IETF Logo Mail Archive

Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]

"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Thu, 05 August 2021 15:07 UTC

Return-Path: <prvs=785197536c=uri@ll.mit.edu>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5399D3A159E for <spasm@ietfa.amsl.com>; Thu, 5 Aug 2021 08:07:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Level:
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 63q7WHNeujZG for <spasm@ietfa.amsl.com>; Thu, 5 Aug 2021 08:07:25 -0700 (PDT)
Received: from llmx2.ll.mit.edu (llmx2.ll.mit.edu [129.55.12.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2ADE53A1599 for <spasm@ietf.org>; Thu, 5 Aug 2021 08:07:24 -0700 (PDT)
Received: from LLE2K16-HYBRD02.mitll.ad.local (LLE2K16-HYBRD02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTPS id 175F7LOF046521; Thu, 5 Aug 2021 11:07:21 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=FUd5gjEIRBHCwprWfBZtQ1TwRdJ1Ltro8vMz2/cyPkJJIPv1B9uDtEqQIeN9XmT7rH84n468pqf0dYn9YpklQUtwo6Ffi/dbxk6KmnPxeSJcPCHU+LhmwaPg0Z7mnvoRvSbp3aA/Q3CAzlPio/UJ7DTjHmpbvu9hsDXWmkmfHJl7wePDc95cCoGcDIbN+eD+aHoDGHvwqE2faxnGouLhPozMGplqNG4s/HQC5t+13OVKk9eqloAorw08u6o67eEifzk2P1o5io7HzbpXASKcawJV00uyITuSoKW7LMlyYdaggoC5doVv8GQbVyzD4L0FM8sSJFt0MyK/vSUdjKSg5g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EN8krexv1poTyvZPh5B9O1H+DA4+VmQRS/FX/gIOWQw=; b=wlOfh/dMQrz+qN1t+/3Md/b14vEG68u7aqN0l6RS8kGVcVD7+g+s0tNyoczRKMvevQdKxCAlT8WuCEnEd+OU33/vIjKeFK5hrSdEgSkv+L4PaHF07/rCgWQoc8Nj8GBFp0DFNLX9odZD0cLXy6Lmwzl9OnNKzhJX+1RkHlKG03tUBoWjyzlYVbusvKsrd/Qn8HcQ23dRWvpk1K8UAFTAPsw+MbRNWDbk9NIdVDloyASdlbLAqkN2xJsLIOQgcx1KjylFL81jcq2aHFP6689CQnoYfH2dg2TU+QOYI3D0OIDHdgQ/k3q9VwoNgoR9PqMTdihEH4szvIx7t41XFusnoA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ll.mit.edu; dmarc=pass action=none header.from=ll.mit.edu; dkim=pass header.d=ll.mit.edu; arc=none
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: Eliot Lear <lear@lear.ch>, LAMPS WG <spasm@ietf.org>
Thread-Topic: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
Thread-Index: AQHXifP4lFjmp2qTnEmKsxlDo3oh/6tkqeUAgABVIAD//8EqAA==
Date: Thu, 05 Aug 2021 15:07:15 +0000
Message-ID: <E1DA8A39-746D-4A21-B21B-5FF071933A69@ll.mit.edu>
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net> <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com> <30546.1627850836@localhost> <CAErg=HHKL-E5yT0UnPKcLfMQU41iDg7GGgjsSXs3eRg8daJRkg@mail.gmail.com> <87wnp347iu.fsf@fifthhorseman.net> <1388.1627996026@localhost> <87pmuu42hf.fsf@fifthhorseman.net> <20862.1628113377@localhost> <656985A5-BED4-4BA8-9233-B3C93966016C@ll.mit.edu> <877dh03x35.fsf@fifthhorseman.net> <E3BE69E5-937B-4A61-B193-9405AFAF9B2D@ll.mit.edu> <974dd485-a6c2-e19f-92c8-68d75b5c3b28@lear.ch>
In-Reply-To: <974dd485-a6c2-e19f-92c8-68d75b5c3b28@lear.ch>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.50.21061301
authentication-results: lear.ch; dkim=none (message not signed) header.d=none;lear.ch; dmarc=none action=none header.from=ll.mit.edu;
x-originating-ip: [129.55.200.20]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 05769b66-7ad1-47a7-7370-08d95822b659
x-ms-traffictypediagnostic: CY1P110MB0165:
x-microsoft-antispam-prvs: <CY1P110MB0165B6A029C727B093A23F6C90F29@CY1P110MB0165.NAMP110.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: em7toRtxBYtMFJ54u3biFU5zbZYinF2CY7xKO/T2+IogklO8DPetu4oXa+qa9K3eUBBqQCvpQNj4ZwNquPrAIE4NWoiCHSe0HJhRLVb0YuCGdedhh3aoDVzMU6rtDlTWiWTglXK1M1BrOi7vk3YYdFAkQCP+xJtV93cCrMntIOZwxJG4T8XCKb8m/jd8NJ+vu58KW1fUvPnF8ol7q2Yxw6yha56WtUv0n4jhgYYqD8Hz8DPetfS+PKHLQ8PYzd6aknS1JwwcwleyfS4/13odKD1Bp8xqmKAYD10whsYdugqz6enMY+wGuk/IDkdTbxSr3TBP7wHzd7A9Rfd9II7W/46dfrX8t85AGuwr7passDg4bJNHBaG2TaQrqkRv+e3rMKq6hkWZ99pVuOLS/8pXIO+4ZXaEeJHVgTEKZLlZI3OHTqsxhRSGUPvvsNAwHZCJpxsVus+J96OXGSn7yyQF05ye9AYBZexgSoplmerX64QN/DiLlM1zzw3aYT4uAwWvd7NYpRfUjAz7uxx2k8wJar+ej1v8gaJivzPexsbJPlZyr2gb95KgScNMPX1F8xy10fXnB5UdVq0yeF6dLjgPfoQYWk3iROYXXVUvsJtcBzWbVb22czZcjAh9dytNNpiHAUlDRFfFqDkROWo7UNuS+tWSDtQOpSkE9rUWYn3jkyLX9asyhxb5Nlg0WzluWzYtQk7bQ7qML1RRLoyA96FDgWqhzmp75Tmid2PP6xGk9C+FQpGkSIr/0+St461yMKdXqUqMkbT+BC/IwTahIoEwBw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY1P110MB0677.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(366004)(396003)(136003)(39850400004)(346002)(376002)(966005)(186003)(86362001)(26005)(38100700002)(478600001)(2906002)(6512007)(166002)(71200400001)(316002)(38070700005)(110136005)(2616005)(64756008)(76116006)(8936002)(75432002)(33656002)(83380400001)(5660300002)(6506007)(66616009)(66946007)(99936003)(6486002)(8676002)(122000001)(66556008)(66446008)(53546011)(66476007)(85893002)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nh4gnyHqZo+Zm3DHXxxcwxP9ioscYL48rRYnvyHEATAW62Emfm35DGFVAyUjvyVXXpZG5PBGuR7gr2xdnIxYVPBnB0JBcM1OsKTPZzq5XIVwdmjVbf0obctQ1kTLMFhaSqBRQmqhWsCQGJbTzHszjW90dO8MeTgwE4R09g5Wc7GjYGDczuXE9sA3h086mk/d560hGcZxJ/HFwwdLH9W6zTlNM2WclFvBdVkiUmU0ZCZc0dxTg6C1Q1dshTYhcyLug8icohyiVQCdBnfmG92kI7H4qOcis/Uy+uTyeGvncIiZyPpEnJcc5kJg/owx9UKAbHwhM/IM1rdYMoby2194jOqjKWXZT2OUxbhLKqYRPfX42TrKrpcxLggbQdkhuTuSnCx3lmJwLQoBQsokoaqn40fYgkq7IgC0XE2pl22VveP+ceAHkwFtTD6zC3WK0t/N7hHCFQKQmNpkQ1UYpMDLw/DFG/QG6uEStzszHMwwNn+m3TlEtXvMe0tC0GkFEWhwMQjUKfeKexWF/XCbTyeF07l3u036VZF7uES+Zwiep9b+rm13lTLYOeVwrtzNzGJi0MpGhA93dvetCrlTl2plld77fc6jO+/6FmdaVErxY3UQff3ASJihm9FTlFYLlHC7EYPGTeMCEE2rc5LleUcesZ4311PDHjExfO4mKCtvUKtSQ6Qhd79677XN7afOZjlvJevUQqr5E3x3UViUoiOXWw==
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3711006434_1139793522"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY1P110MB0677.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 05769b66-7ad1-47a7-7370-08d95822b659
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Aug 2021 15:07:15.9444 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 83d1efe3-698e-4819-911b-0a8fbe79d01c
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1P110MB0165
X-OriginatorOrg: ll.mit.edu
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-05_05:2021-08-05, 2021-08-05 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=912 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2103310000 definitions=main-2108050092
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/rFIbu6fjQMbWQtrea8AuVj17OAg>
Subject: Re: [lamps] On the need for standardization of software-based interoperable private keys [was: Re: draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)]
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 15:07:30 -0000

I REALLY hope not.  Are we REALLY struggling with that point?

Since in this discussion people repeatedly call PKCS#12 a “protocol”, I think that we do.

 

On 05.08.21 15:47, Blumenthal, Uri - 0553 - MITLL wrote:
Am I the only one who thinks there's a difference between protocols and data formats?
 
--
Regards,
Uri
 
There are two ways to design a system. One is to make is so simple there are obviously no deficiencies.
The other is to make it so complex there are no obvious deficiencies.
                                                                                                                                     -  C. A. R. Hoare
 
 
On 8/5/21, 08:18, "Spasm on behalf of Daniel Kahn Gillmor" <spasm-bounces@ietf.org on behalf of dkg@fifthhorseman.net> wrote:
 
    On 8/4/21, 17:44, Michael Richardson wrote:
    >     I would be happy if pkcs12 just died.
 
    On Wed 2021-08-04 22:28:17 +0000, Blumenthal, Uri - 0553 - MITLL wrote:
    > - PKCS#12 cannot "just die" because there's a ton of software that cannot import private keys, unless they're in .p12 or such.
    > - I concur that interoperation for private keys is nonsense.
 
    I think i understand the sentiment about wanting PKCS#12 to die, given
    what a disaster the implementations are and how poorly we collectively
    understand the format.
 
    However, i don't understand how interoperation for private keys is
    nonsense.
 
    Many people with e-mail accounts use multiple mail user agents to access
    the same account (e.g. one MUA on their phone, another on a laptop).  If
    those accounts are supposed to be able to use end-to-end secure
    communication then at least one of them needs to be able to export its
    private key material and the other needs to be able to import it.
 
    For myself, I only use a single MUA.  So my personal workflow would be
    entirely satisfied if we as a standards body were to declare that there
    is no interop need for private keys.  But if we want to ensure that
    end-to-end cryptographic protections are usable and secure for actual
    e-mail users, then we need to figure out the interop issues for private
    key material, even if each e-mail user only encounters this interop
    scenario once, as they provision their second MUA.
 
    The only way I understand S/MIME to work today is for all the MUAs
    attached to a given e-mail account to have access to the same private
    keys, at the very least for those private keys used for message
    decryption.
 
    Assuming that we want people to be able to read their encrypted e-mail
    in any MUA in which they read e-mail, the other two usable architectural
    alternatives i see are:
 
     a) private keys are only ever stored on a hardware token which moves
        between devices with the user.
 
     b) different MUAs use different private keys for decryption, and the
        sender of an e2e encrypted e-mail encrypts each message to *all* the
        encryption-capable certificates it knows about for the user.
 
    (a) still requires us to standardize private key interop, though it's
    more of the PKCS#11-style than PKCS#12.  And it requires work on
    hardware interfaces too.
 
    (b) is a major systems change, requiring MUAs to change what
    certificates they advertise for the user (each MUA *must* learn about
    the other MUAs attached to the account and advertise the corresponding
    encryption certificates as well), and all senders to adjust behavior by
    sending messages encrypted to multiple keys per recipient.
 
    Compared to either of these, standardizing software-based private key
    interop seems like an easy lift.
 
    I sympathize with the grumbling about it, but I'd hope that the experts
    in the IETF LAMPS WG can at least come to a consensus that there is
    value in standardizing interop for decryption-capable private keys.
 
           --dkg


_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://www.ietf.org/mailman/listinfo/spasm

v2.23.0 | Report a Bug | By Email