Re: [kitten] draft-ietf-krb-wg-pkinit-alg-agility-07 Re: now that I've volunteered....

[Nico Williams <nico@cryptonector.com>]

On Tue, Mar 31, 2015 at 4:36 PM, Tom Yu <tlyu@mit.edu> wrote:
> Here are the KDF OID related changes that I think should happen to the
> algorithm agility draft.
>
> Change the Appendix A ASN.1 module IMPORTS subclause that mentions
> PK-INIT-SPEC from
>
>       PKAuthenticator, DHNonce
>           FROM KerberosV5-PK-INIT-SPEC {
>             iso(1) identified-organization(3) dod(6) internet(1)
>             security(5) kerberosV5(2) modules(4) pkinit(5) };
>             -- as defined in RFC 4556.
>
> to
>
>       PKAuthenticator, DHNonce, id-pkinit
>           FROM KerberosV5-PK-INIT-SPEC {
>             iso(1) identified-organization(3) dod(6) internet(1)
>             security(5) kerberosV5(2) modules(4) pkinit(5) };
>             -- as defined in RFC 4556.
>
> (This adds id-pkinit to the imports).

OK.

> Change the OID list in Section 6 from
>
>    id-pkinit-kdf OBJECT IDENTIFIER           ::= { id-pkinit 6 }
>        -- PKINIT KDFs
>    id-pkinit-kdf-ah-sha1 OBJECT IDENTIFIER   ::= { id-pkinit-kdf 1 }
>        -- SP800 56A ASN.1 structured hash based KDF using SHA-1
>    id-pkinit-kdf-ah-sha256 OBJECT IDENTIFIER ::= { id-pkinit-kdf 2 }
>        -- SP800 56A ASN.1 structured hash based KDF using SHA-256
>    id-pkinit-kdf-ah-sha512 OBJECT IDENTIFIER ::= { id-pkinit-kdf 3 }
>        -- SP800 56A ASN.1 structured hash based KDF using SHA-512
>    id-pkinit-kdf-ah-sha384 OBJECT IDENTIFIER ::= { id-pkinit-kdf 4 }
>        -- SP800 56A ASN.1 structured hash based KDF using SHA-384
>
> to
>
>    id-pkinit-kdf OBJECT IDENTIFIER      ::= { id-pkinit kdf(6) }
>         -- PKINIT KDFs

Ah, that's nice.  The Heimdal ASN.1 compiler shows this as
"label-less" in the comments in the header file it generates.

>    id-pkinit-kdf-ah-sha1 OBJECT IDENTIFIER
>         ::= { id-pkinit-kdf sha1(1) }
>         -- SP800-56A ASN.1 structured hash based KDF using SHA-1
>
>    id-pkinit-kdf-ah-sha256 OBJECT IDENTIFIER
>         ::= { id-pkinit-kdf sha256(2) }
>         -- SP800-56A ASN.1 structured hash based KDF using SHA-256
>
>    id-pkinit-kdf-ah-sha512 OBJECT IDENTIFIER
>         ::= { id-pkinit-kdf sha512(3) }
>         -- SP800-56A ASN.1 structured hash based KDF using SHA-512
>
>    id-pkinit-kdf-ah-sha384 OBJECT IDENTIFIER
>         ::= { id-pkinit-kdf sha384(4) }
>         -- SP800-56A ASN.1 structured hash based KDF using SHA-384
>
> and also duplicate that in the Appendix A ASN.1 module.  Inserting it
> right after the IMPORTS clause might be a good place.

OK.

> We can debate whether the component identifiers for the KDF OIDs should
> be just <hashname> or ah-<hashname>.

I don't think that would be a breaking change, though in general OID
naming changes could be.  The safe way to do this would be to leave
compatibility values behind:

id-pkinit-kdf-sha384 OBJECT IDENTIFIER ::= id-pkinit-kdf-ah-sha384

But I don't care.

> We might also want to duplicate the id-pkinit definition from RFC 4556
> in Section 6 (but not the Appendix A ASN.1 module), to make the full OID
> easier for a casual reader to derive.

Sure.

> Any comments?

Not really.  LGTM.

Nico
--