Re: NF* (Re: PKCS#11 URI slot attributes & last call)

Nico Williams <nico@cryptonector.com> Wed, 31 December 2014 09:19 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6788A1A8AA9; Wed, 31 Dec 2014 01:19:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.034
X-Spam-Level:
X-Spam-Status: No, score=0.034 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 602DgA5hQ8U8; Wed, 31 Dec 2014 01:19:12 -0800 (PST)
Received: from homiemail-a54.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 36E8B1A8768; Wed, 31 Dec 2014 01:19:12 -0800 (PST)
Received: from homiemail-a54.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a54.g.dreamhost.com (Postfix) with ESMTP id C25844012D694; Wed, 31 Dec 2014 01:19:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s= cryptonector.com; bh=ZSS0v1pOURfSEzKxCbjmEPJ5k6s=; b=po2kEdZfViu 7bUMp9u0oZ4JhDTJPuY30KK8hgW3A+lj7X+pP2HTYMA5v1yjhIZA7746kOgUgASg KTrivnEs0C2Ls+I7EaBCUWp6vFsFRtrWDugO23X+5IEiPHRNEDYcYKliV/5yP79f t67KYTonkg04zP9IVTWgDADEda3PFD5A=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a54.g.dreamhost.com (Postfix) with ESMTPA id 4F1354012D68E; Wed, 31 Dec 2014 01:19:11 -0800 (PST)
Date: Wed, 31 Dec 2014 03:19:10 -0600
From: Nico Williams <nico@cryptonector.com>
To: Patrik =?iso-8859-1?B?RuRsdHN0cvZt?= <paf@frobbit.se>
Subject: Re: NF* (Re: PKCS#11 URI slot attributes & last call)
Message-ID: <20141231091906.GO24442@localhost>
References: <CAK3OfOgm_ZYj-rY+4ExZzY8KY4G3rz2KLrZ8hQJi7ZUR4yiP0Q@mail.gmail.com> <alpine.GSO.2.00.1412300946340.4549@keflavik> <CAK3OfOha9qu=uDtqwDTdV78waLMaorYq0T6cq1YX3VzQn2OpKA@mail.gmail.com> <A4CC6CEC-D17E-4235-B615-9D2AD88096D4@frobbit.se> <20141231070328.GK24442@localhost> <B08B813F-B8B4-49F1-A0B9-60F322C8E9C7@frobbit.se> <20141231074641.GM24442@localhost> <947CA101-D717-4B56-8EEE-84B3A53BF4A1@frobbit.se> <20141231082551.GN24442@localhost> <48A18B23-AAF9-44EA-8557-D25EBE398B56@frobbit.se>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <48A18B23-AAF9-44EA-8557-D25EBE398B56@frobbit.se>
User-Agent: Mutt/1.5.21 (2010-09-15)
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/g-rCtURAQStfittozZVIzDa86Mo
Cc: Darren J Moffat <Darren.Moffat@oracle.com>, "saag@ietf.org" <saag@ietf.org>, Jan Pechanec <jan.pechanec@oracle.com>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Dec 2014 09:19:13 -0000

On Wed, Dec 31, 2014 at 10:09:39AM +0100, Patrik Fältström wrote:
> > On 31 Dec 2014, at 09:25, Nico Williams <nico@cryptonector.com> wrote:
> > Of course, the issues are the same, it's just that there's no "server"
> > to consider.  It's all as good as "clients".  Unlike IDNA, it's all
> > UTF-8, all the time, so that form-insensitive can work.
> 
> Well, the definition of a URI like in this case in reality define a
> protocol with a client and server, if we think about the case when the
> URI is used. Someone create a URI (by typing, speaking, OCR:ing,
> copying) and use it to reach a resource.

As with filesystems, the "processes" creating and accessing the resource
are all clients.  There are no servers that can make right, therefore we
might as well not speak of them :)

(We're agreeing.)

> Regarding "the PKCS#11 does not talk about the issue, so why would
> IETF" is a question I think has a clear answer. IETF have in many
> cases created profiles, or let me say "interpretations" of definitions
> made elsewhere. Simply because IETF do not think the specification is
> crisp enough.

Yes.  The question is whether we should in this case.

I'm in favor of saying "do form-insensitive comparison".  I'd settle for
"always normalize to NFC when creating PKCS#11 resources" because, after
all, that's what IRIs need anyways, it's just that a PKCS#11 URI-using
app might not be in a position to make "normalize on create" happen.

OTOH, I think this is a minor issue, so if reaching consensus is hard,
then I say "say nothing", normatively anyways.

However, you're right that as far as Security Considerations go, we
can't say nothing.

> Look at UTF-8 for example.

Indeed.  We make things better.

> You also write:
> 
> > IOW, what to do depends on the application.  For filesystems I say:
> > be form-preserving-form-insensitive.  For IDNA there's no choice but
> > to go with clients-must-normalize.  Each app will be different.
> 
> Sure, that is my point.

Yes, we agree :)

> What you say is that the IETF use of PKCS#11, without any
> specification of normalisation, mapping or otherwise, will not have
> any security implications what so ever regardless of what an
> application do (i.e. one party participating using one normalisation
> form, another do PRECIS mapping, a third do NFC,...)?

No, it will have security considerations regardless.

The only way to help that is to force normalization on create, but as I
say, that's not something this spec can cause to happen or assume has
happened.

> That is what I see you write, and if either I understand you wrong, or
> if that is not what you are saying, then a text must be created and
> added that explain the pitfalls -- at least as part of the security
> considerations section if not in the specification on how PKCS#11 is
> to be used.

Yes.

Nico
--