Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaKeyLen
"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Wed, 16 September 2020 07:02 UTC
Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05F693A0A34 for <spasm@ietfa.amsl.com>; Wed, 16 Sep 2020 00:02:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id twvrOnh79FGy for <spasm@ietfa.amsl.com>; Wed, 16 Sep 2020 00:02:33 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2042.outbound.protection.outlook.com [40.107.22.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7845F3A03F2 for <spasm@ietf.org>; Wed, 16 Sep 2020 00:02:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QWMbcrGXGUM4p0zTBU7GoQ2b3WvPsrAF3w6NRqfnkcir+X8rckAjEWJi/gB5otO0qEHzdxyj35qihhK2kmEZ0tzE9oIz+4QwM/kQE5rA00t87olPYEEr+moTZCXrxEVBZBHrZRsHJ+xC9EV/HwFmTsqyu3JDglZZnDEviJoUpocUSjKVtv5wG+zeDx29UwCZ3IRDlFqyEGV+W1iPMC/5//hjHaD4csKYrS3r29/9eFPWY9ZJOTkE6dsWAaf55zjJd2P9yDHYf5EcnyI5SSbh67vYoxUkwmusJwiAEipsAMijfDan00cdjgnrJ6zITvBWdCMOjHECZMopYS1B3azEyA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SjyPm4amnKUeF7Ica2Ac5wlCuAf/lyyi06nEHBohJ0M=; b=cyFEFPyfIDn7/Tg6KjK/vTOMRKjFmhn6LilrI13Db99NfRtEM3Btjrkv+nZwNYY81gg782i+wnntzZ+vDvjSl6zLq3OmMRxxJ50v1wtHxRbHF6GM7A3DrQdJCJrL3ezgZVn/+w2bmspUcjRomsVim8dDc5XGhWtg/hYQqmWqkK0Qf1UUJZQ1jwhhW+tOf7Xo4aRCZ2O/OI0nHa/+tlY1cHSlTi4Nt1Fmr9VOk32TTmGUbakBw4hxiRNveo7O/AdSub/2kw7EN6Jv5IgAMTSLxa0n381Uyyi/1BTTTN7prhgaoqmcxJ4BBUhGYN7Pu0bCBtGjXSjVv6V2dzBB26gPIQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SjyPm4amnKUeF7Ica2Ac5wlCuAf/lyyi06nEHBohJ0M=; b=YvyQ1X/a7dNA/TeIKPdvGuahNqxayHNSuHx/zruLZUKzTdo2Acr4JnmaO/Uqj18gCoWAkdyIGC7nm/J1f7RD2yXW704RvD4rVhxIxGY8RDi2lGWIftATSjtZtIfbTgR2Bic64UJignYjUJDHGqyScbtTajb3lR+xuyOzLLfmiY8=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM0PR10MB3284.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:180::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.16; Wed, 16 Sep 2020 07:02:31 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::815c:e3e3:e2be:5eed]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::815c:e3e3:e2be:5eed%6]) with mapi id 15.20.3370.019; Wed, 16 Sep 2020 07:02:31 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>
CC: "spasm@ietf.org" <spasm@ietf.org>, "david.von.oheimb@siemens.com" <david.von.oheimb@siemens.com>
Thread-Topic: dtaft-ietf-lamps-cmp-updates and rsaKeyLen
Thread-Index: AQHWi6YYHaZzdnX6XEOInEZKE7MbAalqzO3Q
Content-Class:
Date: Wed, 16 Sep 2020 07:02:31 +0000
Message-ID: <AM0PR10MB241896142536A43A77C92C05FE210@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
References: <AM0PR10MB2418651EF480383C1FBAD448FE440@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM> <ECF4A046-3690-4B8A-9851-935CDACA89C2@vigilsec.com>
In-Reply-To: <ECF4A046-3690-4B8A-9851-935CDACA89C2@vigilsec.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2020-09-16T07:02:29Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=d19f0ab6-77f2-48be-89db-efc08d02de73; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [165.225.200.170]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 1d95bbde-43ee-4b40-42b1-08d85a0e7af3
x-ms-traffictypediagnostic: AM0PR10MB3284:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR10MB3284A15B948805D97E4A7677FE210@AM0PR10MB3284.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: o3bQ7kioYzfnGpVB6yQgZRlRVQiIX1M11c368gjPeAoeRfyKNGqzUmV/W2yHWZpfc/TvPQfyw3Mscbo1Vzc3rFqXoCnhJQgDrnkPCYEHYWtO/3goDhvmsPCtHvIjR1ZtvKRDYncreBYlk2jXfyYvwDf0CFQwDQtOjlmZSngsk06K1bN/kZhfZxCyun6/B2a9k85wZnbgX30kW96ipND1nJc4+PF9G6fhJ9wZYIbm8KfLx9ppTnB0JKM8iS0Ua9rUcYLsbOuGshD8tSKVgUAgjqt/7S/W922c+DUUeo2oTYhCdaIEZet97eXK0oIy9ptrBSZgDXiqHKnWOWO3WERmhQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(396003)(39860400002)(136003)(376002)(346002)(107886003)(8936002)(6916009)(4326008)(83380400001)(26005)(15650500001)(54906003)(33656002)(8676002)(52536014)(478600001)(71200400001)(5660300002)(4744005)(64756008)(66446008)(66556008)(66946007)(66476007)(76116006)(9686003)(55236004)(7696005)(186003)(55016002)(6506007)(2906002)(316002)(86362001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: S7ZGtuABg+vkZKSYlJ0HHhjGzD9Vq4jpPojfjmU70HD48Rr3LkRJCzIb92bsWpFKM8h+gWjU8Z31nZ4RQtlAlmtTdcUU/9cKG1YBMCstNw2K5Pl93yJhIzjDQlFcZfptkqLkRnomImzEfE0oRt+WvnW726sBFHHHVAoIDoFxNMH85nSF6kw+Rm7c7Zg/7gJUi4EBK/bZM5l9XPY0TtvCF5wBHHlC8Ctl2rpExI+QaLpCL/xZA21p4BecvucrYdC3V44Pqk9y4DH4JyM/a+WkGIRYsltz91+epl3LPxrzjId8UBDCFFY/LqTOdSXOY98HT90OTP66TeCbXkslUvgzw7yrklic/D4gQqEN5ocJJ0cB497eRX3j8hoiUXssjd43mgQm4ObuYo1BbGbv6aZyBuS101gN9750OwXCkknvyzDDP/ixqMncW3drDwq9MDNpbkqIrMpvkLZsV8Bb8ztuPo7WBWAAsmRoGm11Z1TsYmmUgliJJwcj5YiIoH5Gnoo8k/Th54i6GoyuGA6TW03ZAS6x29Pb6Ec1y38ah+SvfFOQBrvIbjGL2dZh7qfQ5bbEDAsgSQZRzZjbsCXa9G1wnK8N5kgK8sUqA7PVFrEhrHTZ74DskIERbQseaf2CWzF2QATdiWwiAuiWUXN1UBP95g==
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 1d95bbde-43ee-4b40-42b1-08d85a0e7af3
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Sep 2020 07:02:31.0590 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Uu+pDtBCrh4azYih7UGWKbzEXMNDwEtgqzrZOtJrePe/mMLFa17y3qu8dO1lwvebQmal8vdTwm7HpYYSYYbb4OSkRSLD4sDZ2E5S7BDgZ00=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR10MB3284
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/XsWZctnhb3GsTUOl7GduW6baKS0>
Subject: Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaKeyLen
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2020 07:02:35 -0000
Russ > Von: Russ Housley <housley@vigilsec.com> > Gesendet: Dienstag, 15. September 2020 23:21 > > Hendrik: > > The ASN.1 modules add rsaKeyLen, but the body of the document does not say > anything. I think it should explain the new field. You are right. I will add a brief explanation to the respective section. > > The ASN.1 module comment is the only hint right now: > > -- Any reasonable RSA key length, if subjectPublicKeyInfo > -- of the certTemplate has the OID rsaEncryption. > > Also, if the certTemplate has the OID id-ecPublicKey, is a similar convention > needed to provide a list of supported curves? For rsaKeyLen it is possible to specify one key length and for id-ecPublicKey it is possible to specify one named curve in ECParameters. I think we are consistent in this regard. If an RA needs to offer a set of allowed algorithms or curves, it can use the Signing Key Pair Types general message as specified in RFC 4210 Section 5.3.19.2. Hendrik
- [lamps] dtaft-ietf-lamps-cmp-updates add section … Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates add sect… Fries, Steffen
- [lamps] dtaft-ietf-lamps-cmp-updates and rsaKeyLen Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Tomas Gustavsson
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Brockhaus, Hendrik
- Re: [lamps] dtaft-ietf-lamps-cmp-updates and rsaK… Russ Housley