Re: [kitten] SPAKE key usage and padata type assignments
Benjamin Kaduk <kaduk@mit.edu> Thu, 14 September 2017 01:47 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E45B2132F8F for <kitten@ietfa.amsl.com>; Wed, 13 Sep 2017 18:47:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2aio3GbY58es for <kitten@ietfa.amsl.com>; Wed, 13 Sep 2017 18:47:48 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 565E71323A3 for <kitten@ietf.org>; Wed, 13 Sep 2017 18:47:48 -0700 (PDT)
X-AuditID: 1209190e-b1bff700000005aa-1b-59b9dfc34750
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id A1.12.01450.3CFD9B95; Wed, 13 Sep 2017 21:47:47 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id v8E1lj5C029075; Wed, 13 Sep 2017 21:47:46 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v8E1lgkn027089 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 13 Sep 2017 21:47:44 -0400
Date: Wed, 13 Sep 2017 20:47:42 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
Cc: kitten@ietf.org
Message-ID: <20170914014741.GP96685@kduck.kaduk.org>
References: <x7dbmmezgcn.fsf@equal-rites.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <x7dbmmezgcn.fsf@equal-rites.mit.edu>
User-Agent: Mutt/1.8.3 (2017-05-23)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrPIsWRmVeSWpSXmKPExsUixCmqrHv4/s5Ig+PfBC2Obl7F4sDosWTJ T6YAxigum5TUnMyy1CJ9uwSujIXretgLujgr1t7VbmCcx97FyMkhIWAi0fb3NXMXIxeHkMBi JokP95azQjgbGSWmXbzJDFIlJHCVSWLphyAQm0VAVeLq8iVgcTYBFYmG7stgtoiAosSzVXNZ QGxmAWGJ5WvOsoHYwgKOEhOnXATbxgu07daLh6wQMw0ljq+9xwoRF5Q4OfMJVK+WxI1/L5m6 GDmAbGmJ5f84QMKcAkYSxzqWgpWICihLzNu3im0Co8AsJN2zkHTPQuhewMi8ilE2JbdKNzcx M6c4NVm3ODkxLy+1SNdYLzezRC81pXQTIzgcJfl2ME5q8D7EKMDBqMTD+8ByZ6QQa2JZcWXu IUZJDiYlUd69ukAhvqT8lMqMxOKM+KLSnNTiQ4wSHMxKIrynrgDleFMSK6tSi/JhUtIcLEri vOIajRFCAumJJanZqakFqUUwWRkODiUJXj1g3AkJFqWmp1akZeaUIKSZODhBhvMADV94D2R4 cUFibnFmOkT+FKOilDgvO0izAEgiozQPrheULiSy99e8YhQHekWYdxpIOw8w1cB1vwIazAQ0 +MzpHSCDSxIRUlINjIKX5eVTrsqoZwh9XigsdrvqxGHvQ++S5m7bF/h9xf/u2JJcgQcqh6c8 Fw0y9WR9whYn2dB4+JTJuYYTyWGuKfcl+Ro/HN/PdfXqrat7xUKr5JZGvZts5cLn66HkK8y6 zlEk8+6d7RUcN8yY571lmOLNsqVJN1Omfqrq2XiOA3b3GDrEZmkJKbEUZyQaajEXFScCAElD 5wjyAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/jjaIWBrlMvzf3ZPl91-0YzHm7Lk>
Subject: Re: [kitten] SPAKE key usage and padata type assignments
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Sep 2017 01:47:50 -0000
On Wed, Sep 13, 2017 at 12:57:28PM -0400, Greg Hudson wrote: > I have assigned the following key usage numbers to SPAKE preauth: > > 65 KEY_USAGE_SPAKE_TRANSCRIPT > 66 KEY_USAGE_SPAKE_FACTOR > > Those assignments are sufficient to generate test vectors. We also need > to assign a padata type. RFC 6113 established an IANA registry for > padata types with new registrations subject to expert review. Subject to expert review, provided that they only authenticate clients authenticate KDCs, and/or establish the reply key, which does appear to be the case here. > I think it would be reasonable to ask for a padata type registration at I concur. Would you like me to make the request with my chair hat? > this time. Aside from the addition of the edwards25519 group (which > would benefit from another non-coauthor +1), I am not aware of any open > questions which could lead to non-interoperable changes in the protocol. Me, neither. And yes, it would be very nice to have another no-coauthor +1. Though my current inclination is that we should go ahead with that change anyway, in the absence of any objections. -Ben
- [kitten] SPAKE key usage and padata type assignme… Greg Hudson
- Re: [kitten] SPAKE key usage and padata type assi… Benjamin Kaduk
- Re: [kitten] SPAKE key usage and padata type assi… Greg Hudson