mar 2021 12:55:55 -0800 (PST)
Subject: Re: What ASN.1 got right
To: Phillip Hallam-Baker <phill@hallambaker.com>, Nico Williams <nico@cryptonector.com>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
References: <20210302010731.GL30153@localhost> <0632b948-9ed1-f2bd-96da-9922ebb2aa60@mtcc.com> <006750D4-B70D-44F8-A01A-BD3AB136D9D3@webweaving.org> <a584ff73-34ae-1c9e-e746-ce98749461d7@mtcc.com> <20210302183901.GV30153@localhost> <CAMm+Lwj8QwuqaA3f625Ui8arc0TxY3uLXbG-PKToWGdtq8az6w@mail.gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <613072c6-5518-91e3-41b9-3b7590ee2346@mtcc.com>
Date: Tue, 2 Mar 2021 12:55:53 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.8.0
MIME-Version: 1.0
In-Reply-To: <CAMm+Lwj8QwuqaA3f625Ui8arc0TxY3uLXbG-PKToWGdtq8az6w@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------15BFCE5E0330DE79F85BE9F3"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/U4Q-dXJAEn-_x_L3S5hRceNHAVk>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2021 20:55:59 -0000

On 3/2/21 12:44 PM, Phillip Hallam-Baker wrote:
> On Tue, Mar 2, 2021 at 1:39 PM Nico Williams <nico@cryptonector.com 
> <mailto:nico@cryptonector.com>> wrote:
>
>     On Tue, Mar 02, 2021 at 10:19:53AM -0800, Michael Thomas wrote:
>     > [...] And once you rely
>     > on online crl's, it's all the same.
>
>     Yes, well, wherever possible we should be using short-lived
>     credentials
>     and dispense with revocation.
>
>
> Getting back to the constraints of 30MHz Windows 95 PCs. Has anyone 
> here tried to create a 2048 bit RSA key on a BBN safekeyper box?
>
> The notary videographer did not expect to be spending eight hours 
> filming absolutely nothing happening.
>
> Back in 1995, signing a new cert for each subscriber every day was 
> impossible. Now it is completely feasible.
>
> With threshold techniques, we don't even need the subscriber to make a 
> new cert request and we can still roll the key:
>
> * Alice creates public/private key pair {a.P, a}, sens a.P to Carol
>
> t=0) Carol validates the request generates a new keypair {c0.P, c0} 
> and sends back a certificate for { (a+c0).P, a+c}. and the value c0 
> Carol doesn't know a of course but she can calculate a.P + c0.P which 
> is the same thing. This cert is valid for 48 hours.
>
> t=1) The next day, Carol sends a certificate for { (a+c1).P, a+c}. and 
> the value c1
>
> t=2) The next day, Carol sends a certificate for { (a+c2).P, a+c}. and 
> the value c3
>
> t=3) 'Alice' turns out to have never been Alice, it was Mallet. Carol 
> stops sending her new certificates.
>
>
Or skip all of this complexity and just enroll the naked public key 
bound to whatever name you like (if any) and having the side benefit of 
not having to deal with a dinosauric encoding scheme.

Mike