Re: [jose] CFRG ECC in JOSE - thumbprint
Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 18 November 2015 08:49 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CB751B2A3C for <jose@ietfa.amsl.com>; Wed, 18 Nov 2015 00:49:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nsS79xeJfkG9 for <jose@ietfa.amsl.com>; Wed, 18 Nov 2015 00:49:34 -0800 (PST)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com [IPv6:2a00:1450:400c:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56B811B2A39 for <jose@ietf.org>; Wed, 18 Nov 2015 00:49:34 -0800 (PST)
Received: by wmvv187 with SMTP id v187so266592130wmv.1 for <jose@ietf.org>; Wed, 18 Nov 2015 00:49:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type:content-transfer-encoding; bh=cvkmXxmYuiyzXA9D2nPzQY5xMDnpX3UPzyi1KMq920Y=; b=bSo8JlkX7+xE6mTxpYrHXn/dOfACQr+hy7fIK5424j3Hmmbf2Mjk6TAswNo+N6Eb/m r7hz+mO1YeZZk0nmvgNoJF/NFuHHzTMKbSWAApYP0EYiYAJFmAOKcXsYaTZET4qNAEhN vo7WRBXxKOLGxKEEAQQFTCuay+jAEsXq0k+hp7fk0D3/uLh3/8+arvi/iHQmxjp/z71A jMjdkvzqut2JVWUCoLTvheE4xwyHSxgz5WgyzLJ0dYY9BcOqFKk9Ex7fTfkJJX2SkNgk xW3XQbq/3QnWDmPEkygHt8xeW3Et1K0kAS3js3Oq//UDJ/ryTS2nkPcuQu6ZZm0Qqytp LaYA==
X-Received: by 10.28.63.22 with SMTP id m22mr8172083wma.58.1447836572936; Wed, 18 Nov 2015 00:49:32 -0800 (PST)
Received: from [192.168.1.79] (148.198.130.77.rev.sfr.net. [77.130.198.148]) by smtp.googlemail.com with ESMTPSA id q1sm1660947wje.39.2015.11.18.00.49.31 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 18 Nov 2015 00:49:32 -0800 (PST)
To: Mike Jones <Michael.Jones@microsoft.com>, Ilari Liusvaara <ilariliusvaara@welho.com>
References: <255B9BB34FB7D647A506DC292726F6E13BB1B6894C@WSMSG3153V.srv.dir.telstra.com> <77F4F506-1924-45A7-94CB-3C530968244B@mit.edu> <20151111083733.GA32165@LK-Perkele-V2.elisa-laajakaista.fi> <20151114131022.GA31553@LK-Perkele-V2.elisa-laajakaista.fi> <5647569F.6070907@gmail.com> <20151114183526.GA31954@LK-Perkele-V2.elisa-laajakaista.fi> <BY2PR03MB4421ADBF35F4EDC2C4126A4F51C0@BY2PR03MB442.namprd03.prod.outlook.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <564C3B97.308@gmail.com>
Date: Wed, 18 Nov 2015 09:49:27 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <BY2PR03MB4421ADBF35F4EDC2C4126A4F51C0@BY2PR03MB442.namprd03.prod.outlook.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/aMEm_KicYE7g1JdlLlPrbmrX5aE>
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] CFRG ECC in JOSE - thumbprint
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2015 08:49:37 -0000
On 2015-11-18 01:27, Mike Jones wrote: > I would strongly argue for using "crv" and "x" to characterize these algorithms. > Developers will be unpleasantly surprised if we don't and more than likely unnecessarily confused as well. I agree. In the case "crv" isn't a curve it would still at least be an algorithm. > I'm on the fence about whether to use "kty":"EC" or a new key type value, > such as "EC1" (Elliptic Curve with one coordinate). I'll note that "EC" > is already designed to allow curves whose representations use > "x" but not "y", so there's strictly speaking no need for a new key type. > But I understand the argument that since "x" isn't represented in SEC1 > format for these curves, that a different "kty" value may be appropriate. IMO, the fact that quite a bunch of popular cryptographic libraries build on "hardcoded" EC and RSA key-types, motivate a *new name*. It seems that JWK parsing would be more straightforward as well. The actual name is fairly unimportant but "EC1" doesn't sound too bad :-) It fits the algorithms/curves currently on the table, doesn't it? Anders > > -- Mike > > -----Original Message----- > From: jose [mailto:jose-bounces@ietf.org] On Behalf Of Ilari Liusvaara > Sent: Saturday, November 14, 2015 10:35 AM > To: Anders Rundgren > Cc: jose@ietf.org > Subject: Re: [jose] CFRG ECC in JOSE - thumbprint > > On Sat, Nov 14, 2015 at 04:43:27PM +0100, Anders Rundgren wrote: >> Hi Ilari, >> >> If these curves are generally recognized as "Edwards" (?) I would >> personally prefer that "kty" refer to something Edward-ish like "ED" >> although this is (of course) entirely unimportant. > > These things are not Edwards curves. These things are abstract public-key algorithms. > > If you truly had Edwards curve over prime field[1], there would be no problem presenting it in standard "EC" notation, as these things have well-defined curve and both x and y coordinates that are in Z_p. > > > And yes, I did consider reusing "crv" and "x", but decided that looks pretty odd (there is no guarantee that these things are in any way based on elliptic curves, nor that even if they are, "x" is actually x coordinate of the curve. > > > [1] But this fails for Edwards curves over prime squared fields, since each co-ordinate has two subcomponents (AFAIK, higher powers give weak-for-ECC fields). > > > > -Ilari > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose >
- Re: [jose] CFRG ECC in JOSE - thumbprint Manger, James
- Re: [jose] CFRG ECC in JOSE - thumbprint Justin Richer
- Re: [jose] CFRG ECC in JOSE - thumbprint Anders Rundgren
- Re: [jose] CFRG ECC in JOSE - thumbprint Ilari Liusvaara
- Re: [jose] CFRG ECC in JOSE - thumbprint Brian Campbell
- Re: [jose] CFRG ECC in JOSE - thumbprint Ilari Liusvaara
- Re: [jose] CFRG ECC in JOSE - thumbprint Anders Rundgren
- Re: [jose] CFRG ECC in JOSE - thumbprint Ilari Liusvaara
- Re: [jose] CFRG ECC in JOSE - thumbprint Mike Jones
- Re: [jose] CFRG ECC in JOSE - thumbprint Anders Rundgren
- Re: [jose] CFRG ECC in JOSE - thumbprint Ilari Liusvaara
- Re: [jose] CFRG ECC in JOSE - thumbprint Anders Rundgren