Re: [lamps] Double signatures

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 10 September 2018 19:00 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC8B3130F75 for <spasm@ietfa.amsl.com>; Mon, 10 Sep 2018 12:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tIT7E3i5ZLZg for <spasm@ietfa.amsl.com>; Mon, 10 Sep 2018 12:00:45 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A791A1310AD for <spasm@ietf.org>; Mon, 10 Sep 2018 12:00:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=20324; q=dns/txt; s=iport; t=1536606041; x=1537815641; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=H6mgj0M0UpphvneM6tcNJAUs9InDi7D/WfHAEmU7vWU=; b=JWIITLrnoHfeKbpIHmUx4DNII/Pajdb+nfweex+gHxlLBwp5wSJBdpW+ NvBNgiUULSEPt1ZmXoCq1GgOKIiNIKoMaI+tmyPEOMDrWzAf1q7qcmn2Z 8QhculZ7Y8MPQqX+sgmo+MZPfhGKgM6NJVDRMpoGd5o1qhCyL7UVCUEqj 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0A4AgDNvpZb/5RdJa1cGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAYJXSC9lfygKg2iUMoINkQGHLQslhEcCF4NjITgUAQIBAQI?= =?us-ascii?q?BAQJtHAyFOAEBAQEDIwpMEAIBCA4DBAEBKAMCAgIwFAkIAQEEDgUIE4MHgR1?= =?us-ascii?q?kD6UEgS6ELgGFTwWKZReBQT+BEYMTgxsCA4E7SRCCS4JXAo0yjlYJAoY3iUE?= =?us-ascii?q?fjnCLOogsAhEUgSU0IYFVcBWDJ4sVhT5vAYx4gR0BAQ?=
X-IronPort-AV: E=Sophos;i="5.53,356,1531785600"; d="scan'208,217";a="232365228"
Received: from rcdn-core-12.cisco.com ([173.37.93.148]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Sep 2018 19:00:40 +0000
Received: from XCH-RCD-009.cisco.com (xch-rcd-009.cisco.com [173.37.102.19]) by rcdn-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id w8AJ0eIG004616 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 10 Sep 2018 19:00:40 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-RCD-009.cisco.com (173.37.102.19) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 10 Sep 2018 14:00:39 -0500
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1395.000; Mon, 10 Sep 2018 14:00:39 -0500
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Jim Schaad <ietf@augustcellars.com>
CC: "'SPASM'" <spasm@ietf.org>, "x500standard@freelists.org" <x500standard@freelists.org>, "era@x500.eu" <era@x500.eu>
Thread-Topic: [lamps] Double signatures
Thread-Index: AdRJE8Ft784CpTSnSY6kx9oi8PdHNwANHy+AAAKWWwAABp1lsA==
Date: Mon, 10 Sep 2018 19:00:39 +0000
Message-ID: <a94fb26ed9aa46738bea040919bf96b7@XCH-ALN-010.cisco.com>
References: <005a01d44916$7c9cb560$75d62020$@x500.eu> <CAErg=HHhU9H-Ng8sUtXu2S+F0fr2tLOX6=8UR77gz0YLqtGyaA@mail.gmail.com> <004a01d44928$b1500d40$13f027c0$@augustcellars.com>
In-Reply-To: <004a01d44928$b1500d40$13f027c0$@augustcellars.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.82.179.87]
Content-Type: multipart/alternative; boundary="_000_a94fb26ed9aa46738bea040919bf96b7XCHALN010ciscocom_"
MIME-Version: 1.0
X-Outbound-SMTP-Client: 173.37.102.19, xch-rcd-009.cisco.com
X-Outbound-Node: rcdn-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/BNyl-PBxGtWisfOBKgiie6yqsrc>
Subject: Re: [lamps] Double signatures
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Sep 2018 19:00:57 -0000

Hi Jim,
I think the issues brought up about draft-truskovsky-lamps-pq-hybrid-x509 are pretty similar even if the altSig information is added in the signed data type if that sig coexists with the traditional sig. Can you elaborate why are you saying otherwise?
Panos

From: Spasm [mailto:spasm-bounces@ietf.org] On Behalf Of Jim Schaad
Sent: Monday, September 10, 2018 1:07 PM
To: 'Ryan Sleevi' <ryan-ietf@sleevi.com>om>; era@x500.eu
Cc: 'SPASM' <spasm@ietf.org>rg>; x500standard@freelists.org
Subject: Re: [lamps] Double signatures

Ryan,

The discussion in London dealt with a completely different proposal than this one.  While I think there are problems with this that need to be dealt with they are mostly not the same set.

Erik,

Why is this considered to be a preferred solution to defining a new signature algorithm which contains as the parameter the sequence of algorithm identifiers and as the signature value a sequence of signature values.  The problem with just defining the extension to SIGNED is that one needs to make sure that the set of signature algorithms and parameters are also part of the data to be signed and I am not seeing that highlighted here.

Jim


From: Spasm <spasm-bounces@ietf.org<mailto:spasm-bounces@ietf.org>> On Behalf Of Ryan Sleevi
Sent: Monday, September 10, 2018 8:53 AM
To: era@x500.eu<mailto:era@x500.eu>
Cc: SPASM <spasm@ietf.org<mailto:spasm@ietf.org>>; x500standard@freelists.org<mailto:x500standard@freelists.org>
Subject: Re: [lamps] Double signatures


On Mon, Sep 10, 2018 at 10:56 AM Erik Andersen <era@x500.eu<mailto:era@x500.eu>> wrote:
Hi Folk,

In ITU-T we have plans to allow for double signatures using the SIGNED parametrized data type defined in X.509 to cope with situation as described in the internet draft: “Multiple Public-Key Algorithm X.509 Certificates (draft-truskovsky-lamps-pq-hybrid-x509-01)”

We suggest to enhance the SIGNED data type as shown below:

SIGNED{ToBeSigned} ::= SEQUENCE {
  COMPONENTS OF SIGNATURE,
  ....,
  altAlgorithmIdentifier  AlgorithmIdentifier{{SupportedAlgorithms}} OPTIONAL,
  altSignature            BIT STRING OPTIONAL
  } (WITH COMPONENTS {..., altAlgorithmIdentifier PRESENT, altSignature PRESENT } |
     WITH COMPONENTS {..., altAlgorithmIdentifier ABSENT,  altSignature ABSENT } )

We are open to comments. We know that IETF is not a heavy user of this data type.

We have no intention to use this extended data type for certificates and CRLs.

For your information, SIGNATURE is defined as:

SIGNATURE ::= SEQUENCE {
  algorithmIdentifier  AlgorithmIdentifier{{SupportedAlgorithms}},
  signature            BIT STRING,
  .... }

From the discussions in London (101), there were a number of challenges identified during the discussion - https://datatracker.ietf.org/meeting/101/materials/minutes-101-lamps-01.txt - that fundamentally questioned that approach.

Has the ITU-T addressed or resolved those concerns? Are they not applicable for some reason specific to ITU-T?