RE: Request change in son-of-rfc2633
pgut001@cs.auckland.ac.nz (Peter Gutmann) Wed, 29 October 2003 05:28 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA25493 for <smime-archive@lists.ietf.org>; Wed, 29 Oct 2003 00:28:53 -0500 (EST)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9T4neI7024568 for <ietf-smime-bks@above.proper.com>; Tue, 28 Oct 2003 20:49:40 -0800 (PST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.10/8.12.9/Submit) id h9T4nejf024567 for ietf-smime-bks; Tue, 28 Oct 2003 20:49:40 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from hermes.cs.auckland.ac.nz (hermes.cs.auckland.ac.nz [130.216.33.151]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9T4naI7024562 for <ietf-smime@imc.org>; Tue, 28 Oct 2003 20:49:39 -0800 (PST) (envelope-from pgut001@cs.auckland.ac.nz)
Received: from cs.auckland.ac.nz (medusa01.cs.auckland.ac.nz [130.216.34.33]) by hermes.cs.auckland.ac.nz (8.12.9-20030924/8.12.9) with ESMTP id h9T4n6o9010625; Wed, 29 Oct 2003 17:49:06 +1300
Received: (from pgut001@localhost) by cs.auckland.ac.nz (8.11.6/8.11.6) id h9T4pMY09221; Wed, 29 Oct 2003 17:51:22 +1300
Date: Wed, 29 Oct 2003 17:51:22 +1300
Message-Id: <200310290451.h9T4pMY09221@cs.auckland.ac.nz>
From: pgut001@cs.auckland.ac.nz
To: blake@brutesquadlabs.com, housley@vigilsec.com, jimsch@exmsft.com, pgut001@cs.auckland.ac.nz
Subject: RE: Request change in son-of-rfc2633
Cc: ietf-smime@imc.org
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Russ Housley <housley@vigilsec.com> writes: >So, if the first certificate located is not the right one, search for >another. If one is not located, then return an error. Which error though? With iAndS, there are three possible outcomes: 1. Cert definitely not found. 2. Cert definitely found, bad signature. 3. Cert definitely found, good signature. With sKID, this becomes: 1. Cert not found, although it may be out there somewhere and we don't know about it. 2. Cert found, bad signature, although there may be one out there that would return a good signature but we don't know about it. 3. Cert found, good signature. So should the "one is not located" error be: The data has been tampered with by an attacker. or: The data may or may not have been tampered with by an attacker, it sort of looks like it was but I can't really tell because there may be some other cert that I'm not aware of that indicates that it wasn't. In the presence of an ambiguous identifier and a potentially arbitrarily large number of certs identified by it, it's not possible to return a useful error message to the user. One simple solution to this problem would be to introduce a guaranteed- unambiguous identifier for certs: certIdentifier [1] OCTET STRING SIZE(20), (being the almost universally-used SHA-1 hash/fingerprint/thumbprint/whatever your particular program calls it) and deprecate the sKID on the grounds that it can't provide the same semantics as iAndS does, while a certID can. Note that this would be completely in line with the RFC 3369 requirements, which says that the "sid specifies the signer's certificate", which the certID certainly does. Peter.
- Request change in son-of-rfc2633 Jim Schaad
- Re: Request change in son-of-rfc2633 Russ Housley
- Re: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Steve Hanna
- RE: Request change in son-of-rfc2633 Santosh Chokhani
- Re: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Peter Gutmann