[lamps] AD review of draft-ietf-lamps-documentsigning-eku-03
Roman Danyliw <rdd@cert.org> Wed, 13 July 2022 20:42 UTC
Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AAE0C157B42 for <spasm@ietfa.amsl.com>; Wed, 13 Jul 2022 13:42:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=seicmu.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YUSYnWswh01e for <spasm@ietfa.amsl.com>; Wed, 13 Jul 2022 13:42:39 -0700 (PDT)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0128.outbound.protection.office365.us [23.103.209.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71564C14CF0A for <spasm@ietf.org>; Wed, 13 Jul 2022 13:42:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=eQ3BZbnE2fB0w1KBI5d2ylXTjBvJweYvRg4JjEelZLUMWaOFMDt6yk4mudiXMWSeG285IhjopP13oYY9Zbv7GbU6xTVHg4H4nPblYZ/pX1y/c+EEC0uNEXmNRPK4jmDwvc9WUqyRZ8trpS2FpCDm6TM3+LjAiyolU4FaoT09aEWLW6Vmmlt+H2rqtaM2cBR+CgNqIpykUDU3hM4wfzNsKNutz9Mb0Ev0BLk8fY2NBuPSoOvyapqT2I5jGJt9feeXL6jNaM/0GBPk56mwwwmMg7p62c3J0JlG4EEzZ1+um6ATZAt44U5wKaw7GqtjqnYJ1xhk+CQ13BksZZtJdCTONA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ur1E5rrjWbJwtZnCaZyOmibZk7pVEllFxRNYdyZOBb4=; b=nii8lY38igFOlTD5n3XtyMVj7oRQIuGGjQVRhSsIHQYtA+RYjcYEmtCauPJ+LKZydiBclyJchqTcI2VYoTXGvcAwmWqSZinuN6V+0Kz6Q8ebdnYqRu5A47495hYZTXzob1KfzPzl3uWoJ2ImFHf4h0eGm28y+XmXGf8an2lE1SFujVgeqR4RS8lFrXLITff8AgJE8AtMMz2gLIJAxuaOOhuXNbxcoxYOi+V86sZgELdQyC5H0d4DxkOfemBSKCuZPMocPuqJ5J4FD6SbgD8ZOw9i3YwM/jhVgA6RFsgsGxY23cRm+ZB+urfUVQqPfob9MOH1edkaWc4COYZP7VY3wg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seicmu.onmicrosoft.com; s=selector1-seicmu-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ur1E5rrjWbJwtZnCaZyOmibZk7pVEllFxRNYdyZOBb4=; b=dsXEiWAhOjGNIgJnkGsdNS+TYLe6kkmJCUmEvTEdtifw3hVofxk3gcInisRJcvIyHNURqyORweAvPbAezRfv3GU7aJUcYLsXDqcrUm1+hTJI1DJuBEPaKJtKrUh1habUKQs1rckWxJOjH2sasjMdMSsygBHLujz7VDuqQxqq27I=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1287.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:17c::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5417.26; Wed, 13 Jul 2022 20:42:28 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61c5:afc3:7804:7d27]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::61c5:afc3:7804:7d27%3]) with mapi id 15.20.5417.026; Wed, 13 Jul 2022 20:42:28 +0000
From: Roman Danyliw <rdd@cert.org>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: AD review of draft-ietf-lamps-documentsigning-eku-03
Thread-Index: AdiW+Mr5lepSOL2dSjmaXiqeEgmL9Q==
Date: Wed, 13 Jul 2022 20:42:27 +0000
Message-ID: <BN2P110MB1107D01A0AD9C15A1FB6B46ADC899@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ad5cf6c6-06e5-410a-a1d9-08da65103339
x-ms-traffictypediagnostic: BN2P110MB1287:EE_
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XJyFd9bCWlM1Gl2ZIvdBEwGGGz0c+kSTYzl6GRxjCx+ttfhGA30iFhSxj80P0w4MxBHk8c96CC/TXZQSF2inxrwkQCG4C2IeQuJcvO/wAfxv/6Bi60MIQ2nZAySKm3yrUqfUZud0WbG4t9AYR0xaK4xCjnX+QVWmfkuJ5XZzdeTzIl3oAmvb+Y/iluZH1MvS3vg3ohpI5hWzIcWrkrjDM1lz1RyuSSvRvwINS4q1lDyXUleLGXM8m6jzT9aTvxWl2906/wBbEVFCUiYFR6e/+L6gNKtcJrlTdvLfcVTuBlKsqAtIOkO0ycAAt4lOrt8sIDmF1sCQqAgf99b1/Z1eim/VfI5aXo0Y+SJ+S+dvIGoslaFaglQHZQccRmZkzHkD66H5CyxtPOxIDsuPjm929uZ0tvtv83Sc75/u1qZD4ufuvX0gnub+PXjBllwA5lNboYbJG9Y18QPmha/5ygA+AJ+eIr5uLsITebUlQ8msPa+3FDXHrcw78BLARW9cVLPxdkN6JN1oiXlpkcYX9zRgdxi7veG4khLhnXaAUpiPhPJAhtFWDZnuUFAHfIozwlH3l/ayDI5qz6KDKEKvOc60Tip2BpL9lu/RlBGd00DZvA8nczC48koTJrRtnK+B/Fra2W/b3gTJ2X9bIeDKm4/PLa46o7hv5jNNpm9LDaoU28tH555K5o4/aKRH7h2rhVqVwwIXhnenjia3dbkGQIGLWm3F9gYTE4Mvtl35//iv35E=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(366004)(7696005)(71200400001)(6916009)(38070700005)(4743002)(55016003)(66446008)(66556008)(186003)(498600001)(66946007)(8676002)(86362001)(76116006)(26005)(9686003)(66476007)(64756008)(82960400001)(2906002)(122000001)(6506007)(38100700002)(8936002)(52536014)(83380400001)(33656002)(5660300002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 1SoKfZGC3PPC6uMv8ODWQqMra7g8hWn19YrinRzQcUgKYYXX8UgkVVvOqJ9cILlTBsmO5XLzQaWkdlFn+e7hZPOKirJVTr5geWLzADIbNlMgh4RjRKRGmfp/RmLNqf90ZsHkxaPaqdKFLyrlI6ndHRlWN/Kd+vCR06dWEY7zLPYU2AUzal/Pe+gR+dKjWxyY6cnxG7k0/6SdPNQ2e5oE/55Gcei+hNVsX1AB38E03Niz9L/vRV1ObDi6ng+X+U35q5hZQO5ZFtGu4SIRI60Iq1o0HgoUy6iFxe49SHrMMLIdrmS/sYoP6NtePuyVORBp61Ticoky00yMziVR3RgsM4du+6DMdA0+bGuO5QNCtdV00x4xZyhTh6iVKDZtztS84sXm6CZH61bCAMRnomI0+U8YBIyTllOfAirb8SserwA=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: ad5cf6c6-06e5-410a-a1d9-08da65103339
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jul 2022 20:42:27.9175 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1287
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9rFBSIsywtVSS7NVhwIalBHybrE>
Subject: [lamps] AD review of draft-ietf-lamps-documentsigning-eku-03
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jul 2022 20:42:41 -0000
Hi! I conducted an AD review of draft-ietf-lamps-documentsigning-eku-03. Thanks for the work on this document. My feedback is below: ** Section 1. Editorial. In addition, several KeyPurposeIds have been added [RFC7299] under the IANA repository "SMI Security for PKIX Extended Key Purpose". The reference to [RFC7299] seems like an odd place. Why not: NEW In addition, several KeyPurposeIds have been added under the IANA repository "SMI Security for PKIX Extended Key Purpose" [RFC7299]. ** Section 1. Editorial. As were talking about hypothetical changes, recommend the following: OLD In circumstances where code signing and S/MIME certificates are also widely used for document signing, the technical or policy changes that are made to code signing and S/MIME certificates may cause unexpected behaviors NEW In circumstances where code signing and S/MIME certificates are also used for document signing, technical or policy changes made to the code signing and S/MIME ecosystem may cause unexpected behaviors ... ** Section 1. What is a "trust program"? ** Section 1. Recommend removing the colloquial "become out of control" as this isn't specific. Below is alternative text. Please review if it captures the intent. OLD There is no issue if the vendor-defined KeyPurposeIds are used in a PKI (or a trust program) governed by the vendor. However, if the KeyPurposeId is used outside of vendor governance, the usage can easily become out of control NEW There is no issue if vendor-defined KeyPurposeIds are used in a PKI (or a trust program) governed by a given vendor. However, if the KeyPurposeId is used outside of this vendor's governance, the usage can cause interoperability issues. ** Section 1. (e.g. - When the end user encounters vendor-defined KeyPurposeIds, they might want to ask that vendor about use of the certificate, however, the vendor may not know about the particular use. - If the issuance of the cert is not under the control of the KeyPurposeId owner, there is no way for the KeyPurposeId owner to know what the impact will be if any change is made to the KeyPurposeId in question, and it would restrict vendor's choice of OID management. etc.). Editorially, please split this large "(e.g.," text block into distinct sentences. I had difficulty understanding these use cases. -- The setup on the first example seems to be that a user has acquired credentials with a vendor-define KeyPurposeId, then checks this credential to find a vendor-defined KeyPurposeId, and then confirms back with the vendor (who is not the issuer) that it's acceptable to use for an alternative use case. If the validation stack will accept the vendor's KeyPurposeId, why does the vendors input matter? Per the direction of the text in Section 4, I thought the implementation's parsing logic was set by local policy. -- To the second example, can these potential breaking "changes ... made to the KeyPurposeId" be explained a bit more? ** Section 1. Editorial. s/a extended key purpose/an extended key purpose/ ** Section 3. Editorial. As described in [RFC5280], If the Extended Key Usage extension is present, then the certificate MUST only be used for one of the purposes indicated. [RFC5280] also describes that If multiple key purposes are indicated the application need not recognize all purposes indicated, as long as the intended purpose is present. Words are being added to the direct quotes from RFC5280. Please make that clearer. NEW As described in [RFC5280], "[i]f the [Extended Key Usage] extension is present, then the certificate MUST only be used for one of the purposes indicated. [RFC5280] also describes that "[i]f multiple [key] purposes are indicated the application need not recognize all purposes indicated, as long as the intended purpose is present." ** Section 4. I don't follow why there are references to RFC8358 in this section. It seems like a very detailed example but by my read the take away from the text is that there is no change in the prescribed behavior for RFC8358. ** Section 4. I'm confused by the complexity of the validation guidance being provided. I was interpreting the text from the previous sections as (a) the community currently uses a variety of EKUs, both public and vendor specific, to sign human-read content/documents; (b) this document is defining a public EKU for this specific human-read content use case; (c) it's hoped that by defining this EKU there will be adoption; and (d) specific document signing workflows/applications will need to decide how to incorporate new EKU (if at all) but that is out of scope. Put in another way, there is a new EKU and document-signing ecosystems/workflow will need to decide, in an out-of-scope way, how to use it in their workflows, likely captured by some policy. To be more specific about the text: -- Given that the setup for the validation steps is two "MAY statements", how are interoperable solutions expected? -- The second MAY statement indicate that it is optional. The numbered steps below it seem conditional on this check though. -- What is the derivation being noted and where is this policy coming from in the second sentence? -- Editorially, why is there both a numbered list and the text after "... as follows:"? ** Section 6. This extended key purpose does not introduce new security risks but instead reduces existing security risks by providing means to separate other extended key purposes used for communication protocols namely, TLS or S/MIME etc. in order to minimize the risk of cross-protocol attacks I'm following the link to S/MIME (id-kp-emailProtection), but not the link to TLS (id-kp-serverAuth and id-kp-clientAuth)? Regards, Roman
- [lamps] AD review of draft-ietf-lamps-documentsig… Roman Danyliw
- Re: [lamps] AD review of draft-ietf-lamps-documen… Sean Turner