Re: [pkix] PKCS #8? Re: Updated EdDSA/Ed25519 PKIX document

Anders Rundgren <anders.rundgren.net@gmail.com> Thu, 12 November 2015 05:46 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20CD61ACD42 for <pkix@ietfa.amsl.com>; Wed, 11 Nov 2015 21:46:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a6Mo4E8w_ElI for <pkix@ietfa.amsl.com>; Wed, 11 Nov 2015 21:46:40 -0800 (PST)
Received: from mail-wm0-x22b.google.com (mail-wm0-x22b.google.com [IPv6:2a00:1450:400c:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AB411A3BA1 for <pkix@ietf.org>; Wed, 11 Nov 2015 21:46:39 -0800 (PST)
Received: by wmww144 with SMTP id w144so73008500wmw.0 for <pkix@ietf.org>; Wed, 11 Nov 2015 21:46:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type:content-transfer-encoding; bh=KpOnAgjhDuNFwlPe9pPZ/Sz0NP0aqKxwuSbzNCyb+BI=; b=zbHFh/XxeeJSmVj+VyMYF5EHMcDAu93rbgCfLbzNdABE8/PwYqLDKcK7Y6zq8+1UZn abOylyvqrWwQHC0YZPfwNw/MZ2IGClnkoBPxoOAhvMRoxYfTzVriiHr7p7qgWpOUZXH7 cAmKw6DbcZJbFx9ckLgp35HY0riiqNM51XhDQT9Ujg3ocHH02VqFsrjhTEJ22Sqn3u9X NZhN2EktfGqRGBhxybZKxq/lj1i6dgqxcnkNhi1mbk6QPzZYgTL7oETBzCxoaVFUJD/y WP2nu8+6MvXvUOcHnksElzTB1LpxYqJHSv6DRr03pBABKpTBGAaKgzHS1EcX6019BS8V FuFQ==
X-Received: by 10.28.136.15 with SMTP id k15mr40446100wmd.51.1447307198267; Wed, 11 Nov 2015 21:46:38 -0800 (PST)
Received: from [192.168.1.79] (148.198.130.77.rev.sfr.net. [77.130.198.148]) by smtp.googlemail.com with ESMTPSA id l186sm28755876wmg.19.2015.11.11.21.46.37 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Nov 2015 21:46:37 -0800 (PST)
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, Simon Josefsson <simon@josefsson.org>
References: <878u7xtu06.fsf@latte.josefsson.org> <5643175F.9070405@gmail.com> <1447244606.16388.10.camel@josefsson.org> <9A043F3CF02CD34C8E74AC1594475C73F4B5EBCF@uxcn10-5.UoA.auckland.ac.nz>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <564427B6.1020704@gmail.com>
Date: Thu, 12 Nov 2015 06:46:30 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4B5EBCF@uxcn10-5.UoA.auckland.ac.nz>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/VmDr_L44qFO1gLN4y2hbH2J-KNA>
Cc: "pkix@ietf.org" <pkix@ietf.org>
Subject: Re: [pkix] PKCS #8? Re: Updated EdDSA/Ed25519 PKIX document
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2015 05:46:41 -0000

On 2015-11-11 23:59, Peter Gutmann wrote:
> Simon Josefsson <simon@josefsson.org> writes:
>
>> Does anyone have thoughts on which approach to use?
>
> Why not use the PKCS #15 format?  PKCS #8 was created for one and only one
> algorithm type, RSA.  Since then it's been hacked around repeatedly to support
> other algorithms that it was never designed for, and will probably need lots
> more hacking around in the future.  The PKCS #15 format OTOH was designed to
> support pretty much every known key type out of the box.

I'm primarily concerned about PKCS #12 since this is together with PEM the most
common way transporting certificates + private keys.


> PKCS #15 support for EdDSA would consist of adding a new OID to an encoding
> table.

Is PKCS #15 used by anybody except for some European eID-card vendors?

My guess was that updating PKCS #8 (RFC 5958) would be of similar complicity as
for the public key and that it should borrow the same OID and ENUMERATION.

Introducing support for Ed25519 in a crypto library would typically involve
updating a bunch of modules and tools but it would be pretty much a copy
of what was required for ECDSA/ECDH.

Anders

>
> Peter.
>