[Jose-reg-review] Request to register JOSE algorithms for the FIDO Alliance

"Rolf Lindemann" <rlindemann@noknok.com> Fri, 01 June 2018 17:30 UTC

Return-Path: <rlindemann@noknok.com>
X-Original-To: jose-reg-review@ietfa.amsl.com
Delivered-To: jose-reg-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A63DB12DA02 for <jose-reg-review@ietfa.amsl.com>; Fri, 1 Jun 2018 10:30:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.69
X-Spam-Level:
X-Spam-Status: No, score=-2.69 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=noknok.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5xX7mvNThhaH for <jose-reg-review@ietfa.amsl.com>; Fri, 1 Jun 2018 10:30:37 -0700 (PDT)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CFF612D9FF for <jose-reg-review@ietf.org>; Fri, 1 Jun 2018 10:30:37 -0700 (PDT)
Received: by mail-qk0-x232.google.com with SMTP id 185-v6so20442829qkk.11 for <jose-reg-review@ietf.org>; Fri, 01 Jun 2018 10:30:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=noknok.com; s=google; h=reply-to:from:to:cc:subject:date:organization:message-id :mime-version:thread-index:content-language; bh=7//b8vLgWuOnuKaAK/mHoYnIY58vPCfc5xxZtwWvHdM=; b=GR4GI+KtsRguEfuGUy2HuEzUgBqw8gDRFWuWnU401TuYFKFXlNtP7+8UNzmqELnFeF 5DsJT5jKPtitwSyqSXwCoJiHH0sbcpF3tgytkrWCNnIuzWsKLWLGrT7oXPPodkTtEkEG 8ve0dwc+h7OTUxBOt0HeLqrBOLagP+H5g+ej0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:from:to:cc:subject:date:organization :message-id:mime-version:thread-index:content-language; bh=7//b8vLgWuOnuKaAK/mHoYnIY58vPCfc5xxZtwWvHdM=; b=jtlDuq2R8e2BmEAhEoLoSNz+/VOIQpaOyPJZOdelX5Wk2+4NYpEmjfAmM9fQGvi0T3 UqN5tiQuJ+HTZIW601D//rwRMyALPtF0w+HfOuiOKtuJFjwvcG56IKwZK6H8UlKCuhBg N5uy22HTk/4ZEtoDFoAtkk9MU8d0q+6IwIlR76gj9s8Ej91L4tEgwAHc7nwubSa3K5sK wpxN5TSj33ISdPeeMdmqyGmMiSQYcH7jxK0vUyfNa79pUXXNJIfyoegiI/aJWKoiRXf8 lwgNCc+RZ8edOTEDd8CfcYHShE+9XIdJDT/v70OHhOqPMtbBNGbD+MlPESukkD2rXFqS b0pw==
X-Gm-Message-State: APt69E2upm4mFEqIPSLUULH0uiJCzgd9+8bMSSY/0bg1LKxer6QMiTSd kIHzFnXlZakGpofBKiF5dXHl
X-Google-Smtp-Source: ADUXVKL/SS8UhUFDkK2+TBEdrFzRL3PPkmmvQyIvR1ZMQ+GOxasjAX7g8jFORlYK81gLoTGa4MI2Gw==
X-Received: by 2002:a37:c949:: with SMTP id q70-v6mr10816761qki.174.1527874236276; Fri, 01 Jun 2018 10:30:36 -0700 (PDT)
Received: from Myra (198-27-138-18.static.sonic.net. [198.27.138.18]) by smtp.gmail.com with ESMTPSA id f8-v6sm7100587qkm.42.2018.06.01.10.30.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 01 Jun 2018 10:30:35 -0700 (PDT)
Reply-To: rolf@noknok.com
From: Rolf Lindemann <rlindemann@noknok.com>
To: jose-reg-review@ietf.org
Cc: jca@zurich.ibm.com, mbj@microsoft.com, "'Hodges, Jeff'" <jeff.hodges@paypal.com>
Date: Fri, 01 Jun 2018 19:30:35 +0200
Organization: Nok Nok Labs
Message-ID: <0ab801d3f9ce$40d7cca0$c28765e0$@noknok.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0AB9_01D3F9DF.04655790"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdP5OpIcc678paA9S/GwU/X8TbmHeg==
Content-Language: de
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose-reg-review/EdU_A9VkgkZw7CxqI1goMSYx8-Y>
Subject: [Jose-reg-review] Request to register JOSE algorithms for the FIDO Alliance
X-BeenThere: jose-reg-review@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "The JSON Web Algorithm standard \(RFC 7518\) establishes this email list for designated experts to discuss proposed changes, additions, and removals to the set of algorithms in the JSON Object Signing and Encryption \(JOSE\) registry, http://www.iana.org/assignments/jose." <jose-reg-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose-reg-review/>
List-Post: <mailto:jose-reg-review@ietf.org>
List-Help: <mailto:jose-reg-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose-reg-review>, <mailto:jose-reg-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jun 2018 17:31:36 -0000

Hi,

 

The FIDO Alliance would like to register the following algorithms in the
IANA "JSON Web Signature and Encryption Algorithms" registry:

1. "ED256", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

2. "ED512", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

3. "ED638", see
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations

4. "ED256-2", 

    - Name "ED256-2"

    - Algorithm Description: ECDAA algorithm based on ECC_BN_DSD_P256 (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#bib-DevScoDah2007>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#bib-DevScoDah2007) curve using SHA256 algorithm.

    - Algorithm Usage Locations: "alg", i.e. used with JWS.

    - JOSE Implementation Requirements: optional

    - Change Controller: FIDO Alliance,  <https://fidoalliance.org/contact/>
https://fidoalliance.org/contact/ 

    - Sections 3. FIDO ECDAA Attestation (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#fido-ecdaa-attestation>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#fido-ecdaa-attestation) and 4. FIDO ECDAA Object Formats
and Algorithm Details (
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#fido-ecdaa-object-formats-and-algorithm-details>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#fido-ecdaa-object-formats-and-algorithm-details) of
[FIDOEcdaaAlgorithm].

    - Algorithm Analysis Document(s):
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#bib-FIDO-DAA-Security-Proof>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#bib-FIDO-DAA-Security-Proof 

("ED256-2" should have also been in the IANA Considerations section but
isn't due to a clerical error.)

 

These names are related to cryptographic algorithms for Direct Anonymous
Attestation.  The relevant details are described in
<https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v
2.0-id-20180227.html#iana-considerations>
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-ecdaa-algorithm-v2
.0-id-20180227.html#iana-considerations. 

The algorithms were developed by Jan Camenisch of IBM (cc'ed) - a
cryptographic expert.  They are in production use in FIDO deployments.

 

Kind regards,

     Rolf Lindemann