Re: [netconf] Does draft-ietf-lwig-curve-representations-19 have any bearing on the NETCONF crypto drafts

"Rob Wilton (rwilton)" <rwilton@cisco.com> Mon, 15 February 2021 15:28 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2F7C3A0C61 for <netconf@ietfa.amsl.com>; Mon, 15 Feb 2021 07:28:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.697
X-Spam-Level:
X-Spam-Status: No, score=-7.697 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=AUQxMR4d; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=PYojDtsO
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SxIsHRJE9Cwv for <netconf@ietfa.amsl.com>; Mon, 15 Feb 2021 07:28:41 -0800 (PST)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C62253A0C59 for <netconf@ietf.org>; Mon, 15 Feb 2021 07:28:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7471; q=dns/txt; s=iport; t=1613402920; x=1614612520; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=YeTasS+/kykn6skyN5qKYFGp1tPT/g6bujhRVrGJdDM=; b=AUQxMR4dmXcL8FeOdkfoLVhugzgJMPmrWLDBp64yAliNgQgB74zr81CC KYED/94AaMIUxKThVFdY4cyhhN5Ib6ZeYF9iZuFehrQp3VwDx9p6JwZhe nBRqHrhSrtUYoLKrAPgnIBQE09bQbBwLtb0t4vBoYydTSMMHF1moMwOq7 A=;
X-IPAS-Result: =?us-ascii?q?A0DSAgAlkSpgkIENJK1iHAEBAQEBAQcBARIBAQQEAQFAg?= =?us-ascii?q?U+BIzBRfVo2MQqHfwOOCAOUKoRzglMDVAsBAQENAQEyAgQBAYRNAoIJAiU4E?= =?us-ascii?q?wIDAQEBAwIDAQEBAQUBAQECAQYEFAEBAQEBAYY4DYZEAQEBBC0TAQE3AQ8CA?= =?us-ascii?q?QgRBAEBKAcyFAkIAQEEDgUIgmgBgX5XAy4BA6QqAooldIE0gwQBAQaFFRiCE?= =?us-ascii?q?gmBOIJ2hAWFKIEfJhyBQUGBEUOCVz6EJho0gxSCK4IrISAcJgQygXo5YpsGj?= =?us-ascii?q?EqRSQqCepwsoy22NQIEAgQFAg4BAQaBbCGBWXAVgyRQFwINjh8aHYM6illzN?= =?us-ascii?q?wIGCgEBAwl8iggBgQ4BAQ?=
IronPort-PHdr: =?us-ascii?q?9a23=3AAVcVjxCpTeSe8xGDzIjFUyQJPHJ1sqjoPgMT9p?= =?us-ascii?q?ssgq5PdaLm5Zn5IUjD/qw00g3WVJnA5vQCjefK4OjsWm0FtJCGtn1KMJlBTA?= =?us-ascii?q?QMhshemQs8SNWEBkv2IL+PDWQ6Ec1OWUUj8yS9Nk5YS9n3e0bfpDu04CJBUh?= =?us-ascii?q?n6PBB+c+LyHIOahs+r1ue0rpvUZQgAhDe0bb5oahusqgCEvcgNiowkIaE0mR?= =?us-ascii?q?Y=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.81,180,1610409600"; d="scan'208,217";a="687778849"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 15 Feb 2021 15:28:39 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id 11FFSdm7024862 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 15 Feb 2021 15:28:39 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 15 Feb 2021 09:28:39 -0600
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 15 Feb 2021 09:28:38 -0600
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Mon, 15 Feb 2021 10:28:38 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZIiHvwYrnqJjziCV5O3YFaRhQiez3rfqvh6tkcdnPlBMoHTOx1N0qjVYp2PHCog6K+r4CzgGEY4fRmQuApWkkWC/+21+9N22Gm3dGkFn7ZaZKBRLsC82nCkiy0Y04dUHUhMqaoWxsOps/mnUj/k57n0uMezCDhnxDajU9+nUJmqYfHgiGtZ0Vi8H2WIWAxpoNjFLuB92IuUp9aUZEMSyX8sy70dEgtn4xG/9cFl1LgEloOLE5pWyWsdXUWk5b7XTNBs4+SfsiAZW1hYjzyUUQafbhwHspyLgySdXJ0mCIzpnaas6Z4Cf4uUgchOy9OJ17BbMEuP3hZzWlz1zWuxU3w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eCbYsaNpTKjRkjROpDMQmkkykY67PicAiL8Q8uSAy3Y=; b=Wt22+ohdMUvjfPRET64M4qa9sa2BMoBOoCrmgVC90Zk/34IGmS3oB1NQSwbYk0/U0VaxLh7XZu7hFxgItXb/shkEW8/uxhurtpWAt/mk6s4gnuWhHI+jmeXeqMpw+vL6fCt9IGQkZriZN6Ib+PgvANU8bocgFvjiUk5ZJOMuqarm9+1uJpQXlbaKtbVdDY1E4gaqd5ciRnys47UPeFciIPYYeoRiOYfjrFr70DbRRqEcR4QbIhjbEDcQxEvSbFCORcD+fTqgnyXxzw1KX1W3BCs7g0RFs29A/EAgtZUxICHoTp7TrxG0s2SBWtB62hUasl9yibHiqbOr+TrlOa6GYw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eCbYsaNpTKjRkjROpDMQmkkykY67PicAiL8Q8uSAy3Y=; b=PYojDtsOZbLvyP9QkI5QEDkEdt5uJKp+t+DJOBq2dPtIWKS2JxZkxQHQLCqwB/5dflbCVtB58QO/197CDc8x1feIcFmrbTc1igRQlHkmjtDd6iI+BKBhdf98MFVF7smhwlgCl+ynkBFkeCKGuAltAGuRWX7/Jx4EptPdA4M/fAE=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by BL0PR11MB3105.namprd11.prod.outlook.com (2603:10b6:208:33::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3846.31; Mon, 15 Feb 2021 15:28:37 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::24c4:4c09:f6f0:5510]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::24c4:4c09:f6f0:5510%2]) with mapi id 15.20.3846.039; Mon, 15 Feb 2021 15:28:37 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Kent Watsen <kent+ietf@watsen.net>
CC: "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: Does draft-ietf-lwig-curve-representations-19 have any bearing on the NETCONF crypto drafts
Thread-Index: AdcDjfRlhVxUQpCYSc+DsE0nwDprjwAGyHyAAAGGveA=
Date: Mon, 15 Feb 2021 15:28:37 +0000
Message-ID: <MN2PR11MB43668AE47038B41E231BA41FB5889@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <MN2PR11MB43660A1F3A041A4CD42CD321B5889@MN2PR11MB4366.namprd11.prod.outlook.com> <01000177a6268889-efcce6ef-fef0-4308-9dd8-6f3b9ee72955-000000@email.amazonses.com>
In-Reply-To: <01000177a6268889-efcce6ef-fef0-4308-9dd8-6f3b9ee72955-000000@email.amazonses.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: watsen.net; dkim=none (message not signed) header.d=none;watsen.net; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [82.12.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 68aca66c-ff01-4ab8-2079-08d8d1c65d6e
x-ms-traffictypediagnostic: BL0PR11MB3105:
x-microsoft-antispam-prvs: <BL0PR11MB31053F344444B162140B7409B5889@BL0PR11MB3105.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: QFLiVYONCoxKhBLhCai8sDlzfBOeIrSGEpPfXEy09cu1yyoiA4HuCOGKZjwMiZ1mZ+xQ7S7AiqQl0e5ccZHxgDUEoq5DAEWogTr6ESze67Oaf6PRZ2v3s0WycjHQxkAvoPVKKwxWiCygzEElwPkbOXqOGn3xZbT7juZdjxvTYqHzUcJSdBDR/iDDQAE0W9ZzV+uybSy9J+vWHpI/5FhJzW71imzWnTZGhu4IUHJ4AFW20Aa4udTLhp2pVJxF/gN7B5wg98CQoNr8u0/R+ok8CarnGh7al9FFw97ptkaHyioBI+IH2qXe1KjgNRGyWuVoZZTevb0R+bfS+35ZMrHgDkHPNpfs/c/MpBXhfjbfcGSziTQOYyMr0am4wLEL0ztpHdETi68Gk7SORJI1VBC2J333Jb9W/kvNU4U/H4gl/utDzDtF7QqdHYvBr/jLW5KqcScwgx9kd/8k9FEWCx3ZIQD3U9ZF5zOReS3DxvkQPB7rWia0hSeztrV9BCqYoK6b4U0iqFKZfeaim0vKqsncRA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4366.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(136003)(346002)(39860400002)(366004)(376002)(55016002)(4326008)(9686003)(316002)(9326002)(8936002)(8676002)(86362001)(76116006)(5660300002)(52536014)(83380400001)(64756008)(53546011)(71200400001)(7696005)(66446008)(2906002)(66476007)(66946007)(66556008)(186003)(33656002)(478600001)(26005)(6506007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?us-ascii?Q?TKgc+1O0S/zX4KihDUnesatBJRmLVjPTDBZKFtG/4JFV+9zlNY9t4kNXE+5h?= =?us-ascii?Q?VqK+SVLN5e70upYXORuRm1+X4HJchw9GFwVI/eVyb9U7sx1W9Gs7jt1ugm4V?= =?us-ascii?Q?RQHNuy6bMQU+/aufpgmG0vcqYQ/gzA4NnNT5ZfCL6YbBJ4RR+0wRGikDFDL8?= =?us-ascii?Q?qCNSqeHZLHFRjFmL4BkJg7tDvgiQmTYoWx+5tYLEwy3tq8qf2AK2bevEwDYQ?= =?us-ascii?Q?7eKKoxjK+xh1rKZvuB4riPQ0vO+b2trLuk6O7HfrhaLJ5hIFLjZx7ZZSbz1z?= =?us-ascii?Q?Ll9oxGh0okmg8XNyE+uF43tJofARScbJ/5C+jr/NTgCKtgdRy3bvdfcuBBKP?= =?us-ascii?Q?Vx+ANK98v7cict2DvIMkVwm99ss4xF2KFnqS9nRM5gp0ozc+uLYh87zq7Y4g?= =?us-ascii?Q?5mXIC+o6QEOEdwxE9ae7hgZYcS5tI/OUEr/ik2Q/YYUpDR+chlSs1rvZiaLw?= =?us-ascii?Q?urY9Lfum7U1+H1jQs7t73KQsz++/XDPS9llvZt4PPJqx8urvQC0IGTtyIE/D?= =?us-ascii?Q?tmaOVatgyxaJmrq5PQJmW+lAWUJWYmEX35avyBicbkta3scUspzlPGzxsN9m?= =?us-ascii?Q?DD0dqPETKLlL03cSJevIcjHHM5pfdE1p5ZrrXtrn7V8uPl43eG1NGQ3sK0kA?= =?us-ascii?Q?U3LD4GisTfKnjNrHsQRyRJAfnHV+xwZZnkS3fPa1avYiKKBSGRu21Pjd+Vyj?= =?us-ascii?Q?kAwRNSeoYRa6HYMOomr7IVulXWBcXd+QINfhrBXaB4PzZhe7cNoK69MUME5k?= =?us-ascii?Q?JgsimDmAKp4Xff7A5i1D49K4m88nu6+pSBg5cvCMSN3bb2SNtgZECD65dw87?= =?us-ascii?Q?fwcXAmEEjHQ/Igh51dZ8fkpz9UvDQdyjABzSDkAqvUyPax3wm6VnswduPVK7?= =?us-ascii?Q?xAESfgR5RgUqEwA22016gPP2VyMDEyJGeHyeVDHj/c20f4O/7hXlL1euPZdh?= =?us-ascii?Q?fl2WYjltJqApGYzdng1/FLTI9sq09xiRgeQr63LjNW8y/qcc2H4SCGDjFC2n?= =?us-ascii?Q?cIMR1eXBFog/D2gMSpcWPOTIfVNxdKm0dLb9oXxybyVpwRIUTF/1Jk/8NU5W?= =?us-ascii?Q?+97z1mFvifLkHHH0nzNqD8D7iT7qm9LKu3b3JWWq8dSdlF4PB4N9kRjGdnkP?= =?us-ascii?Q?Yp3aRkqCHXYssFBO2HFJBtU4me1mu+Ytg8bvTdpIhBMI3Wep0K6gQ1eJ6qs0?= =?us-ascii?Q?+sQY1FYoqcFddPSM0xCQ7gxe3n3v32N7D93rPjp/cMYLP7Mlt7dUTX9UAU4a?= =?us-ascii?Q?1rB0n/4VSMYwxNMgjYO2VQqB54a7xRZW8k6mmb3tfe2LR2dVFTvTC10lbjQL?= =?us-ascii?Q?/PMASNhZKCKiGH2o+2+DnAhL?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB43668AE47038B41E231BA41FB5889MN2PR11MB4366namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4366.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 68aca66c-ff01-4ab8-2079-08d8d1c65d6e
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Feb 2021 15:28:37.3093 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: r/lr7MekXMMmTyANICSgB1FLsu0dhstP07LuZFTHdAzTvBKYvKtq8dczm4wiUGpPIyh6cmxYYGRS92dGbFkaEg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR11MB3105
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.12, xch-aln-002.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/2OOJGJQ-dyZw5Tgn1tqypxvSgUU>
Subject: Re: [netconf] Does draft-ietf-lwig-curve-representations-19 have any bearing on the NETCONF crypto drafts
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2021 15:28:44 -0000

Hi Kent,

Thanks for confirming.

Rob


From: Kent Watsen <kent+ietf@watsen.net>
Sent: 15 February 2021 14:45
To: Rob Wilton (rwilton) <rwilton@cisco.com>
Cc: netconf@ietf.org
Subject: Re: Does draft-ietf-lwig-curve-representations-19 have any bearing on the NETCONF crypto drafts

Hi Rob,

The closest our work comes is in the "crypt-types" draft itself, where we have "public-key-format" and "private-key-format".  Presumably (after skimming the draft) the same "ECPrivateKey" and "SubjectPublicKeyInfo" ASN.1 structures are used to persist the key.  If so, then no impact, otherwise there may be a need to define other identities from our base "private-ket-format" and/or "public-key-format" identities, which could be done as a future effort (i.e., no need to block current publication).

K.



On Feb 15, 2021, at 6:31 AM, Rob Wilton (rwilton) <rwilton@cisco.com<mailto:rwilton@cisco.com>> wrote:

Hi Kent,

draft-ietf-lwig-curve-representations-19 is in IESG review, the abstract states:

  This document specifies how to represent Montgomery curves and
  (twisted) Edwards curves as curves in short-Weierstrass form and
  illustrates how this can be used to carry out elliptic curve
  computations using existing implementations of, e.g., ECDSA and ECDH
  using NIST prime curves.  We also provide extensive background
  material that may be useful for implementers of elliptic curve
  cryptography.

I just wanted to check whether this draft is relevant to the crypto types work in NETCONF at all (e.g., draft-ietf-netconf-ssh-client-server).  From a quick look, I didn't think that it would have any impact, but thought that I should check.

Regards,
Rob