IETF Logo Mail Archive

Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve

Mike Jones <Michael.Jones@microsoft.com> Fri, 08 June 2018 17:43 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30B9D130F74 for <secdispatch@ietfa.amsl.com>; Fri, 8 Jun 2018 10:43:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lG4fVvApm1aW for <secdispatch@ietfa.amsl.com>; Fri, 8 Jun 2018 10:43:22 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0709.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe49::709]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DACF130F67 for <secdispatch@ietf.org>; Fri, 8 Jun 2018 10:43:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8MXl1TfTmLaV8zjklyJ89QVnbxOtESiD7RsV/olR0aw=; b=hxB1K9zxcYQvTACvaPW6B4dPAwFqckFfr54MZzNAEgudgkI7cpqEay888E0WVgfS+Ljq4BpQSDEWrQoQbhE+PDpuIaEnq+Q4WQQCgLo7WVjC3NOMjLiEY+mSLUJZDSr7ohocgDy2lxBwQ4liyHdZ+7W0yYZm5WX3CxwtAekyiuM=
Received: from BL0PR00MB0292.namprd00.prod.outlook.com (52.132.19.158) by BL0PR00MB0305.namprd00.prod.outlook.com (52.132.19.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.884.0; Fri, 8 Jun 2018 17:43:15 +0000
Received: from BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::13e:8f40:ef2a:4b2f]) by BL0PR00MB0292.namprd00.prod.outlook.com ([fe80::13e:8f40:ef2a:4b2f%3]) with mapi id 15.20.0880.000; Fri, 8 Jun 2018 17:43:15 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
CC: "secdispatch@ietf.org" <secdispatch@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Thread-Topic: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
Thread-Index: AdP8Kdnc3ZZaMd5VTPONut+KoS2cIQADoAAAAMUz5FA=
Date: Fri, 08 Jun 2018 17:43:15 +0000
Message-ID: <BL0PR00MB029274D5B739CC78BE98B3E5F57B0@BL0PR00MB0292.namprd00.prod.outlook.com>
References: <BL0PR00MB02927CDBA6AE65BB7979118FF5670@BL0PR00MB0292.namprd00.prod.outlook.com> <CAMm+Lwgf9nwPdhT7Gdex+mRhdRyfstwyYk-znpWFmaRchM_8vA@mail.gmail.com>
In-Reply-To: <CAMm+Lwgf9nwPdhT7Gdex+mRhdRyfstwyYk-znpWFmaRchM_8vA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:9:260e:215d:9bb0:55e8]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BL0PR00MB0305; 7:HueY+rZGMUeaFF2uy78KTIDQnxePe6hszVX+yvoCW44HJm+tTLOW3XWQEt5iBwCv3qrYDRxlxtkjQkDcb+QamtzTg/jQe0pMyPxQV4c+S6dN2e1B+kCm/aV9hLCSOhkcYg263iDlry1SBDGqlYQOQHcrhSC3vqg/syRKLu9Cvz0gUc5ypSqW1farxdGnn31KhJY6JJjL12JUPs79H+Qy7pzXx6+emFFKBR0pqITorAEXqyRnWaOUgt5aY6DZxKc0
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7193020); SRVR:BL0PR00MB0305;
x-ms-traffictypediagnostic: BL0PR00MB0305:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-microsoft-antispam-prvs: <BL0PR00MB0305B77F0D0D0CD8600411CCF57B0@BL0PR00MB0305.namprd00.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(89211679590171)(85827821059158)(21748063052155)(240460790083961)(5213294742642);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(2017102700009)(2017102701064)(6040522)(2401047)(8121501046)(5005006)(2017102702064)(20171027021009)(20171027022009)(20171027023009)(20171027024009)(20171027025009)(20171027026009)(2017102703076)(3002001)(3231254)(2018427008)(944501410)(52105095)(93006095)(93001095)(10201501046)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:BL0PR00MB0305; BCL:0; PCL:0; RULEID:; SRVR:BL0PR00MB0305;
x-forefront-prvs: 06973FFAD3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(376002)(39860400002)(346002)(396003)(39380400002)(52254002)(199004)(189003)(22452003)(6436002)(7736002)(74316002)(97736004)(316002)(186003)(46003)(86612001)(2906002)(81156014)(81166006)(4326008)(54906003)(25786009)(478600001)(7696005)(76176011)(6506007)(53546011)(5250100002)(606006)(19609705001)(8676002)(8936002)(102836004)(10290500003)(86362001)(6246003)(33656002)(236005)(105586002)(68736007)(106356001)(53936002)(966005)(14454004)(6916009)(229853002)(5660300001)(9686003)(486006)(3280700002)(446003)(476003)(11346002)(3660700001)(54896002)(99286004)(6306002)(55016002)(72206003)(8990500004)(10090500001)(6116002)(790700001)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:BL0PR00MB0305; H:BL0PR00MB0292.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: idut2tlC7PA3Y9zjudoTJkqUGgh0wF4ryWtMoYiyvwQCY+xrDzuCT7Vi7cUq6jnM6RuOuSaSazC9V0kE8yZTe/P/wvAEcj8dY024T6rcIliB7oefzho3coDhTfR7lxtNc+my7rR9/5Dfk0HSvQpSexlNwusO0GATOQ24pVAZZjA6ZloLEFSdIz1/eIUkhphO
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BL0PR00MB029274D5B739CC78BE98B3E5F57B0BL0PR00MB0292namp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 553833a4-7f2b-4e6e-3c4e-08d5cd675074
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 553833a4-7f2b-4e6e-3c4e-08d5cd675074
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jun 2018 17:43:15.6762 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR00MB0305
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/xy8qmePiwnXS90bCS0y6kW42LAs>
Subject: Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jun 2018 17:43:26 -0000

Thanks for asking, Phillip.  I just took the time to look up whether there is already an OID registered for this curve and it turns out that there is.  See Section A.2.1 of http://www.secg.org/sec2-v2.pdf which specifies the OID 1.3.132.0.10 for secp256k1  (and also specifies OIDs for the other curves specified therein, such as 1.2.840.10045.3.1.7 for secp256r1).  Furthermore, RFC 5758 specifies the OID 1.2.840.10045.4.3.2 for ECDSA with SHA-256 in https://tools.ietf.org/html/rfc5758#section-3.2.

So I believe we’re already covered on the OID registrations.

                                                       -- Mike

From: hallam@gmail.com <hallam@gmail.com> On Behalf Of Phillip Hallam-Baker
Sent: Monday, June 4, 2018 12:15 PM
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: secdispatch@ietf.org; Benjamin Kaduk <kaduk@mit.edu>
Subject: Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve

If we are going to register algorithms, perhaps we could do all of them in one doc including ASN.1 OIDS. These need not be new code points if already specified but we should have one OID for IETF purposes per algorithm wherever possible.


On Mon, Jun 4, 2018 at 3:12 PM, Mike Jones <Michael..Jones=40microsoft.com@dmarc.ietf.org<mailto:Michael.Jones=40microsoft.com@dmarc.ietf.org>> wrote:
This note is soliciting feedback on the best path for https://tools.ietf.org/html/draft-jones-webauthn-secp256k1-00 to become an RFC.  Its purpose is very specific and narrow:  It registers JOSE and COSE curve identifiers for the SECG secp256k1 elliptic curve and associated algorithm identifiers.   This is used by FIDO UAF, the W3C Verifiable Claims interest group, and several blockchain projects.  I want to get standard identifiers registered so these projects can use standards-based, rather than ad-hoc, cryptographic representations.  Given the widespread use of this curve and algorithm, I would like this spec to become an RFC so that the small integer values can be assigned for COSE, per the “Standards Action” requirement for the Label assignment in the registry policy at https://tools.ietf.org/html/rfc8152#section-16.2. I believe it’s also very likely that some IETF specifications will end up using these registrations as well.

As background, I’d committed to the W3C Web Authentication (WebAuthn) working group and the FIDO Alliance to register all the algorithms used by their specifications that do not have current IANA registrations for JOSE and COSE.  https://tools.ietf.org/html/draft-jones-webauthn-cose-algorithms-01 started this process by registering additional RSA algorithms (with help from Jim Schaad, Sean Turner, and others).  The next step in this process is registering the SECG secp256k1 elliptic curve and associated algorithm identifiers.

Ben Kaduk suggested that I ask SecDispatch for input on the best path forward.  For instance, is anyone interested in reviewing the document or being the document shepherd?  I believe that Area Director sponsorship probably makes the best sense for this very targeted document but am open to other options.   I know that the W3C and the FIDO Alliance would appreciate having a path forward for these registrations.

Thanks for your feedback.

                                                       -- Mike


_______________________________________________
Secdispatch mailing list
Secdispatch@ietf.org<mailto:Secdispatch@ietf.org>
https://www.ietf.org/mailman/listinfo/secdispatch

v2.23.0 | Report a Bug | By Email