IETF Logo Mail Archive

Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)

Russ Housley <housley@vigilsec.com> Sun, 01 August 2021 15:12 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B84953A2461 for <spasm@ietfa.amsl.com>; Sun, 1 Aug 2021 08:12:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id btue_uW2YPIa for <spasm@ietfa.amsl.com>; Sun, 1 Aug 2021 08:12:28 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 506C83A00E9 for <spasm@ietf.org>; Sun, 1 Aug 2021 08:12:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 01A3F300BC6 for <spasm@ietf.org>; Sun, 1 Aug 2021 11:12:28 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id rTks__d8G6lu for <spasm@ietf.org>; Sun, 1 Aug 2021 11:12:26 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 9011C300BC0; Sun, 1 Aug 2021 11:12:26 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Message-Id: <DEA98171-FB93-44B7-A8F0-6F2FF92651D0@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_171DE9EA-9580-4519-9333-EFAF22F59125"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Sun, 01 Aug 2021 11:12:25 -0400
In-Reply-To: <3B9F485F-9C95-4C75-B4A1-8AFA9A9F80D6@akamai.com>
Cc: LAMPS WG <spasm@ietf.org>
To: Rich Salz <rsalz@akamai.com>
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net> <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com> <3B9F485F-9C95-4C75-B4A1-8AFA9A9F80D6@akamai.com>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/3kpdEHt1m7tpJlAv9iR9BHTgyoA>
Subject: Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Aug 2021 15:12:34 -0000

> On Aug 1, 2021, at 10:56 AM, Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org> wrote:
> 
> I agree with Ryan, the contortions OpenSSL has to go through to get those old broken algorithms supported… shudder.
>  
> Perhaps an update to PKCS12 that specifies DER and modern crypto makes sense?
> 

RFC 7292 includes an IESG Note that says:

   The IESG thanks RSA Laboratories for transferring change control to
   the IETF.  Enhancements to this specification that preserve backward
   compatibility are expected in an upcoming IETF Standards Track
   document.

So, it appears that only the IETF can address this topic.  it is not clear to me whether this would go in LAMPS or a separate group.

Russ

v2.23.0 | Report a Bug | By Email