Re: [sidr] comments on draft-ietf-sidr-rfc6485bis
Sandra Murphy <sandy@tislabs.com> Mon, 14 April 2014 14:43 UTC
Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4E4D1A044B for <sidr@ietfa.amsl.com>; Mon, 14 Apr 2014 07:43:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.173
X-Spam-Level:
X-Spam-Status: No, score=-2.173 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dFbq2PSdtNwz for <sidr@ietfa.amsl.com>; Mon, 14 Apr 2014 07:43:20 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) by ietfa.amsl.com (Postfix) with ESMTP id E92ED1A0186 for <sidr@ietf.org>; Mon, 14 Apr 2014 07:43:18 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id 8766928B0046 for <sidr@ietf.org>; Mon, 14 Apr 2014 10:43:16 -0400 (EDT)
Received: from [127.0.0.1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 397B41F803D; Mon, 14 Apr 2014 10:43:16 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <E293915D-2FA8-487C-AE8C-15A13263E559@tislabs.com>
Date: Mon, 14 Apr 2014 10:43:15 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <60ECB09C-3502-48CD-A152-076AE5BF6E39@tislabs.com>
References: <E293915D-2FA8-487C-AE8C-15A13263E559@tislabs.com>
To: "sidr@ietf.org" <sidr@ietf.org>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/8v0TXp-Vx3uplprslU1Ps0fweT8
Cc: Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] comments on draft-ietf-sidr-rfc6485bis
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Apr 2014 14:43:22 -0000
And one "I forgot": CAs and RPs SHOULD be capable of supporting a transition to allow for the phased introduction of additional encryption algorithms and key specifications, Is this any different than the algorithm agility in RFC6916? If so, I'd think a reference would be good. If not, could you explain? --Sandy, speaking as regular ol' member On Apr 14, 2014, at 9:21 AM, Sandra Murphy <sandy@tislabs.com> wrote: > Speaking as regular ol' member > > Some comments on draft-ietf-sidr-rfc6485bis-01.txt > > Most of my comments are related to the attempt to add a new OID to > RFC6485, which previously had only one to specify. > > * The signature algorithm used in certificates, CRLs, and signed > objects is RSA Public-Key Cryptography Standards (PKCS) #1 > Version 1.5 (sometimes referred to as "RSASSA-PKCS1-v1_5") from > Section 5 of [RFC4055]. > > Except that the signed object signature algorithm OID will be > rsaEncryption which I think is still PKCS#1v1.5, but is not in section > 5 of rfc4055. > > Hashing algorithms > are not identified individually in certificates and CRLs, > ... > For generating and verifying certificates, and CRLs the hashing and > digital signature algorithms are referred to together, > > And the PKCS/CMRF signatures? See comment below. > > > Locations for this OID are as follows: > > The previous text talks about three OIDs, so "this" OID is ambiguous. > Perhaps you just meant "The places where OIDs appear are:". > The text that follows would then say "an OID appears", not "the > OID appears". Not only is there more than one OID to mention, in some > of those messages, more than one OID appears in the message. > > [[I think this discussion of "where" could go better above the two prior > paragraphs that talk about what-goes-in-the-where.]] > > In a certification request, the OID appears in the PKCS #10 > signatureAlgorithm field [RFC2986], or in the Certificate Request > Message Format (CRMF) POPOSigningKey signature field [RFC4211]. > > The PKCS and CRMF uses of crypto algorithms are not mentioned in the > discussion preceding. I presume the "the OID" text is left over from > the original RFC6485 and what was meant was the sha256WithRSAEncryption > OID. It looks to me like RC2986 leaves that choice free, so this > text need to say which > > For CMS SignedData, the object identifier and parameters for SHA-256 > in [RFC5754] MUST be used for the SignedData digestAlgorithms field > and the SignerInfo digestAlgorithm field when generating and > verifying CMS SignedData objects. > ... > RPKI implementations MUST accept CMS SignedData objects that use the > object identifier and parameters for either rsaEncryption or > sha256WithRSAEncryption for the SignerInfo signatureAlgorithm field > when verifying CMS SignedData objects. > > I presume accepting sha256WithRSAEncryption is backward compatibiilty > - just in case some new implementation should appear that implements > RFC6485, before this spec is published, right? Since all known > implementations currently follow this spec? Personal opinion: maybe > we should not permit the backward compatibility with some hypothetical > implementation in this short interval, so future coding errors get > caught? Or at least note the reason, so future readers are not confused? > > Nits: > > Repetition: > > Hashing algorithms > are not identified individually in certificates and CRLs, as > the identity of the hashing algorithm is combined with the > identity of the digital signature algorithm. > ... > > For generating and verifying certificates, and CRLs the hashing and > digital signature algorithms are referred to together, > > I presume this is just repetition, right? I always wonder about > repeated messages - is there a difference I did not notice? So for > those similarly anxious, maybe a "as noted above"? (Or leave out the > first mention - that section is talking about what algorithms there > are to specify, you could leave it to later to talk about the format of > expressing a particular choice of algorithm. Quibble.) > > For CMS SignedData, the object identifier and parameters for SHA-256 > in [RFC5754] MUST be used for the SignedData digestAlgorithms field > <etc> > ... > In CMS SignedData, the OID appears in each SignerInfo > signatureAlgorithm field, the SignerInfo digestAlgorithm field, > and in the SignedData digestAlgorithms [RFC5652]; and, > > I presume this is just repetition (reinforcement, for completeness), > right? (There's no difference I just don't see?) > > truly nitty: > > FROM > For generating and verifying certificates, and CRLs the hashing > TO > For generating and verifying certificates and CRLs, the hashing > > --Sandy, speaking as regular ol' member
- [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Stephen Kent
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Randy Bush
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Geoff Huston
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sean Turner
- Re: [sidr] comments on draft-ietf-sidr-rfc6485bis Sandra Murphy