Re: [lamps] draft-ietf-lamps-8410-ku-clarifications: EE/CRLIssuer Text
Tadahiko Ito <tadahiko.ito.public@gmail.com> Mon, 06 June 2022 15:43 UTC
Return-Path: <tadahiko.ito.public@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0715DC15948B for <spasm@ietfa.amsl.com>; Mon, 6 Jun 2022 08:43:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hdQpP-2rdGb3 for <spasm@ietfa.amsl.com>; Mon, 6 Jun 2022 08:43:09 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 425C4C14F733 for <spasm@ietf.org>; Mon, 6 Jun 2022 08:43:09 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id z197so8435277iof.1 for <spasm@ietf.org>; Mon, 06 Jun 2022 08:43:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6xNnRU2Vi5REoeQHrkzYIMbg9ECEErnxua0tM4+gfPE=; b=PzAYGT70kNOJsZ9LXoJp/bMRO68kFHVxVz90H5+SZuq7rbKdL7SS+8qL4Hcif9qzFv 69aKTcEMS674nx2d3xZIl3ykL2WyBSwPBIIbZuHGWvO7Ank/tYorIRmnAqdrPel9YVAt tuH1X8wA6LWsRodSDQAa1DnpwG1qWRCb4aXNWZubD7AmqnpaNdBVV7UOBj6gSc6Jshnn HnaLfN+uv6ex5ZIyWdnzBHwyCox9Qgirw1Bz0miSQbYwiMZqJnX7vL4DdrIW0uDrK+xH MknRzuJyecIO69ZE4MUzlHX0G81ugn8Ktdw8MpydybDzhvOJ02vkky25gD3af+djDM3x KpzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6xNnRU2Vi5REoeQHrkzYIMbg9ECEErnxua0tM4+gfPE=; b=lZsZj3D7lzLqcesxouO3am/94kYqqt8Gjck3pmJhbNaXjniIMokzua7emTF9JhTd6l CLaRCBS76XD9JVg/QqOZn4rpxZUatl7aMd6uoQ3jH69YKugBku3vIlZiwt/bHNciIkc3 8PK6yjgs1nA4lyxBsmb0Hpgq45FK3DEYtsEEZCkgUnm/2neoxQVwPccrPxJ25oKo57YL 8PfqgoB+ZUTRRCgvUcgr/FRzxlczURwq96JuG+2/uFFZ5HMzT29LmK/ZyiWkV0wlKdAt tYYLGi6qw2Yt1zfsyEPRD8Guhw8l/SOFvEHYER1G1A/eAoBlE0Rejjsv+HBSXzOcKfhm 6N1Q==
X-Gm-Message-State: AOAM532woulIgShRipb/q2K6gG6TnlQuam3YchJLPEhWGBmizeIRnzft s5lQ8QA4KprFUK37kE1+c5ZHrA+CRj1FsXPcjow=
X-Google-Smtp-Source: ABdhPJytbZlg3vbMeFGlPh71o+x5FRH7koI/WbjsThbLOG9Nkn21a3uhidMq6KneDdZoI6HRVFNTKlF8yQUruYKv2mI=
X-Received: by 2002:a05:6638:2242:b0:331:8bfd:c864 with SMTP id m2-20020a056638224200b003318bfdc864mr7418299jas.214.1654530188594; Mon, 06 Jun 2022 08:43:08 -0700 (PDT)
MIME-Version: 1.0
References: <1C2C3B94-DA30-4DA4-BBF3-F7F873587F30@sn3rd.com> <CALhKWgha0RY880soan=jhfTL4FG0mrGhTrpBPvqkuLEvmQfmqg@mail.gmail.com>
In-Reply-To: <CALhKWgha0RY880soan=jhfTL4FG0mrGhTrpBPvqkuLEvmQfmqg@mail.gmail.com>
From: Tadahiko Ito <tadahiko.ito.public@gmail.com>
Date: Tue, 07 Jun 2022 00:42:55 +0900
Message-ID: <CAFTXyYB8BdGtn4ROnLUMBpz6J+1oj7JvCxY7K2fQ4pLUXhbjew@mail.gmail.com>
To: Jonathan Hammell <jfhamme.cccs@gmail.com>
Cc: Sean Turner <sean@sn3rd.com>, LAMPS WG <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000029544205e0c95433"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/mdzBkUGGCn_oPSoo4nFzYYC0iX0>
Subject: Re: [lamps] draft-ietf-lamps-8410-ku-clarifications: EE/CRLIssuer Text
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2022 15:43:10 -0000
Hi
As far as I understand, CA certificate and EE certificate are exclusive,
but CRL issuer certificate and EE certificate are not exclusive.
RFC5280 seems to allow CRL issuer certificate be EE certificate in same
time.
So, dividing EE cert, and CRL issuer cert may be confusing.
(well,, we can divide like non-CRLissuer-EE and CRLissuer-EE, but then
people may confuse that if there has been any change on use of KU flags.
Our only change is key encipherment and data encipherment. so for me, it
is better to write simple, and let people find change easier)
Instead, how about something like following change?
(Erasing description of CRL issuer certificate from first part, and write
as note on the bottom)
----OLD---
If the keyUsage extension is present in an end-entity or CRL issuer
certificate that indicates id-Ed25519 or id-Ed448 in
SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
least one of the following:
nonRepudiation;
digitalSignature; and
cRLSign;
and the following MUST NOT be present:
keyEncipherment;
dataEncipherment;
keyAgreement;
keyCertSign;
encipherOnly; and
decipherOnly.
----NEW---
If the keyUsage extension is present in an end-entity
certificate that indicates id-Ed25519 or id-Ed448 in
SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
least one of the following:
nonRepudiation;
digitalSignature; and
cRLSign;
and the following MUST NOT be present:
keyEncipherment;
dataEncipherment;
keyAgreement;
keyCertSign;
encipherOnly; and
decipherOnly.
Note that EE certificate for CRL issuer can have cRLSign and possibly some
other key usage bits (e.g., indirect CRL described in section 5 of
RFC5280).
--------------
Regards Tadahiko
2022年6月4日(土) 3:25 Jonathan Hammell <jfhamme.cccs@gmail.com>:
> Hi Sean,
> I agree with separating the cases of end-entity certificates and CRL
> issuer certificates. However, the cRLSign bit should always be set in
> the KeyUsage extension of a CRL issuer certificate. I believe this is
> implied in the following text of RFC 5280:
>
> If the keyUsage extension is present, then the subject public key
> MUST NOT be used to verify signatures on certificates or CRLs unless
> the corresponding keyCertSign or cRLSign bit is set.
>
> Therefore, aligning with the text for certification authority
> certificates, the following might be more clear for the CRL issuer
> case:
>
> If the keyUsage extension is present in a CRL issuer certificate that
> indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then the
> keyUsage extension MUST contain:
>
> cRLSign;
>
> and zero or more of the following:
>
> nonRepudiation;
> digitalSignature; and
> keyCertSign;
>
> and the following MUST NOT be present:
>
> keyEncipherment;
> dataEncipherment;
> keyAgreement;
> encipherOnly; and
> decipherOnly.
>
> ...
>
> Note that this allows keyCertSign for CRL issuer certificates, which
> seems to be implied by the certification authority certificate text in
> the I-D allowing cRLSign.
>
> Best regards,
> Jonathan
>
> On Thu, Jun 2, 2022 at 9:06 AM Sean Turner <sean@sn3rd.com> wrote:
> >
> > Hi! During IESG review we got comments from a couple of couple of ADs
> (3) about EE/CRL issue text (note this is NOT a DISCUSS but if we tripped
> up 3 then it’s probably worth having a look at):
> >
> > If the keyUsage extension is present in an end-entity or CRL issuer
> > certificate that indicates id-Ed25519 or id-Ed448 in
> > SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
> > least one of the following:
> >
> > nonRepudiation;
> > digitalSignature; and
> > cRLSign;
> >
> > and the following MUST NOT be present:
> >
> > keyEncipherment;
> > dataEncipherment;
> > keyAgreement;
> > keyCertSign;
> > encipherOnly; and
> > decipherOnly.
> >
> > One way to fix this is to make the following changes to separate out the
> EE and CRL issuer:
> >
> > If the keyUsage extension is present in an end-entity
> > certificate that indicates id-Ed25519 or id-Ed448 in
> > SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
> > least one of the following:
> >
> > nonRepudiation; and
> > digitalSignature;
> >
> > and the following MUST NOT be present:
> >
> > keyEncipherment;
> > dataEncipherment;
> > keyAgreement;
> > keyCertSign;
> > encipherOnly; and
> > decipherOnly.
> > ….
> >
> > Also ADD:
> >
> > If the keyUsage extension is present in an CRL issuer
> > certificate that indicates id-Ed25519 or id-Ed448 in
> > SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
> > least one of the following:
> >
> > nonRepudiation;
> > digitalSignature; and
> > cRLSign;
> >
> > and the following MUST NOT be present:
> >
> > keyEncipherment;
> > dataEncipherment;
> > keyAgreement;
> > keyCertSign;
> > encipherOnly; and
> > decipherOnly.
> >
> > Open to other suggestions as well.
> >
> > Cheers,
> > spt
> > _______________________________________________
> > Spasm mailing list
> > Spasm@ietf.org
> > https://www.ietf.org/mailman/listinfo/spasm
>
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm
>
- [lamps] draft-ietf-lamps-8410-ku-clarifications: … Sean Turner
- Re: [lamps] draft-ietf-lamps-8410-ku-clarificatio… Jonathan Hammell
- Re: [lamps] draft-ietf-lamps-8410-ku-clarificatio… Tadahiko Ito
- Re: [lamps] draft-ietf-lamps-8410-ku-clarificatio… Sean Turner