IETF Logo Mail Archive

Re: [saag] post-X509 cryptographic identities

Tony Rutkowski <trutkowski.netmagic@gmail.com> Tue, 11 February 2020 18:55 UTC

Return-Path: <trutkowski.netmagic@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA509120046 for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 10:55:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uqio6p9a4aia for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 10:55:14 -0800 (PST)
Received: from mail-qv1-xf33.google.com (mail-qv1-xf33.google.com [IPv6:2607:f8b0:4864:20::f33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3474812001A for <saag@ietf.org>; Tue, 11 Feb 2020 10:55:14 -0800 (PST)
Received: by mail-qv1-xf33.google.com with SMTP id p2so5492134qvo.10 for <saag@ietf.org>; Tue, 11 Feb 2020 10:55:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:reply-to:subject:to:cc:references:organization:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=mlE3BQGxEpO8RbtMj4/GxDH5+DGLOgkrz1h8iRWkNdQ=; b=bsSCUVb8hGIdmE41WseaednE3ENcxLDVOD3evBpBj6k5CaI44W7yJEHo6Oaw806tSz Xd1FeSZXk5C3EiHxXcGMPSCS3nKPu8TjX4OeT4bPmJ1PZko5vizwtK9V0tAbfrJBASTd Bi+D8jZHhLtC6Z88pFyLnyZoEYGodRfN7ExB0olnF13ISCu6nXdYoAb4woKoJzaBcKV9 uZ08POJu9CjjSAlS31Z/94CrfJ7mXdcht93nLmOqXqQE/AY5YPNVwZCc4aC6r2b0SzvB H4ZBh4pdnLg1nT9B85ByrrjPw4nleqtUdM8XeVxr03gknWf1R858AxfN+R77zFa+jlDo 1BAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:reply-to:subject:to:cc:references :organization:message-id:date:user-agent:mime-version:in-reply-to :content-transfer-encoding:content-language; bh=mlE3BQGxEpO8RbtMj4/GxDH5+DGLOgkrz1h8iRWkNdQ=; b=lxE+1gn16DBy6Yg7HYB3FKcWGmNwHvdOEfdyHOBh9YIJF0G9PBHUuIo+ll2u3AOgiv hwh9P2gqq3E98g1PzrSKvO928VZrSvL5hw4XVnVwwJsY5vWQSXGUnbmjhLcaAYMY2E6A AiIUGJJcRkGIe4LNm++iDoWk5TiA+o2lTZYIWAEfREdmUW2p9Qy+2GiF3DCt9d4JxzBC wdFDtsBX7zry2gAtR5Czl/NW1jm80OoXu/A8UtV0lj7bZC4KZ+a7NQMvYOQZupOydfnZ BXwVC/MsAiLxch4eAoSPC4j7Q555+ERjLApgQMxGfvYkYWkqoJSEG2QYzu7eLV7jUMHh yACQ==
X-Gm-Message-State: APjAAAUEmP7/iQQvG8j/Kfj4s96Z/eFWsvqP6VwqJh8iSheeLUljPr2X 8B4oKRHDxrxEEmOXOIFzpfWiN1Q5
X-Google-Smtp-Source: APXvYqxJSw/xYqq3bosOWZMBtJ4nDV4yrKJ+jBgQt/IZ1Hr0E5+afRC6dzB80tJiJJ6c/tYwKo7Row==
X-Received: by 2002:ad4:5a52:: with SMTP id ej18mr4035602qvb.172.1581447312371; Tue, 11 Feb 2020 10:55:12 -0800 (PST)
Received: from [192.168.1.53] (pool-70-106-222-98.clppva.fios.verizon.net. [70.106.222.98]) by smtp.gmail.com with ESMTPSA id m95sm2597176qte.41.2020.02.11.10.55.11 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2020 10:55:11 -0800 (PST)
From: Tony Rutkowski <trutkowski.netmagic@gmail.com>
X-Google-Original-From: Tony Rutkowski <trutkowski@netmagic.com>
Reply-To: trutkowski@netmagic.com
To: Nico Williams <nico@cryptonector.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, saag@ietf.org
References: <46BDE9EB-6306-4194-AFFA-7E9E6604765F@sinodun.com> <825b8c8e-7ee9-9276-d09e-9c006acf3804@ericsson.com> <CABcZeBOzJ2MRS8deZqN+e-o9tFDwgSrYK3_hmV-0pfO+L9oaVw@mail.gmail.com> <53c87d6b-cad1-3a80-291d-e2a896705da5@ericsson.com> <CABcZeBNJWmFTV==6sa0qnAPyRr4=6OiCacchzobE=RozHnqPdg@mail.gmail.com> <7901248e-c7dd-8a12-65df-f40415fde5e2@cs.tcd.ie> <26497.1581418516@dooku> <20200211165720.GH18021@localhost> <98b92ba2-f7a0-fd53-05f4-3d46dc27996f@netmagic.com> <20200211171927.GJ18021@localhost> <20200211173349.GK18021@localhost>
Organization: Netmagic Associates LLC
Message-ID: <efdd8623-7a69-1c24-84e3-8cea3eb95742@netmagic.com>
Date: Tue, 11 Feb 2020 13:55:10 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2
MIME-Version: 1.0
In-Reply-To: <20200211173349.GK18021@localhost>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/RxabHfSsszdS42x9Ciih2cmGhts>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2020 18:55:17 -0000

Hi Nico,

The patent would be worthless.  DNS for OID arc resolution was 
originally proposed by VeriSign's Michael Mealling about 20 years ago in 
RFC3061, introduced again by VeriSign in ITU-T about 15 years ago, and 
then pursued by Korea's ETRI as a series of ITU-T standards X.672, 
X.674, X.675 and X.676.  The root resolver authority is allocated to the 
Korean Information Security Agency. It is known as the OID Resolution 
System (ORS).  Orange's research centre has long maintained a http based 
resolver at the OID Repository site, www.oid-info.com.  Note the KISA 
Activity for the ORS on the OID-INFO site.

OIDs rank as one of the most ubiquitous object identifiers and in 
addition to ASN.1 code and X.509 PKI cert information, it has found 
favor in recent years for IOT tagging.  It is resolved to all kinds of 
information.

--tony


On 2020-02-11 12:33 PM, Nico Williams wrote:
> I should add that IIRC someone patented the use of DNS for OID arc
> resolution.  Lame (because obvious).  What's to resolve an OID to?
> Symbolic form.  Authority.  Documentation and/or document references.
>
> Just some trivia for you.

v2.23.0 | Report a Bug | By Email