IETF Logo Mail Archive

Re: [pkix] draft-turner-additional-methods-4kis to ISE

"Manger, James H" <James.H.Manger@team.telstra.com> Thu, 21 June 2012 07:22 UTC

Return-Path: <James.H.Manger@team.telstra.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37CC121F84A6 for <pkix@ietfa.amsl.com>; Thu, 21 Jun 2012 00:22:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.281
X-Spam-Level:
X-Spam-Status: No, score=-1.281 tagged_above=-999 required=5 tests=[AWL=-0.380, BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kn4X9j9bAV0F for <pkix@ietfa.amsl.com>; Thu, 21 Jun 2012 00:22:52 -0700 (PDT)
Received: from ipxcno.tcif.telstra.com.au (ipxcno.tcif.telstra.com.au [203.35.82.208]) by ietfa.amsl.com (Postfix) with ESMTP id 0C95321F8496 for <pkix@ietf.org>; Thu, 21 Jun 2012 00:22:49 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.77,449,1336312800"; d="scan'208";a="77835060"
Received: from unknown (HELO ipcani.tcif.telstra.com.au) ([10.97.216.200]) by ipocni.tcif.telstra.com.au with ESMTP; 21 Jun 2012 17:22:48 +1000
X-IronPort-AV: E=McAfee;i="5400,1158,6748"; a="19908120"
Received: from wsmsg3702.srv.dir.telstra.com ([172.49.40.170]) by ipcani.tcif.telstra.com.au with ESMTP; 21 Jun 2012 17:22:47 +1000
Received: from WSMSG3153V.srv.dir.telstra.com ([172.49.40.159]) by WSMSG3702.srv.dir.telstra.com ([172.49.40.170]) with mapi; Thu, 21 Jun 2012 17:22:47 +1000
From: "Manger, James H" <James.H.Manger@team.telstra.com>
To: Sean Turner <turners@ieca.com>, "pkix@ietf.org" <pkix@ietf.org>
Date: Thu, 21 Jun 2012 17:22:46 +1000
Thread-Topic: [pkix] draft-turner-additional-methods-4kis to ISE
Thread-Index: Ac1OMzJPhZo5okOLTcy+864Dp9z/bABQa4zw
Message-ID: <255B9BB34FB7D647A506DC292726F6E114F593B71D@WSMSG3153V.srv.dir.telstra.com>
References: <20120530193526.22578.94157.idtracker@ietfa.amsl.com> <4FC6775F.3070206@ieca.com> <4FE09FA0.7070006@ieca.com>
In-Reply-To: <4FE09FA0.7070006@ieca.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US, en-AU
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [pkix] draft-turner-additional-methods-4kis to ISE
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2012 07:22:53 -0000

A few comments on "Additional methods for key identifiers":


Truncation: are the "least significant bits" of a hash the right-most bits? I would have though keeping the leftmost bits was slightly more intuitive.

I think we better put an example in the draft: a SubjectPublicKeyValue; 2 (or 4) subjectKeyId extension values; and 2 (or 4) corresponding ext-skiSemantics values.


The ext-skiSemantics extension would be better if it held a single AlgorithmIdentifier -- identifying the algorithm used to generate the subject key id. Then the spec can define two such algorithms. 

  ext-skiSemantics EXTENSION ::= {
    SYNTAX AlgorithmIdentifier
    IDENTIFIED BY id-pe-skiSemantics }

  alg-keyHash ALGORITHM ::= { AlgorithmIdentifier IDENTIFIER id-keyHash }

  alg-keyInfoHash ALGORITHM ::= { AlgorithmIdentifier IDENTIFIER id-keyInfoHash }

  alg-keyHash indicates that the key id is the, possibly truncated, hash of
  the value of the BIT STRING subjectPublicKey (excluding the tag, length,
  and number of unused bits). The amount of truncation can be determined from the
  length of the actual key identifier. Truncation keeps the least significant bits
  of the hash. The required parameter of this algorithm identifies the hash
  algorithm that is used.

  alg-keyInfoHash differs from alg-keyHash in that the hash covers the
  key algorithm id in addition to the actual public key.  alg-keyInfoHash
  indicates that the key id is the, possibly truncated, hash of the
  subjectPublicKeyInfo field. The amount of truncation can be determined from the
  actual key identifier value. Truncation keeps the least significant bits
  of the hash. The required parameter of this algorithm identifies the hash
  algorithm that is used.



If the spec is going to define alg-keyInfoHash (which it currently does under
the name id-subjectPublicKeyInfo) for the extension (section 3) it really needs
to define it as additional methods for generating key ids (section 2).


The current model of the extension consists of a hash algorithm, an input id, and an output id. This is confusing and too restrictive. The skiOutput field, in particular, is unclear. It talks about the *input*, and repeats a sentence from the skiInput definition.

     o skiOutput indicates the key identifier's semantics.  If this
       field is absent, then key identifier is the hash (algorithm
       identified in kiAlgorithm) of the value of the BIT STRING
       subjectPublicKey (excluding the tag, length, and number of unused
       bits).  This document defines the OID id-subjectPublicKeyInfo to
       be used when the input to the hash algorithm is the certificate's
       SubjectPublicKeyInfo field [RFC5280].





Typos:

1 "Introduction", 2nd paragraph, last sentence, "*" brackets changes.

  In addition, some *security* protocols (e.g., SMIME [RFC5751])
  *use key identifiers* as a shorthand way to refer to a cert.

3 "Subject Key identifier Semantics Extension", 1st and 2nd dot points.
  WRONG "akiAlgorithm" and "akiInput"
  RIGHT "skiAlgorithm" and "skiInput"


--
James Manger

v2.23.0 | Report a Bug | By Email