Re: [pkix] Possible new work item: additional methods for generating key identifiers
"Santosh Chokhani" <SChokhani@cygnacom.com> Thu, 24 June 2010 15:53 UTC
Return-Path: <SChokhani@cygnacom.com>
X-Original-To: pkix@core3.amsl.com
Delivered-To: pkix@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8861E3A67FB for <pkix@core3.amsl.com>; Thu, 24 Jun 2010 08:53:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.424
X-Spam-Level:
X-Spam-Status: No, score=-5.424 tagged_above=-999 required=5 tests=[AWL=-0.625, BAYES_00=-2.599, J_CHICKENPOX_24=0.6, J_CHICKENPOX_63=0.6, J_CHICKENPOX_73=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fm04qLKqCG+l for <pkix@core3.amsl.com>; Thu, 24 Jun 2010 08:53:02 -0700 (PDT)
Received: from mail151.messagelabs.com (mail151.messagelabs.com [216.82.253.3]) by core3.amsl.com (Postfix) with SMTP id EF4DB3A6403 for <pkix@ietf.org>; Thu, 24 Jun 2010 08:53:01 -0700 (PDT)
X-VirusChecked: Checked
X-Env-Sender: SChokhani@cygnacom.com
X-Msg-Ref: server-8.tower-151.messagelabs.com!1277394789!28138826!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [65.242.48.19]
Received: (qmail 14917 invoked from network); 24 Jun 2010 15:53:09 -0000
Received: from unknown (HELO scygexch1.cygnacom.com) (65.242.48.19) by server-8.tower-151.messagelabs.com with SMTP; 24 Jun 2010 15:53:09 -0000
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Thu, 24 Jun 2010 11:53:07 -0400
Message-ID: <FAD1CF17F2A45B43ADE04E140BA83D4801008524@scygexch1.cygnacom.com>
In-Reply-To: <C8485ED9.BCC8%stefan@aaa-sec.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [pkix] Possible new work item: additional methods for generating key identifiers
Thread-Index: AcsSthlr9u2u/lJTJ0GxakaOlB9qRAAIpcrgAAD/oQUAAOAbcAAA18fQAAAhoPAAAIDygQAMnhrgAAPaLwsAITBlwA==
References: <FAD1CF17F2A45B43ADE04E140BA83D48010084C3@scygexch1.cygnacom.com> <C8485ED9.BCC8%stefan@aaa-sec.com>
From: Santosh Chokhani <SChokhani@cygnacom.com>
To: Stefan Santesson <stefan@aaa-sec.com>, Sean Turner <turners@ieca.com>, pkix@ietf.org
Subject: Re: [pkix] Possible new work item: additional methods for generating key identifiers
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jun 2010 15:53:04 -0000
Stefan, CA should and the ones I know do permit you to enter a SKID. Since there is no specific method mandated by 5280 and CAs vary in their approach, best thing is for the CA to put the requested SKID from other CA. > -----Original Message----- > From: Stefan Santesson [mailto:stefan@aaa-sec.com] > Sent: Wednesday, June 23, 2010 7:01 PM > To: Santosh Chokhani; Sean Turner; pkix@ietf.org > Subject: Re: [pkix] Possible new work item: additional methods for > generating key identifiers > > Santosh, > > CSR and P10 is not the only valid input source, especially not in the > case > of cross certification. > > I may for example want/need to cross certify a CA based on an existing > certificate, not a CSR. > > In such case I will validate the subject name (CA name) and PoP by > trusting > the original certificate and whatever other evidence I have that the CA > certificate is valid, such as a signed Trust service Status List (TSL) > as > defined in the ETSI standard TS 102 231 which use is mandated by the > European commission for EU member states. > > From the perspective of the cross certifying CA I will then have to > inject > the SKI of the original CA certificate into the cross certification > process > to make sure that there will be a SKI/AKI match when using that cross > certificate. > > This is not generally supported (even though OpenSSL do). Other tools > insist > on calculating the SKI using a fixed internal algorithm. > In my case the following command will issues a cross certificate using > openSSL:. > > openssl x509 -in certToBeXcertified.pem -CAkey private/cakey.pem -out > newCert.pem -CA cacert.pem -extfile extensions.cfg -clrext -days 365 - > sha256 > > Where extensions.cfg in this example contains: > > subjectKeyIdentifier=11982722E04AD543969AF3703D21D37085EACA9D #org SKI > authorityKeyIdentifier=keyid:always,issuer:always > basicConstraints = CA:true > keyUsage = critical, cRLSign, keyCertSign > certificatePolicies = ia5org,@xpolicy > > [xpolicy] > policyIdentifier = 2.5.29.32.0 #anyPolicy > > > Other libraries I have tested do not allow setting the SKI value to the > one > obtained form the original CA certificate. > > In case further information is of interest I have made a demo video > available from: http://aaa-sec.com/tsltrust/videos/demovideo.html > > > /Stefan > > > > > > On 10-06-23 11:15 PM, "Santosh Chokhani" <SChokhani@cygnacom.com> > wrote: > > > Stefan, > > > > The KID is not being set to an arbitrary value. You are honoring > > extensions in P10 and CSR. These structures have extensions > precisely > > for that purpose. > > > > A better approach would be to survey CA vendors to see if they do or > do > > not honor SKID in P10 and CSR request. > > > > I do not agree with the premise that CA products do not honor SKID in > > P10, especially those from another CA's P10/CSR. There may be some > who > > do not honor KID, but the widely used ones do honor KID. > > > > We should focus on recommending or mandating that CAs honor the KID > > requested as opposed to limiting number of KID options. > > > >> -----Original Message----- > >> From: Stefan Santesson [mailto:stefan@aaa-sec.com] > >> Sent: Wednesday, June 23, 2010 11:10 AM > >> To: Santosh Chokhani; Sean Turner; pkix@ietf.org > >> Subject: Re: [pkix] Possible new work item: additional methods for > >> generating key identifiers > >> > >> Santosh, > >> > >> > >> On 10-06-23 4:56 PM, "Santosh Chokhani" <SChokhani@cygnacom.com> > > wrote: > >> > >>> Stefan, > >>> > >>> They do not impact interoperability since the CA will honor the > SKID > >>> requested, specially by another CA. > >>> > >> > >> It does impact interoperability since not all CA products and CA > >> capable > >> libraries allow SKID to be set to an arbitrary value. > >> > >>> Relying parties and issuers do not need to worry about the method > >> used. > >>> Relying parties just match the values and issuers just the value. > >>> > >> > >> The relying party is affected if the certificate path he tries to > use > >> is > >> rejected in his application due to AKI/SKI mismatch. > >> > >> So it MAY actually affect interoperability. > >> > >> > >> Now let me clarify: > >> > >> 1) I do NOT defend any company or product that enforces AKI/SKI > match > >> 2) I'm not saying that we should NOT define the new SKI/AKI > algorithms > >> as > >> suggested. > >> > >> I'm just recognizing the facts of reality and want to discuss the > best > >> way > >> to deal with them. > >> > >> /Stefan > >> > >> > >> > >>>> -----Original Message----- > >>>> From: Stefan Santesson [mailto:stefan@aaa-sec.com] > >>>> Sent: Wednesday, June 23, 2010 10:51 AM > >>>> To: Santosh Chokhani; Sean Turner; pkix@ietf.org > >>>> Subject: Re: [pkix] Possible new work item: additional methods for > >>>> generating key identifiers > >>>> > >>>> > >>>> > >>>> > >>>> On 10-06-23 4:29 PM, "Santosh Chokhani" <SChokhani@cygnacom.com> > >>> wrote: > >>>> > >>>>> Stefan, > >>>>> > >>>>> How do you derive from my post that I debate the AKID/SKID > > matching > >>>>> point? > >>>>> > >>>> > >>>> Your statement: "I do not agree with your assertion about I-D > >>>> conclusion > >>>> being false." > >>>> > >>>> The debated I-D conclusion is: "The plethora of options does not > >>> impact > >>>> interoperability" > >>>> > >>>>> Actually, both the I-D and I recognize that point as immutable > and > >>>> that > >>>>> is why the suggestions. > >>>>> > >>>> > >>>> Still not sure how more standardized ways to calculate AKI/SKI > >>> improves > >>>> interop. > >>>> > >>>> /Stefan > >>>> > >>>> > >>>>>> -----Original Message----- > >>>>>> From: Stefan Santesson [mailto:stefan@aaa-sec.com] > >>>>>> Sent: Wednesday, June 23, 2010 10:02 AM > >>>>>> To: Santosh Chokhani; Sean Turner; pkix@ietf.org > >>>>>> Subject: Re: [pkix] Possible new work item: additional methods > > for > >>>>>> generating key identifiers > >>>>>> > >>>>>> Santosh, > >>>>>> > >>>>>> It's not debatable whether mismatching AKI/SKI is an interop > >> issue. > >>>> It > >>>>>> simply is. > >>>>>> > >>>>>> I can agree, that it should not be an issue, but it is. I have > >>> first > >>>>>> hand > >>>>>> practical experience with exactly this issue. > >>>>>> > >>>>>>> For the activities I am involved with, for > >>>>>>> the Bridge environments they had to add the capability to their > >>>>>> products > >>>>>>> to be considered as meeting the requirements. > >>>>>>> > >>>>>> > >>>>>> That is good news. I have encountered products/libraries where > >> this > >>>>> was > >>>>>> not > >>>>>> possible. I hope this will change. > >>>>>> > >>>>>> /Stefan > >>>>>> > >>>>>> > >>>>>> > >>>>>> On 10-06-23 3:42 PM, "Santosh Chokhani" <SChokhani@cygnacom.com> > >>>>> wrote: > >>>>>> > >>>>>>> Stefan, > >>>>>>> > >>>>>>> While I do not see a need for separate RFC, most of material in > >>> the > >>>>>> I-D > >>>>>>> is not objectionable. It is useful to augment 5280 (or modify > >> it) > >>>>> to > >>>>>>> permit other hash algorithms as they become available in place > > of > >>> a > >>>>>> new > >>>>>>> RFC. In that regard, I would rather revise 5280 and simply > >>> replace > >>>>>> SHA1 > >>>>>>> with any hash to accommodate hashes other than SHA 1 and SHA > > 256. > >>>>>>> Truncation of hash output is also a good idea. > >>>>>>> > >>>>>>> Some guidance in 5280 on honoring SKID in P10 or CSR of any > form > >>> is > >>>>>> also > >>>>>>> good. > >>>>>>> > >>>>>>> I do not agree with your assertion about I-D conclusion being > >>>> false. > >>>>>>> I-D statement is accurate. > >>>>>>> > >>>>>>> I also do not like the idea of achieving interoperability by > >>>>> defining > >>>>>> a > >>>>>>> or very few method for KID calculation. I rather CAs honor > SKID > >>> in > >>>>>> CSR > >>>>>>> extensions and most CAs do. For the activities I am involved > >>> with, > >>>>>> for > >>>>>>> the Bridge environments they had to add the capability to their > >>>>>> products > >>>>>>> to be considered as meeting the requirements. > >>>>>>> > >>>>>> > >>>>>>>> -----Original Message----- > >>>>>>>> From: pkix-bounces@ietf.org [mailto:pkix-bounces@ietf.org] On > >>>>> Behalf > >>>>>>> Of > >>>>>>>> Stefan Santesson > >>>>>>>> Sent: Wednesday, June 23, 2010 5:26 AM > >>>>>>>> To: Sean Turner; pkix@ietf.org > >>>>>>>> Subject: Re: [pkix] Possible new work item: additional methods > >>> for > >>>>>>>> generating key identifiers > >>>>>>>> > >>>>>>>> Sean, > >>>>>>>> > >>>>>>>> I'm not convinced that we need more specified ways to > calculate > >>>> SKI > >>>>>>> and > >>>>>>>> AKI. > >>>>>>>> On the contrary I think we may need less. > >>>>>>>> > >>>>>>>> Basically I think this conclusion is false: > >>>>>>>> > >>>>>>>> The plethora of options does not impact interoperability > >>>> because > >>>>>>> key > >>>>>>>> identifiers are unilaterally generated by Certification > >>>>>> Authorities > >>>>>>>> (CAs). Relying parties only compare and copy these values > > and > >>>>>> thus > >>>>>>>> are insulated (for the most part) from the specific > >> mechanisms > >>>>>> used > >>>>>>>> to generate them. > >>>>>>>> > >>>>>>>> So here is a real life example. > >>>>>>>> > >>>>>>>> Acrobat reader is one example of an application which, despite > >>>> what > >>>>>>> RFC > >>>>>>>> 5280 > >>>>>>>> suggests, requires SKI/AKI match in order to recognize a path. > >>>>>>>> A perfectly valid path with mismatching AKI/SKI values will > not > >>> be > >>>>>>>> accepted. > >>>>>>>> > >>>>>>>> Combining this with the fact that lots of common CA > >>>> implementations > >>>>>>>> doesn't > >>>>>>>> give you the choice to select SKI algorithm, neither allows > you > >>> to > >>>>>> set > >>>>>>>> an > >>>>>>>> arbitrary value. OpenSSL is one of the few that allows you to > >> set > >>>>> an > >>>>>>>> arbitrary value composed from an external calculation, but > that > >>>>>> seems > >>>>>>>> to be > >>>>>>>> the exception. > >>>>>>>> > >>>>>>>> This creates problem for cross certification where the > > generated > >>>>> SKI > >>>>>>> in > >>>>>>>> the > >>>>>>>> cross certificate is getting less and less likely to match AKI > >> of > >>>>>>>> issued > >>>>>>>> certificates of the cross certified CA. > >>>>>>>> > >>>>>>>> Such paths will be rejected e.g. by acrobat reader. > >>>>>>>> > >>>>>>>> Since we do not require cryptographic strength, I would much > >>>> rather > >>>>>>>> make a > >>>>>>>> strong recommendation to pick and use the most common SKI > >>>>>> calculation > >>>>>>>> defined in RFC 5280 rather than defining a whole bunch of new > >>> ways > >>>>>> to > >>>>>>>> calculate SKI/AKI. > >>>>>>>> > >>>>>>>> This is simply yet one of the areas where theory and practice > >>>> don't > >>>>>>>> really > >>>>>>>> align perfectly. Hence we should pick the option that creates > >>>> least > >>>>>>>> problems. > >>>>>>>> > >>>>>>>> > >>>>>>>> /Stefan > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> On 10-06-16 4:17 PM, "Sean Turner" <turners@ieca.com> wrote: > >>>>>>>> > >>>>>>>>> Greetings. Steve and I have whipped up a short I-D that > >>>> specifies > >>>>>>>>> additional methods for generating key identifiers from a > > public > >>>>>> key. > >>>>>>>>> The draft can be found at: > >>>>>>>>> > >>>>>>>>> > >>>>>>> > >>>>> > >>> > > http://datatracker.ietf.org/doc/draft-turner-additional-methods-4kis/ > >>>>>>>>> > >>>>>>>>> I'd like to ask the WG to consider adopting this as a WG > item. > >>>>>>>>> > >>>>>>>>> Cheers, > >>>>>>>>> > >>>>>>>>> spt* > >>>>>>>>> > >>>>>>>>> * (with no hat on) > >>>>>>>>> _______________________________________________ > >>>>>>>>> pkix mailing list > >>>>>>>>> pkix@ietf.org > >>>>>>>>> https://www.ietf.org/mailman/listinfo/pkix > >>>>>>>> > >>>>>>>> > >>>>>>>> _______________________________________________ > >>>>>>>> pkix mailing list > >>>>>>>> pkix@ietf.org > >>>>>>>> https://www.ietf.org/mailman/listinfo/pkix > >>>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> pkix mailing list > >>>>> pkix@ietf.org > >>>>> https://www.ietf.org/mailman/listinfo/pkix > >>>> > >>> > >> > > >
- [pkix] Possible new work item: additional methods… Sean Turner
- Re: [pkix] Possible new work item: additional met… Henry B. Hotz
- Re: [pkix] Possible new work item: additional met… Sean Turner
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Henry B. Hotz
- Re: [pkix] Possible new work item: additional met… Kemp, David P.
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Henry B. Hotz
- Re: [pkix] Possible new work item: additional met… Sean Turner
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Jim Schaad
- Re: [pkix] Possible new work item: additional met… Tom Gindin
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Carl Wallace
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Carl Wallace
- Re: [pkix] Possible new work item: additional met… Michael StJohns
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Tom Gindin
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Carl Wallace
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Santosh Chokhani
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Miller, Timothy J.
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Kemp, David P.
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… Michael StJohns
- Re: [pkix] Possible new work item: additional met… koichi sugimoto
- Re: [pkix] Possible new work item: additional met… Peter Gutmann
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Tom Gindin
- Re: [pkix] Possible new work item: additional met… koichi sugimoto
- Re: [pkix] Possible new work item: additional met… Stephen Kent
- Re: [pkix] Possible new work item: additional met… Stefan Santesson
- Re: [pkix] Possible new work item: additional met… koichi sugimoto
- Re: [pkix] Possible new work item: additional met… Sean Turner
- Re: [pkix] Possible new work item: additional met… Rene Struik
- Re: [pkix] Possible new work item: additional met… Sean Turner
- Re: [pkix] Possible new work item: additional met… Rene Struik
- Re: [pkix] Possible new work item: additional met… Sean Turner
- Re: [pkix] Possible new work item: additional met… Rene Struik