Re: [lamps] Small problem with draft-ietf-lamps-cmp-algorithms
"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Fri, 16 December 2022 08:27 UTC
Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D1CBC15170E; Fri, 16 Dec 2022 00:27:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qQhkXp1AdDID; Fri, 16 Dec 2022 00:27:09 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on2058.outbound.protection.outlook.com [40.107.7.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79C4FC15171D; Fri, 16 Dec 2022 00:27:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HiV1j2sYYr16lNImx9swAdHDe8lmaPTLUMtLGNtvJKraebsbK7XUhYqfl/yM5jnW/IbWiGSybpUDhVDboVBBc8Rok4IJD2zQZE9TTBds52PCPW3IDa1eN88Nz/pvabImc3U+j2M7Nauo1EY/ypPnNPpRdfmcvQk2yuEvnejnD7QtDG6rK/GoYLrI137Vvb2twabwr+Cl/r1Wxu2u6R4p3DsXpiPr48f5eHIsXTGPyz0pKjc5bD/yoDH4XV8e/eW2btSz8zK+TL3Zjvzo+4vi9WT3SOFzcHfFp6NCjvBevuw411kf43mKqTCWJB4H2bHP3vEujUcGmA8q9eqTHqmOiA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=98y4MwtiF4kkS6Dnu6WA4/qEK/owEmuL0UEITeqomi0=; b=MlccTsibuNaNowgrkI4kiRnkz8M88+bhlfygufFya2gak68Q5e4Zx+u4ys+pyk5sbkn01u+WahN7avbvIBpVXtSLAaZOGaGr8NZkEXgSGrF4Kcy2VtV8TAENeh51Aq2B9RD7O4nFg5SNcPHt2tqIPahaQE1JhwX4VQEHop1/ojtozU/Oix4ZnUSIa9u1HKAVj2LX38Ho3YnyOIKbBpLckZe8USwJRetzX+s7tB2uH7czK/KZoGCCp8/5jgrVlmy5DR4F+S2xP07aOTf9fqM7npixaPXHe2xGUfWFDP8banNv0E/vSUVSo5zmLS8ZIoZQpsDxd5mvr0LsQHuaRwGZJQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=98y4MwtiF4kkS6Dnu6WA4/qEK/owEmuL0UEITeqomi0=; b=mfohBTB7dpN/FjvgmVbIo+7ub/0Duw1XUlCc0aiWlCtmfun3gm5iOD5rvHPXP46AAOrqyITq+z1XsI/sWVktpscGJWH18Z5xvkuWohO1RGyhpvvPbxIUUvCco0DYL68obYJ2b1Nv17vcTBfR8NYKtEGSk59UYfeAyabNbi6WZEHZxtI4s3Yxy5FgnryKH+ZZ03djQH8PtlCraaJlNX9/q/uMut0cFIdbw8VRzO6jenXkQttmLaMnXlaV8IFNy/jkZGtZDPGxyOn+RGJPB+06RG2jGPi37IDrTxWO29HXxnhDRqAtI+zhQGHc3yuaSTSQINy1Nwy7/QkP4PLVb8peZg==
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:7d::8) by DU0PR10MB6756.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:476::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.11; Fri, 16 Dec 2022 08:27:05 +0000
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b]) by GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b%5]) with mapi id 15.20.5924.012; Fri, 16 Dec 2022 08:27:05 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>, "draft-ietf-lamps-cmp-algorithms@ietf.org" <draft-ietf-lamps-cmp-algorithms@ietf.org>
CC: "Roman D. Danyliw" <rdd@cert.org>, LAMPS <spasm@ietf.org>
Thread-Topic: Small problem with draft-ietf-lamps-cmp-algorithms
Thread-Index: AQHZENhIySabVlaRS0S0AuJnohRYU65wLQNg
Date: Fri, 16 Dec 2022 08:27:05 +0000
Message-ID: <GV2PR10MB62104E9991DE8DAFD2C6F0B5FEE69@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
References: <165227060426.48824.9867675337578376233@ietfa.amsl.com> <5DEB65B2-9D13-43A8-8BC7-46688CBAAD3E@vigilsec.com>
In-Reply-To: <5DEB65B2-9D13-43A8-8BC7-46688CBAAD3E@vigilsec.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2022-12-16T08:27:03Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=a06f6481-22d2-4219-8924-4b366a00f034; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GV2PR10MB6210:EE_|DU0PR10MB6756:EE_
x-ms-office365-filtering-correlation-id: f19e17be-dc53-43cd-f08e-08dadf3f5099
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tfGsyUyA5VhilLTvfVczr0kTrofXGNMm90Y7FdmgMHXxRLXPYGSIfSUrho+xud/UTwRNDCRkBNJ7zgIea3iNLpoIgPQPLtj6u6zbZRMFmVbZoC56E62rB3loIxJQiY4V71etkeUbiA0Qb+QBplgk5LjX/TgQkHP3qu2tqgtlnA9koNvbCk8/G7GVNnLG+hFsWGedejfaP0ftVzWD1qncNI8lpyB9KsgYmv0laXXVGny+N2DVZ58bKmBBSZK2BfNMi/hGbbRQPnzH1JDnZaBJDh1getJR6dur185VKc018YJ5Yr5s9de+h6dCXhuTyB21cQCnOeiHR84on8+BNODF52Sq//OhFfVP9pOmb2GB8fxIQfcnGGAfMH6UDdiPGLpnyZ2px6KuUX0VXjifvgdZSgRywTDzbtFskee2w+Wd84PQne+aUOpzi6UlifE5R6nWRpoFrLsQEvs4O1lbPzVUnRnKAotYaEjA7Mj+PXNYWTWZ8EmGdK7SNkdBccP6rb5fFgN2Elt1tUqKLIFV+BrQiLf6vB8Jp9g5nBy2c3ARdCINxTLKej0sCQ3e1VORl/Lizun7w/yoyFkdl667FTKYgxyc4xdL+zgIqz+5Y13VKn48qGslrCAKUliiVgOMHLVfBwsvOk+7Rc32eXr+OgwU1vMo7vEsJijvYUqsE0+hHM5IjemCcSIMCmmd8Tw0+NdDn7y9PLSeivDfuI5zHCxeQg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(4636009)(39860400002)(396003)(136003)(366004)(376002)(346002)(451199015)(86362001)(83380400001)(122000001)(38070700005)(82960400001)(38100700002)(33656002)(55016003)(316002)(2906002)(19627235002)(8936002)(41300700001)(66446008)(76116006)(66946007)(52536014)(66556008)(5660300002)(64756008)(66476007)(8676002)(4326008)(478600001)(9686003)(186003)(7696005)(26005)(71200400001)(110136005)(6506007)(54906003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 9zHQPxYE8/xjCJwRaj+MFDRSefRJYr1iq0IFTicBPZshzfw6AdY7Wt5GBnUe2ARdSOJs53Tnqm0jK9khfuwbUjSR+wyxHt2BactVdiu7+GhrGMmamDxR9WVpJdBaia7xs1zscJdMUQqo3Q7hLXm7jO7mRPLbvQK9JAkX4rWJzuYsSQqtVLlehPiJhgGWnfCE7mKf8rlk8S05nDLaXmfTF6D3bJh1zGooYVthVOTX08buPUTN588MwPeSMZK3f02MGy3Dcye+W41ujEVuM4hfxjxYKWfUtSTc7vIl2aDPebGbjESc8R3JbXk3jhsUperH3X6f7T9o2iQDUhq/1Hro6NJp6LSZmYXfpCqTHIyL9EBUFEftsgCS5f4ZtZJcdiAoAbioyAIla1KiDDpiXMOvijh3mrxLGPYsuU98BrcRaFOkmWPAdZyf/fZ9uLt030qttoNWjGd1cv30xWokQvQN6ZXowvFLtfaHz15n3TZo6I4/TOJL1Qr6M/3EAqTgGqYoMySmlHAR51Tsf8XQXnWL6c2OjWzb8+rKN9l4P8KGkL+BQxeaCWDkHt4+3MtABODlZNGosifFFJNb3XbPTMsMaRm9c++85nOoFGAojrG6mHBBJlpFJQl3p/oLukpwSu6hPOUzeRkqqguZvsAGWm96v4YokM6T6Khm/bVUAO+Ihk9stAQpKgjYhjy/7OEdR55+kRHkNVUIhBRwEr5B4jTpFR/5DkwyzA7oLUvxMp+je4G4NyIBoygbV3jRN0Elf6oj0/fbz7CuTweHqW9jwBatAP0EEUfHfv+Kr3jZ76g+FFRWhC+Y5w9gTrqWgOrZp7hqG8P4xTjK3/sbYz+3eYJk/Zj7JjanpdBlemE//MWYUy26UvDMHXelBGWr3ZzZ3giVHWe2RgY3ho1DkpJaRshi+eEuhw7wBMwu5nR1qEK+EQehW/26Mj+0UsjoL6W1eEKWbsIh4U2wxeLDeWpbYwJkOmmpiIS/RTOoGwcuR1/tiJZkDksGBWmWXs7t2ahdDjQezwmEM2wWrAymT6zKmCWuI+QqcjvSCwcNa7oOFG66jtVHud+kuD6IlSuTNe2V/ipQxOuNfjp+hnirBa7hCs6i34dX5DpBXFAzY5Fn+CrQRT1DctUCfF55yfQ0n9xZYRdFSOWyKtK06G1Az8e5b/ObhGY48avGSRdCVXtX1ZJJqRnLrTG34BLSfMGW1lm9H5t2O91/B/KdEwV4FBScWI+DaK9yHAW6xZBD/VDbitbOZB/kI8JpeEnsswh/FpjDlAI4NDtbB3IJZAh6NRMk1WKY/2rq2XZ7gV16GRUqjmDMKKFqHVwOFNfR2sk1c6jtva9N74lox2ZEieKxsSpjjk++cNpehAObCw741pGtX1TpC01kTk/vEJjm+ql3XXIFBHhxO3gb2x2q45IUpmAn3WShKqHfZcRTvRycp8sMNGchUjtRB/iZ7mFxegdkyexN4Qso4mVXfEhABSnNwM6H20nBdimnxVd0pZKDk0Zb7VzFyxwF6XjH+dUNO/ntHTA4X3GHCqz2kJoR56C6tYgPBK2xEGO93hvu42e0IUT39mI60njqqCw6e2297Zr4V0xjujglfnd9QJ/+P6vEVTa+i3adug==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: f19e17be-dc53-43cd-f08e-08dadf3f5099
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Dec 2022 08:27:05.4233 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: SQ+3zQISRc6LhV3H9GgnagkXfg9LMupVXLjRG8RK1kjjJEEmjbUmRebDMOVZu3o9rB0eoBDESRZxakxHZDlKpkIB5WWWOKiRfgB1vvrEXUI=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR10MB6756
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9EZRluzcNH8N6XGgpewcqXXzYtc>
Subject: Re: [lamps] Small problem with draft-ietf-lamps-cmp-algorithms
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Dec 2022 08:27:13 -0000
Russ
Thank you for spotting this. I will put it in the backlog for an AUTH48 update.
OLD
id-KmacWithSHAKE128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3)
nistAlgorithm(4) 2 19 }
id-KmacWithSHAKE256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3)
nistAlgorithm(4) 2 20 }
NEW
id-KMACWithSHAKE128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3)
nistAlgorithm(4) hashAlgs(2) 19 }
id-KMACWithSHAKE256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
country(16) us(840) organization(1) gov(101) csor(3)
nistAlgorithm(4) hashAlgs(2) 20 }
Hendrik
> Von: Russ Housley <housley@vigilsec.com>
>
> Dear authors:
>
> I just noticed that draft-ietf-lamps-cmp-algorithms uses a different spelling
> for two OIDs than the ASN.1 module in RFC 8702.
>
> The ASN.1 Module in RFC 8702 defines:
>
> id-KMACWithSHAKE128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
> country(16) us(840) organization(1)
> gov(101) csor(3) nistAlgorithm(4)
> hashAlgs(2) 19 }
>
> id-KMACWithSHAKE256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
> country(16) us(840) organization(1)
> gov(101) csor(3) nistAlgorithm(4)
> hashAlgs(2) 20 }
>
> However, draft-ietf-lamps-cmp-algorithms uses:
>
> id-KmacWithSHAKE128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
> country(16) us(840) organization(1) gov(101) csor(3)
> nistAlgorithm(4) 2 19 }
>
> id-KmacWithSHAKE256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2)
> country(16) us(840) organization(1) gov(101) csor(3)
> nistAlgorithm(4) 2 20 }
>
> The difference is "KMAC" vs "Kmac".
>
> The authors copied the "Kmac" form from the body of the RFC 8702, which is
> inconsistent with the ASN.1 module.
>
> I will enter an errata against RFC 8702.
>
> Russ
- [lamps] Small problem with draft-ietf-lamps-cmp-a… Russ Housley
- Re: [lamps] Small problem with draft-ietf-lamps-c… Brockhaus, Hendrik
- Re: [lamps] Small problem with draft-ietf-lamps-c… Russ Housley