IETF Logo Mail Archive

Re: [lamps] CMS: selection of key management technique to use for EnvelopedData

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Tue, 10 January 2023 16:56 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A8E8C09A5BE for <spasm@ietfa.amsl.com>; Tue, 10 Jan 2023 08:56:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u3GpfpO1vsjo for <spasm@ietfa.amsl.com>; Tue, 10 Jan 2023 08:56:07 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2040.outbound.protection.outlook.com [40.107.22.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31241C09A5BF for <spasm@ietf.org>; Tue, 10 Jan 2023 08:56:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nsrVGa9y1XabmUTstACzObiEFP2B6ABtGeHtAk2iUtkedt8du5RdP1y5R6tohm+UHG5dyBgwNcCmzyGFOviYmRoujJ5XSEE11E4e0p5ET6DKeutYOHnFMQ65Hks7o4DzvDXD8k8QUvEIElhdAMAygqVEkBRtSjHLBNOWfhV6O7H6GUsvKyaTY8Wz2ZYsc8AGbqD33E0Ux/06oIy5evVgHpkCEirFAzJwTCQBm1MmWDRDlimBvDjYuX+FASJrs5tAVUkeOkDxg9yXxOouVRIow3IHUPUcnmlo5k0HoYLBVFfX8oEm25NU7IVEM8RS4TO/3M817ZcxY3bO1RdgRH8saw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=h1oyDBT9xSPfVEaLG3UFTzJlYPAwTuGwUzFc3mNlpF0=; b=iHqRO+b8w1LOcftpWcY5sJ/TURMSecybC2DsaKmfdsCaHQyNYUFcqv0M2tabEBuvDt/Av1TYn9vc79nUU/s3KzyNpZU+rwwVVkHDI8D9BgS2hWrClZpVk2vNkkzIP1cBs1FpU0NOgUrAn3NmwVtjmB/bniacBnBo9F3kdApp0Po12XonuvmP9ciEPnULsawMR4E1Bo3aX9gsFf286js/Wgwk1e6NHelrMmlhzFFCopL6pa2wOZC89iTcDTqwiGy/4MlaW8s4tkI/vUH9/PhCHWtEZp4+JcsfF2rzB7v3hCxhGXlXqR9XIZE5EOc/0Wz0/E73n8tOQ8GxGZVMF7swtg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h1oyDBT9xSPfVEaLG3UFTzJlYPAwTuGwUzFc3mNlpF0=; b=fgOCZIjM16sQHV6L85u0z2AxRoszl3hY+tVEn3BUr5KYicnuS58wH2dSUIsJFhfqnjFRlAqQii6Y7yi0zymMfSbZOz1IIASJTl8MpeTX6/oyCIDoDG3fJHIa9MGtdNi1av2Q8i3xiEXr5AE6tc26BNmJbVi9pc5YwWGPrhT4CZHGwLL6xlJuJDbJS/hqDg4PrylKcq7iVla9Gml0RmEyGuY+1lYE+u5ryfC8zU/Y0BBcNQ0KY//BCtuKbLr//xXnerFGBqvCF26BiiO4YubYtRyuDAcfPYTt6tRGWwZF3qnlXr/jfkBr5ZkBhVHZLcX2uvb9NgNm4CjVEDoP90lNLA==
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:7d::8) by PAVPR10MB7513.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:2f5::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Tue, 10 Jan 2023 16:56:02 +0000
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b]) by GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::cfed:9a7f:2568:206b%6]) with mapi id 15.20.5986.018; Tue, 10 Jan 2023 16:56:02 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>, Roman Danyliw <rdd@cert.org>
CC: LAMPS <spasm@ietf.org>, "von Oheimb, David" <david.von.oheimb@siemens.com>, "John.Gray@entrust.com" <John.Gray@entrust.com>
Thread-Topic: [lamps] CMS: selection of key management technique to use for EnvelopedData
Thread-Index: AQHZFV/jrsIQe/6GokCjtrmrn6LVBq56VtaAgAFZ+QCAAARhAIAAJhiAgAGgZACAGfvS4A==
Date: Tue, 10 Jan 2023 16:56:01 +0000
Message-ID: <GV2PR10MB6210C0E5B188ACFD762ABEF7FEFF9@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
References: <b8c681f4f7e6728ecec2cb848e43f2228c4cba7a.camel@siemens.com> <db687565617dde5cc08fcedf0f39241255bb5ac8.camel@siemens.com> <E3949494-08FA-4558-8FFA-1FA7143FD61E@vigilsec.com> <c671f3550a3c422398ded9aa687432aabc9731e1.camel@siemens.com> <CAB18899-660F-4BC5-92FB-9A3B7AF7290D@vigilsec.com> <0aedcb9cef4436867986ae78baf64b56cd87c505.camel@siemens.com> <E81F066B-6541-4594-A35C-7553EA7B21CE@vigilsec.com>
In-Reply-To: <E81F066B-6541-4594-A35C-7553EA7B21CE@vigilsec.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-01-10T16:56:00Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=b4b91280-2666-4d70-ad5e-a3a1fb2fc9e0; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GV2PR10MB6210:EE_|PAVPR10MB7513:EE_
x-ms-office365-filtering-correlation-id: b05d3ebd-9575-4154-aea3-08daf32b8e01
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: PUWLFsTb+lXruTmAgIzkOoNY1/Iekr8bRW4KdbASiPbPMpieLG3uwaZZ9rGY6VUhaN3jef5r05mhAoXqnCzJlzlT77f/LOf4mMFYZYGj83eDiMLwayB+9TcDcvp5chOlBgtGax61XzdFNn5IvOfXwKE1KWz0QDzNlbBmkUs8gswFgIM1GBtPZcCeUcEHTAWcEJjgcDCU3Z00/UvNZ9OrWsIUEmLwipLgoJjSN5uAC3SQeI6FhuB7L+SY0MJG+64TvjAwpl+QHGiakOOGCopz0c+llZ38JAC9KkMtJW9catdlQ8nqv9fdHCQHVvtNwv5OdXKQSDXOjTimM4w2GJ0JJ6uA0dl08PqAuxvcusXFT/IKjEu3y8IwB5QNijB5ML/MEajCnChcinCXIeyOYp6Wkq0mth5hJrDEM2WFPwjdyPpKdZTEXYk1Effxajtcf2w/BC7qo30HOG9je0wX91tpR5wl5u7hJFoJRLUUwcfqIGlkM4c/j9X6PS3MRmkvZhf2Veq9Bkum0/HeicZ8q4ugKsDPs5fqehqxGnwW3gQ+bC880zTqs2JJTyFZDWj3VF/eIIkkyckKXvv6AU214LraiSc+9GBYL/EUdkbMuPMkodfCqOwvOTQpHp66g7Pr3GStaLZdEzZgTWL7guoJLfCrNieNcVVUqwW43vownBIfw0xvAtV1CW6buVZBemb0gBBF83nE4FQF1o45T/17FtyecQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(346002)(366004)(376002)(396003)(39860400002)(451199015)(86362001)(38070700005)(110136005)(66476007)(4326008)(66946007)(8676002)(66446008)(54906003)(64756008)(76116006)(82960400001)(38100700002)(66556008)(33656002)(41300700001)(122000001)(478600001)(186003)(71200400001)(26005)(316002)(2906002)(8936002)(52536014)(5660300002)(6506007)(7696005)(55016003)(9686003)(83380400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 8dQaCEuyIizvKHwDzAJZnZ5PZhym+pOscehCNCtyDjeca2KpL6ee7TJwd+SjpSN5iB4/fARj++ES6sq7vlEUkhU9POoJtrSpS6mw4s7v1ciYc64Dh3Ab5ftqzucjXKNqrImJKC4RAuLcROj1bxO+C97bpMI7II5X77mbNTXOVX72ueDyPT5BVhGOlXWetk9D7qViMMAaLlNdm/RLKuW5zh6B/AC4OGIvoqzAph4km7qAVI1ltTbBnNFts7E46Twd71Ia3YYL8lremx2eQSdh/LUyfIoX/0VPdPiHlNv6N7mrImDUVoE0zpFDc5CFfFHNlEHrvvh0SZFjvTYymPb1oNAtMYs3z6SyIIf3J0YVpQU0/e91f+fblMY8d4uF+tGWV99DYNP+D9MdbeiVdsrOpYBNjR5g0yRurHT/cSapNI6IvLrb21vndupC8vqTFer/75Q6kqyxW0lxfOtA9j4FGNMzLckYNpm+KFqUrHhL/DMlu202UeYQcoxQ4jGIwELDeUff7OINAPmq92AZAm5oBVuXEV7pqQPoXgWjhyFRAoXqSzY9MHqXlfdDdOr2sGYnYzJxDEgHGWa79i3FETzR97EG2MeXSm4VI4maHqiEvcRUpURYnCiG0ERcyGlhBp0oq6G2flpMw1J1XI6P2X3q4ZOKECKN38U9xjEn9V8RSMb5eD81iszi6LFbvL6YTm+M73dsBf6ygO6EmMBKaEsVvyPBB47OmXOTHAd4zCjfAkvnc4IpaILFzTb45sUl/dm/epR1QII5aQ5fYq0NLOktUuZQlSs5Lx8GlBWTaj/yVB8V0El5O3zUUm9WeKvQ+UqCsz515Vx2JXOMzReq/mVdRU8IJKpYgB6vPsney3Is/n7667ZGYaWlEuDJA4QK22pZgyO14Sl8IxZFbkC3Ekq6VZLHPqESXdeXUYpvlTIzk8XZ2k3mlI7prawy1i7Ngyb9ddFu6LNw5oLePoskWi1vMt1rb2HlfvKDEH2bSO+0ZfHpn7GXEtAwz9Ggra+XoNRkUNbNRkHvkF1PKi88pHCt5YVt/C+qc9XNnLu+US399Gmc2aKSXmRiT772PDoRTz5TMcGPnHRDOu/lkB2KpWSrIUU/uTjuWzqSIuU017CgXm2GoSvyQaIiHkUm5xat4gs75FaLa6YQHvGGnCvQTJAqwdRinoJvIRWr5tiQxq6E7VdXNBx1ZXwrEeXbsg/cLlTcl1UnaSS47lDPzQCLVYm0wWEtnBDhgZMLi69Y4kPYi6qWyhZueGPyORL6cDIIVywa2Oe7D24ROjR4ZNwQ6NKu5oLHscwTDJ4dZu9UGA3cU2epw2lTUPH0gTrPWl9ENJ/V6ClnOsk4UhsQl7RQcQpZ4PXHDdoMf3aBb+/PInhVP/d6Fq4q9FMroWQ1966btgXgILXcHUdqIUjvTJpu/kvpzeuwip6Fp/RsODY+P/uFAwcGD6jSPfM5DjHoLiEhXnbcblS8fe9PdVA1kfOmkAzhxpIrHPJe6SM/FbVz24x60vFS0uUViD6f1ZDS38lxrWTOPj4ocLzHUU14UPqi/1jD4hw5Nt65x7WXLf6BJCuHv6qrUjEfTL9FufBhPMq3WqegjL7RGwgVSaSg9gC0sFCRoA==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b05d3ebd-9575-4154-aea3-08daf32b8e01
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jan 2023 16:56:01.7339 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: NI5ojkFjIEiqhm/LkW1fdGbAWM1JIt3vOwoWMw1VH1EWn1ntDaF+Kb/yficAf8XiZfzaJLlLGU+ODr+vHWF0zmjG679DEAuTbeJlHbr2k5Q=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR10MB7513
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9cvzg4-ijH9-8q3vu3W-UauQ40I>
Subject: Re: [lamps] CMS: selection of key management technique to use for EnvelopedData
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2023 16:56:11 -0000

Russ

Thank you for this clarification on how to choose the right key
management technique.
As explained by David, we currently focus on the key usage in the
certificate used for protecting the certificate request message. As key
usage may be set wrongly in this certificate, this is not the best way to
specify which key management technique to use.
As explained in this mail thread we should point at the type of the public
key instead of the key usage extension.
Therefore, I propose the following clarification in the central key
generation section in draft-ietf-lamps-cmp-updates Section 2.7.

OLD
   The choice of the key management technique to be used by the sender
   depends on the credential available at the recipient:
   *  Recipient's certificate that contains a key usage extension
      asserting keyAgreement: The content-encryption key will be
      protected using the key agreement key management technique, as
      specified in CMS section 6.2.2 [RFC5652].  This is the preferred
      technique.
   *  Recipient's certificate that contains a key usage extension
      asserting keyEncipherment: The content-encryption key will be
      protected using the key transport key management technique, as
      specified in CMS section 6.2.1 [RFC5652].

NEW
   The choice of the key management technique to be used by the sender
   depends on the credential available at the recipient:
   *  Recipient's certificate with a public key that supports key agreement
       and where any given key usage extension allows keyAgreement: The
       content-encryption key will be protected using the key agreement
       key management technique, as specified in CMS Section 6.2.2
       [RFC5652].
   *  Recipient's certificate with a public key that supports key transport
       and where any given key usage extension allows keyEncipherment:
       The content-encryption key will be protected using the key
       transport key management technique, as specified in CMS Section
       6.2.1 [RFC5652].

@Roman, I hope this clarification is OK to be implemented in AUTH48.
If not, please let me know.

Implementing this change in draft-ietf-lamps-cmp-updates, we also
propose like to adapt draft-ietf-lamps-lightweight-cmp-profile Section
4.1.6 accordingly.

Hendrik

> Von: Russ Housley <housley@vigilsec.com> 
>
> David:
>
> I wonder why nobody brought this up before - 
> maybe simply because cryptographically educated users of CMS know
> (and others should learn by failure) that RSA does not support key
> agreement and ECC does not support key transport.
>
> The CMS-related algorithm specifications make it pretty clear.  For
> example, RFC 5753 tells ho to use ECC Algorithms in CMS.  I do not see
> how an implementer would try to use KeyTransRecipientInfo after
> reading that document.
>
> Maybe some pointers are needed in CMP in the central key generation
> section.
>
> Russ

v2.23.0 | Report a Bug | By Email