IETF Logo Mail Archive

Re: [lamps] LAMPS sample keys and certificates

Carl Wallace <carl@redhoundsoftware.com> Mon, 18 November 2019 23:51 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8AAF312018B for <spasm@ietfa.amsl.com>; Mon, 18 Nov 2019 15:51:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p6tyy5W9V6AD for <spasm@ietfa.amsl.com>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
Received: from mail-qk1-x72b.google.com (mail-qk1-x72b.google.com [IPv6:2607:f8b0:4864:20::72b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C0A6120144 for <spasm@ietf.org>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
Received: by mail-qk1-x72b.google.com with SMTP id i3so4219765qkk.9 for <spasm@ietf.org>; Mon, 18 Nov 2019 15:51:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:message-id:thread-topic:references :in-reply-to:mime-version:content-transfer-encoding; bh=VliRNqxHvIJxRxF7OuZjzAKgW3TDqdYf01HgoVlKRu8=; b=Y52HI7mGatEg6SPXy5I2CIJD6+TY/OVmjT7r9YSzjAeZVlL7JrUdpfY3TL1t6O+lGD yjJ0wD6JanGAdEmngpu2flBbtxMjBJGeaaXCQwuGyT/pe+xWlriaUcOCrv/peKixLTOs U72tY8/u9KO8GhO6ZuVfTUSmdxOpHkrSNwQ/E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=VliRNqxHvIJxRxF7OuZjzAKgW3TDqdYf01HgoVlKRu8=; b=nEl3I7zQ6IbOVF8DtJzGNwXTP7x4TsuMogI4Ei5KuMqfI1aNGUq2NdJdxwF/ez3KuP ufI7r2nmmTW6UprMJr2BWInOhKYGC7K1dl/jYf23b2p4oLA6x4DkeKkwRwCdPVop+O2m DMdKWP7liTKz0mHOdhtsQTttV1xPJPp58U546+7DXwf99zjWW7FNrpdkJ87CD7hv0t90 RtvqO3coqFkUzhcwnWdpARwmxqHzEjAyeC94Aqjj3oOjebwjT8+M95ADcvQ5GJck/lAR /QelTo6jVnkV5wlJDcRZ0nyFFGv9FF66ZAgT1i9QYuX69cFw2PVzYZ3FINiHBgCZ10R9 4lcQ==
X-Gm-Message-State: APjAAAXGG7JeuhXHtqc8YVsBxL7CoiNQFNEdwuoUMuSNAWN91nlAKLej mSZAg9Sm2aqB5+OoKyRM3fjqmKVVUbg=
X-Google-Smtp-Source: APXvYqzkKYrwuFjAX2W5CSpCUrmJlohHGth6T+ZlSPiUakSCPowHz6AJcLgsgBuz5qNusBVgNDeKIw==
X-Received: by 2002:a05:620a:a9a:: with SMTP id v26mr21090505qkg.71.1574121103261; Mon, 18 Nov 2019 15:51:43 -0800 (PST)
Received: from [192.168.2.143] (pool-96-255-231-27.washdc.fios.verizon.net. [96.255.231.27]) by smtp.gmail.com with ESMTPSA id a3sm9136128qkf.76.2019.11.18.15.51.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Nov 2019 15:51:42 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.10.10.191111
Date: Mon, 18 Nov 2019 18:51:42 -0500
From: Carl Wallace <carl@redhoundsoftware.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, LAMPS WG <spasm@ietf.org>
Message-ID: <F134E036-6E20-474A-8D7D-6680186C396D@redhoundsoftware.com>
Thread-Topic: [lamps] LAMPS sample keys and certificates
References: <878sodm0j3.fsf@fifthhorseman.net>
In-Reply-To: <878sodm0j3.fsf@fifthhorseman.net>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/QWD0FuHa5UQHH1Mqm-eNtK7_Zug>
Subject: Re: [lamps] LAMPS sample keys and certificates
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2019 23:51:49 -0000

FWIW, there are a pile of sample artifacts here: https://github.com/GSA/ficam-scvp-testing/tree/master/artifacts. The MFPKI (Mock Federal PKI) was generated by cloning a pile of certs with names obfuscated. Many of these are likely expired by now though. Something like this could offer some diversity to the certification paths (in support of sample S/MIME, etc).

On 11/18/19, 5:52 PM, "Spasm on behalf of Daniel Kahn Gillmor" <spasm-bounces@ietf.org on behalf of dkg@fifthhorseman.net> wrote:

    Hi all--
    
    I've just published:
    
       https://www.ietf.org/id/draft-dkg-lamps-samples-00.html
    
    This draft contains sample X.509v3 certificates, and corresponding
    secret keys for a sample CA, and for two e-mail users, Alice and Bob.
    It provides the certificates and keys in PEM-encoded form and (for Alice
    and Bob) in PKCS#12 bundles, so they should be relatively easy to
    import.
    
    My hope is that they are useful for generating and interpreting sample
    S/MIME (CMS) messages, and part of a larger plan to generate test
    vectors that will be useful in demonstrating protected header behavior
    on existing clients.
    
    I'd appreciate any feedback or suggestions on the draft and the sample
    keys and certificates and PKCS#12 files.
    
    I'm currently building the draft from the git repo at
    https://gitlab.com/dkg/lamps-samples -- editorial patches, issues, etc
    are welcome at the gitlab interface, though i would prefer if any
    substantive issues are also addressed to the list here.
    
       --dkg
    _______________________________________________
    Spasm mailing list
    Spasm@ietf.org
    https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email