Re: [smime] [Technical Errata Reported] RFC5753 (4777)
Jim Schaad <ietf@augustcellars.com> Mon, 15 August 2016 18:36 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEE8C12D620 for <smime@ietfa.amsl.com>; Mon, 15 Aug 2016 11:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.148
X-Spam-Level:
X-Spam-Status: No, score=-3.148 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oJx1XeMuvai7 for <smime@ietfa.amsl.com>; Mon, 15 Aug 2016 11:36:08 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9A7712D5B9 for <smime@ietf.org>; Mon, 15 Aug 2016 11:36:07 -0700 (PDT)
Received: from hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Mon, 15 Aug 2016 11:47:55 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Paul Hoffman' <paul.hoffman@vpnc.org>, 'RFC Errata System' <rfc-editor@rfc-editor.org>
References: <20160813213421.15CF8B80D57@rfc-editor.org> <EB493FAE-10F6-4B29-8960-32C70C81F28F@vpnc.org>
In-Reply-To: <EB493FAE-10F6-4B29-8960-32C70C81F28F@vpnc.org>
Date: Mon, 15 Aug 2016 11:35:39 -0700
Message-ID: <043d01d1f723$d4acb760$7e062620$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQEzQ8+sRB9NCKosAWB6LnYE/qlN6QKIiwXboXN6+pA=
Content-Language: en-us
X-Originating-IP: [24.21.96.37]
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/ytYfAJE25IOSXXr2UuHjxxj6L8k>
Cc: smime@ietf.org, Kathleen.Moriarty.ietf@gmail.com, turners@ieca.com, stephen.farrell@cs.tcd.ie
Subject: Re: [smime] [Technical Errata Reported] RFC5753 (4777)
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2016 18:36:11 -0000
I will be honest. I would be happier with an update of this document rather than just having the errata. I would be happy to look at this in a couple of days and see if I can make the text clearer than it currently is. I find the text that does the same thing in RFC5480 to be hard to decipher but the easiest thing might still just be to point to that document for how to do this. Jim > -----Original Message----- > From: Paul Hoffman [mailto:paul.hoffman@vpnc.org] > Sent: Saturday, August 13, 2016 2:47 PM > To: RFC Errata System <rfc-editor@rfc-editor.org> > Cc: turners@ieca.com; dbrown@certicom.com; stephen.farrell@cs.tcd.ie; > Kathleen.Moriarty.ietf@gmail.com; blaker@gmail.com; > ietf@augustcellars.com; smime@ietf.org > Subject: Re: [Technical Errata Reported] RFC5753 (4777) > > Please do not accept this errata until further discussion. > > Discussion: > > 1) I believe that the errata would be *much* clearer if the errata was only for > the changed sentences, not the whole paragraph. Thus, I think the "Original > Text" should start with "The originatorKey publicKey field MUST". If others > agree, the submitter could turn in a new errata. > > 2) The submitter says "This error is also present in sections 3.1.2, 3.1.3, 3.2.1, > 3.2.2, 7.2". That feels like it *might* be sufficient for the reader to understand, > but it would be clearer if the errata included the change for each of those > sections. If others agree, the submitter could turn in a new errata. > > --Paul Hoffman > > On 13 Aug 2016, at 14:34, RFC Errata System wrote: > > > The following errata report has been submitted for RFC5753, "Use of > > Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message > > Syntax (CMS)". > > > > -------------------------------------- > > You may review the report below and at: > > http://www.rfc-editor.org/errata_search.php?rfc=5753&eid=4777 > > > > -------------------------------------- > > Type: Technical > > Reported by: Jim Schaad <ietf@augustcellars.com> > > > > Section: 3.1.1 > > > > Original Text > > ------------- > > - originator MUST be the alternative originatorKey. The > > originatorKey algorithm field MUST contain the id-ecPublicKey > > object identifier (see Section 7.1.2). The parameters > > associated > > with id-ecPublicKey MUST be absent, ECParameters, or NULL. The > > parameters associated with id-ecPublicKey SHOULD be absent or > > ECParameters, and NULL is allowed to support legacy > > implementations. The previous version of this document required > > NULL to be present. If the parameters are ECParameters, then > > they > > MUST be namedCurve. The originatorKey publicKey field MUST > > contain the DER encoding of the value of the ASN.1 type ECPoint > > (see Section 7.2), which represents the sending agent's > > ephemeral > > EC public key. The ECPoint in uncompressed form MUST be > > supported. > > > > Corrected Text > > -------------- > > - originator MUST be the alternative originatorKey. The > > originatorKey algorithm field MUST contain the id-ecPublicKey > > object identifier (see Section 7.1.2). The parameters > > associated > > with id-ecPublicKey MUST be absent, ECParameters, or NULL. The > > parameters associated with id-ecPublicKey SHOULD be absent or > > ECParameters, and NULL is allowed to support legacy > > implementations. The previous version of this document required > > NULL to be present. If the parameters are ECParameters, then > > they > > MUST be namedCurve. The originatorKey publicKey field MUST > > contain the encoded public key as defined in [X9.62]. The > > hybred > > form MUST NOT be used. The ECPoint in uncompressed form MUST be > > supported. This mirrors the same format used in public key > > certificates as defined in Section 2.2 of [RFC5480]. > > > > Notes > > ----- > > There is a problem in that for ECPoints, the public key is defined to > > be encoded differently in this document than it is in a public key > > certificate. The difference is the presence of the ASN.1 OCTET STRING > > wrapper. > > > > OpenSSL and BouncyCastle both use the unwrapped version per Dr. > > Stephen Henson note to me in mail. > > > > This error is also present in sections 3.1.2, 3.1.3, 3.2.1, 3.2.2, 7.2 > > > > Instructions: > > ------------- > > This erratum is currently posted as "Reported". If necessary, please > > use "Reply All" to discuss whether it should be verified or rejected. > > When a decision is reached, the verifying party (IESG) can log in to > > change the status and edit the report, if necessary. > > > > -------------------------------------- > > RFC5753 (draft-ietf-smime-3278bis-09) > > -------------------------------------- > > Title : Use of Elliptic Curve Cryptography (ECC) > > Algorithms in Cryptographic Message Syntax (CMS) > > Publication Date : January 2010 > > Author(s) : S. Turner, D. Brown > > Category : INFORMATIONAL > > Source : S/MIME Mail Security > > Area : Security > > Stream : IETF > > Verifying Party : IESG
- Re: [smime] [Technical Errata Reported] RFC5753 (… Jim Schaad
- Re: [smime] [Technical Errata Reported] RFC5753 (… Paul Hoffman
- [smime] [Technical Errata Reported] RFC5753 (4777) RFC Errata System