Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
Phillip Hallam-Baker <phill@hallambaker.com> Fri, 08 June 2018 19:03 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D8AA130F7C for <secdispatch@ietfa.amsl.com>; Fri, 8 Jun 2018 12:03:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.402
X-Spam-Level:
X-Spam-Status: No, score=-1.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rS_mlJWJXjSu for <secdispatch@ietfa.amsl.com>; Fri, 8 Jun 2018 12:03:21 -0700 (PDT)
Received: from mail-ot0-x22b.google.com (mail-ot0-x22b.google.com [IPv6:2607:f8b0:4003:c0f::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB8F4130F80 for <secdispatch@ietf.org>; Fri, 8 Jun 2018 12:03:20 -0700 (PDT)
Received: by mail-ot0-x22b.google.com with SMTP id 101-v6so16888826oth.4 for <secdispatch@ietf.org>; Fri, 08 Jun 2018 12:03:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=4zybZojeLxdhK9ZftdXzy2gWpp/ehZVlhxuUC0e0Ih8=; b=A+LGMP0S0D3Z6teA0Opj6RbWzKF7JhMDIA6MQRtw2y1dy88xaEDATMTPSK69nEiWG3 h8E6adPJhwfOkf7nrzPABPCLyo6+MhlsicBlIOgLdEthilAXhUA4MCYq3J0RCWnmTwTJ SZFSUlKJ1ctkJPJumTefY6qIM3BsgOXawaVd3pSXleZdnz+eJRjTtg2VFPG0SEpYBv4z I7zPAjlHRH/0lSIubVnBPLa5C9jD4I4NV/aOBAA0PS+mo12AWaNhWrCtlYWdUckq58t7 tOVbqrq7J/3DT9qi14nB6xqIGzqbiev7tusLl/w300EUL4oOkUUfHuarAet6DYget65p 7qWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=4zybZojeLxdhK9ZftdXzy2gWpp/ehZVlhxuUC0e0Ih8=; b=qwuJ3rbtN4X6HEi4RncjDDxZIPxbc9SqOqd78XFRlnrDs7AQ123FBEkMAoNksKUQRX DzrIZvLsn3yt5dex/6ANSVck4UsZUs3jzYRfDF1Y68wgc6xUlaBEbIheYAeZuxbMPblO Z4iKQMEXmHTczDStuXLDZ4nL94bKQU1WV7Sx7lu9MrqV80x9OE5B6h1xj3QjN4C2UAEs MyCjqS4m6w/ygwXbHgQjLyIeNipDro9FBEdjqP7788DUWNCKKXK8lZ7PFWERH6hChTIP 3usZUwzDj658yZbqNjIAOlUf42uhmaSGUaodIXzLrTUbNQLm2yytzF2Tq9+xcz2FqU79 oJcA==
X-Gm-Message-State: APt69E12J5fldoiJWkBIRFI7JkiReBZkw5MRfeLYM/qSvj8JXVfvDSm/ 1KPnipUIl//V0OSNowYXaVnxAnMctWfKFn55+RY=
X-Google-Smtp-Source: ADUXVKL6Jm00Gnw/cWsqv93kzvzzMlZ0+qPiqciKvpb1z7PbwjWhmqjLaXprn8rP4G4m+uAQH0CMjHCkKoXpzuY6q+U=
X-Received: by 2002:a9d:16ce:: with SMTP id s14-v6mr4122428ots.113.1528484600191; Fri, 08 Jun 2018 12:03:20 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 2002:a9d:23:0:0:0:0:0 with HTTP; Fri, 8 Jun 2018 12:03:19 -0700 (PDT)
In-Reply-To: <BL0PR00MB029274D5B739CC78BE98B3E5F57B0@BL0PR00MB0292.namprd00.prod.outlook.com>
References: <BL0PR00MB02927CDBA6AE65BB7979118FF5670@BL0PR00MB0292.namprd00.prod.outlook.com> <CAMm+Lwgf9nwPdhT7Gdex+mRhdRyfstwyYk-znpWFmaRchM_8vA@mail.gmail.com> <BL0PR00MB029274D5B739CC78BE98B3E5F57B0@BL0PR00MB0292.namprd00.prod.outlook.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Fri, 08 Jun 2018 15:03:19 -0400
X-Google-Sender-Auth: L1gkDEN5j2_7sdOENxAiZ9XsqnM
Message-ID: <CAMm+LwgbWr+xF6nKU=jhCQuA_J=vHLNfFFqyN7uLH3-tiV2jOQ@mail.gmail.com>
To: Mike Jones <Michael.Jones@microsoft.com>
Cc: "secdispatch@ietf.org" <secdispatch@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Content-Type: multipart/alternative; boundary="000000000000a3a07b056e260db3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/rTzkAy4yzwzesxTA_jw2u-No3uY>
Subject: Re: [Secdispatch] Document that registers the SECG secp256k1 elliptic curve
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jun 2018 19:03:25 -0000
Could you point to those definitions in your draft so that we close the circle? There are two reasons for this. First, a lot of folk are going to use your draft as cookie cutter for theirs and so there may not be an OID. But equally importantly, we need to capture the fact that these two things are the same. Otherwise, we are likely to end up having to write documents to state that... On Fri, Jun 8, 2018 at 1:43 PM, Mike Jones <Michael.Jones@microsoft.com> wrote: > Thanks for asking, Phillip. I just took the time to look up whether there > is already an OID registered for this curve and it turns out that there > is. See Section A.2.1 of http://www.secg.org/sec2-v2.pdf which specifies > the OID 1.3.132.0.10 for secp256k1 (and also specifies OIDs for the other > curves specified therein, such as 1.2.840.10045.3.1.7 for secp256r1). > Furthermore, RFC 5758 specifies the OID 1.2.840.10045.4.3.2 for ECDSA with > SHA-256 in https://tools.ietf.org/html/rfc5758#section-3.2. > > > > So I believe we’re already covered on the OID registrations. > > > > -- Mike > > > > *From:* hallam@gmail.com <hallam@gmail.com> *On Behalf Of *Phillip > Hallam-Baker > *Sent:* Monday, June 4, 2018 12:15 PM > *To:* Mike Jones <Michael.Jones@microsoft.com> > *Cc:* secdispatch@ietf.org; Benjamin Kaduk <kaduk@mit.edu> > *Subject:* Re: [Secdispatch] Document that registers the SECG secp256k1 > elliptic curve > > > > If we are going to register algorithms, perhaps we could do all of them in > one doc including ASN.1 OIDS. These need not be new code points if already > specified but we should have one OID for IETF purposes per algorithm > wherever possible. > > > > > > On Mon, Jun 4, 2018 at 3:12 PM, Mike Jones <Michael..Jones=40microsoft. > com@dmarc.ietf.org <Michael.Jones=40microsoft.com@dmarc.ietf.org>> wrote: > > This note is soliciting feedback on the best path for > https://tools.ietf.org/html/draft-jones-webauthn-secp256k1-00 to become > an RFC. Its purpose is very specific and narrow: It registers JOSE and > COSE curve identifiers for the SECG secp256k1 elliptic curve and associated > algorithm identifiers. This is used by FIDO UAF, the W3C Verifiable > Claims interest group, and several blockchain projects. I want to get > standard identifiers registered so these projects can use standards-based, > rather than ad-hoc, cryptographic representations. Given the widespread > use of this curve and algorithm, I would like this spec to become an RFC so > that the small integer values can be assigned for COSE, per the “Standards > Action” requirement for the Label assignment in the registry policy at > https://tools.ietf.org/html/rfc8152#section-16.2. I believe it’s also > very likely that some IETF specifications will end up using these > registrations as well. > > > > As background, I’d committed to the W3C Web Authentication (WebAuthn) > working group and the FIDO Alliance to register all the algorithms used by > their specifications that do not have current IANA registrations for JOSE > and COSE. https://tools.ietf.org/html/draft-jones-webauthn-cose- > algorithms-01 started this process by registering additional RSA > algorithms (with help from Jim Schaad, Sean Turner, and others). The next > step in this process is registering the SECG secp256k1 elliptic curve and > associated algorithm identifiers. > > > > Ben Kaduk suggested that I ask SecDispatch for input on the best path > forward. For instance, is anyone interested in reviewing the document or > being the document shepherd? I believe that Area Director sponsorship > probably makes the best sense for this very targeted document but am open > to other options. I know that the W3C and the FIDO Alliance would > appreciate having a path forward for these registrations. > > > > Thanks for your feedback. > > > > -- Mike > > > > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch > > >
- Re: [Secdispatch] Document that registers the SEC… Mike Jones
- Re: [Secdispatch] Document that registers the SEC… Phillip Hallam-Baker
- Re: [Secdispatch] Document that registers the SEC… Mike Jones
- [Secdispatch] Document that registers the SECG se… Mike Jones
- Re: [Secdispatch] Document that registers the SEC… Phillip Hallam-Baker
- Re: [Secdispatch] Document that registers the SEC… John Menerick
- Re: [Secdispatch] Document that registers the SEC… Michael Richardson