[Privacy-pass] RFC 4055 PSS encoding
Watson Ladd <watsonbladd@gmail.com> Wed, 26 April 2023 22:02 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25092C1519BB for <privacy-pass@ietfa.amsl.com>; Wed, 26 Apr 2023 15:02:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h60UDQpT86n6 for <privacy-pass@ietfa.amsl.com>; Wed, 26 Apr 2023 15:02:45 -0700 (PDT)
Received: from mail-oo1-xc2a.google.com (mail-oo1-xc2a.google.com [IPv6:2607:f8b0:4864:20::c2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3A4CC1519BA for <privacy-pass@ietf.org>; Wed, 26 Apr 2023 15:02:45 -0700 (PDT)
Received: by mail-oo1-xc2a.google.com with SMTP id 006d021491bc7-549f0b45ac6so791365eaf.0 for <privacy-pass@ietf.org>; Wed, 26 Apr 2023 15:02:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1682546564; x=1685138564; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=POej/qiC+QIp52vjnqCqSbT9PnbFirE5jaHKFlw0ito=; b=bJYJXWoYtjGTElp+A6hhTmclN6MCJnM328ExysQcrCi30zgDtkzgQ9xE9pytehGyVA WYBRHRSB5UyVgaz5ZvLXMy/kkBVxd8CTDP8/SMXdc0Tj23T6VXQa0wFEFf2S2+0XN2pk vymcWHNUDkb75qqQxcOTGNBGPJZd6PwDoWLjqajwAFSr+rFRLHls+M1ul3eGYI7AHcmH 1ASan3E3313+L8guY2EWkS3vRmwaX7+BNwNQAZjVGupxvROc0SFFyUV+DH+uPsiAy9tf FkEhC46iJWQ96lmcnQFrDrOGIYDzGvjgoM3at7grUvWQcByrv8TEUjdLSXkXtc863FNt 59ug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682546564; x=1685138564; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=POej/qiC+QIp52vjnqCqSbT9PnbFirE5jaHKFlw0ito=; b=BESJC6hwDquZvHtg2x6OyW+K0rbmETmlCdZ9+tQP3cjz5Z8MHcwt4PCE+Be8H46V2W i5YXtzZlgEQfseLjax+sVgnbpcJT/bm395Mnj0AjpPbwuPn0FWO/+WYQYcwU+5LHQVb/ lG22Kb749rc47YtsB8z7/cwcGxDJ7IjM8mNYj3pzjwerXWQWHZaxMCxnfsbgyHGMG/5e y+NaJmVM8K7P1FLA6AmnOYM9aoFiE1KG89ryR7RzYysCNOaO5YuP1hrHQc0csk3DXfqb MEI6GbIGXMrZtXuIabgpWPLGvagUGLW2R6zwzG2V3eKmwEuXAkAV0rb1PUt2sXKXn0td P2yA==
X-Gm-Message-State: AAQBX9dsj5rYHS4TAlnfHUoCzzC7rE8hCmOhZ5Vl1ABmKOJCFXps3GMl 2pFvEuL+TSyGcLAufEeWp40/DgutwIxh1Dg7XvrNR2j1
X-Google-Smtp-Source: AKy350aT874DrHQ0J/JlXG4+BzZmZE/wZUTj9UJZPpukPXR6t1UpCkR3KDrBtEUdFvJ5HaBwhValWibZFYwu3CmI8v4=
X-Received: by 2002:a54:4d89:0:b0:38d:e632:82fd with SMTP id y9-20020a544d89000000b0038de63282fdmr9363270oix.10.1682546564485; Wed, 26 Apr 2023 15:02:44 -0700 (PDT)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 26 Apr 2023 15:02:32 -0700
Message-ID: <CACsn0cm0Hx45+bPXAke6yVS=gHRKEii--uVNd=_86akKw=p2Ng@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/AQSfa8hwjf8fwwmKJp5sEV5JdR0>
Subject: [Privacy-pass] RFC 4055 PSS encoding
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2023 22:02:46 -0000
Dear privacy pass WG, As a result of some events we've discovered that draft-10 of the privacy pass protocol is not compatible with RFC 4055's recommendation to encode NULLs explicitly when serializing RSA PSS parameters. Unfortunately much software including OpenSSL 3.0 and the Go standard library include these NULLs when serializing RSA PSS public keys. This makes it difficult to use these packages in implementation. I think the simplest way to fix this issue is to take the token ID as the hash of the DER encoding as presented in the directory, and follow RFC 4055 for tolerance. Apologies for not spotting this issue during last call. Sincerely, Watson -- Astra mortemque praestare gradatim
- [Privacy-pass] RFC 4055 PSS encoding Watson Ladd
- Re: [Privacy-pass] RFC 4055 PSS encoding Christopher Wood
- Re: [Privacy-pass] RFC 4055 PSS encoding Watson Ladd
- Re: [Privacy-pass] RFC 4055 PSS encoding Christopher Wood
- Re: [Privacy-pass] RFC 4055 PSS encoding Tommy Pauly
- [Privacy-pass] RFC 4055 hermeneutics (was Re: RFC… Watson Ladd