Re: [lamps] New suggestion for a full and straightforward solution - Re: I-D Action: draft-ietf-lamps-rfc7030-csrattrs-04.txt
Michael Richardson <mcr+ietf@sandelman.ca> Wed, 21 June 2023 19:40 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37138C15155C for <spasm@ietfa.amsl.com>; Wed, 21 Jun 2023 12:40:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ySLZDlhhfcbb for <spasm@ietfa.amsl.com>; Wed, 21 Jun 2023 12:40:37 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [IPv6:2a01:7e00:e000:2bb::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F4DBC14CF05 for <spasm@ietf.org>; Wed, 21 Jun 2023 12:40:36 -0700 (PDT)
Received: from dyas.sandelman.ca (unknown [206.0.71.30]) by relay.sandelman.ca (Postfix) with ESMTPS id 7D3A81F4A2; Wed, 21 Jun 2023 19:40:34 +0000 (UTC)
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id 3723CA0B24; Wed, 21 Jun 2023 15:37:21 -0400 (EDT)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id 35230A0133; Wed, 21 Jun 2023 15:37:21 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: David von Oheimb <it@von-Oheimb.de>, spasm@ietf.org
In-reply-to: <05277edb6f344d74c793d02d1aeb9fa9f015d50e.camel@von-Oheimb.de>
References: <168687004656.20234.4344396997105904558@ietfa.amsl.com> <05277edb6f344d74c793d02d1aeb9fa9f015d50e.camel@von-Oheimb.de>
Comments: In-reply-to David von Oheimb <it@von-Oheimb.de> message dated "Tue, 20 Jun 2023 22:48:31 +0200."
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
X-Attribution: mcr
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Wed, 21 Jun 2023 15:37:21 -0400
Message-ID: <19251.1687376241@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/K9Gdok-nTcaWCy9RrrVrQaqBATw>
Subject: Re: [lamps] New suggestion for a full and straightforward solution - Re: I-D Action: draft-ietf-lamps-rfc7030-csrattrs-04.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jun 2023 19:40:41 -0000
David von Oheimb <it@von-Oheimb.de> wrote: > thank you for the update. > The draft (so far) solves reasonably well the very specific issue > described in the intro, well... you are co-author already :-) If this is something you want to add, then let's do it. > * it remains entirely unclear how a server could specify regular > subject DN values, which may be needed in addition to specifying > SANs, > possibly including partial specification of RDNs (such as : "include > a CN with value chosen by the client, while OU should have value > 'xyz') Given that we want to stop looking at DNs, I hadn't considered this mattered, but I agree that there are many cases where it does. I think that it should already be possible, but it's escaping me right now to think how it is specified in the CSR. > * the spec how to interpret algorithm OIDs is very weak: just by means > of a few examples - no systematic semantic rules are given That's a reasonable criticism. > * there are no rules preventing conflicting "algorithm requirements", > such as OID ecdsaWithSHA384 and OID SHA256, You are right. So what does a client do when it see such a thing? > * nothing general is specified how to use and interpret the multitude > of other OIDs that could potentially be given True. > * while addressed by examples, a general description is missing what it > means if for instance a cert extension > will have a value but the CSRattrs only give the OID - this issue is > the only one easy to cure in the current form of the draft. > So, while the draft so far gives clarification for a particular use case > of SANs and partly for other X.509v3 extensions, > the use of CsrAttrs is still heavily underspecified and thus > implementations are still far from reaching interoperability. .... > As I did already on 2021-07-30, I invite everyone to have a look at the > solution we took in the Lightweight CMP Profile, > which also defines a "Get Certificate Request Template" feature > in section 4.3.3 including an example in Appendix A. > The basic idea is to re-use the certificate template structure that is > also used in the actual CSRs (which in this case is in CRMF). > Today I had the thought that we can take over the same principle also > for EST CsrAttrs, even in a backward-compatible way! > Namely, by placing a partially filled CertificationRequestInfo structure > as the only(!) AttrOrOID element in the CsrAttrs > (with an OID identifying it, which likely needs to be defined for this > purpose). In this way, the server can specify in a straightforward > and pretty self-evident way what it expects from the client in the > actual PKCS#10 CSR, which has the very same content structure. okay, so I'm open to this idea, but how backwards compatible is it? Maybe the WG doesn't care. I just want to specify the SAN. > Within the CertificationRequestInfo structure, > the server can give for instance SANs and an other X.509v3 extensions as > well subject DNs etc. with desired values > exactly in the way they will appear in the CSR (and in the cert derived > from this data). This should also simplify implementations. > It can also give OIDs while leaving out the associated values, which > means that the client is expected to fill this in. > This scheme also works for specifying the type of the public key, where > an AlorithmIdentifier can be given with an empty key value. So, it would replace the SAN method here too. > Examples would look very similar to the one given in Lightweight CMP > Profile Appendix A with the difference being that > there the structure used is of type CertTemplate, while for EST it will > be of type CertificationRequestInfo as in PKCS#10, > embedded in a simple CsrAttr sequence with one element containing the > "attribute" choice with the new OID for CertificationRequestInfo. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [lamps] I-D Action: draft-ietf-lamps-rfc7030-csra… internet-drafts
- [lamps] New suggestion for a full and straightfor… David von Oheimb
- Re: [lamps] New suggestion for a full and straigh… Michael Richardson
- Re: [lamps] New suggestion for a full and straigh… David von Oheimb
- Re: [lamps] New suggestion for a full and straigh… David von Oheimb
- [lamps] Dates for Meeting - Re: New suggestion fo… David von Oheimb