[lamps] Fwd: [CMP Updates] Hash algorithm to us for calculating certHash
David von Oheimb <nl0@von-Oheimb.de> Tue, 15 June 2021 11:49 UTC
Return-Path: <nl0@von-Oheimb.de>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA7183A2C98 for <spasm@ietfa.amsl.com>; Tue, 15 Jun 2021 04:49:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t34fwct0E8ba for <spasm@ietfa.amsl.com>; Tue, 15 Jun 2021 04:49:01 -0700 (PDT)
Received: from server8.webgo24.de (server8.webgo24.de [185.30.32.8]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 248633A2CA9 for <spasm@ietf.org>; Tue, 15 Jun 2021 04:49:00 -0700 (PDT)
Received: from [192.168.178.115] (dynamic-095-118-012-088.95.118.pool.telefonica.de [95.118.12.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by server8.webgo24.de (Postfix) with ESMTPSA id 04B024200BA; Tue, 15 Jun 2021 13:48:52 +0200 (CEST)
References: <CANNx7D9H0tEN1ViV_zPWUiESOP-rL6y+AXu8rF8QOm7X_8=R7Q@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: LAMPS WG <spasm@ietf.org>, Hendrik Brockhaus <Hendrik.Brockhaus@siemens.com>
From: David von Oheimb <nl0@von-Oheimb.de>
X-Forwarded-Message-Id: <CANNx7D9H0tEN1ViV_zPWUiESOP-rL6y+AXu8rF8QOm7X_8=R7Q@mail.gmail.com>
Message-ID: <520cc9d9-cf88-4546-4418-831ebc6051e6@von-Oheimb.de>
Date: Tue, 15 Jun 2021 13:48:52 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1
MIME-Version: 1.0
In-Reply-To: <CANNx7D9H0tEN1ViV_zPWUiESOP-rL6y+AXu8rF8QOm7X_8=R7Q@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------3DEABC2901700E837A355B77"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ZYjoK3wAD7v8mTM88L43R-a-UfA>
Subject: [lamps] Fwd: [CMP Updates] Hash algorithm to us for calculating certHash
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2021 11:49:15 -0000
Russ, what do you think, also on Lijun's response quoted here? -------- Forwarded Message -------- Subject: Re: [lamps] [CMP Updates] Hash algorithm to us for calculating certHash Date: Tue, 15 Jun 2021 13:17:58 +0200 From: Lijun Liao <lijun.liao@gmail.com> To: David von Oheimb <nl0@von-oheimb.de> I am fine with the ASN.1 discussed in this email thread. Since the upgrade to CMPv3 will take much longer than the use of EdDSA, I prefer to fix the hash algorithm for EdDSA if it is not specified explicitly. This allows the use of EdDSA in CMPv2. Lijun David von Oheimb <nl0@von-oheimb.de <mailto:nl0@von-oheimb.de>> schrieb am Di., 15. Juni 2021, 12:30: Yes, in case a certConf message is expected by the server and the client needs to positively conform a newly enrolled EdDSA cert, I think this cannot be avoided because the assumption of CMPv2 that a cert signature alg automatically implies/includes a cert hash alg does not hold anymore for EdDSA. So the client needs to specify which hash alg it uses, since for EdDSA in general (except for CMS) there is no clear/mandatory implicit hash alg defined. David On 15.06.21 12:18, Lijun Liao wrote: > Does this mean we need CMPv3 for the EdDSA certificates? > > Lijun > > David von Oheimb <nl0@von-oheimb.de <mailto:nl0@von-oheimb.de>> > schrieb am Di., 15. Juni 2021, 12:00: > > Russ, Lijun, et al., > > we have not yet heard back on our latest proposal how to > determine the hash alg to use for the certHash field in CMP > certConf messages. > Would be good to finalize this topic by the end of this week > in order to bring it into the next version of the CMP-related > drafts. > > To summarize, our proposal is to add a hashAlg field to the > CertStatus structure as follows, which is binary backward > compatible: > > CertStatus ::= SEQUENCE { > > hashAlg [0] AlgorithmIdentifier OPTIONAL, > > certHash OCTET STRING, > > certReqId INTEGER, > > statusInfo PKIStatusInfo OPTIONAL > > } > > In case the signature alg identifier of the cert explicitly > contains a hash alg (which so far always was the case until > EdDSA came up), > then use that hash alg and the optional hashAlg field MUST be > omitted, which means the certConf message can keep version CMPv2. > Otherwise, the hashAlg field MUST be used to specify the hash > alg used and the version of the certConf message is CMPv3. > (In addition, we gonna specify in the CMP- Algorithms draft > that SHA-512 SHALL be used for Ed25519 and SHAKE256 for Ed448, > like done for CMS in RFC8419). > > Does this sound fine? > > David > >
- [lamps] [CMP Updates] Hash algorithm to us for ca… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Lijun Liao
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… David von Oheimb
- [lamps] Fwd: [CMP Updates] Hash algorithm to us f… David von Oheimb
- Re: [lamps] Fwd: [CMP Updates] Hash algorithm to … Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… David von Oheimb