Re: [pkix] DER encoding in RFC 3161
mrex@sap.com Mon, 10 August 2020 18:10 UTC
Return-Path: <mrex@sap.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2A4F3A0A3B for <pkix@ietfa.amsl.com>; Mon, 10 Aug 2020 11:10:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sap.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ANW8ckbk0d9g for <pkix@ietfa.amsl.com>; Mon, 10 Aug 2020 11:10:58 -0700 (PDT)
Received: from smtpde02.smtp.sap-ag.de (smtpde02.mail.net.sap [155.56.68.140]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DA023A09F8 for <pkix@ietf.org>; Mon, 10 Aug 2020 11:10:58 -0700 (PDT)
Received: from esa3.sap.c3s2.iphmx.com (esa3.sap.c3s2.iphmx.com [68.232.159.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPSA id 4BQPCg31TNz7H; Mon, 10 Aug 2020 20:10:55 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sap.com; i=@sap.com; q=dns/txt; s=it-20200722; t=1597083056; x=1628619056; h=subject:in-reply-to:references:to:date:cc:reply-to: mime-version:content-transfer-encoding:message-id:from; bh=UTTRX9PlgwGHOZ6ZccGuhy7z+T0b02OY60Q1rGdf6Jo=; b=CBLn0EkcalQ6bGKpJzoYhvIuMkqqjHCtiPgkuqODbtilOfGbCULEEQDG VqTATYitKtx2lVU1xga27QJgCvTYV5jmWRlbTucY+Mmk5h3Q/lfve62kW 8ADRw1b1+W4xf9fEPsm0404jD2yymzVRIOTkO/IpgasjpSdyaO40V7vW7 Cna57JpFtc+59KuSm5Dp9qcLBBseMQfd2pmirFsa8hFXRd21nVLKOL/u9 y10g2K9NHlI31MINauJXwA86IH1rS8ecFVIre2rzYNWMN6+KBtdRcpzl3 s0emWJUGi5i9/kvo1/yCXGwhbnCrQr5KJGyhSD99MrG0JCO7wOT5IKoiW w==;
IronPort-SDR: OAWEgowLuDMtWX7FTiP9fxswToFHLRpCl3TfcEWK9BoHo8GciF/rr2Nvi5LX5na42cpNMV/J/J Iog8AWpcM1MtiSgT/nVEEPcQJqhPNCA/bowlzFCrHQbqfhGJ6V6Izl2o8dXrXaNzRFF8iEOe2g Utr6mjSSD475vNds/7mhGz1y8F4XQROgnsCDPhGBOwy6Ge6zU6fJI7IRtF63MMGRSbugyVUJ1w Ac9NaZ3Re5KLH7fWbSA8hwZYweOl7HyWECwORSLI2HWfA2Lb2FBYPyvVU3NsLdBnzPD8WeEPh1 ILvK3mJwssKVlDjOVbBW97/H
X-Amp-Result: SKIPPED(no attachment in message)
Received: from smtpde02.mail.net.sap (HELO smtpde02.smtp.sap-ag.de) ([155.56.68.140]) by esa3.sap.c3s2.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Aug 2020 20:10:56 +0200
Received: from mail08.wdf.sap.corp (mail01.sap.corp [194.39.131.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPS id 4BQPCf3Kd7z7H; Mon, 10 Aug 2020 20:10:54 +0200 (CEST)
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail08.wdf.sap.corp (Postfix) with ESMTPS id 4BQPCd5bR9z2xjY; Mon, 10 Aug 2020 20:10:53 +0200 (CEST)
X-purgate-ID: 152705::1597083054-00000315-B1F84B87/0/0
X-purgate-size: 1947
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id AB421404B; Mon, 10 Aug 2020 20:10:53 +0200 (CEST)
In-Reply-To: <1596535762003.26579@cs.auckland.ac.nz>
References: <PS1PR03MB48921EE23E93434559DF1ECE9D730@PS1PR03MB4892.apcprd03.prod.outlook.com> <CAMm+LwhdgfkbwXrfX8yiK3UDJRGOGzMJ2mXuyKqZWTdGbBE6gQ@mail.gmail.com> <20200803152056.014E9404B@ld9781.wdf.sap.corp> <1596535762003.26579@cs.auckland.ac.nz>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Date: Mon, 10 Aug 2020 20:10:53 +0200
CC: Phillip Hallam-Baker <phill@hallambaker.com>, "mrex@sap.com" <mrex@sap.com>, "pkix@ietf.org" <pkix@ietf.org>, Koichi Sugimoto <koichi.sugimoto=40globalsign.com@dmarc.ietf.org>
Reply-To: mrex@sap.com
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20200810181053.AB421404B@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/DttfnrgB_rE9W9_XhfszkHnoMl0>
Subject: Re: [pkix] DER encoding in RFC 3161
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 18:11:00 -0000
Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: [ Charset windows-1252 unsupported, converting... ] > Martin Rex <mrex@sap.com> writes: > > >That installed base maps Certificate based on the certificate fingerprint. > > Why is this a problem? Because it hashes/fingerprints a non-persistent *OUTER* container, rather than ToBeSigned -- the data element for which preproduction in bit-by-bit is clear from the specification. > > In order to make it "break horribly" you'd need to deliberately re-encode > the malleable parts of the certificate in a different format. No, the breakage occurs when suddenly expecting that malleable parts of an X.509 certificate (=everyting *OUTSIDE* of ToBeSigned) are guaranteed to be unchanged by whatever storage and transports a Certificate is going through, including any ASN.1 length encodings on the outside. > Given the very widespread use of hash fingerprints to uniquely > identify data items, I think people know how to work with them by now, the rule > being "don't gratuitously change the data being identified by the hash value". Creating a hash over a the outer transport encoding of an object looks like a terribly dumb idea to me. In particular when the verification of the certificate shows that it is still a perfectly valid certificate, and it becomes pretty difficult to determine why the receipient is failing to recognize it. This particular server is accepting TLS client certificates, but only when they are conveyed in a blue wrapper. It will reject TLS client certificates that are submitted in red, pink yellow, green or any other perfectly valid wrapping, just because the very first time the server received this certificate, it had been wrapped in blue. Unfortunately, the server will not reveal which particular wrapping color it is stuck on, other than failing for every other color that the one it is secretly holding. -Martin
- [pkix] DER encoding in RFC 3161 Koichi Sugimoto
- Re: [pkix] DER encoding in RFC 3161 Phillip Hallam-Baker
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 Todd E. Johnson
- Re: [pkix] DER encoding in RFC 3161 Koichi Sugimoto
- Re: [pkix] DER encoding in RFC 3161 mrex
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 David Chadwick
- Re: [pkix] DER encoding in RFC 3161 mrex
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 Manger, James
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann