Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rfc4307bis
Yaron Sheffer <yaronf.ietf@gmail.com> Mon, 11 April 2016 15:05 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C778D12EBC1 for <ipsec@ietfa.amsl.com>; Mon, 11 Apr 2016 08:05:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDYo8bXwgxU8 for <ipsec@ietfa.amsl.com>; Mon, 11 Apr 2016 08:05:44 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF01212EBFB for <ipsec@ietf.org>; Mon, 11 Apr 2016 08:05:43 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id a140so16920801wma.0 for <ipsec@ietf.org>; Mon, 11 Apr 2016 08:05:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=8DIfNe4gpxsDphR6rlwdcb9s6YTnCR+/KPKfU9vymU0=; b=ZdZ4+7ZBnjuKnumOZPKai4hSTPiVteoWrslOLpYjmcdaFCgayRcaLVnDCy7ov/n2H5 rMnTfay5THrq42eexh5tThkXSS7lg/hA0ENYrTOgpBTJL2YjtH1e+HPYZXkNwxnIelWA s1EKGpk0M7dKZvXB5uPCDj1SE5J+y70Ntl0lwx7w11ZExR9PyQymFJoM7CAzo9Vsucl1 trkEQGqRj+SbPal13qK5BODFzBOkn3M4hzlGJhZFJI9bGBl668JnnXFtgNYdptNCfeVa 9Wwr6xJOCkMnURpEZAS5kzWd2abCwXD+7BA5vIhPuF7Tn0eSXHqgW82iw2j0idiKTmB4 Fpew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=8DIfNe4gpxsDphR6rlwdcb9s6YTnCR+/KPKfU9vymU0=; b=f92B+o7iAz3l4EkHUOGiJ40SIAXHOOxktcU3DsabYfzjrCkTq6ZVpz7qGFCRyXVFxW k3TGNwB85cxA0KqHJhoTx49zM0b6O3iaxzFsMKBCSrkKxm7M/fxtpS7YEsden0jtQQQo uMV3rZxABSDwVc+H5j3bojCfLQt4bGERCcekEJUUPeTNE7JE5yO5Se5zH7C7mK0nXbdq /6AFqIlRErciSgKkYj9GSNDI1swuZQ4hKnTJBAeCfY0zTiYO6S0N5AO4iT1yUB/Q8dGT SAPU0D7sOTd3WoiPo0VOlZb5lWGj7jbto9c225h7OasWkKCca57C19ULtzx7pAjj0Eip dwtA==
X-Gm-Message-State: AD7BkJKUyKPxUFiHlPztowlIIgqqpP7osNie/jxZfJ9tF1OU7H/e3D1rO5uc0D3K2KNoIA==
X-Received: by 10.28.213.142 with SMTP id m136mr19435297wmg.24.1460387142375; Mon, 11 Apr 2016 08:05:42 -0700 (PDT)
Received: from [10.53.148.108] ([88.128.80.225]) by smtp.gmail.com with ESMTPSA id c125sm17939333wme.6.2016.04.11.08.05.41 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 11 Apr 2016 08:05:41 -0700 (PDT)
To: Tero Kivinen <kivinen@iki.fi>
References: <325E33E7-8F06-414A-B0BB-FCBEEA8CC6C6@vpnc.org> <570AE1AD.3060001@gmail.com> <22283.40143.898294.982675@fireball.acr.fi>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
Message-ID: <570BBD44.4010104@gmail.com>
Date: Mon, 11 Apr 2016 17:05:40 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <22283.40143.898294.982675@fireball.acr.fi>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/LLqXL2na4N93JgcBdnuATpmfWAw>
Cc: IPsecME WG <ipsec@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rfc4307bis
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Apr 2016 15:05:46 -0000
Hi Tero, Thanks for your response, I am fine with your comments but I have a question: in Sec. 4.2, we have: "With the use of Digital Signature, RSASSA-PKCS1-v1.5 MAY be implemented. RSASSA-PSS MUST be implemented." And then the table has SHOULD for RSA (as well as ECDSA). How come? Coming to think of it, if we want to ensure interoperability between peers that use RSA certs and peers that use ECDSA certs, then at least one (probably RSA) needs to be a MUST, even if people are using RFC7427. Thanks, Yaron On 04/11/2016 02:47 PM, Tero Kivinen wrote: > Yaron Sheffer writes: >> 4.1: have we considered making "Digital Signature" (#14) a SHOULD+ >> instead of a SHOULD? > > Yes, I think we discussed it, but I think we should really see at > least one implementation before we pick it as SHOULD+ level... > > Has anybody implemented this yet? > > This is still quite new, i.e., about year old, and as product cycles > tend to be quite slow in the VPN gateways, I have not yet seen any > implementations. > >> 4.2: aren't we trying to move the world to the generic "Digital >> Signature", even if they're still using old certs? > > Yes. > >> If we are, then (gasp) PKCS1 v1.5 needs to be SHOULD. > > Why? There is no relationship between the RSASSA-PSS and > RSASSA-PKCS1-v1.5 signatures in the certificates and in the AUTH > payload. > > I.e., you can have RSASSA-PKCS1-v1.5 signature in the certificate, and > use the RSASSA-PSS with SHA-256 to generate the AUTH payload. > > Also as we do say that RSASSA-PSS MUST be implemented, that means that > every implementation which sends out the SIGNATURE_HASH_ALGORITHMS and > conforms to this document, must support RSASSA-PSS, thus > implementations can always use it when using RSA keys. > > Only reason to support RSASSA-PKCS1-v1.5 is to support RFC7427 > implementations which are made before this 4307bis document came out, > and which do not support RSASSA-PSS required here. > >> And the table should mention sha256WithRSAEncryption. > > Which by defination is then MAY. And it is MAY because it is not using > SHA1 (which would make it SHOULD NOT), and it is using old > RSASSA-PKCS1-v1.5 which is only MAY. > > We did remove all MAY lines from the table in last round. >
- [IPsec] WG Last Call on draft-ietf-ipsecme-rfc430… Paul Hoffman
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Yaron Sheffer
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Yaron Sheffer
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Yaron Sheffer
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Paul Wouters
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Valery Smyslov
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Valery Smyslov
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Dang, Quynh (Fed)
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… paul
- [IPsec] Fw: WG Last Call on draft-ietf-ipsecme-rf… Dang, Quynh (Fed)
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Valery Smyslov
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Valery Smyslov
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Tero Kivinen
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… paul
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Valery Smyslov
- Re: [IPsec] WG Last Call on draft-ietf-ipsecme-rf… Graham Bartlett (grbartle)