RE: X.509 Extensions Enhancements

"Tom Gindin" <tgindin@us.ibm.com> Thu, 28 June 2001 03:42 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id XAA21793 for <pkix-archive@odin.ietf.org>; Wed, 27 Jun 2001 23:42:26 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.3/8.11.3) id f5S2qEu06245 for ietf-pkix-bks; Wed, 27 Jun 2001 19:52:14 -0700 (PDT)
Received: from e1.ny.us.ibm.com ([32.97.182.101]) by above.proper.com (8.11.3/8.11.3) with ESMTP id f5S2qCm06241 for <ietf-pkix@imc.org>; Wed, 27 Jun 2001 19:52:12 -0700 (PDT)
Received: from northrelay02.pok.ibm.com (northrelay02.pok.ibm.com [9.117.200.22]) by e1.ny.us.ibm.com (8.9.3/8.9.3) with ESMTP id WAA322620; Wed, 27 Jun 2001 22:50:20 -0400
Received: from d01ml062.pok.ibm.com (d01ml062.pok.ibm.com [9.117.250.163]) by northrelay02.pok.ibm.com (8.11.1m3/NCO v4.96) with ESMTP id f5S2kC856658; Wed, 27 Jun 2001 22:46:12 -0400
Importance: Normal
Subject: RE: X.509 Extensions Enhancements
To: Carlin Covey <ccovey@cylink.com>
Cc: "David A. Cooper" <david.cooper@nist.gov>, ietf-pkix@imc.org
X-Mailer: Lotus Notes Release 5.0.3 (Intl) 21 March 2000
Message-ID: <OF4B23E0BD.1BE37194-ON85256A79.000EC4E6@pok.ibm.com>
From: Tom Gindin <tgindin@us.ibm.com>
Date: Wed, 27 Jun 2001 22:51:40 -0400
X-MIMETrack: Serialize by Router on D01ML062/01/M/IBM(Release 5.0.7a SPR #MIAS4UTJ8H, S/390 SPR #JHEG4V8UT5 & S/390 SPR #JHEG4WERGL |May 21, 2001) at 06/27/2001 10:52:10 PM
MIME-Version: 1.0
Content-type: text/plain; charset="iso-8859-1"
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id f5S2qDm06242
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
List-ID: <ietf-pkix.imc.org>
X-MIME-Autoconverted: from 8bit to quoted-printable by above.proper.com id f5S2qEu06245
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by ietf.org id XAA21793


     Carlin:

     Your argument would be more convincing if it weren't for note 2 to
section 11.2.2 of X.690 (I'm using the '94 version), which strictly limits
the length of an encoding with no 1 bits ("If a bitstring value has no 1
bits then an encoder shall encode the value with a length of 1 and an
initial octet set to 0"), without consideration of the number of bits in
the named bit list.  The stuff you quoted from X.680 is applicable to BER
(the original one of the encodings, after all) rather than DER.

          Tom Gindin



"Carlin Covey" <ccovey@cylink.com>@mail.imc.org on 06/27/2001 09:20:36 PM

Sent by:  owner-ietf-pkix@mail.imc.org


To:   "David A. Cooper" <david.cooper@nist.gov>, <ietf-pkix@imc.org>
cc:
Subject:  RE: X.509 Extensions Enhancements


David,

Perhaps I'm still a bit jet-lagged from my vacation, but I don't follow
your logic.  How does the text that
says the "...rules are free to add (or remove) ..."  lead to your
conclusion that the only rational DER is
to delete all trailing zeros?

Despite my not being able to follow your logic, I don't dispute the fact
that all trailing zeros should be deleted.
However,  I do maintain that the wording is ambiguous concerning whether
these trailing zeros begin within or
after the NamedBitList.  That is, "values that are being encoded" could
refer to NamedBitList's rather than to
bits within a NamedBitList.



Regards,

Carlin

____________________________

-  Carlin Covey
   Cylink Corporation



     -----Original Message-----
     From: owner-ietf-pkix@mail.imc.org
     [mailto:owner-ietf-pkix@mail.imc.org]On Behalf Of David A. Cooper
     Sent: Wednesday, June 13, 2001 6:44 AM
     To: ietf-pkix@imc.org
     Subject: RE: X.509 Extensions Enhancements

     Hoyt,

     I could not find anything in X.509 that specifies how to encode named
     bit lists. However, as Bodo Möller pointed out, X.680 treats bit
     strings differently when it includes a named bit list. The text that
     Bodo quoted is also in section 19.7 of the 1994 edition of X.680:

             When a "NamedBitList" is used in defining a bitstring type
     ASN.1 encoding rules
             are free to add (or remove) arbitrarily many trailing 0 bits
     to (or from) values that are
             being encoded or decoded. Application designers should
     therefore ensure that different
             semantics are not associated with such values which differ
     only in the number of trailing 0 bits.

     So, while it seems that X.509 does not specify how to encode bit
     strings that use a "NamedBitList", I believe that the above text
     allows for only one rational distinguished encoding rule: remove all
     trailing 0 bits. Since this is the rule specified by X.690 for DER
     encoding ("Where [a "NamedBitList" is used in defining a bitstring
     type], the bitstring shall have all trailing 0 bits removed before it
     is encoded."), I believe it is appropriate for X.509 to adopt this
     rule. Since the PKIX certificate and CRL profile simply specifies the
     use of the DER encoding rules, there would be no need to make any
     changes in PKIX.

     Carlin Covey suggests that the number of used/unused bits in a named
     bit list could be used to convey extra information:

             The newly added bits have three values: true, false, and
     omitted. Omitted indicates that
             the CA has no opinion about the value of these flags (probably
     because the certificate
             was issued or the CA software was written prior to these bits
     being defined).

     But as the quotes above show, this is not only inconsistent with DER
     but also with any "legal" encoding rules for named bit lists.

     Dave

     At 12:39 AM 6/13/01 -0700, Hoyt L. Kesterson II wrote:
                   Paragraph 11.2.2 of X.690 states that, for named bit
               strings (paragra[h 19.7 of X.680) all trailing zero bits
               must be removed before encoding.  Paragraph 11.2.1, which
               refers to bit strings of either kind, speaks of unused bits
               in the final octet being zero.  I believe the specific case
               for named bit strings trumps the general case.

               Charlie Gardiner


          from clause x in 509

          In order to enable the validation of SIGNED and SIGNATURE types
          in a distributed environment, a distinguished encoding is
          required. A distinguished encoding of a SIGNED or SIGNATURE data
          value shall be obtained by applying the Basic Encoding Rules
          defined in ITU-T Rec. X.690 (1997) | ISO/IEC 8825 :1998, with the
          following restrictions: In order to enable the validation of
          SIGNED and SIGNATURE types in a distributed environment, a
          distinguished encoding is required. A distinguished encoding of a
          SIGNED or SIGNATURE data value shall be obtained by applying the
          Basic Encoding Rules defined in ITU-T Rec. X.690 (1997) | ISO/IEC
          8825 :1998, with the following restrictions:

          in the list of restrictions is

          In order to enable the validation of SIGNED and SIGNATURE types
          in a distributed environment, a distinguished encoding is
          required. A distinguished encoding of a SIGNED or SIGNATURE data
          value shall be obtained by applying the Basic Encoding Rules
          defined in ITU-T Rec. X.690 (1997) | ISO/IEC 8825 :1998, with the
          following restrictions:

          509 says to encode according to the rules in 509. the x.680 DER
          rules were written later than those in x.509. in the case of bit
          string, the rules are different. the rules in x.680 do not permit
          extensibility in a bit string. the rules in 509 do.

             hoyt