[KEYPROV] Converting enrollment protocols from XML to JSON
Anders Rundgren <anders.rundgren@telia.com> Wed, 18 September 2013 15:08 UTC
Return-Path: <anders.rundgren@telia.com>
X-Original-To: keyprov@ietfa.amsl.com
Delivered-To: keyprov@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED66111E8263 for <keyprov@ietfa.amsl.com>; Wed, 18 Sep 2013 08:08:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZOIy8ANoUiZt for <keyprov@ietfa.amsl.com>; Wed, 18 Sep 2013 08:08:15 -0700 (PDT)
Received: from smtp-out21.han.skanova.net (smtp-out21.han.skanova.net [195.67.226.208]) by ietfa.amsl.com (Postfix) with ESMTP id 44FB711E8257 for <keyprov@ietf.org>; Wed, 18 Sep 2013 08:07:56 -0700 (PDT)
Received: from [192.168.1.99] (79.85.235.16) by smtp-out21.han.skanova.net (8.5.133) (authenticated as u36408181) id 521DAD6E0091FDCB for keyprov@ietf.org; Wed, 18 Sep 2013 17:07:53 +0200
Message-ID: <5239C1BE.5020104@telia.com>
Date: Wed, 18 Sep 2013 17:07:42 +0200
From: Anders Rundgren <anders.rundgren@telia.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: keyprov@ietf.org
X-Enigmail-Version: 1.5.2
Content-Type: multipart/alternative; boundary="------------000006030808010804000404"
Subject: [KEYPROV] Converting enrollment protocols from XML to JSON
X-BeenThere: keyprov@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Provisioning of Symmetric Keys \(keyprov\)" <keyprov.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/keyprov>, <mailto:keyprov-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyprov>
List-Post: <mailto:keyprov@ietf.org>
List-Help: <mailto:keyprov-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyprov>, <mailto:keyprov-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2013 15:08:22 -0000
I have "amused" myself with some initial conversions of KeyGen2 from XML to JSON. The following shows one of the ten KeyGen2 message objects: { "@context": "http://xmlns.webpki.org/keygen2/201309018", "@qualifier": "KeyCreationRequest", "ServerSessionID": "S-140f2b70a3e4eefe1627b141e20", "ClientSessionID": "C-140f2b70ba0812f22188454b453", "SubmitURL": "http://issuer.example.com/keygen", "PUKPolicy": [{ "ID": "PUK.1", "Format": "numeric", "RetryLimit": 3, "Value": "mjRuOhjhtfg6d6d51Oqw", "MAC": "xPr65fxq5hwvUX94Btpp5tey+yHH9iBrMLO7wQ2k5/0=", "PINPolicy": [{ "ID": "PIN.1", "Grouping": "shared", "Format": "numeric", "MinLength": 4, "MaxLength": 8, "RetryLimit": 3, "PatternRestrictions": ["three-in-a-row","sequence"], "MAC": "Hlzek4waNiqnWwrK83cvHE6MyoQh7N5frLEH4I3DpZ0=", "KeyEntry": [{ "ID": "Key.1", "KeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.p256", "AppUsage": "authentication", "MAC": "idpbhr/L/4BnaLaxz5VJHC4/XPoyp3kR/s7Dcb7ywTM=" }, { "ID": "Key.2", "KeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048", "AppUsage": "encryption", "MAC": "6KCho59vdV3hyXlKaQl3HQFPO32GzfXFbkJh4jsbQKA=" }] }] }] } This should be interpreted as a request for an EC key and an RSA key where both keys are protected by a single (shared) user-defined (within the specified policy limits) PIN. The PIN is in turn governed by an issuer-defined, protocol-wise secret PUK. Since multiple instances of properties is considered as a bad JSON practice, arrays have been used instead. For those who are versed in XML Schemas, @context is essentially the same as targetNameSpace while @qualifier represents an "emulation" of the top-level element in an XML instance document. The original version in XML looks considerably cooler but machines probably don't care :-) Cheers, Anders
- [KEYPROV] Converting enrollment protocols from XM… Anders Rundgren