IETF Logo Mail Archive

[saag] PKIX and related RFCs - definition of Key Packages

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Wed, 16 June 2021 20:53 UTC

Return-Path: <prvs=58011738ea=uri@ll.mit.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEF6A3A2663; Wed, 16 Jun 2021 13:53:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.894
X-Spam-Level:
X-Spam-Status: No, score=-0.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URI_DOTEDU_ENTITY=1] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAer_MJgFFyS; Wed, 16 Jun 2021 13:53:37 -0700 (PDT)
Received: from llmx3.ll.mit.edu (LLMX3.LL.MIT.EDU [129.55.12.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5E113A2661; Wed, 16 Jun 2021 13:53:36 -0700 (PDT)
Received: from LLE2K16-HYBRD01.mitll.ad.local (LLE2K16-HYBRD01.mitll.ad.local) by llmx3.ll.mit.edu (unknown) with ESMTPS id 15GKrURm019701; Wed, 16 Jun 2021 16:53:30 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=bEm1GkDH2eqHPyCzcsyax45Q9nyWQO8lAsaiC8diBfViiMkPDBX+L5yo21hqWJCYe64c6JCQVIpai+XQBxV+0N9Z6ezUkHv2VF+7iEeQ5Cr/UbrnYp6B4H4LZO/tGCoq/OfNv6wYQHEW5UPgUtBdT48PKre8iHnSk/2NSQgeoB8cG/Kt9Acw6BREvbzlFC9izNzvD0hU+s3KExNcQ7sevZq+RkIn11Hxlpq9oYlBXip+DZplBL0apczKnqHMSswyfgIEiABK4QW3F1s7YaXoUN+C2apUPp2LSOa0UmsgooaBZ6KQM7a2HU4JDMTnH9DlB7eHGQqQoAAJrnqAM8XHtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q/R12Cc3L+FAR/kqEVBMZ+1zl8Tf5av54Z6in0s1ZZM=; b=QkUPjJL9W5zdfCvz0Iu8zL0m+1Q86pYQJsvlohpVRgB8di2iKudegxFa0VIAgG3rd3W0K4mdTsV/6267iiLg+UzIkjwGTwOvfCQ0ZrjFBEfc7dGoW5IuoCE/cD+FQDUmYgWOolXUxCBiY5KlB+rfOqurNzPA4XL4NUR165Z4PoMp67CQYgnNX21wjmgbjGT88BMv8Vm3bU6tdYhSN6CNffAAQ5ULkVOErS2muZEVlnBdh3TCWImGt9PAucVNgJqgRYgZ0pqNsSkbWT7zWl7UU11VpkJBOSa5Op44qZYlk2wx9Ewz5/KNGgPMiDSQtw7f9qURviHc9OBKdQ+T39G6gg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "saag@ietf.org" <saag@ietf.org>
CC: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: PKIX and related RFCs - definition of Key Packages
Thread-Index: AQHXYvGmnmRPUPebfEy9d3ZvsQ8nLg==
Date: Wed, 16 Jun 2021 20:53:24 +0000
Message-ID: <B8006164-51AD-4B3B-9CE7-83B0574294F8@ll.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.49.21050901
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ll.mit.edu;
x-originating-ip: [129.55.200.20]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 17859c42-a02c-466d-3960-08d93108c906
x-ms-traffictypediagnostic: SN5P110MB0430:
x-microsoft-antispam-prvs: <SN5P110MB04309D8E6E13A8D90B123D7A900F9@SN5P110MB0430.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VgEyPdDjw0OxdJBujJ7klH/iJfCmgDnZ8FcY+ld5C4DuY7AH4lFJZKd+61PsHLnSakIRUI6OHpCzKsjNHaDMFOb9RlVPhDdKH4HhgFj02CjRYkNvgQHb9UtsaHbrJhS5522gnu/X6Y7M/HdnEwU0cHz0bl9YBhioEbQCpa0FXoKovmFiTkvHE8lW0noi/Yo2yYCl/KsAvKRdA0MvHSmZcOdGWv4ImmEeFF19aH0TItNUk+xUZi7Yj+Z5fQ8BlB0/juf2rwyF1SdHay908+pHwjNnaDFd0dyigL7sKqH77w7tmobuE7JWcMPDEJuiH+l4kVNRcU31Hov5mb+ewKFSt5ohro7lfGAqSCYNMUq7BpsI1UHTNyvrMoz5/o0hjeXQeOKeIyBBBtsKo8x45apYBjBrijw6vNFIG6X1uMeVA5rbLh1yTXLkvWfm7eeFvA6H3IWOrdzA6bDBI+Hbn6i3epB6zR4kR9xx/t/LRYBKznF/VyTtIJd8LWEFTLgUN7v91kHMqb+7jdIeJBS0IdK4SryFLAMcuR2bU5rR3ujsahDOXRzS7rU8SthCLDKEBFgUjdaMtDZauOpwoflgR6rNGMejwMbzu1rj8tIccb5VCBGZophnAVMkRBCSISF3VgLF6SyWBPb9PbbtWgbB56MVvdpCOMkAfWkZ7W1wlHMPvJr08d7G3CbXLNVN2lWmkz1mqBq5E1wMQOtiU7foxUEbBA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(136003)(366004)(39860400002)(346002)(396003)(376002)(316002)(86362001)(478600001)(166002)(26005)(66476007)(64756008)(66616009)(33656002)(66946007)(66556008)(66446008)(76116006)(6916009)(2616005)(450100002)(5660300002)(75432002)(99936003)(4326008)(6506007)(2906002)(38100700002)(8936002)(6486002)(186003)(6512007)(71200400001)(122000001)(966005)(8676002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 98IRygVxEfySC0gzswsMP1E7IxvGl1xzFReK+3FvdLXeDk2grVmgV12f8+hICt7iC+R/HbBPXr+2277+Z/khZltqESV1Obpat3Cpl60W46fO8rPbohrzH0HMG0Ux7KXTtqswE0QfnhRjfe2/zzXVJuJH3SOj0ovvepxSbTUVzoh6LhgnxXAHJhpgzK0mGS/ilmWcxMYqlimEkG62eqXo/s8JYPiDbzWAahoDO2XFhMTRwXa89Lz4kTQS/+9BAO4poBT9TcftyhE9UQaLuU8NjqlFZhmNbp2/Hz4tEaOQin9NRaASmmHhcLzPQ9fDoFkqY810yGB+qzWeA8i5kmbINvoCyjOxIr5CNz4ddAkJ+BbcfpOC/wMkgyUgddm0ZOAW5zUKvFC4Y++Mou4NcOsPLY427+6w+f3HmeaMDKWJrPWYNGQpYCs8CL09rFtyOr9THn3XZ8QObjAK3/t4FEQGySZxOenh6bfmdcVS8sMU3vKNLqEoBW5w9iF5UYDS0FCVPANBJg4ECLGq8xT1Tw1n9HgdzzweKbXui4liuOUjdHJ88PBMlrZErUFVLcNuJzZuVWacZuCQp7afVxoIovsGx9cCLI7BgJIlX3uLz6tWuDMNobVUgOP2mTaRfGOMTFntcsS6zbc9EjkfQgpsGTOCszHYhIHr1P0OHmuHl8ScDFvWeUliBcFpn1UlWnUkw3iGnSMkx1N01vl6prQ4jaqMHQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha256; boundary="B_3706707204_536543075"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN5P110MB0560.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 17859c42-a02c-466d-3960-08d93108c906
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jun 2021 20:53:24.9834 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN5P110MB0430
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-06-16_13:2021-06-15, 2021-06-16 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=961 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2106160117
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/Ruz1t1zC2GVHO0qSfoPOGhI_VW0>
Subject: [saag] PKIX and related RFCs - definition of Key Packages
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2021 20:53:40 -0000

I confess that until now I never bothered actually looking with a critical eye at RFC 5958, 5208, 5915 and such – because the apps that presumably use them to interoperate, were already written by somebody else and (sorta ;) working.

 

Now, as I’m looking at extending those definitions to Post-Quantum algorithms and parameters, I’m seeing what appears weird to me.

 

A lot of the ASN.1 definitions seem to describe how to package private keys. Considering that interoperability in the majority of cases is about applications communicating “over the wire” using S/MIME, CMS, TLS or IKE key exchange, etc. – the predominant need appears to be exchanging public (not private) keys?

 

Yet the definitions invest in the details of the private keys, leaving the public key as “BIT STRING OPTIONAL”. Why is it so?

 

IMHO, first – PublicKey should be OCTET STRING (probably not OPTIONAL), probably CONTAINING {}. Then, each specific IETF-accepted algorithm should have its own definition of how to serialize its public key, maybe wrapping the result into an OCTET STRING (usually this is done to allow parser that doesn’t understand the format, to skip this field)… 

 

Is it too late to rectify? And if I’m missing something, could you enlighten me please? Am I barking at the wrong tree altogether? If so, where is the public key serialization described, if not here? And why not here?

 

Thank you! And apologies for the exhibited ignorance.

 

Here are some examples of what I’m talking about:

 

ECPrivateKey ::= SEQUENCE {

     version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),

     privateKey     OCTET STRING,

     parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,

     publicKey  [1] BIT STRING OPTIONAL

   }

 

OneAsymmetricKey ::= SEQUENCE {

     version                   Version,

     privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,

     privateKey                PrivateKey,

     attributes            [0] Attributes OPTIONAL,

     ...,

     [[2: publicKey        [1] PublicKey OPTIONAL ]],

     ...

   }

 

PublicKey ::= BIT STRING

                     -- Content varies based on type of key. The

                     -- algorithm identifier dictates the format of

                     -- the key.

--

Regards,

Uri Blumenthal                              Voice: (781) 981-1638 

Secure Resilient Systems and Technologies   Cell:  (339) 223-5363

MIT Lincoln Laboratory                      

244 Wood Street, Lexington, MA  02420-9108      

 

Web:     https://www.ll.mit.edu/biographies/uri-blumenthal

Root CA: https://www.ll.mit.edu/llrca2.pem

 

There are two ways to design a system. One is to make is so simple there are obviously no deficiencies.

The other is to make it so complex there are no obvious deficiencies.

                                                                                                                                     -  C. A. R. Hoare

v2.8.7 | Report a Bug | By Email