Re: [saag] [CFRG] OCB does not have an OID specified, that is a general problem
Richard Outerbridge <outer@interlog.com> Mon, 07 June 2021 14:34 UTC
Return-Path: <outer@interlog.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id E4A0C3A18A4
for <saag@ietfa.amsl.com>; Mon, 7 Jun 2021 07:34:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 0uv1Sc-YhD_r for <saag@ietfa.amsl.com>;
Mon, 7 Jun 2021 07:34:21 -0700 (PDT)
Received: from mail-1.ca.inter.net (mail-1.ca.inter.net [208.85.220.69])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 8391B3A189E
for <saag@ietf.org>; Mon, 7 Jun 2021 07:34:21 -0700 (PDT)
Received: from localhost (offload-3.ca.inter.net [208.85.220.70])
by mail-1.ca.inter.net (Postfix) with ESMTP id 5ED012EA3C6;
Mon, 7 Jun 2021 10:34:20 -0400 (EDT)
Received: from mail-1.ca.inter.net ([208.85.220.69])
by localhost (offload-3.ca.inter.net [208.85.220.70]) (amavisd-new, port 10024)
with ESMTP id IjmdUAfTt9X0; Mon, 7 Jun 2021 10:11:26 -0400 (EDT)
Received: from [192.168.168.101]
(bras-base-toroon0246w-grc-16-70-53-126-140.dsl.bell.ca [70.53.126.140])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
(Authenticated sender: outer@interlog.com)
by mail-1.ca.inter.net (Postfix) with ESMTPSA id 6941A2EA06A;
Mon, 7 Jun 2021 10:34:19 -0400 (EDT)
From: Richard Outerbridge <outer@interlog.com>
Message-Id: <105F02F8-E74E-436B-A637-58F1DDCDAF3B@interlog.com>
Content-Type: multipart/alternative;
boundary="Apple-Mail=_02E055A9-784F-4163-B615-C73B56DCB655"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
Date: Mon, 7 Jun 2021 10:34:19 -0400
In-Reply-To: <773badc5fdc04c41a5ceea7ad4fe29fe@cert.org>
Cc: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>,
Phillip Hallam-Baker <phill@hallambaker.com>, IETF SAAG <saag@ietf.org>,
IRTF CFRG <cfrg@irtf.org>
To: Roman Danyliw <rdd@cert.org>
References: <CAMm+Lwizfw6=T28gGOgeGZ=4CEHsQ5BoWcAt5mOWbyJHLVJmuQ@mail.gmail.com>
<B73FB6B1-3EFC-4AEA-9A99-8C047F478944@akamai.com>
<773badc5fdc04c41a5ceea7ad4fe29fe@cert.org>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/uTrLgWV9yVgzLHI-AghlkhHy7C4>
Subject: Re: [saag] [CFRG] OCB does not have an OID specified,
that is a general problem
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>,
<mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>,
<mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jun 2021 14:34:27 -0000
Hmm … __outer > On 2021-06-07 (158), at 09:53:10, Roman Danyliw <rdd@cert.org> wrote: > > Hi! > > From: saag <saag-bounces@ietf.org <mailto:saag-bounces@ietf.org>> On Behalf Of Salz, Rich > Sent: Monday, June 7, 2021 9:45 AM > To: Phillip Hallam-Baker <phill@hallambaker.com <mailto:phill@hallambaker.com>>; IETF SAAG <saag@ietf.org <mailto:saag@ietf.org>>; IRTF CFRG <cfrg@irtf.org <mailto:cfrg@irtf.org>> > Subject: Re: [saag] [CFRG] OCB does not have an OID specified, that is a general problem > > rfc7253 specifies OCB mode. But there is no OID specified to use OCB with CMS, nor are there identifiers for use with JOSE. > > For this particular case, a request to the IANA expert will get an OID. (He’s a co-chair of LAMPS :) > > I would like to propose that in future assignment of relevant OIDs and JOSE identifiers be considered a requirement for similar work. If a spec for a symmetric mode isn't sufficiently specified to enable interoperable implementation in CMS and JOSE, it is not sufficiently specified to be an RFC. > > That’s a reasonable thing to ask for, and something that could be caught by SECDIR or AD review. [ … ] > [Roman] Agreed in the general case for the IETF stream. For RFC7253, this review would have been during IESG conflict review because that document was IRTF stream (which doesn’t have an SECDIR review, AD review or even an IESG ballot). > > Roman > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org <mailto:CFRG@irtf.org> > https://www.irtf.org/mailman/listinfo/cfrg <https://www.irtf.org/mailman/listinfo/cfrg>
- [saag] OCB does not have an OID specified, that i… Phillip Hallam-Baker
- Re: [saag] [CFRG] OCB does not have an OID specif… Salz, Rich
- Re: [saag] [CFRG] OCB does not have an OID specif… Roman Danyliw
- Re: [saag] [CFRG] OCB does not have an OID specif… Neil Madden
- Re: [saag] [CFRG] OCB does not have an OID specif… Carsten Bormann
- Re: [saag] [CFRG] OCB does not have an OID specif… Richard Outerbridge
- Re: [saag] OCB does not have an OID specified, th… Russ Housley
- Re: [saag] [CFRG] OCB does not have an OID specif… Phillip Hallam-Baker
- Re: [saag] [CFRG] OCB does not have an OID specif… Neil Madden
- Re: [saag] [CFRG] OCB does not have an OID specif… Phillip Hallam-Baker
- Re: [saag] [CFRG] OCB does not have an OID specif… Neil Madden
- Re: [saag] [CFRG] OCB does not have an OID specif… Phillip Hallam-Baker