IETF Logo Mail Archive

Re: [lamps] New drafts available - non-composite hybrid authentication, and binding certs

"aebecke@uwe.nsa.gov" <aebecke@uwe.nsa.gov> Tue, 29 March 2022 19:12 UTC

Return-Path: <aebecke@uwe.nsa.gov>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A13D3A1B84 for <spasm@ietfa.amsl.com>; Tue, 29 Mar 2022 12:12:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uwe.nsa.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uPWi_uz_C15f for <spasm@ietfa.amsl.com>; Tue, 29 Mar 2022 12:12:02 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02on20601.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d04::601]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEF2D3A1B82 for <spasm@ietf.org>; Tue, 29 Mar 2022 12:12:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dwwsb0E2d5umePe9SXo7BQf35cz+u7KKXKHaejMlCzITlKsnpmSHc/H3TXj05P7DqSvi8nyyVj1TF3WE0OAyMt+pyngYbqz5F+ImIXn/nA7xWljeWta850yYMSUzFEZTy5GPeTzriMAlkniXP/E+NlLbue+p3ODoiRDMW/OsuIe8wc4Lmuxam8pvoECQpfnQ3LccSnAx9i/OphAHJg7z3tVEtmetd1bPqFFutKeabS4LIj9iGcIA80I3rQSlGILphRUYVTIM28Nilda0q/WHUfQMO94O3RswsybL4akTU1ZV9FIIVOcSqaBd44EBCRj7qxUjdafHOEXtHsjWS+8i1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jXd1aP8Fp14/iVECQw36QWbfPx6/HoGMpwyUL+5L2XM=; b=jP3MpJX3+gOtc1OXhgmZeo/F3U9ibMZZRQZbDxexgo6POe0TbHBJ6wQpc+sh+z27gp9sg50Nz4aH+u8oZhg4Odv3bAVJBiWyXM8OiIiidqkD1CIt+v3QKNlCVNCbLeOMc9v6kH/4HRBQGCf7L7+dwyvZkbqAue8k7f7Ik5mRFb8aNI0b3YqmXv4/OHbd6CYhaju44v5i8e4PDziYQr41OdluGiMqUZ1dvdpRYEC7E9fa2oJh20JzZPu2SH2/+U2CJnzgZ28qXCGGGkPxUoLQhLFXogJ5EpD22wiYDDLFnEAXjNzzfojEXCnKJjn697fyvNc3v+v5WqiLKL0xox2R5A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uwe.nsa.gov; dmarc=pass action=none header.from=uwe.nsa.gov; dkim=pass header.d=uwe.nsa.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uwe.nsa.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jXd1aP8Fp14/iVECQw36QWbfPx6/HoGMpwyUL+5L2XM=; b=CETeaeATmCEWxPsME3g12nSrfpp1dnC8vRqpRecbV+k/wAmwYCQ09SRTw9g9b70DTTJ9G/LCwHXzKq5EPs+/fLAh6ic10JqdXECluZmWhkJ8aAW8+NJBGnHmXd//6unJK1kPslonSORFtEaftnUKXTpHph8/clfeQGuVwQmlNC+zJBWNw8WHl1Vd28YxY2sXNbVGW1Av396lVM5rWZyWEZwOM93ekM+V7SzoScNpe5uNTGYtWr0D/h8TikXnuZdMzUgxsy6c9oAeVblSavos6EnFT4YR6bNFuCRlT5vyrv1nHxIQR0QAgtW85j1p8PWt2IpHzKgtKrGT25uMxV2SJA==
Received: from SA0PR09MB7241.namprd09.prod.outlook.com (2603:10b6:806:7a::24) by SA1PR09MB8125.namprd09.prod.outlook.com (2603:10b6:806:178::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16; Tue, 29 Mar 2022 19:11:57 +0000
Received: from SA0PR09MB7241.namprd09.prod.outlook.com ([fe80::c1c7:6c2b:3f1d:bbb4]) by SA0PR09MB7241.namprd09.prod.outlook.com ([fe80::c1c7:6c2b:3f1d:bbb4%7]) with mapi id 15.20.5102.023; Tue, 29 Mar 2022 19:11:57 +0000
From: "aebecke@uwe.nsa.gov" <aebecke@uwe.nsa.gov>
To: "David A. Cooper" <david.cooper=40nist.gov@dmarc.ietf.org>, "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: [lamps] New drafts available - non-composite hybrid authentication, and binding certs
Thread-Index: AQHYPuPjo/eSrK0QikiY6QaJ1lUO8KzWwxAJ
Date: Tue, 29 Mar 2022 19:11:56 +0000
Message-ID: <SA0PR09MB72413092E89756405805FEE4F11E9@SA0PR09MB7241.namprd09.prod.outlook.com>
References: <6afc6468-d020-e40b-965e-3a1d90821c0c@nist.gov>
In-Reply-To: <6afc6468-d020-e40b-965e-3a1d90821c0c@nist.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: 353e85b4-5c72-31c5-61f9-55c685583eec
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uwe.nsa.gov;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: eaed1868-1dd8-404d-5d25-08da11b7fe5d
x-ms-traffictypediagnostic: SA1PR09MB8125:EE_
x-microsoft-antispam-prvs: <SA1PR09MB8125699F049AE1622FC099D0F11E9@SA1PR09MB8125.namprd09.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8qlCIlBpT0VakY3BegVBhvAqwibTDz87XsSxIN6gVUh59fNOP9y5r2HJ7YQCa4Nst6X5fI0Po9E4yAKC+slIPor67a4e8ba8GX9c3uWtC8I4FvoizHaftH4d0NcOCBK5V89galYAkfojPdht6vqen7iTvOXQrHkcqTTJPLYb66WQVIVXuF1bC2NVNjdr+OErP1cw1cKgtyw6LpMNkhpWd0S90mWna/2fFobo+lncoah0aixEuQSNpo0yw3jGTT6IzBPbQH5Adh3ADienMCl2/d4FuA4pwoM5v6/6cNLsiNKSy0EIm9WcIrDeaWLgNfUgpTstE9RaxSYwjIUx9tORHt2fETk0mjBQE9Z11R9DFYDVtY6Io7UlFnDYadl3D3WHMDh+LPXRRi2rb5H5ivw7uEZLTVkfnI67IpNpqnKxuvQon7vyiVu4E+aMENZ8Mf6XFJgc4mFlHYRHub/8CwVWlZOZLIa4b9uHpACThfXkyb7DrQLdhNksRY0oHJlECRH2flFVSWC3QjBvKRLj+GCKMxQZLSRXljBcfUryOLGZp+3pV095Qx0zR0Fm1SMtuWy9ZWLVuK30lIPO3XUn+uJSjLIXs6JBU37nEw0zdtbOd8AM+vzGstSFNnbA1TEl/JZJT392qMwYt6yFzmcMUcCj8m2xKDXV0r1FV1ZKPpLAiNZB831GfVpVpnqiDVXuH+GOQ1fogsICWuEWTjJsDvF92xRs5Rdd55bj1B1KVZ+vBLuKpCzit9BVQxupAkz/FHwyAIUCqq/F2yw8sacd9H6Ba6U9mCuPpuoPrdlZd0X4MIc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA0PR09MB7241.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(38100700002)(86362001)(82960400001)(76116006)(19627405001)(7696005)(38070700005)(66446008)(66556008)(64756008)(66476007)(55016003)(166002)(122000001)(91956017)(9686003)(6506007)(316002)(66946007)(966005)(508600001)(53546011)(5660300002)(8676002)(71200400001)(2906002)(66574015)(110136005)(26005)(186003)(83380400001)(33656002)(52536014)(8936002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?lvnjNLpsZvweTx7j2MCHEivFkDlpJ3ZnQXcS4KdG0lCBkcOvtfSXHvW+Ul?= =?iso-8859-1?Q?dUP4VxDaqyjJiro5LuCTb23yYMC44yThWXbDbHQrTCwL4yOqqpK0YwA3Mn?= =?iso-8859-1?Q?RPNJ06/U9oMntP+sqIIfIxEOeagfYH1MJUSV1DRrNHw7QqJBjlpnpjoD/w?= =?iso-8859-1?Q?SmNKLF11iJBunHBjaObgM03iQI8+jy2gPd1x8MaWb7g0PJeg4bZKDNa8EC?= =?iso-8859-1?Q?2lSOJs4azCvbEqHuQtBp5WtSwK9wITqw+1y9JwqbH68BGNNMFPucbndyoE?= =?iso-8859-1?Q?a5GPR/kiUn+fy61Z8em9krFdKC8jhK4YKNsu6fXRxfUObvKFL76EESRKGV?= =?iso-8859-1?Q?CB6b22CptMYlUa3om7YD+3xYF6V+NBgx5c4Yp3RrVl1nPecdimdcgLy/aT?= =?iso-8859-1?Q?ZunBD5TXiG05xns4gEWNPC3kcfK6bOAtKC5jTve7zBneqX+lRm4HJVv4D3?= =?iso-8859-1?Q?KV2CyKPHp4JilcpPvVFfg1AA2FK+niYxb4tsYLWMy+u/Nt6V4GHDHvRRDf?= =?iso-8859-1?Q?EEJLGvEI9wWUZrLjXJVWBau3ugPVFtuGQ16smtMTXD15J1s5glg5k/8jjv?= =?iso-8859-1?Q?Sd9fYmiCvEq2nHNhhwpP2kg8nE7bvZo7s/9+rHFsqWjRgHX6Y7zwRv8+o7?= =?iso-8859-1?Q?fIXkzttWO/a8zaWyyNuIlau+qIm7r0alcnorfGnCtXk0JkQEpwKFMmTMW1?= =?iso-8859-1?Q?PoIBKBW/tolgUkyebZurBobLBqKufSZKnE7KAspTmny4UYvqi38qGCBdI5?= =?iso-8859-1?Q?kpWbZeCS8ePs8Im63ovgflQIBS/KLrsxGetv9vGYWcGCci8CxtqMMEaqUU?= =?iso-8859-1?Q?Ucg01ONCWqQH6m/PjZ8NZpdJhyMUEBLIFtayYg/xZuekTqMBcWJZNtJz/t?= =?iso-8859-1?Q?vQJHmVZuAws16MJky7OfNveiCJrRI+xR4D8pLOPI7TqD5vK0SC2DDmJtbG?= =?iso-8859-1?Q?6h9aC5pJEHxrjt2H7LLlSNIbk3Z3nbqIXsHUTx7BXFl40Z2LgD5a85o3hp?= =?iso-8859-1?Q?GSx/crxgORYG71CiVoT+g518011jgS7s7yT+GbIPOifJEXcAfZAo98xP2j?= =?iso-8859-1?Q?wzz2nbu3tL7mWKLQ7yJpWd7CmK2QxpKeFlWyElnTmvrPYeGDVFd7fDzyrV?= =?iso-8859-1?Q?9QvrIXHopY9TH4BKYvHjjCofpecWuSjJc05z4Q7bTG3ZtzKppeGDhDd87Z?= =?iso-8859-1?Q?jow/Ryu9z2/5tb1jDbNK+hqnu5z8xiHEnBb/l9k5mEpMkNLltQaiSszRBJ?= =?iso-8859-1?Q?4PEowM6jBpgUa/k2ULYBylvBA+Mp7NloZmkQndLUm9ZdvQbKSegO63BVin?= =?iso-8859-1?Q?otTTbCCHvYfe23ZqC5rSc7COc7VEWpAuyVMuMEbQ/wgtVCa63XCzYBRy5M?= =?iso-8859-1?Q?NjXBmsad10FAEPMH46aOEaqMBHfzP4djLNB4LVVwJwlWZkdhAiihi2H0at?= =?iso-8859-1?Q?LNKyeErQWXRYbLnYnTgeqoc9RZ2WCWT1ccxsPfPrPmSPAWpKlCPpehU94d?= =?iso-8859-1?Q?k88MCcuXxw7KsvvGTvxJcP77SdRsBf+jmBRZSOwl0ZbhHCCD9XwoUyMAAa?= =?iso-8859-1?Q?M/s4lZBUnBhE3iFu+PMsHGs59Bd3hDp17H0/k1sJ6p6fqm5BaAvfKYzfzd?= =?iso-8859-1?Q?19hx+aA2PmYE0UqdhvNCuVhOvxrWn5OZ2mUdTwCMmw2BlzDsvSsIArrEBa?= =?iso-8859-1?Q?Af0dyTCCRprpFQjRLUKXMPaiUeIE42hvKcEJqL45txoU1XkP7oNg9xZvyH?= =?iso-8859-1?Q?gx3pXulLRCg2Pc9vuMV62XJLLHIA/UtlBBrePQxJSnf8VL?=
Content-Type: multipart/alternative; boundary="_000_SA0PR09MB72413092E89756405805FEE4F11E9SA0PR09MB7241namp_"
MIME-Version: 1.0
X-OriginatorOrg: uwe.nsa.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA0PR09MB7241.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: eaed1868-1dd8-404d-5d25-08da11b7fe5d
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Mar 2022 19:11:56.9628 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d61e9a6f-fc16-4f84-8a3e-6eeff33e136b
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR09MB8125
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Do52p08eSdXrkTZo2svxHTO9gEU>
Subject: Re: [lamps] New drafts available - non-composite hybrid authentication, and binding certs
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Mar 2022 19:12:08 -0000

Thanks for the comments, we appreciate the technical feedback!

We are certainly open to strengthening the signature field to include better assurance as you suggested, a string including purpose is a great idea to ensure the signature is genuine for the attribute. We initially considered including the other certificate instead of just IssuerAndSerialNumber, so we can revisit this idea as well.

For the hash algorithm, we included the algorithm identifier simply to allow for flexibility, but there isn't any particular reason we can't require it to be the same as the one used to sign the certificate.

-Alie
________________________________
From: Spasm <spasm-bounces@ietf.org> on behalf of David A. Cooper <david.cooper=40nist.gov@dmarc.ietf.org>
Sent: Wednesday, March 23, 2022 2:27 PM
To: spasm@ietf.org <spasm@ietf.org>
Subject: Re: [lamps] New drafts available - non-composite hybrid authentication, and binding certs


I have some concerns about the bindingRequest attribute.

Section 3.1 says that the signature field in RequesterCertificate "provides evidence that the requesting entity owns this certificate." However, "the signature field contains a digital signature over IssuerAndSerialNumber." So, what evidence does the CA have that the requesting entity created the signature and didn't just copy a signature that was previously generated by the actual owner of the certificate?

Perhaps a solution that would produce stronger evidence would be for the signature field to contain a digital signature over a SEQUENCE of <domain separation string>, <information about other certificate>, and <subject public key that appears in this CSR>. The <domain separation string> could be some simple string such as "CSR bindingRequest" that would provide an extra layer of assurance that the signature was created for this purpose.

Given that the "RA should only allow previously issued certificate(s) to be indicated in the bindingRequest attribute, the  <information about other certificate> could be the other certificate rather than just one piece of it (e.g., issuerAndSerialNumber or subjectPublicKeyInfo). This would avoid concerns such as those expressed by Ryan. The bindingRequest attribute could still just include certID, as that field is just a hint to help the RA and CA identify the correct certificate. Similarly, the BoundCertificates extension could contain hash of Certificate rather than hash of IssuerAndSerialNumber.

For the BoundCertificates extension, is there any reason to allow a different hash algorithm to be used for each bound certificate? If not, then a few bytes could be saved in the case in which the extension includes more than one hash by changing to syntax to:

BoundCertificates ::= SEQUENCE {

        hashAlgorithm     AlgorithmIdentifier,

        hashValues          SEQUENCE of OCTET STRING

}

A few more bytes could be saved by requiring the hash algorithm to be same as the one used to sign the certificate.

On Tue, Mar 22, 2022 at 7:11 PM ryan-ietf@sleevi.com<mailto:ryan-ietf@sleevi.com> wrote:

Could you explain the rationale a bit more for the IssuerAndSerialNumber
construction?

It won't necessarily unambiguously identify a certificate, in the absence
of a global directory. Within a multi-stakeholder PKI (like those deployed
on the Internet today), it's possible for two distinct entities to have the
same encoded issuer value, but be in possession of distinct keys. The path
algorithms involved in X.509 and PKIX are able to resolve this (by virtue
of signature checking to resolve which issuing CA), which also applies to
OCSP responses, but it seems like it wouldn't apply here.  Broadly, the
assumption of X.509v3 that Issuer and Serial Number would be globally
unique and unambiguous didn't hold, as previous communications in the IETF
with the ITU revealed [1][2][3], and that Distinguished Names aren't, well,
Distinguished. Is there reason not to use a stronger binding (e.g. the hash
of the certificate being referenced)?

If two certificates, A and B, both identify the same Subject ("Subject
Foo"), but with different keys and numbering schemes, it seems that if a
bound certificate was issued to entity C, with IssuerAndSerial of "Subject
Foo":1 (referring to A), that B could issue a malicious certificate bearing
that same serial number, and have it be accepted as legitimate for C.

That said, I do feel I must be missing an important use case, because I'm
not fully sure I see the utility in this. Is it fair to say that the
assumption is that both certificates (the original and the bound
certificate) are participants in the same PKI hierarchy and same set of PKI
policies? If they weren't, it seems like the issuance of the
BoundCertificate may introduce operational considerations for the
renewal/replacement of the target/original certificate, in that replacement
of the original would necessitate issuing a new bound certificate. Wouldn't
that unintentionally affect the security considerations/agility of the
target/original certificate, in unanticipated and perhaps harmful ways?
Minimally, it seems such chains of binding would have to be ordered from
"slowest to fastest to replace", to mitigate, and that seems like a
relevant security consideration.

[1] https://www.ietf.org/proceedings/70/minutes/pkix.htm<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fproceedings%2F70%2Fminutes%2Fpkix.htm&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=u3Knrx1AW%2F8VqQOjV6G2isyCbS8rq%2FFotOplyDAFT2o%3D&reserved=0>
[2] https://www.ietf.org/proceedings/70/slides/pkix-4.pdf<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fproceedings%2F70%2Fslides%2Fpkix-4.pdf&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=CojWfH2wwBkDvmHO6B0fWtzZ62xF0g%2FGB1iDsKBRiSE%3D&reserved=0>
[3] https://datatracker.ietf.org/liaison/375/<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fliaison%2F375%2F&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=etZP3Ulv4RfN3L6RWwwxyxOzSq6RMI9W%2BfeLGn0tIUQ%3D&reserved=0>


On Tue, Mar 22, 2022 at 2:16 PM aebecke@uwe.nsa.gov<mailto:aebecke@uwe.nsa.gov> wrote:

> Hi LAMPS,
>
>   Two new drafts related to PQ migration are available here (note- these
> drafts are an update to the talk we gave at IETF112 in November) :
> https://datatracker.ietf.org/doc/draft-becker-guthrie-cert-binding-for-multi-auth/<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-becker-guthrie-cert-binding-for-multi-auth%2F&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=JoHwsnMUUsD2FKBqbocRAsA0jDfNscZFYK8%2Fb2kYrF0%3D&reserved=0>
>  and
> https://datatracker.ietf.org/doc/draft-becker-guthrie-noncomposite-hybrid-auth/<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-becker-guthrie-noncomposite-hybrid-auth%2F&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=0DqS2Oju1PgFBzGThrJ7kYd4g3z60b3RloGhk09EuwI%3D&reserved=0>
>
>
>
> The noncomposite-hybrid-auth-00 draft is an informational draft that gives
> a general overview of hybrid authentication, and details the solution space
> of what we are calling non-composite type hybrid solutions for
> authentication.
>
> The cert-binding-for-multi-auth-00 draft defines a new CSR attribute,
> bindingRequest, and a new X.509 certificate extension, BoundCertificates,
> which together provide additional assurance that multiple certificates
> (used in non-composite hybrid authentication) each belong to the same end
> entity.
>
>   Please feel free to provide any comments and feedback!
>
>   Regards,
>   Alie Becker + coauthors Rebecca Guthrie, Mike Jenkins
>
>   ----
>   Alison Becker, PhD
>   Center for Cybersecurity Standards
>   National Security Agency
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org<mailto:Spasm@ietf.org>
> https://www.ietf.org/mailman/listinfo/spasm<https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=04%7C01%7Caebecke%40uwe.nsa.gov%7C8c562b396ece4466548908da0cfad77a%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C637836569507726440%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=vVfjXUcYzap3wv3zGOQepKNlAhg9TU7xCuIlIG5tTXI%3D&reserved=0>
>

v2.8.7 | Report a Bug | By Email