Re: [jose] RFC 8037 "alg" quirkiness
Jim Schaad <ietf@augustcellars.com> Sat, 19 September 2020 15:53 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BCCC3A0AB0 for <jose@ietfa.amsl.com>; Sat, 19 Sep 2020 08:53:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gozmuppzT137 for <jose@ietfa.amsl.com>; Sat, 19 Sep 2020 08:53:18 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 701B03A0AAE for <jose@ietf.org>; Sat, 19 Sep 2020 08:53:18 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Sat, 19 Sep 2020 08:52:52 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Anders Rundgren' <anders.rundgren.net@gmail.com>, jose@ietf.org
References: <1a84f81d-c7bd-9961-9f5c-e6c358fc1095@gmail.com>
In-Reply-To: <1a84f81d-c7bd-9961-9f5c-e6c358fc1095@gmail.com>
Date: Sat, 19 Sep 2020 08:52:51 -0700
Message-ID: <039801d68e9c$ef7baaf0$ce7300d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQIRfeCT23E7ULVkfNVtfdFMcnJlbKj6PJ6A
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/M_suTfo2K-EBBZfkJo4i1loBwUw>
Subject: Re: [jose] RFC 8037 "alg" quirkiness
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Sep 2020 15:53:20 -0000
Jumping back to the start. -----Original Message----- From: jose <jose-bounces@ietf.org> On Behalf Of Anders Rundgren Sent: Saturday, August 29, 2020 11:58 PM To: jose@ietf.org Subject: [jose] RFC 8037 "alg" quirkiness I have just implemented support for Edwards curves in my JSON library. Although it is certainly not a deal-breaker I find the use of "EdDSA" as a generic Edwards algorithm identifier rather quirky since it departs from the other JWS algorithms: https://tools.ietf.org/html/rfc8037#appendix-A.4 [JLS] I do not find this at all in consistent with the way that the other signature algorithms were handled, but that may just be me. For the ECDSA algorithms, the size of the hash is specified because it could be variable across the different curve sizes. So you can do ECDSA with SHA-512 and P-256. The requirement to specify the hash was needed to bring the number of options down to just those that are fixed by the curve. [JLS] For EdDSA, the hash function is fixed by the curve. This would change if different hash functions where allowed for the same curve but I do not believe that this where ever be in danger of happening because it was strongly argued that a single hash function was the correct approach. Since there was not a need to specify the hash function independent of the key, there was no need to specify an EdDSA with SHA-512 and an EdDSA with SHAKE-256 it was not done. Jim For curiosity reasons I took a peek at the initial draft which has (in my opinion...) a more logical solution: https://tools.ietf.org/html/draft-liusvaara-jose-cfrg-curves-00#appendix-A.4 May I ask why this change was performed? For JSF (JSON Signature Format) I will stick to the "00" scheme which also permits use of ed25519ph and friends if needed: https://mobilepki.org/jsf-lab/home thanx, Anders _______________________________________________ jose mailing list jose@ietf.org https://www.ietf.org/mailman/listinfo/jose
- Re: [jose] RFC 8037 "alg" quirkiness Neil Madden
- [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Ilari Liusvaara
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Neil Madden
- Re: [jose] RFC 8037 "alg" quirkiness Ilari Liusvaara
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Benjamin Kaduk
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Jim Schaad
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Jim Schaad
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren
- Re: [jose] RFC 8037 "alg" quirkiness Jim Schaad
- Re: [jose] RFC 8037 "alg" quirkiness Anders Rundgren