IETF Logo Mail Archive

Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]

Carl Wallace <carl@redhoundsoftware.com> Thu, 12 August 2021 11:19 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 049C63A0A33 for <spasm@ietfa.amsl.com>; Thu, 12 Aug 2021 04:19:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EKC0Pbk0Tzn0 for <spasm@ietfa.amsl.com>; Thu, 12 Aug 2021 04:19:13 -0700 (PDT)
Received: from mail-qv1-xf34.google.com (mail-qv1-xf34.google.com [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3B913A0A2C for <spasm@ietf.org>; Thu, 12 Aug 2021 04:19:12 -0700 (PDT)
Received: by mail-qv1-xf34.google.com with SMTP id q6so105356qvs.12 for <spasm@ietf.org>; Thu, 12 Aug 2021 04:19:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :references:in-reply-to:mime-version; bh=+t0ZsoGGYXM8TinxrgJ+FIFVwEayEiTvcG5Z2lBNlf4=; b=J/ZTWlgFkVAguf+tpGuc3Vid9Wjm/YNXTrAm5cpOhcLLC0MvuDhV5yaWM1uAshwgxu yTkr4XZSMDYQ/pOvRL/YVpCJ8SSZBg3iHr1nVd5yTULdY4x2HlkEBLFR+g5xWDJSxy0M WeYsptpynXRXQVMlvvVGobkllrg1Z4uFisgg8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:cc:message-id :thread-topic:references:in-reply-to:mime-version; bh=+t0ZsoGGYXM8TinxrgJ+FIFVwEayEiTvcG5Z2lBNlf4=; b=HsCBqlNLZMw5o5RlPZUqXOCTMyO/OtEgRVbW4RM2/P4UkwTaOSFFThH8OLhbzX6Jsz pGphrTA1/wuLWXQRxJjTC/eOMEjx9F1ip212AYKY2bvW3SBA/xgT2NgfPAIYByAo0xtk 3QJ1DwOeSAase5NmLPIZ962qFeloUMmO4W4Y5qvz78TSV9F7Cv2TlHVL7Elg1slESS3j xKUu5QejZJB3p8GtwCH8LspegDeNlPdfwkDjd+Frr+dFo8D7tENu4Z/iNOog9qjfVlcE ph49bV0u+KUYyW4EaRuxbg6dBX31sjzgUxjHusf0HiUcaByH7BM/1t+dmvjFgibz6OQu /9Rw==
X-Gm-Message-State: AOAM5308UR+FhYsexk+02LVlHakhxugt/mJEE5EVsn+Chs5ZchF7JXGd CsWrq/ngMpow0OLupf66WjR3Cw==
X-Google-Smtp-Source: ABdhPJwUDZmoRAaLT/5/Ywn8sNT4hcr2R3RpDVY/+zxNbsRdJBzoFOmcy7afNxZoBwRAFbDpCLgGHQ==
X-Received: by 2002:a05:6214:dce:: with SMTP id 14mr3343454qvt.34.1628767150135; Thu, 12 Aug 2021 04:19:10 -0700 (PDT)
Received: from [192.168.2.16] (pool-173-66-88-168.washdc.fios.verizon.net. [173.66.88.168]) by smtp.gmail.com with ESMTPSA id d7sm1096012qko.13.2021.08.12.04.19.08 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Aug 2021 04:19:09 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.51.21071101
Date: Thu, 12 Aug 2021 07:19:08 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: Deb Cooley <debcooley1@gmail.com>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, LAMPS WG <spasm@ietf.org>
Message-ID: <D25538B7-C8D7-4B89-9A5E-EA95FAD1BAE4@redhoundsoftware.com>
Thread-Topic: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net> <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com> <30546.1627850836@localhost> <CAErg=HHKL-E5yT0UnPKcLfMQU41iDg7GGgjsSXs3eRg8daJRkg@mail.gmail.com> <87wnp347iu.fsf@fifthhorseman.net> <1388.1627996026@localhost> <87pmuu42hf.fsf@fifthhorseman.net> <20862.1628113377@localhost> <656985A5-BED4-4BA8-9233-B3C93966016C@ll.mit.edu> <877dh03x35.fsf@fifthhorseman.net> <722a1f15-8ac8-54f2-3c7a-14c7ed92c6ef@cs.tcd.ie> <SA2PR22MB2537BB784F2327052238317FE8F29@SA2PR22MB2537.namprd22.prod.outlook.com> <FAEBE63D-1CCC-4F76-B064-BD2DD4F02357@redhoundsoftware.com> <f0ac754b-18c4-8fdb-fff3-4d8675a9cefb@sandelman.ca> <156EE38A-6688-435C-9191-8D577EDCA251@redhoundsoftware.com> <9843.1628180697@localhost> <2213A8F8-D7DA-458A-96A8-1EC9A43FE900@redhoundsoftware.com> <CAGgd1Of2-ztnfJJV90wxuEvewb6j759EYSBK=cQQPNUup7R8WQ@mail.gmail.com>
In-Reply-To: <CAGgd1Of2-ztnfJJV90wxuEvewb6j759EYSBK=cQQPNUup7R8WQ@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3711597549_1191283602"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/i17IPBqQ16ef_jvT-_B8tS5aFlA>
Subject: Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Aug 2021 11:19:19 -0000

Inline…

 

apologies for being late to this party....

 

Note:  everything here is about encryption keys:  

 

Hold on a minute.  All fine and good to say that 'a message be encrypted for each of your end points', but how does the RP get the public key for all of those end points?  

[CW] Therein lies the work to do.

 

not like we have a directory or anything. Do you want a signed message from each end point?  Who is going to do that? 

[CW] No, I don’t want a signed message from each end point nor is a signed message necessary, only the certs.

 

It won't work.  

[CW] This seems premature given “it” is not defined, but if the problem isn’t of interest as a pursuit right now that’s fine.

 

If the big directory in the sky had panned out, then one could push all the public keys you wanted to your directory entry.  A RP could encrypt to you including all of your encryption keys.  Is there another way?

[CW] I can have a mail server send an out of office note. Why can’t I have a mail server send a set of keys? Maybe for some well-known + appendage, as an example. I don’t know, as I am not saying I have a fleshed out an answer. 

 

Interoperability of private keys does matter.  

[CW] I did not say interoperability of private keys does not matter and I certainly have no beef with improving or replacing PKCS12. I only questioned why we were focusing exclusively on slinging around private keys and not on a way to avoid the need to do so especially with good hardware crypto modules available to most folks now. 

 

Key escrow of those private (encryption) keys does matter - so that they can be imported into whatever MUA you need.  (where you store the keys on that device is a whole other conversation).

[CW] I am not sure if escrow of all encryption keys matters or if it only matters that messages are encrypted for a key that is escrowed. Maybe the escrowed key isn’t on any end point that I use but simply corresponds to another key in the set of keys that should be used when encrypting for me.

 

PKCS#8 will do, as long as the MUA/device/whatever can match up the certificate w/ the key (sometimes not entirely trivial).

 

As far as signature keys/certs go - feel free to get a new key for every device, no problem... 

[CW] Of course, so can we get there for encryption too? Ultimately, I’d like to copy/export private keys around less and use end-to-end encryption more and this thread was in the general neighborhood of those two aims, hence my comment.

 

Deb Cooley

decoole@nsa.gov

 

 

On Thu, Aug 5, 2021 at 12:32 PM Carl Wallace <carl@redhoundsoftware.com> wrote:

<snip>

    I don't know how I'd use the TEE in my phone with my laptop/desktop for email.
    I imagine that one could run PKCS11 across the USB cable, but I'm unaware of
    any actual software to do that.  That sure would be a nice thing to do.
[CW] I was not suggesting that but instead that a message be encrypted for each of your end points. I'm not sure why we are clinging to one encryption key per person. Amongst the keys messages for you are encrypted could be the key that you printed out, for example. I am not suggesting we’d not benefit from improved private key formats, but am suggesting we may be able to do better than slinging private keys around in some cases.





_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email