Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Thu, 05 August 2021 15:55 UTC
Return-Path: <prvs=785197536c=uri@ll.mit.edu>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 410733A1774; Thu, 5 Aug 2021 08:55:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q_rMbPdP9cFv; Thu, 5 Aug 2021 08:55:23 -0700 (PDT)
Received: from llmx2.ll.mit.edu (llmx2.ll.mit.edu [129.55.12.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6C2A3A1769; Thu, 5 Aug 2021 08:55:22 -0700 (PDT)
Received: from LLE2K16-HYBRD02.mitll.ad.local (LLE2K16-HYBRD02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTPS id 175FtHDc037147; Thu, 5 Aug 2021 11:55:17 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=Ath5KBUOjlIxbmUUuNXEVuGJNdsds3Ip9CEQbCdEMLHtYUwErWPzfiLhmAP7mTTNgbmHMiIk/GIFE28Exb2G9V5+7KrzKtj9xRQI5sKPY8tUrsZ1JPUl4vszZ3liVxb4Q0Kqs+yHBjdeFufHRGLcLslGn5D/+4lHS06DT3h2/OCWqTD7y91sQ5DETcaATE4zNVhZkjiup+rcW5zCgb+JR9avyOOUVppgS3N9IBqFOSDkWHtiNsfOOS019gr2QybNKVw35tVj8t4J2NoB9+AWO96+Je0bMJEEAhmlL2/YKtqVl4qDU0SMdWv3PSJwK2fQ6eoYBHEgvu67gbYapW3uAw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GS8OQVZup19b3hP7vyK0/obyoSSEEVfA+8h8vTfZxWc=; b=REYM4tSVSRtJ9PgMhcxH9Hl+ew3pyjJq+Aze0Gf2yz7afQnFJyUOvZ3Nh0UgaQkAwHUlLmWeku4N6FD9NgWKvbmKHwu0tuhEoSMULItuJODrf8tDBMVeqtJZQrNOZV8xA219aPqKM5mDElJ+eOgHuCwelg/Xk0Ld5M+S0p7TFUF5BZRjvInnXRojPNft+LMA1xALdvMXH4JSryJe2eZxF53rlGwpThd2dQnlk/4cfPrC1jdLl6/WC32R2IyTWuPGYsxnJuguFm/lo95NoadPpUqmeNABP8TxGxpSJRzfDOTuHpQjwx0DbuNReLtZLKMGXL4yv9Y+Sc1KPfLnaBukYA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
CC: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
Thread-Index: AQHXifP4lFjmp2qTnEmKsxlDo3oh/6tlB9sAgAAGjwCAAAI3AA==
Date: Thu, 05 Aug 2021 15:55:14 +0000
Message-ID: <5BA623F8-3BD5-494B-8D34-03917CF30668@ll.mit.edu>
References: <05F066A5-3977-4A92-A92D-16CB241CFD49@akamai.com>
In-Reply-To: <05F066A5-3977-4A92-A92D-16CB241CFD49@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ll.mit.edu;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cd92662a-026a-454c-9d24-08d9582969e9
x-ms-traffictypediagnostic: CY1P110MB0069:
x-microsoft-antispam-prvs: <CY1P110MB006976B0FD323E95A793493890F29@CY1P110MB0069.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: A8OFeOP4rtnhmQAt2Y9pGZ1iFbGPTqJCyg79qDFx3vmAzvdxTPhI0XtgcM5EOCAaeXZ9uG6l6U20ArU/px7joPz4WnOAaCqr1/AVvCgskZZBLI6vxqoncMr+tupO4eIZPmsudExhgfIoGYxTGB8AGbo3p/myK12YHe2mN0kbFvj5Jos6V2DSEJWHwla1PYLUTBasjiP0Br5GF492zhIKWwMXKhUR3WDENWrpRrstgAc+OPVCujYKfXZpz8SwR8NLJu01bgEy4Tojc85MQLc6LJ+aUqnZqJSFwOSTRHik0EGSLQfH6f2Fox9LSYPK/7VtOCxfqgXuv8gCR/k4GsZaLqw5M7H4oKa+PIgC9Xv6MPyd6OoWKfGb3oUyz0LrtrvHxvBb/O0dpAwrErHmLiAqtk0msqChdek+cdqxJJTutTowMGCUEjRav+uU32lsCDVjRHFaVLu6MzrcMIVv8cdl9PyxdeEYOz+z24gGib9zEr5Uhc0RsF7waMelxeaMdXElcEfha0hBMaR9ZKcQG2avMaPv6LVn0K3NvSPzAd2DqC0fMrQALj6fghsVQPrRNG6vKShsYRPCk4/A+Tz0Jtd1V5ZgMNPeXi8jkmjrhsft20GqCvwzT7Dyo8c6lo4b+i4p2w3sdR3TovwJcg/UePhhVwZ82Y4s8FlsOLb+jrglHRkrUdznwtVK1w3vJq5A7SEptvH7BETk45v+msrifQfGniXzSnar+vrJ0Bx/VcO3OadDQxG2dQ55sawUtmyeI5GZd7fMDZ+9bSCiSXLkuaUmdQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY1P110MB0677.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(136003)(366004)(346002)(376002)(396003)(39850400004)(86362001)(8936002)(6506007)(26005)(8676002)(186003)(75432002)(6512007)(316002)(99936003)(2616005)(122000001)(38070700005)(2906002)(76116006)(478600001)(966005)(71200400001)(66446008)(4744005)(66476007)(66946007)(64756008)(6486002)(5660300002)(66556008)(66616009)(53546011)(33656002)(4326008)(85893002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: ABW0+HzbPNca8ek+fvpBBZG/XsyiL+JHUG9Y4N9mVPoqcW2RL7kUR7r4tqHij6PHUzOCbRSFfJGGL5oWruRxLaMSRTaYcKjtoDILaIyAYtLctgoriKvaFXheqKvl0FSL4rAPiZNh1V2UBv52k3QxBnnfv7NoA1E1ZFJAohByqTTO2D2nacv2DmxCYVZEZmat7KYY8ktp0CFDnqAbLbXEWApSw0qwyRBmqfLXpwO0tmB1MsKWs5tA5wQudN6OkcXvoQhsNBBkPD9C4RYUOnLLebqnupelrZDfWq1Ecl3x3w6IJawkW7eVJvU64Tnoc+oTl/D/FtJMnCmV7rulZrZaXb2j7w0Z10psRXwN9kZrTnu0sKWZkK9FVo2uLnU2V/JtrEUnX8sI+hnhi8FPbggovfphHDl+1zxnLyuSTmoy2gpMr7tVV8loVCFjmM/DNH3COgEealO29pqZhn1u1uhWjmFKlP5EjGUpRq5T4Euaa0ySQBORdfMlg3MYXOXn/ssMXDF9Z30YssKFxqFdAjTSHjLmw5mV5FI2F1NkXv+otFmUnl2I0+d+rtJ0EO98a+z+Kpjj4xUQykHY9aggOQ+fUUO42+gteGo7pIU+Ej4En5E=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; boundary="Apple-Mail-CF147955-53D7-4B51-B924-2488581E20E5"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY1P110MB0677.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: cd92662a-026a-454c-9d24-08d9582969e9
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Aug 2021 15:55:14.2407 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1P110MB0069
X-OriginatorOrg: ll.mit.edu
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-05_05:2021-08-05, 2021-08-05 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2108050097
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/-tNXRGxOXqJFcrEGDLSg4lmvETo>
Subject: Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 15:55:35 -0000
Yes! Let's do that. Regards, Uri > On Aug 5, 2021, at 11:48, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote: > > There are legacy implementations with PKCS12 that are broken in strange and wonderful ways, and cause cryptographic libraries to perform unnatural acts to use algorithms that are no longer secure. > > Updating PKCS12 to specify modern algorithms seems easy and in-charter. Updating the RFC to clarify some ambiguities might be harder, but should be considered as well. > > The legacy implementations will muddle along. Browsers, maintained crypto libraries and current software that uses them will benefit. > > Let's do this. > > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://www.ietf.org/mailman/listinfo/spasm
- [lamps] draft-ietf-lamps-samples: PKCS12 expertis… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Salz, Rich
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Deb Cooley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… David Woodhouse
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] On the need for standardization of softwa… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Eliot Lear
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Salz, Rich
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Bernie Hoeneisen
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] Transferring cryptographic information in… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] Transferring cryptographic informatio… Michael Richardson
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Jonathan Hammell
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- [lamps] advertising multiple S/MIME encryption-ca… Daniel Kahn Gillmor