IETF Logo Mail Archive

Re: [keyassure] publishing the public key

Henry Story <henry.story@bblfish.net> Sat, 19 February 2011 21:38 UTC

Return-Path: <henry.story@bblfish.net>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 28F753A6DC0 for <keyassure@core3.amsl.com>; Sat, 19 Feb 2011 13:38:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level:
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[AWL=0.200, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwCpLE2YJACV for <keyassure@core3.amsl.com>; Sat, 19 Feb 2011 13:38:55 -0800 (PST)
Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by core3.amsl.com (Postfix) with ESMTP id 36EAF3A6D24 for <keyassure@ietf.org>; Sat, 19 Feb 2011 13:38:55 -0800 (PST)
Received: by fxm15 with SMTP id 15so1288263fxm.31 for <keyassure@ietf.org>; Sat, 19 Feb 2011 13:39:31 -0800 (PST)
Received: by 10.223.83.199 with SMTP id g7mr2151360fal.97.1298151571500; Sat, 19 Feb 2011 13:39:31 -0800 (PST)
Received: from bblfish.home (ALagny-751-1-8-99.w86-218.abo.wanadoo.fr [86.218.107.99]) by mx.google.com with ESMTPS id j12sm1721977fax.33.2011.02.19.13.39.28 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 19 Feb 2011 13:39:30 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: multipart/alternative; boundary="Apple-Mail-56--130696425"
From: Henry Story <henry.story@bblfish.net>
In-Reply-To: <AANLkTikab+En5hMgGLV-hXQT2XCSBO676z-WDQhdpduX@mail.gmail.com>
Date: Sat, 19 Feb 2011 22:39:26 +0100
Message-Id: <F61E7BAA-768D-4D6A-9BE2-1173C78DABD4@bblfish.net>
References: <A2CF8378-6577-4AF2-9CD5-4992EE9B13B8@bblfish.net> <E1Pqskq-0004pb-JY@login01.fos.auckland.ac.nz> <AANLkTikab+En5hMgGLV-hXQT2XCSBO676z-WDQhdpduX@mail.gmail.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
X-Mailer: Apple Mail (2.1082)
Cc: keyassure@ietf.org
Subject: Re: [keyassure] publishing the public key
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 19 Feb 2011 21:38:57 -0000

On 19 Feb 2011, at 21:34, Phillip Hallam-Baker wrote:

> I agree with Peter here.
> 
> Folk who are bike-shedding this one need to understand that he is the person they need to persuade to write the code.
> 
> At RSA he demonstrated a large number of issues with PKI that largely come from it giving more options than people care to know what to do with. DNSSEC is already more complex than X.509 was at a similar stage of deployment.

Well that is why the idea of using a subset of X509 could hit a sweet spot. It requires no new tools, but could also reduce
the complexity even further. The publication of a subset of X509 would be simpler than X509 to implement, and so reduce the
problems with it.

> What appears to be a simpler mechanism to implement is only going to save time and effort if it REPLACES the existing mechanism completely and ELIMINATES the need to code for it.
> 
> 
> Comparison to the design choices in FOAF is not very helpful since 1) FOAF has something of a traction/deployment problem in itself and 2) use in FOAF does not disrupt an existing deployed infrastructure.

There are probably a lot  more foaf files out there now than CA signed TLS signed end points now. And I think those are just going to grow.  But that was not the point of my bringing foaf into the discussion. It was just that naturally a few people we were working with thought of using a subset of X509 to solve their problem. 

> 
> Predicting the security implications for a design change for a security protocol deployed for 16 years is going to be very error prone.

Not if you use a subset of what you are already using. In fact that is why I am arguing for it. I don't like complexity. So for me in public key cryptography it is the public keys that are key [sic]. The question should be:
 
 - why not serve the minimal information needed
 - what advantage does one get by serving the full X509
 - what (dis)advantage of both
 - why not the public key rather than the signature?
 
The debate is not a either/or debate here. You already have 4 options in section 2.2 of http://tools.ietf.org/html/draft-ietf-dane-protocol-04 If it were to be an either/or, it could be between the options of  publishing the signature and the option of publishing the public key. It seems to me that the public key is a lot more useful. 

Henry

> 
> 
> On Sat, Feb 19, 2011 at 11:46 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> Henry Story <henry.story@bblfish.net> writes:
> 
> >My question is: what do people use now to pass public keys?
> 
> X.509 key bags.
> 
> >I know an X509 cert contains the public key, though I don't know if it can
> >contain ECC keys.
> 
> It can contain any kind of key for any algorithm likely to be used with TLS.
> 
> >If it does then there is another simple answer: extract the part of that
> >document that contains both the type of the key and the details of it, and
> >use that.
> 
> In that case why not just stick with X.509?  This is bizarre, you have a
> universally-agreed-on, universally-supported format, and you're proposing to
> extract a subset of that requiring custom coding in each implementation to
> support and use that?
> 
> Another reason to stick with X.509 as key bags is that eventually you're going
> to want to put policy in the DNS ("must connect with TLS", "must use EV
> certs", "must use a PFS algorithm like DH/ECDH", "cannot use non-FIPS
> algorithms", and so on).  Guess what X.509v3 key bags were specifically
> designed for?
> 
> The end result is that you'll end up reinventing X.509 as a container format,
> only it'll be some homebrew parallel format that needs custom code to support
> and endless kludging as things get bolted on that'd be automatically supported
> in the X.509 key bag format.  It's reinventing the wheel, but making it square
> just to be different.
> 
> Peter.
> _______________________________________________
> keyassure mailing list
> keyassure@ietf.org
> https://www.ietf.org/mailman/listinfo/keyassure
> 
> 
> 
> -- 
> Website: http://hallambaker.com/
> 

Social Web Architect
http://bblfish.net/

v2.23.0 | Report a Bug | By Email