Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge
Russ Housley <housley@vigilsec.com> Mon, 07 November 2022 16:25 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 479A8C1524C1 for <secdispatch@ietfa.amsl.com>; Mon, 7 Nov 2022 08:25:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.907
X-Spam-Level:
X-Spam-Status: No, score=-6.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zTGu-_xLCXc0 for <secdispatch@ietfa.amsl.com>; Mon, 7 Nov 2022 08:25:13 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECB20C14F73A for <secdispatch@ietf.org>; Mon, 7 Nov 2022 08:25:12 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id F0AFE5B580; Mon, 7 Nov 2022 11:25:11 -0500 (EST)
Received: from [10.0.1.2] (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 6BFBD5ABE2; Mon, 7 Nov 2022 11:25:11 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <77101A6A-7D9C-4817-B16D-70505FA10C6D@sharp.fm>
Date: Mon, 07 Nov 2022 11:25:10 -0500
Cc: IETF SecDispatch <secdispatch@ietf.org>, Ben Kaduk <kaduk@mit.edu>, Dirk-Willem van Gulik <dirkx@webweaving.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <8BEEE6B5-1D5C-4098-95DD-D4C015DC3DC4@vigilsec.com>
References: <77101A6A-7D9C-4817-B16D-70505FA10C6D@sharp.fm>
To: Graham Leggett <minfrin@sharp.fm>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.10 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/oGSxQBLsTRLcDc0kaUIa7lnM-YI>
Subject: Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2022 16:25:15 -0000
Graham: I am supportive of documenting this in an Informational RFC. I hope it will be SEC AD sponsored. If this work goes forward, I encourage you to create an ASN.1 Module that does not use AUTOMATIC tags. In addition, the document asks IANA to assign an OID. That OID should appear in the ASN.1 Module. Finally, the dumpasn1 tool reports an error when processing the example in Section 4. I did not try to figure out the source of the problem. Russ > On Nov 7, 2022, at 8:59 AM, Graham Leggett <minfrin=40sharp.fm@dmarc.ietf.org> wrote: > > Hi all, > > The SPKAC format that was used since the 1990s to request certificates existed for many years but was never written down or standardised. There is still a lot of code about that implements this, and it would be great to ensure it could still be used. > > I have a draft here that is looking for a home: > > https://datatracker.ietf.org/doc/draft-leggett-spkac/ > > I am at the IETF115 meeting this week, and am able to attend the session on Thursday. Is this the correct place for this, or if not could you guide me in the correct direction? > > Regards, > Graham
- [Secdispatch] draft-leggett-spkac: Signed Public … Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Rifaat Shekh-Yusef
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Michael Richardson
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Salz, Rich
- Re: [Secdispatch] [EXTERNAL] Re: draft-leggett-sp… Mike Ounsworth
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Michael Richardson
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Roman Danyliw
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Daniel Kahn Gillmor
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Eric Rescorla
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Daniel Kahn Gillmor
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Dirk-Willem van Gulik
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Graham Leggett
- Re: [Secdispatch] draft-leggett-spkac: Signed Pub… Russ Housley