Re: [Privacy-pass] RFC 4055 PSS encoding
Christopher Wood <caw@heapingbits.net> Fri, 28 April 2023 00:22 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4562C14CF1E for <privacy-pass@ietfa.amsl.com>; Thu, 27 Apr 2023 17:22:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.796
X-Spam-Level:
X-Spam-Status: No, score=-2.796 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b="cE++2wL/"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="LH4oHDN+"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id htFksHMY0ISH for <privacy-pass@ietfa.amsl.com>; Thu, 27 Apr 2023 17:22:42 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3601C14F749 for <privacy-pass@ietf.org>; Thu, 27 Apr 2023 17:22:41 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 93CED5C00C7; Thu, 27 Apr 2023 20:22:36 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Thu, 27 Apr 2023 20:22:36 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to; s=fm3; t=1682641356; x=1682727756; bh=1eoxlDf0Jd3hyauMxrhtIp4gZ rmaT9svLELSRzgWBfQ=; b=cE++2wL/Vlq6MWjO9zNXcdL/oIj4e7F/NMDiQ318/ OcCKlVSn/AnSIYlynRVi2+xBI3fDC0pLtCISzNZaT7ohdVOZTygb5lCgo8+0MGvr VMgzcyi334jG7bijyQXbrCE/je01UYwLrKVPP/EL9ZRJcTEoVWWqFrKRYxsqCYXa jQQ5KNKuosnuo7KfHsgt5A7/ZUYudccwYD2TfRGXN0W4JkMFyVUaUxPFAwS6xZ3J e5RZfxHZDzaMnCYAuG6n1fNzaLTuXagjUls6c6LQMJ0PKG9XZPTb2mJqE67+g16k AS6Sv65sZmiCCF9hdM5M94wluu872Pb5KJCA0/CRNe1Tg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1682641356; x=1682727756; bh=1eoxlDf0Jd3hyauMxrhtIp4gZrmaT9svLEL SRzgWBfQ=; b=LH4oHDN+wtX8nrimD0ZM10CbsGc3jJGKRwXqOjb3bYuPMqIiT/y rClrYyh+KXJD3vnz4Nv2Mm7NcvTU+8L0CliFRbKl+rQKMSC7MEikoqik2ZEzepM5 X2qo3AdSx6AVtgA/9DzVQJizsYQLKKUKoBfYMuvB1E3hWusdKTlfhgE5UQtDRy0v UKUJ3jJJ+lC3RcN2oH3FmkStP14UuFz4cI6K6s/qzdqTMBHunj4vEaFbaicZkwIz 9Pvu4PrOELWLAtR9IqTgESZFcabvP38gMTbu7SWPrud7F20Ztv5YFPBdH435wa84 N9Jff8hzh1RVxzIjAXIm1vCz1WgJS6jA/cA==
X-ME-Sender: <xms:zBFLZLppcePl2eex-HJeVnuQoKTJBM4u0aU-Pzw_tdPhGLHIptrhcw> <xme:zBFLZFo8tce8zKJvtFluWuaPGtItIFquEM9xiDOHWrExNs3zKFb93STqT2lr74f7v Mm84TFk04lB4p3aRsw>
X-ME-Received: <xmr:zBFLZIPmu4JSqRP1WCydRQ4200p5LupJGWi0XKlxv5f2VNjPAvUCZlv_ARdiH8GIJ4zjilxmSxcYU4UC3erh68PIHaurRMxYVu78me44ip6Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrfedujedgfeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptgfghfggufffkfhfvegjvffosehtqhhmtdhhtdejnecuhfhrohhmpeevhhhr ihhsthhophhhvghrucghohhougcuoegtrgifsehhvggrphhinhhgsghithhsrdhnvghtqe enucggtffrrghtthgvrhhnpefhjeeuvdffvdeitdeliedvtdejteeuhfduudekffejueeu jeelffekjeekuedtkeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpegtrgifsehhvggrphhinhhgsghithhsrdhnvght
X-ME-Proxy: <xmx:zBFLZO5DwtriMmSpYl1IEDpbKUIcibzTJjEtRWNdFp-tFBqco2HKLQ> <xmx:zBFLZK6Eau1twCC6n9pVxEL7Qt8IF46y73tOpjmNQ4KR04VY2H0a6Q> <xmx:zBFLZGhu3X5OnignqavO-2yKvHShdS-lvIYwxdAbhBX0XCWTGTIuPQ> <xmx:zBFLZPgwoGSR5Hc42zCNZlrsQHV1uvBvdiWPc7J3l73iPc3-8QEBHw>
Feedback-ID: i2f494406:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 27 Apr 2023 20:22:36 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: Christopher Wood <caw@heapingbits.net>
Mime-Version: 1.0 (1.0)
Date: Thu, 27 Apr 2023 17:22:24 -0700
Message-Id: <299BFEFB-4B7F-40D5-BD6C-9389F60FE23C@heapingbits.net>
References: <CACsn0c=PC7HOni-5JgVJxBiSF=8YGiP6LSEHO098BFPoTySOCg@mail.gmail.com>
Cc: privacy-pass@ietf.org
In-Reply-To: <CACsn0c=PC7HOni-5JgVJxBiSF=8YGiP6LSEHO098BFPoTySOCg@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
X-Mailer: iPhone Mail (20D67)
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/eDB8MWbernapDy06_rc1rbzsEFg>
Subject: Re: [Privacy-pass] RFC 4055 PSS encoding
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Apr 2023 00:22:46 -0000
On Apr 27, 2023, at 2:47 PM, Watson Ladd <watsonbladd@gmail.com> wrote: > > On Wed, Apr 26, 2023 at 6:13 PM Christopher Wood <caw@heapingbits.net> wrote: >> >> Hi Watson, >> >> There are some implementations that will not parse DER encoded blobs with the NULL fields explicitly included, which is why the spec is as it is. I think it’s reasonable to be rigid about key ID format, if for no other reason that avoiding the situation where different implementations of the protocol don’t agree on the key ID when computed directly from the public key (as opposed to being computed from the DER encoding). > > There is that. However, baking it into the standard means we'll have > to deal with it for all time. Totally agreed. I think this boils down to whether those inflexible implementations can be updated. If they can, we should definitely change to something like you suggest. Best, Chris > >> >> Best, >> Chris > > -- > Astra mortemque praestare gradatim
- [Privacy-pass] RFC 4055 PSS encoding Watson Ladd
- Re: [Privacy-pass] RFC 4055 PSS encoding Christopher Wood
- Re: [Privacy-pass] RFC 4055 PSS encoding Watson Ladd
- Re: [Privacy-pass] RFC 4055 PSS encoding Christopher Wood
- Re: [Privacy-pass] RFC 4055 PSS encoding Tommy Pauly
- [Privacy-pass] RFC 4055 hermeneutics (was Re: RFC… Watson Ladd