IETF Logo Mail Archive

Re: [jose] RSASSA-PSS signature

John Bradley <ve7jtb@ve7jtb.com> Tue, 12 March 2013 20:43 UTC

Return-Path: <ve7jtb@ve7jtb.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B123A11E80D2 for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 13:43:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.542
X-Spam-Level:
X-Spam-Status: No, score=-1.542 tagged_above=-999 required=5 tests=[AWL=-1.591, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HTML_MESSAGE=0.001, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DG0EYKXuAEvi for <jose@ietfa.amsl.com>; Tue, 12 Mar 2013 13:43:36 -0700 (PDT)
Received: from mail-gg0-x231.google.com (mail-gg0-x231.google.com [IPv6:2607:f8b0:4002:c02::231]) by ietfa.amsl.com (Postfix) with ESMTP id 966041F0C36 for <jose@ietf.org>; Tue, 12 Mar 2013 13:43:36 -0700 (PDT)
Received: by mail-gg0-f177.google.com with SMTP id q1so61607gge.8 for <jose@ietf.org>; Tue, 12 Mar 2013 13:43:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:content-type:mime-version:subject:from:in-reply-to:date :cc:message-id:references:to:x-mailer:x-gm-message-state; bh=ZkNJKAJoYJ3OsNUM8nIftXdOjcfDZcKWXxy4PDAhUD8=; b=KlzLxmcE5VuYUxsQ5ao3CCN2Ocyf5UfEPfedw6jfYY1YvBAQEZwP5OmpU5kuLV6jcq Gj/+tM4m/kVtX/7zMZVIOT82DE6OetUtU/EGSB9FPS7XGIaJXp+pLgpU0txg7ZQO0nMT lcxjlH6fucjN2r1Y2BlZlgKKEWAHQhSZ4Dcd9pR9BRvcf0DWSV07bNZYN2M9YXlGb5lu VnuwW5lwYo8kj7wZnf5n07UddqQhpsUlURbMzfn1ZNqjB3vakdwSoIyUQREpw1nSFi9P dSIKcB5pCnoRsbtzt4BNVKOIS8cSgIyQGpagvfrzfdPgs7b1CK93bJU7OkLuIlSokfg0 ShwA==
X-Received: by 10.236.127.68 with SMTP id c44mr13731207yhi.113.1363121012340; Tue, 12 Mar 2013 13:43:32 -0700 (PDT)
Received: from [192.168.11.16] (ip-64-134-186-130.public.wayport.net. [64.134.186.130]) by mx.google.com with ESMTPS id j23sm19141739yha.3.2013.03.12.13.43.18 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 12 Mar 2013 13:43:26 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_70EC8503-6F96-48CF-A985-237118933C3D"; protocol="application/pkcs7-signature"; micalg="sha1"
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
From: John Bradley <ve7jtb@ve7jtb.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943675002CB@TK5EX14MBXC283.redmond.corp.microsoft.com>
Date: Tue, 12 Mar 2013 16:43:09 -0400
Message-Id: <345FB995-5251-4746-B293-3F03049EFA6A@ve7jtb.com>
References: <8B4C063947CD794BB6FF90C78BAE9B321EFC0A36@IMCMBX04.MITRE.ORG> <9E337D95-53AD-431D-A053-76F1F5EF7FAA@ve7jtb.com> <CAL02cgQS6pRjFJGdnin_hToTNGak2XDmb-6j3vVGUi1eZb_1Cg@mail.gmail.com> <4E1F6AAD24975D4BA5B168042967394367500130@TK5EX14MBXC283.redmond.corp.microsoft.com> <CAL02cgS4TFg4LytnbV66mbJrc5Vw1zF49-7mSurPWg8FEt_epQ@mail.gmail.com> <4E1F6AAD24975D4BA5B1680429673943675002CB@TK5EX14MBXC283.redmond.corp.microsoft.com>
To: Mike Jones <Michael.Jones@microsoft.com>
X-Mailer: Apple Mail (2.1499)
X-Gm-Message-State: ALoCoQmBcmBZQR6MI0ei3gzV+4biD/RgZSK4SNzmtGjElzgAKC/mFCvuOjXIjuNeTXKC4YyJRfW2
Cc: Richard Barnes <rlb@ipv.sx>, "Peck, Michael A" <mpeck@mitre.org>, "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] RSASSA-PSS signature
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 20:43:37 -0000

I have already updated the slides and sent them on to Jim and Karen to include the issue.

The question is given the recent feedback on interoperability, is if IDESG will allow us through with no MTI.

MTI is not mandatory to use as a WG chair once mentioned.   

Is there really a objection to having libraries include the ability to do RSA-PKCS1-v1.5 encryption as a base?

I agree applications determine the algorithms used. 

John B.

On 2013-03-12, at 4:29 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:

> I obviously defer to the working group on whether it’s a bug or not.  I was just trying to have us be clear on what the specs actually say and why.
>  
> We should probably try to get a clear decision on whether to change that tomorrow.  Maybe John should incorporate a slide on it into his presentation, since he’s already covering all the other open issues?
>  
>                                                             Cheers,
>                                                             -- Mike
>  
> From: Richard Barnes [mailto:rlb@ipv.sx] 
> Sent: Tuesday, March 12, 2013 1:24 PM
> To: Mike Jones
> Cc: John Bradley; Peck, Michael A; jose@ietf.org
> Subject: Re: [jose] RSASSA-PSS signature
>  
> Yes, I know the current JWA says that.  That's a bug.  I just submitted an issue.  We have discussed this several times in the working group, most recently in Atlanta, where there was a fair degree of agreement on removing requirements levels.
>  
> --Richard
>  
>  
>  
> On Tue, Mar 12, 2013 at 4:11 PM, Mike Jones <Michael.Jones@microsoft.com> wrote:
> Your statement that there are no MTI algorithms is actually incorrect.  The current JWA draft specifies REQUIRED (and RECOMMENED and OPTIONAL) algorithms, and indeed, as currently chartered, we are required to define the set of MTI algorithms.
>  
> The spreadsheet characterizing platform support for possible algorithms that John referred to is attached.  As you can see, RSA PKCS1-v1_5 is the only ubiquitously implemented asymmetric encryption algorithm.
>  
>                                                             -- Mike
>  
> From: jose-bounces@ietf.org [mailto:jose-bounces@ietf.org] On Behalf Of Richard Barnes
> Sent: Tuesday, March 12, 2013 12:49 PM
> To: John Bradley
> Cc: Peck, Michael A; jose@ietf.org
> Subject: Re: [jose] RSASSA-PSS signature
>  
> Since we are not putting requirements on algorithms (i.e., there is no MTI), there's no harm to having PSS in the algorithms list.  Only benefit!  
> --Richard
>  
>  
> On Tue, Mar 12, 2013 at 3:24 PM, John Bradley <ve7jtb@ve7jtb.com> wrote:
> This has had a fair amount of discussion.   While I think almost everyone would prefer PSS, many implementations are going to be in scripting languages where the underlying libraries only support PKCS1-v1_5.
>  
> We did a survey of platforms to evaluate if we could move to PSS and the result lead us not to make PSS as the MTI.  In think that was reported out at the Atlanta IETF meeting.
> Nat may be able to forward that to you, I don't have it handy.
>  
> If we were talking about starting from scratch and not building on existing platforms likely the answer would have been different.
>  
> The algorithms are extensible so PSS can be added.   The other consideration is that many of the people who care will be using ECESA signatures anyway.
>  
> John B.
>  
> On 2013-03-12, at 2:52 PM, "Peck, Michael A" <mpeck@mitre.org> wrote:
>  
> draft-ietf-jose-json-web-algorithms-08 includes RSASSA-PKCS1-v1_5 signatures but not RSASSA-PSS.
>  
> The Security Considerations states:
>    While Section 8 of RFC 3447 [RFC3447] explicitly calls for people not
>    to adopt RSASSA-PKCS1 for new applications and instead requests that
>    people transition to RSASSA-PSS, this specification does include
>    RSASSA-PKCS1, for interoperability reasons, because it commonly
>    implemented.
>  
> Shouldn’t RSASSA-PSS at least be included as an option?
> I’m also not sure if I fully understand the interoperability concerns.  JWS is a new specification, so it makes sense to me to use whatever algorithms are currently considered best practice, without need to worry about backwards compatibility?
>  
> Mike
>  
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>  
> 
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
> 
>

v2.23.0 | Report a Bug | By Email