Re: [lamps] LAMPS sample keys and certificates
Carl Wallace <carl@redhoundsoftware.com> Mon, 18 November 2019 23:51 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AAF312018B for <spasm@ietfa.amsl.com>; Mon, 18 Nov 2019 15:51:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6tyy5W9V6AD for <spasm@ietfa.amsl.com>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
Received: from mail-qk1-x72b.google.com (mail-qk1-x72b.google.com [IPv6:2607:f8b0:4864:20::72b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C0A6120144 for <spasm@ietf.org>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
Received: by mail-qk1-x72b.google.com with SMTP id i3so4219765qkk.9 for <spasm@ietf.org>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=VliRNqxHvIJxRxF7OuZjzAKgW3TDqdYf01HgoVlKRu8=; b=Y52HI7mGatEg6SPXy5I2CIJD6+TY/OVmjT7r9YSzjAeZVlL7JrUdpfY3TL1t6O+lGD yjJ0wD6JanGAdEmngpu2flBbtxMjBJGeaaXCQwuGyT/pe+xWlriaUcOCrv/peKixLTOs U72tY8/u9KO8GhO6ZuVfTUSmdxOpHkrSNwQ/E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=VliRNqxHvIJxRxF7OuZjzAKgW3TDqdYf01HgoVlKRu8=; b=nEl3I7zQ6IbOVF8DtJzGNwXTP7x4TsuMogI4Ei5KuMqfI1aNGUq2NdJdxwF/ez3KuP ufI7r2nmmTW6UprMJr2BWInOhKYGC7K1dl/jYf23b2p4oLA6x4DkeKkwRwCdPVop+O2m DMdKWP7liTKz0mHOdhtsQTttV1xPJPp58U546+7DXwf99zjWW7FNrpdkJ87CD7hv0t90 RtvqO3coqFkUzhcwnWdpARwmxqHzEjAyeC94Aqjj3oOjebwjT8+M95ADcvQ5GJck/lAR /QelTo6jVnkV5wlJDcRZ0nyFFGv9FF66ZAgT1i9QYuX69cFw2PVzYZ3FINiHBgCZ10R9 4lcQ==
X-Gm-Message-State: APjAAAXGG7JeuhXHtqc8YVsBxL7CoiNQFNEdwuoUMuSNAWN91nlAKLej mSZAg9Sm2aqB5+OoKyRM3fjqmKVVUbg=
X-Google-Smtp-Source: APXvYqzkKYrwuFjAX2W5CSpCUrmJlohHGth6T+ZlSPiUakSCPowHz6AJcLgsgBuz5qNusBVgNDeKIw==
X-Received: by 2002:a05:620a:a9a:: with SMTP id v26mr21090505qkg.71.1574121103261; Mon, 18 Nov 2019 15:51:43 -0800 (PST)
Received: from [192.168.2.143] (pool-96-255-231-27.washdc.fios.verizon.net. [96.255.231.27]) by smtp.gmail.com with ESMTPSA id a3sm9136128qkf.76.2019.11.18.15.51.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Nov 2019 15:51:42 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.10.10.191111
Date: Mon, 18 Nov 2019 18:51:42 -0500
From: Carl Wallace <carl@redhoundsoftware.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, LAMPS WG <spasm@ietf.org>
Message-ID: <F134E036-6E20-474A-8D7D-6680186C396D@redhoundsoftware.com>
Thread-Topic: [lamps] LAMPS sample keys and certificates
References: <878sodm0j3.fsf@fifthhorseman.net>
In-Reply-To: <878sodm0j3.fsf@fifthhorseman.net>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/QWD0FuHa5UQHH1Mqm-eNtK7_Zug>
Subject: Re: [lamps] LAMPS sample keys and certificates
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2019 23:51:49 -0000
FWIW, there are a pile of sample artifacts here: https://github.com/GSA/ficam-scvp-testing/tree/master/artifacts. The MFPKI (Mock Federal PKI) was generated by cloning a pile of certs with names obfuscated. Many of these are likely expired by now though. Something like this could offer some diversity to the certification paths (in support of sample S/MIME, etc). On 11/18/19, 5:52 PM, "Spasm on behalf of Daniel Kahn Gillmor" <spasm-bounces@ietf.org on behalf of dkg@fifthhorseman.net> wrote: Hi all-- I've just published: https://www.ietf.org/id/draft-dkg-lamps-samples-00.html This draft contains sample X.509v3 certificates, and corresponding secret keys for a sample CA, and for two e-mail users, Alice and Bob. It provides the certificates and keys in PEM-encoded form and (for Alice and Bob) in PKCS#12 bundles, so they should be relatively easy to import. My hope is that they are useful for generating and interpreting sample S/MIME (CMS) messages, and part of a larger plan to generate test vectors that will be useful in demonstrating protected header behavior on existing clients. I'd appreciate any feedback or suggestions on the draft and the sample keys and certificates and PKCS#12 files. I'm currently building the draft from the git repo at https://gitlab.com/dkg/lamps-samples -- editorial patches, issues, etc are welcome at the gitlab interface, though i would prefer if any substantive issues are also addressed to the list here. --dkg _______________________________________________ Spasm mailing list Spasm@ietf.org https://www.ietf.org/mailman/listinfo/spasm
- [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Ryan Sleevi
- Re: [lamps] LAMPS sample keys and certificates Carl Wallace
- Re: [lamps] LAMPS sample keys and certificates Salz, Rich
- Re: [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Sean Turner
- Re: [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Russ Housley
- Re: [lamps] LAMPS sample keys and certificates Russ Housley
- Re: [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Russ Housley
- Re: [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Russ Housley
- Re: [lamps] LAMPS sample keys and certificates Daniel Kahn Gillmor
- Re: [lamps] LAMPS sample keys and certificates Russ Housley