Re: [pkix] DER encoding in RFC 3161
mrex@sap.com Mon, 03 August 2020 15:21 UTC
Return-Path: <mrex@sap.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 649363A0B90 for <pkix@ietfa.amsl.com>; Mon, 3 Aug 2020 08:21:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Level:
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sap.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k_3KLvOFGJYC for <pkix@ietfa.amsl.com>; Mon, 3 Aug 2020 08:20:59 -0700 (PDT)
Received: from smtpde02.smtp.sap-ag.de (smtpde02.mail.net.sap [155.56.68.140]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 122F13A0B8F for <pkix@ietf.org>; Mon, 3 Aug 2020 08:20:59 -0700 (PDT)
Received: from esa11.sap.c3s2.iphmx.com (esa11.sap.c3s2.iphmx.com [216.71.156.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPSA id 4BL1mn2H0Bz1M; Mon, 3 Aug 2020 17:20:57 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sap.com; i=@sap.com; q=dns/txt; s=it-20200722; t=1596468058; x=1628004058; h=subject:in-reply-to:references:to:date:cc:reply-to: mime-version:content-transfer-encoding:message-id:from; bh=5YRJNiw9Lv+BTFj+7Hh0GztCmlUHXfXuFwmnqhbSZjo=; b=a9aQD+hjWtq213Me0DEoWM+NGOhhx5EMa/1Uxr8mMEXGPhJqBqzGQXBj v2pwkwd/YN30FAPng0CgqjmV1e2ads06ngOHJLUARDQNvjbNocG4vm5BA sck6XyCpbSRgtZxIGjaMVvJTxoQ9iF5HP++K50voOYOryWbWonSXCBh8/ E/7v6hB+srd1ZeIY4Aif/SJl7bLlP95sedWXG/Qmw62JVwlejHDmFU9eO OTr98jXdkJEcsbxkgjr8wsyif8TbPSaj+1JF8xM+HhLk22jUeI8gfYsT1 dmqy+pDco3nHmxO5XvbiEem7enWz+XBasrVs5bmtbKSXnhtCx/cB6OM1G w==;
IronPort-SDR: iXt5KACHHMVALEx6ZKLfl8ElWdoNmSGsNHLiRXK6ilEM1PdTF3IW0WYijSwdoVaSHH20cLhtOx 4vmpqiU7SwBX1stk9n7Ap26iSxIXYcLAx+nTsdonph6Cot+1ROD2AijT7nU+9S2hToteqi9ike jRE0JjxS58dz55oAK3fp79QMe41blman3hFGaaO4wFVSauF3ChjxKGJSbCliqDqWrKBQaouWU+ 4lcqfnsCubECzFUPunGiGRaG2VJb3my8txZOOUG9JHm+qkpIbVZH/afN4/RbUzAwjcy+TKidPe QgXy4dYEK5GNISMiR3qZnXE/
X-Amp-Result: SKIPPED(no attachment in message)
Received: from smtpde02.mail.net.sap (HELO smtpde02.smtp.sap-ag.de) ([155.56.68.140]) by esa11.sap.c3s2.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2020 17:20:58 +0200
Received: from mail08.wdf.sap.corp (mail01.sap.corp [194.39.131.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPS id 4BL1mm56x6z4x; Mon, 3 Aug 2020 17:20:56 +0200 (CEST)
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail08.wdf.sap.corp (Postfix) with ESMTPS id 4BL1mm0cMjz30xC; Mon, 3 Aug 2020 17:20:56 +0200 (CEST)
X-purgate-ID: 152705::1596468056-00000315-638082C0/0/0
X-purgate-size: 1786
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id 014E9404B; Mon, 3 Aug 2020 17:20:55 +0200 (CEST)
In-Reply-To: <CAMm+LwhdgfkbwXrfX8yiK3UDJRGOGzMJ2mXuyKqZWTdGbBE6gQ@mail.gmail.com>
References: <PS1PR03MB48921EE23E93434559DF1ECE9D730@PS1PR03MB4892.apcprd03.prod.outlook.com> <CAMm+LwhdgfkbwXrfX8yiK3UDJRGOGzMJ2mXuyKqZWTdGbBE6gQ@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Mon, 03 Aug 2020 17:20:55 +0200
CC: Koichi Sugimoto <koichi.sugimoto=40globalsign.com@dmarc.ietf.org>, "pkix@ietf.org" <pkix@ietf.org>
Reply-To: mrex@sap.com
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20200803152056.014E9404B@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/lA2kcnZV6b-AJFH5hSQRRrTM60w>
Subject: Re: [pkix] DER encoding in RFC 3161
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Aug 2020 15:21:00 -0000
Phillip Hallam-Baker <phill@hallambaker.com> wrote: > > I have been doing X.509v3 for 30 years now. I have yet to hear a good > answer to the question of why DER encoding is needed in PKIX. > > It is a requirement of X.509 but not one that makes the slightest sense in > these days when you can store a billion certs on one disk drive and X.500 > directory has fewer active users than Edison phonographs. Certificates are > moved from point A to point B as an opaque binary blob which is encoded by > the signer at signing time and only at signing time. This notion of signing > the abstract data rather than the binary bits keeps coming up but I have > yet to see anyone work out how to do it reliably, let alone add value by > doing so. > > A digital signature is over a string of bits. The road to madness is paved > by canonicalization schemes. > There seems to be a significant amount of installed base which breaks horribly if you change the encoding even slightly. That installed base maps Certificate based on the certificate fingerprint. If the outermost encoding of the X.509v3 certificate encoding is changed, like a proper ASN.1 DER encoding of the PKCS#1 RSA-PSS signature AlgID, or use of an indefinite length encoding, that installed base implementation will no longer recognize a TLS client certificate because of the changed certificate fingerprint. That the digital signature on that TLS client certificate verifies just fine, does not seem to matter at all. That installed base is using a Microsoft Windows 2016 Server, and was previously using a Microsoft Windows 2008R2 Server. IIRC there are a number of places in Microsoft CryptoAPI, SChannel and Microsoft http.sys where the certificate fingerprint is used. -Martin
- [pkix] DER encoding in RFC 3161 Koichi Sugimoto
- Re: [pkix] DER encoding in RFC 3161 Phillip Hallam-Baker
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 Todd E. Johnson
- Re: [pkix] DER encoding in RFC 3161 Koichi Sugimoto
- Re: [pkix] DER encoding in RFC 3161 mrex
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 David Chadwick
- Re: [pkix] DER encoding in RFC 3161 mrex
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann
- Re: [pkix] DER encoding in RFC 3161 Manger, James
- Re: [pkix] DER encoding in RFC 3161 Peter Gutmann