IETF Logo Mail Archive

Re: [keyassure] publishing the public key

Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Tue, 15 February 2011 19:07 UTC

Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A40263A6C32 for <keyassure@core3.amsl.com>; Tue, 15 Feb 2011 11:07:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.524
X-Spam-Level:
X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ej0iyOeB01iD for <keyassure@core3.amsl.com>; Tue, 15 Feb 2011 11:07:06 -0800 (PST)
Received: from emh04.mail.saunalahti.fi (emh04.mail.saunalahti.fi [62.142.5.110]) by core3.amsl.com (Postfix) with ESMTP id BE7BD3A6AB3 for <keyassure@ietf.org>; Tue, 15 Feb 2011 11:07:04 -0800 (PST)
Received: from saunalahti-vams (vs3-12.mail.saunalahti.fi [62.142.5.96]) by emh04-2.mail.saunalahti.fi (Postfix) with SMTP id B0EB213BAF0; Tue, 15 Feb 2011 21:07:29 +0200 (EET)
Received: from emh06.mail.saunalahti.fi ([62.142.5.116]) by vs3-12.mail.saunalahti.fi ([62.142.5.96]) with SMTP (gateway) id A07008944B8; Tue, 15 Feb 2011 21:07:29 +0200
Received: from LK-Perkele-VI (a88-112-55-20.elisa-laajakaista.fi [88.112.55.20]) by emh06.mail.saunalahti.fi (Postfix) with ESMTP id 9C376E51A9; Tue, 15 Feb 2011 21:07:27 +0200 (EET)
Date: Tue, 15 Feb 2011 21:07:18 +0200
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Message-ID: <20110215190718.GA24175@LK-Perkele-VI.localdomain>
References: <mailman.3010.1297769546.4701.keyassure@ietf.org> <4D5AC35C.3010807@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <4D5AC35C.3010807@gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
X-Antivirus: VAMS
Cc: keyassure@ietf.org
Subject: Re: [keyassure] publishing the public key
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2011 19:07:06 -0000

On Tue, Feb 15, 2011 at 08:18:04PM +0200, Yaron Sheffer wrote:
> 
> Yes, it's ASN.1, but it's well defined. Let's not forget that there
> have been security vulnerabilities related to the on-the-wire format
> of pubic keys in the past.

Letting factors outside the signed blocks interfere with interpretation
of stuff inside signature? Signed blocks with multiple interpretations?

What else? Got summary of some of the issues (just for reference, quick
googling doesn't yield anything relvant)?

-Ilari

v2.23.0 | Report a Bug | By Email