Re: [lamps] New Version Notification for draft-ietf-lamps-pkix-shake-04.txt
Russ Housley <housley@vigilsec.com> Mon, 26 November 2018 17:44 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A726F126CC7 for <spasm@ietfa.amsl.com>; Mon, 26 Nov 2018 09:44:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u07u2GcXdKo7 for <spasm@ietfa.amsl.com>; Mon, 26 Nov 2018 09:44:13 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6A10124D68 for <spasm@ietf.org>; Mon, 26 Nov 2018 09:44:12 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 4E21B300AAF for <spasm@ietf.org>; Mon, 26 Nov 2018 12:44:10 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id h7vuIbmUJJIf for <spasm@ietf.org>; Mon, 26 Nov 2018 12:44:08 -0500 (EST)
Received: from [192.168.1.161] (pool-71-178-45-35.washdc.fios.verizon.net [71.178.45.35]) by mail.smeinc.net (Postfix) with ESMTPSA id 60CD7300258; Mon, 26 Nov 2018 12:44:08 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <273e44fc0d3840978a4dad7827d76f7b@XCH-ALN-010.cisco.com>
Date: Mon, 26 Nov 2018 12:44:09 -0500
Cc: SPASM <spasm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <8FB5D8CF-9F6B-4119-9B27-D9E83EB18393@vigilsec.com>
References: <154320772946.24401.15655998843236777567.idtracker@ietfa.amsl.com> <273e44fc0d3840978a4dad7827d76f7b@XCH-ALN-010.cisco.com>
To: Panos Kampanakis <pkampana@cisco.com>, Quynh Dang <quynh.dang@nist.gov>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/WJxqDTXrd1JZBVMvqMZh3vXCrgw>
Subject: Re: [lamps] New Version Notification for draft-ietf-lamps-pkix-shake-04.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2018 17:44:16 -0000
I have two comments and one suggestion. 1) Section 5.1.1: The third paragraph is describing a replacement for MGF1 defined in Section B.2.1 of RFC 8017. You are avoiding the use of RSASSA-PSS-params; it would be good to be explicit about that. RFC 4055 specifies this structure: RSASSA-PSS-params ::= SEQUENCE { hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, saltLength [2] INTEGER DEFAULT 20, trailerField [3] INTEGER DEFAULT 1 } This section is telling the implementer how to handle each of these parameters since they are now all bundled into the top-level OID. 2) I do not think that most of section 5.2 is needed. I think you can simply point to RFC 4055 for RSASSA-PSS public keys, but keep this paragraph: Additionally, when the RSA private key owner wishes to limit the use of the public key exclusively to RSASSA-PSS, the AlgorithmIdentifiers for RSASSA-PSS defined in Section 4 can be used as the algorithm field in the SubjectPublicKeyInfo sequence [RFC5280]. The identifier parameters, as explained in section Section 4, MUST be absent. That said, I think the OIDs in Section 4 are used when the RSA private key owner wishes to limit the use to RSASSA-PSS with SHAKE. I think you can simply point to RFC 5480 for ECDSA public keys. I do not see any additional information that is specific to the use of SHAKE here. 3) I suggest that "joint-iso-ccitt" be replaced by "joint-iso-itu-t" throughout the document. Right now, it is using both of these names. Russ P.S. I have not tried to compile the ASN.1. > From: internet-drafts@ietf.org <internet-drafts@ietf.org> > Sent: Sunday, November 25, 2018 11:49 PM > To: Quynh Dang <quynh.dang@nist.gov>; Panos Kampanakis (pkampana) <pkampana@cisco.com> > Subject: New Version Notification for draft-ietf-lamps-pkix-shake-04.txt > > > A new version of I-D, draft-ietf-lamps-pkix-shake-04.txt > has been successfully submitted by Panos Kampanakis and posted to the IETF repository. > > Name: draft-ietf-lamps-pkix-shake > Revision: 04 > Title: Internet X.509 Public Key Infrastructure: Additional Algorithm Identifiers for RSASSA-PSS and ECDSA using SHAKEs > Document date: 2018-11-25 > Group: lamps > Pages: 15 > URL: https://www.ietf.org/internet-drafts/draft-ietf-lamps-pkix-shake-04.txt > Status: https://datatracker.ietf.org/doc/draft-ietf-lamps-pkix-shake/ > Htmlized: https://tools.ietf.org/html/draft-ietf-lamps-pkix-shake-04 > Htmlized: https://datatracker.ietf.org/doc/html/draft-ietf-lamps-pkix-shake > Diff: https://www.ietf.org/rfcdiff?url2=draft-ietf-lamps-pkix-shake-04 > > Abstract: > Digital signatures are used to sign messages, X.509 certificates and > CRLs (Certificate Revocation Lists). This document describes the > conventions for using the SHAKE function family in Internet X.509 > certificates and CRLs as one-way hash functions with the RSA > Probabilistic signature and ECDSA signature algorithms. The > conventions for the associated subject public keys are also > described. > > Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat >
- Re: [lamps] New Version Notification for draft-ie… Russ Housley