Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge
Graham Leggett <minfrin@sharp.fm> Thu, 10 November 2022 12:39 UTC
Return-Path: <minfrin@sharp.fm>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C535C14CF09 for <secdispatch@ietfa.amsl.com>; Thu, 10 Nov 2022 04:39:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sharp.fm
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N-anGcNpfzU3 for <secdispatch@ietfa.amsl.com>; Thu, 10 Nov 2022 04:39:34 -0800 (PST)
Received: from chandler.sharp.fm (chandler.sharp.fm [78.33.206.219]) by ietfa.amsl.com (Postfix) with ESMTP id BA28BC14CF06 for <secdispatch@ietf.org>; Thu, 10 Nov 2022 04:39:33 -0800 (PST)
Received: from smtpclient.apple (unknown [IPv6:2001:67c:1232:144:c928:8ae5:4c2a:84a9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: minfrin@sharp.fm) by chandler.sharp.fm (Postfix) with ESMTPSA id 78CF5192E44; Thu, 10 Nov 2022 12:39:31 +0000 (GMT)
Authentication-Results: chandler.sharp.fm; arc=none smtp.client-ip=2001:67c:1232:144:c928:8ae5:4c2a:84a9
ARC-Seal: i=1; a=rsa-sha256; d=sharp.fm; s=default; t=1668083971; cv=none; b=J/jO4f9QeAlqmAOQDLJBBGFKZzw9NAOqSWrYCYncyayET3ryAjl44gbn+bpfbuiuYF7soo7kaL5isJMbkVNbZFdEtcL9JeAgzyZ2QtSG8GXz20Mw+nSR2A3Vf0/z6TlE2h+nl0IsAD8ta8zRl3zSb6UzkuEgjOIro0ZKziacJzo=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sharp.fm; s=default; t=1668083971; c=relaxed/simple; bh=eAkoWYvR3HmwwATreEw+5Xk/ToJNEPJUJw/lvDjyWpk=; h=DKIM-Filter:DKIM-Signature:Content-Type:Mime-Version:Subject:From: In-Reply-To:Date:Cc:Content-Transfer-Encoding:Message-Id: References:To:X-Mailer; b=MUJWPHi0TauXw/ZPYSZg+FlsR6ZIo0eRKg6FYCdVF0v34PjTh0ou+1IbjNkaB4NFh5YVtMV0sZis+8FvTxQW+CssOVYjd2pd9y6Zwue3iQRBM4+dkU9oEXOWyFLnwV8ZL0mtl1UyGklKSnvvOjs1s/knwA3LG8hV8ZQJoZLmlRM=
ARC-Authentication-Results: i=1; chandler.sharp.fm; arc=none smtp.client-ip=2001:67c:1232:144:c928:8ae5:4c2a:84a9
DKIM-Filter: OpenDKIM Filter v2.11.0 chandler.sharp.fm 78CF5192E44
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharp.fm; s=default; t=1668083971; bh=SbTw/tmPfliK/4AJ9SmkpkFhMkuXQcaRhfaGPt8TyvM=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=vYCww083eldTgzTnaGBZWNQJnRfYSXEokTB372EgodmjyoWnA5RN2tIPDR9ZphBWn nr/gcIokP6nOcdpYIzP86jOv6W+BIcqkMFiLsfm9GfvZmutqeHEUM4nQrCE/Yl6p7R UxcJJA36XaJHtvRyS2sLoG6h1GWp4bieomgBq0zw=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Graham Leggett <minfrin@sharp.fm>
In-Reply-To: <BN2P110MB11076DA8E19230F38F1875AEDC019@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Date: Thu, 10 Nov 2022 14:39:25 +0200
Cc: "kaduk@mit.edu" <kaduk@mit.edu>, Dirk-Willem van Gulik <dirkx@webweaving.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B1A55C38-2712-453C-99B1-883E1F2BB0A7@sharp.fm>
References: <77101A6A-7D9C-4817-B16D-70505FA10C6D@sharp.fm> <BN2P110MB11076DA8E19230F38F1875AEDC019@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
To: Roman Danyliw <rdd@cert.org>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/Bpq1SQ2Xz9KBkR0sCQ1RLI4DMv8>
Subject: Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Nov 2022 12:39:39 -0000
On 10 Nov 2022, at 10:51, Roman Danyliw <rdd@cert.org> wrote: > Thanks for bringing this work for consideration into the IETF. > > Section 1.2 says: > > The purpose of > this RFC is to document the existing use of the protocol, address > security implementation weaknesses in common implementations, and > formalise the protocol into a standard. > > Could you roughly annotate or explain which parts of the document are (a) documenting the "existing use of the protocol"; and (b) "addressing the security ... weaknesses." Per (a), would implementations all agree on the definition of terms/ASN.1 in Section 2 and 3, or are changes/improvements made here per goal (b)? Is (b) primarily addressed by Section 6 where there is guidance on how to use SPKAC? The a) above is worded badly, it means “how the protocol works right now in existing code”. The “security weaknesses” are covered in section 6 yes, and are the mandated use of MD5 in both protocols that depended on SPKAC (keygen in HTML5), and the hard coded use of MD5 in implementations (OpenSSL was an example, this has subsequently been fixed in https://github.com/openssl/openssl/pull/11260). All implementations agree on the definition of terms/ASN.1 (I am not aware of any that don’t, implementations of this code approach 30 years old and I would expect any interop problems to have been ironed out by now). No changes are proposed. This standard is very well contained when Netscape designed it, the title “signed public key and challenge” describes the whole thing, the combination of a public key and a challenge exist, and are signed, that’s it. With a proper IETF definition, this message format can be used as a building block by other specs. One thing I want to be careful of is drawing too much of the history into this spec. We’re defining the messaging format only at this point. Happy to receive guidance on whether we need more history or if this is good enough. Regards, Graham —
- [Secdispatch] draft-leggett-spkac: Signed Public … Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Rifaat Shekh-Yusef
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Michael Richardson
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Salz, Rich
- Re: [Secdispatch] [EXTERNAL] Re: draft-leggett-sp… Mike Ounsworth
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Michael Richardson
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Roman Danyliw
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Daniel Kahn Gillmor
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Eric Rescorla
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Daniel Kahn Gillmor
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley