IETF Logo Mail Archive

Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge

Dirk-Willem van Gulik <dirkx@webweaving.org> Tue, 15 November 2022 10:26 UTC

Return-Path: <dirkx@webweaving.org>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 760DCC14CE55 for <secdispatch@ietfa.amsl.com>; Tue, 15 Nov 2022 02:26:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.695
X-Spam-Level:
X-Spam-Status: No, score=-1.695 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=webweaving.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O1huLBRqDF54 for <secdispatch@ietfa.amsl.com>; Tue, 15 Nov 2022 02:26:31 -0800 (PST)
Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18A36C14CF0A for <secdispatch@ietf.org>; Tue, 15 Nov 2022 02:26:25 -0800 (PST)
Received: from smtpclient.apple (83-87-209-247.cable.dynamic.v4.ziggo.nl [83.87.209.247]) (authenticated bits=0) by weser.webweaving.org (8.17.1/8.17.1) with ESMTPSA id 2AFAKf6G081735 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 15 Nov 2022 11:20:42 +0100 (CET) (envelope-from dirkx@webweaving.org)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=webweaving.org; s=shared; t=1668507656; bh=6/l+jXFqCDlXJFm2KGdc6Uv9JBXR87S8l7cSrZms3EI=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=mfmpHPVXTPfp0BAqgEQzIWAPsglrE7EzmDUAiKynT1mXgDEl1FCQREwIMiX9f55FJ 1qgmC9BnBHOjaKVDxHQpGoSi8oy7sGLmcCxRIM/p7GNvuMovbpxvtm7CZ8K1iGLIkn i7pZsDDsGFkcEy2xiw/z61F3PfNF1jtzK2WKW8QM=
X-Authentication-Warning: weser.webweaving.org: Host 83-87-209-247.cable.dynamic.v4.ziggo.nl [83.87.209.247] claimed to be smtpclient.apple
From: Dirk-Willem van Gulik <dirkx@webweaving.org>
Message-Id: <AEC05A2F-8579-4BF9-A391-70358016E53B@webweaving.org>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C072BF41-7B4F-423A-B831-93A86C0373D9"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Tue, 15 Nov 2022 11:20:39 +0100
In-Reply-To: <CABcZeBP3kqV5dNUc8_0qya-OWtc0o_U7ftHa=DqpQAViCkYQdg@mail.gmail.com>
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Graham Leggett <minfrin@sharp.fm>, Roman Danyliw <rdd@cert.org>, "kaduk@mit.edu" <kaduk@mit.edu>, "secdispatch@ietf.org" <secdispatch@ietf.org>
To: Eric Rescorla <ekr@rtfm.com>
References: <77101A6A-7D9C-4817-B16D-70505FA10C6D@sharp.fm> <BN2P110MB11076DA8E19230F38F1875AEDC019@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <B1A55C38-2712-453C-99B1-883E1F2BB0A7@sharp.fm> <D948A5CC-3356-436A-925A-8F333BB11440@webweaving.org> <87v8nh58kk.fsf@fifthhorseman.net> <CABcZeBP3kqV5dNUc8_0qya-OWtc0o_U7ftHa=DqpQAViCkYQdg@mail.gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (weser.webweaving.org [148.251.234.232]); Tue, 15 Nov 2022 11:20:56 +0100 (CET)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/sHoey28azWdQuBAQIs3IMef108w>
Subject: Re: [Secdispatch] draft-leggett-spkac: Signed Public Key and Challenge
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2022 10:26:37 -0000


> On 15 Nov 2022, at 05:18, Eric Rescorla <ekr@rtfm.com> wrote:
> 
> 
> 
> On Mon, Nov 14, 2022 at 5:12 PM Daniel Kahn Gillmor <dkg@fifthhorseman.net <mailto:dkg@fifthhorseman.net>> wrote:
> On Thu 2022-11-10 14:42:09 +0100, Dirk-Willem van Gulik wrote:
> > Correct - we’re defining the messaging format as * historically used &
> > known to be highly interoperable between webbrowsers * only at this
> > point.
> 
> Except that it is *no longer* "highly interoperable between web
> browsers", right?
> 
> Correct. Or even "interoperable between Web browsers", really....

Well - did not think it is very productive to bang on Google their somewhat unilateral removal of 'keygen' & the state of the market from a lack of diversity/sourcing perspective :) 

Prior to that point it was obviously very interoperable cross the browsers on unix, linux, mac and windows (with Enroll.ddl) - and saw very large scale use in enterprise/govt's - esp. in non-managed desktop/laptop fleets.

So hence the 'historically'. 

Dw

v2.23.0 | Report a Bug | By Email