IETF Logo Mail Archive

Re: [lamps] is the CSRattr ASN.1 broken or not ... Re: New Version Notification for draft-richardson-lamps-rfc7030-csrattrs-02.txt

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 05 April 2022 18:19 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E86B3A0E38 for <spasm@ietfa.amsl.com>; Tue, 5 Apr 2022 11:19:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cjONaoAEGBuj for <spasm@ietfa.amsl.com>; Tue, 5 Apr 2022 11:19:07 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D631F3A23A5 for <spasm@ietf.org>; Tue, 5 Apr 2022 11:19:03 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id F2E7938BAD; Tue, 5 Apr 2022 14:30:09 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id Pl13xi5lG8hy; Tue, 5 Apr 2022 14:30:08 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 2847538BAC; Tue, 5 Apr 2022 14:30:08 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1649183408; bh=rczZtaAgsObzhJmLdxyqBdNdZAJvKD8b3rZ5ZsXR6Ts=; h=From:To:Subject:In-Reply-To:References:Date:From; b=EpLfEBabiqEV8L/ui28gGhTO+qvzgU91YOzAEj8JZH8WYgIk/ebsOeu8R6efQPG+b bO9VpAU6aecFS2tW3FMVxPlk8XyK4WBkCpnOodQJs0SBIHwp9IBLMfcw178NexoBze MNO9HRkjD8ESdbbAAz6ynzVXo1hdO36iXI4qaHijlnCR3Sf+swKLHRAIGQRcpOpa7d mEGaPvm5EXXq4v0FOOUzf6sYJi85G2FqVqlDFWFdCgQ0iKgkWWjQE44Z/EVkOCl7ts O60zndm7fg8Zzal7QdD1HZIj9uZ0cZ47MkL+aHiaTQHasHVRyqX4s0u7QeoAf+v54z 0gMt3sJZDwtHw==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 832194B4; Tue, 5 Apr 2022 14:18:59 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: David von Oheimb <David.von.Oheimb@siemens.com>, Sean Turner <sean@sn3rd.com>, Dan Harkins <dharkins@lounge.org>, LAMPS WG <spasm@ietf.org>, Owen Friel <ofriel@cisco.com>
In-Reply-To: <5cfb6e20b225da072695a4f13088a8065203ca4e.camel@siemens.com>
References: <164667410940.12091.15394112688281514126@ietfa.amsl.com> <15416.1646681868@localhost> <D095D84D-9633-44BB-AA6F-440B8BC00F68@sn3rd.com> <5cfb6e20b225da072695a4f13088a8065203ca4e.camel@siemens.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
Date: Tue, 05 Apr 2022 14:18:59 -0400
Message-ID: <27441.1649182739@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Km0gEutgPatxxNyxpi211HzNmgY>
Subject: Re: [lamps] is the CSRattr ASN.1 broken or not ... Re: New Version Notification for draft-richardson-lamps-rfc7030-csrattrs-02.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Apr 2022 18:19:21 -0000

David von Oheimb <David.von.Oheimb@siemens.com> wrote:
    > As I wrote earlier, the way CSRattrs are defined for EST in RFC
    > 7030 section 4.5.2:

    > CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID

    > AttrOrOID ::= CHOICE (oid OBJECT IDENTIFIER, attribute Attribute }

    > Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
    > type ATTRIBUTE.&id({IOSet}),
    > values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{@type}) }

Is there another way to express the same concept that would be understandable
to more people?

    > Note that for syntactic and semantics reasons you cannot have both -
    > either
    > 1. the example given in RFC 7030 was correct, then no X.509 extension
    > value can be given by the server, or

    > 2. the example was wrong, and a value must be given by the server.
    >     Yet the OCTET STRING could be the empty string to indicate that the
    > client should fill in the real value.
    >     The Lightweight CMP Profile also employs this trick of using an
    > empty extnValue
    >     in its section 4.3.3. (Get certificate request template):

Sean has pushed us in the direction of (2).
This is in contrast to what happened last August!

    >   https://datatracker.ietf.org/doc/html/draft-ietf-lamps-lightweight-cmp-profile#section-4.3.3

    > The latter option is obviously more expressive, but note that this
    > contradicts the example of RFC 7030, 
    > and thus chances are high that (most) existing EST implementations chose
    > the first option, which is not compatible with the second.

I think that the tree-in-forest question applies.
If those implementations never had to deal with specific values, and continue
to avoid doing that, then they won't encounter a problem :-)

    >> b) We picked the wrong kind attribute to request macAddress from the
    >> client. I cannot remember if it’s supposed to be naming component or
    >> an actual extension?

    > Apart from the two possibilities I just gave, I do not see how else,
    > given given the CsrAttrs syntax,
    > one should have requested a macAddress X.509 extension where the value
    > is to be filled by the client.

It's a good question.
I liked the notion that it's an empty content, but then... is an empty
content ever valid?

    >> >   As an aside, why can't the RA just rewrite the CSR and include the
    >> > particular name it wants to impose on the EE? Yes, signature will be
    >> > wrong but the CA shouldn't care because the RA is vouching for it.
    >> > Right? Why won't that also fix this problem?
    >>
    >> In most instances, the RA could amend the CSR by adding/changing
    >> values. The CA would trust a valid sig from the RA to vouch for the
    >> changes.

    > As I commented earlier,
    > PKCS#10 requires a self-signature within the CSR structure, which that
    > RA cannot provide, so there are basically two options:

    > * cheat and give a bogus signature to be ignored by the CA, or

    > * switch to a more expressive CSR syntax like CRMF, which supports
    > popo=raVerified

    >    (i.e., the RA vouches for having checked the original proof of
    > possession by the client and does not provide a new one) 

RFC8555 also precludes the RA from providing a signature.

--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.8.7 | Report a Bug | By Email