Re: [saag] post-X509 cryptographic identities
Nico Williams <nico@cryptonector.com> Sat, 15 February 2020 00:02 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB13B12002E for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 16:02:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uby0IS7df0sv for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 16:02:29 -0800 (PST)
Received: from butterfly.birch.relay.mailchannels.net (butterfly.birch.relay.mailchannels.net [23.83.209.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33A01120013 for <saag@ietf.org>; Fri, 14 Feb 2020 16:02:26 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 1084312115D; Sat, 15 Feb 2020 00:02:26 +0000 (UTC)
Received: from pdx1-sub0-mail-a56.g.dreamhost.com (100-96-0-7.trex.outbound.svc.cluster.local [100.96.0.7]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 6301B121105; Sat, 15 Feb 2020 00:02:25 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a56.g.dreamhost.com ([TEMPUNAVAIL]. [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.18.5); Sat, 15 Feb 2020 00:02:26 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Belong-Vacuous: 775056855d55f8f4_1581724945885_790152336
X-MC-Loop-Signature: 1581724945885:1217141015
X-MC-Ingress-Time: 1581724945884
Received: from pdx1-sub0-mail-a56.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a56.g.dreamhost.com (Postfix) with ESMTP id 5E5C985BEE; Fri, 14 Feb 2020 16:02:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=FvxqsFLgzW4UHY UtHIttFFLX0g4=; b=UiYq4GMH9H/c6+7JsTYSjBJbx7aF2ow1amVut0tEc7yK7y J+hJYcadnBzMkIKJzsM2xFmqLwhufLNRfdmzW7/NlH4s66UNYN/tuqQQMEHd1CQs 0CaNkx4lpq9MJqt21C2FDRkcwpaTS7cI2A7Hsot+KJusPfHce2ij9Et9pYsLo=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a56.g.dreamhost.com (Postfix) with ESMTPSA id 718DD85BF8; Fri, 14 Feb 2020 16:02:20 -0800 (PST)
Date: Fri, 14 Feb 2020 18:02:18 -0600
X-DH-BACKEND: pdx1-sub0-mail-a56
From: Nico Williams <nico@cryptonector.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: IETF SAAG <saag@ietf.org>
Message-ID: <20200215000215.GA18021@localhost>
References: <d3d01f1f-5784-da84-1c59-e636d349bd2a@netmagic.com> <20200213175626.GR18021@localhost> <65357327-e2d7-89cc-221e-ed8ac2875048@netmagic.com> <A91F5BD6-BFBA-4BA7-9158-3F41A8F0F7D9@gmail.com> <20200213191952.GS18021@localhost> <9FEBBD2A-3578-436A-92E3-192CADC9FA8B@gmail.com> <20200213205158.GT18021@localhost> <CAMm+LwhAXWbVL=j3Cek_Sf9eK-aKsQgZ+Gsh55nP3nvur_JSEQ@mail.gmail.com> <20200214211255.GZ18021@localhost> <CAMm+Lwgr3JaqZ3zpJDJCaoaoMghJeLo8owyo1qgysUZV1u-Ktw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAMm+Lwgr3JaqZ3zpJDJCaoaoMghJeLo8owyo1qgysUZV1u-Ktw@mail.gmail.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-VR-OUT-STATUS: OK
X-VR-OUT-SCORE: -100
X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrjedugdduiecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucggtfgfnhhsuhgsshgtrhhisggvpdfftffgtefojffquffvnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpeffhffvuffkfhggtggujggfsehttdertddtredvnecuhfhrohhmpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqnecukfhppedvgedrvdekrddutdekrddukeefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhppdhhvghloheplhhotggrlhhhohhsthdpihhnvghtpedvgedrvdekrddutdekrddukeefpdhrvghtuhhrnhdqphgrthhhpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqpdhmrghilhhfrhhomhepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomhdpnhhrtghpthhtohepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomh
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/IjF6SIzBLH8kJmM1i1jBeUuNIqs>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Feb 2020 00:02:32 -0000
On Fri, Feb 14, 2020 at 05:47:31PM -0500, Phillip Hallam-Baker wrote: > On Fri, Feb 14, 2020 at 4:13 PM Nico Williams <nico@cryptonector.com> wrote: > > On Fri, Feb 14, 2020 at 02:44:53PM -0500, Phillip Hallam-Baker wrote: > > > The approach I tried to take in Shen in the 90s and have revisited with > > the > > > Mesh is to make every individual the apex of their own trust hierarchy. > > [...] > > > > Yes, but that way lies TOFU. That's fine for many things, but not all > > things. You could argue the inverse is also true, that rooted naming > > and trust are fine for many things, but not all things -- I would agree > > with that. > > No, it doesn't have to be that way. Alice is her own trust apex but she can > decide to delegate. Yes, for the case where Alice is enroling a new device in her world. But for Alice being introduced to Bob... In person, they can engage in a ceremony, but otherwise we're looking at TOFU or having an introducer. > > > My original hope was we could do something of the sort with PKIX. > > > But X.509 is simply too complex for most organizations to manage > > > let alone individuals. > > > > I'm curious about this. Are you referring here to the use of ASN.1/DER > > and the ASN.1 types in RFC5280, or are you referring to semantics, or > > something else? > > The idea was people would be able to edit their own trust stores in a > meaningful way. But never worked out how to make it tractable. But is this a PKIX issue, an API issue, or something else? In meshy world you'd have to locally associate an issuer with each peer you know. > > > DNSSEC cannot meet my security needs because it insists all trust flows > > > from one point. If I am designing an embedded system, I want to be able > > to > > > specify the roots of trust. > > > > Thanks for expanding on that. I can agree with mesh-like trust and > > naming for this, but for many things we'll still need a rooted trust > > system like DNSSEC. > > Depends on the purpose. If I am running a SCADA system for a chemical > plant, it would make every sense to decouple from ICANN and instead bind to > the dozen or so domains of interest directly. > > Or I can use ICANN as an introducer or ICANN plus additional credentialing. Right. No need for DNS here. Unless you're using a browser or something (though you can have your own PKI for that). The thing is that the browser is a fantastic client. It's hard to give it up, and as long as you don't... > I would like to see two persistent naming schemes established. One for > essentially randomized names and the other for curated names. I don't want > my names to expire, that is the key thing. Curated names -> DNS (and/or app stores, search engines, etc.). My point earlier in this thread is that we'll always need that one, so don't throw out that baby with the bathwater. > > BTW, Heimdal's ASN.1 compiler lets you name types whose encodings have > > to be saved in a `_save` structure field by the decoder. It's very > > nice, and, for PKIX, essential. General purpose JSON decoders however > > generally don't decode to a schema the way decoders compiled from an > > ASN.1 module do, so it's harder to add a "save this part as encoded for > > later signature verification" feature -- not impossible, but not widely > > available either. So one has to resort to base64-encoding the JSON > > texts to be signed/encrypted and then sending those as strings in other > > (possibly JSON) documents (e.g., JWT). (In Kerberos we do the moral > > equivalent and wrap things to be signed/encrypted in OCTET STRINGs.) > > > > Yup, it is currently painful and right now I am Base64 encoding everything > when using JSON. But I also have a binary encoding option, JSON-B. That is > simply JSON with the option of encoding a binary blob as a base64 string or > as a length-data production. Right. Thanks for expanding on that. Nico --
- [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Derek Atkins
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Derek Atkins
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Watson Ladd
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Peter Gutmann
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Tony Finch
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Watson Ladd
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Viktor Dukhovni
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Finch
- Re: [saag] post-X509 cryptographic identities Michael Richardson