IETF Logo Mail Archive

Re: [saag] post-X509 cryptographic identities

Phillip Hallam-Baker <phill@hallambaker.com> Fri, 14 February 2020 22:26 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DC7F120013 for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 14:26:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Level:
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YDfFQIhBfyfm for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 14:26:49 -0800 (PST)
Received: from mail-oi1-f180.google.com (mail-oi1-f180.google.com [209.85.167.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F3AA1200C1 for <saag@ietf.org>; Fri, 14 Feb 2020 14:26:49 -0800 (PST)
Received: by mail-oi1-f180.google.com with SMTP id l9so10941717oii.5 for <saag@ietf.org>; Fri, 14 Feb 2020 14:26:49 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WqH+jc4J/cA9sZjVGUUL79CtIFRFP4nJ4kHi77Qt4zY=; b=jq3oi2tZPO778ihVWQHLNWm2OM+RuenE5IWgDXNH6c0zsmKW6kpgNZBnHfVlHmnfRd j9w3Ga9ucb/H7NEGXk9lAq33xvJh7uYuxbc/xwZ+KvuSq33ruLz1o4Ss/p1DZYL1KI9+ m7tUDdxUX1vHsQ5hg2MRdneXgW+c6191pDR3zcJ2I/x0kV95tG36IzDp8qbUpPkBRiLz HVMp4T2B+cnZ58fcEP3B6TWZO5EQPKuj0pjR9WyOuN8z6RDkqkMw52mPHcyN9IgeyXJu VU0j2I6M2BG85NjQSmmbjqlJ63b/tuDZLBEMhBlRnrv9IWQirx2+bk47j4zh8suRYEdX kdwQ==
X-Gm-Message-State: APjAAAVLkBjga5JXPU3WZ0b+1XeHpmEEWUQdwsXYa+1anv0RmI4jGlZi 8EASEjFo1zBpmkkEJsY7Q+NX2JsLp31evXN6raM=
X-Google-Smtp-Source: APXvYqwnlIHUrshusU+SyTsaUp+HTr1P2SCTIRgRRXfss27SwlU38xyZbyQOG5So+Oqk+/shQGb05eKe8Sf8oHzAuho=
X-Received: by 2002:aca:ccce:: with SMTP id c197mr3299047oig.31.1581719208199; Fri, 14 Feb 2020 14:26:48 -0800 (PST)
MIME-Version: 1.0
References: <26497.1581418516@dooku> <20200212002125.GO18021@localhost> <alpine.DEB.2.20.2002131443470.25433@grey.csi.cam.ac.uk> <20200213171324.GP18021@localhost> <d3d01f1f-5784-da84-1c59-e636d349bd2a@netmagic.com> <20200213175626.GR18021@localhost> <65357327-e2d7-89cc-221e-ed8ac2875048@netmagic.com> <A91F5BD6-BFBA-4BA7-9158-3F41A8F0F7D9@gmail.com> <20200213191952.GS18021@localhost> <9FEBBD2A-3578-436A-92E3-192CADC9FA8B@gmail.com> <20200213205158.GT18021@localhost> <CAMm+LwhAXWbVL=j3Cek_Sf9eK-aKsQgZ+Gsh55nP3nvur_JSEQ@mail.gmail.com> <CB2A6E0B-E48D-4C1B-9F85-BA6A93963ED6@gmail.com>
In-Reply-To: <CB2A6E0B-E48D-4C1B-9F85-BA6A93963ED6@gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Fri, 14 Feb 2020 17:26:36 -0500
Message-ID: <CAMm+LwjiGGyjwRMJSid664bry4-0YfEVu8Nj_gu2qfwE2RdVxw@mail.gmail.com>
To: Henry Story <henry.story@gmail.com>
Cc: IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008a0a78059e90b36c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/duY_5iJg48hAOhjTnTiO70ygHgg>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Feb 2020 22:26:51 -0000

On Fri, Feb 14, 2020 at 3:42 PM Henry Story <henry.story@gmail.com> wrote:

>
>
> > On 14 Feb 2020, at 20:44, Phillip Hallam-Baker <phill@hallambaker.com>
> wrote:
> >
> > Syntax is the least important part of PKI but it is a part of the
> puzzle. Why oh why do people think canonicalization is relevant? If you
> want to be able to verify a signature, you have to keep the original bits
> that were signed. End of story.
>
> The way to make syntax unimportant is to work on the semantic level. That
> is
> in a way what the Semantic Web does by starting from naming, and leaving
> syntax decisions open, allowing multiple ones: RDF/XML, JSON-LD, Turtle,
> NTriples, Binary RDF, CSV …
>
> But once one moves away from syntax it then becomes very important
> to canonicalize data, exactly so as to move away from being tied to syntax.
> A Canoncicalisation of a data then allows one even to discard the original
> bytes, if one does not wish to keep to versions of everything around.


No, it does not become important to canonicalize. We have been trying and
failing at that for 30 years and there is no reason to believe things will
change in the future.

Digital signatures authenticate the presentation of the data. If you are
using Schnorr signatures, the usual form of the signature isn't even
deterministic. So sign the same octet sequence twice and you get two
different signatures.

I have never seen a situation. where discarding the signed octet sequence
makes the slightest sense. I am currently using a machine with 64GB of RAM
and 2TB of disk and that isn't uncommon. A RaPi4 comes with up to 4GB these
days. Signed assertions (SAML, PKIX, Mesh) are rarely more than a few KB.

The immense complexity of canonicalization means that it should be avoided
wherever possible. Instead we have people swooping in demanding that it be
required. Well time to put a lid on that.

v2.23.0 | Report a Bug | By Email