Re: [lamps] [CMP Updates] Hash algorithm to us for calculating certHash
"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Fri, 11 June 2021 13:22 UTC
Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 821FD3A379F for <spasm@ietfa.amsl.com>; Fri, 11 Jun 2021 06:22:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=siemens.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DgyiC_K5TGhh for <spasm@ietfa.amsl.com>; Fri, 11 Jun 2021 06:21:58 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2068.outbound.protection.outlook.com [40.107.20.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 899973A378B for <spasm@ietf.org>; Fri, 11 Jun 2021 06:21:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SWRigPVG0zZty7k+zQeDU5V/JzZ1igyhHsEBkt0Pspbl8Yb3zPyrUhIo+E/sWKcLmnX9e7IIYuVXwu3SnuYdpFeTs2sNmqvO927OnO9MM1icOPAxWjfz2Xi92WpB5ylKHWIlQjOCPgtPKGUJIj88lKR+jQR1ZpEi+9tqqNTh5ITW/7rKgw3YyD/TCjleFTA10mtinw5FjRkn0AjKXgeMjzhZXY+7MfgKeYRlMQZLDRpkTzEWY9srZrs8Ry07wvk9MGL9ILrkAmXxrfp2+7Uv/I+QnUHOlxv+4YCtZGkUVkHc82dWYaHGznUA9WDeCEyj9zSDj8turSappaLZWMh2Lw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DUcB23XyjJGFlYYsR2boF8PdzGJsmp4NO46mki2U8Jw=; b=a2yY6UVJTJxu4rzyZxooMD5EwI6CJ6qgLwq72tteg2mvnMTaJ3Rv0z3TP7BTHGFKH+tHCOEl6L5khwO2rdv7ewOT6/CLK14SOrIcxnLto1atxJk1Kqz0YOn5IdjAInqu9FNBJwA9uoqMGsbaGxuZI1BRb0v1k0wqkufb51wCRPdpoGNY08Wrsuv9z0ghjvpUd8q6JgmQg+RxtCjtASDJ/dG7WhCwhmzLJXhPJKnCYLubEd3JEys6Eve8HD1uXV39zE/+4ALjLGrfRxI3sTSbBiS+tDsOTnXzCGl1CG5JD/YODyAc2O1owc043wFuROxawLGwvW3ej/yZBSPoXPYd0w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.onmicrosoft.com; s=selector1-siemens-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DUcB23XyjJGFlYYsR2boF8PdzGJsmp4NO46mki2U8Jw=; b=bCNeL++KirfL64Dt57SFa03lEf4D+TRVB3zPbQKAx2OuciVwI89uOLFbd7txkbp11dt44eVVyAqdPYbv1uFxuECeKxUw6006uN9/ca5L0sUVBSGaeIy2G18CEyZagaqrT/XeL/sLGh2DGlNlQ/G0oH4Tb53uuB6CHkQziQ1hvL0=
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:208:dd::17) by AM9PR10MB4198.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:1ce::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.24; Fri, 11 Jun 2021 13:21:55 +0000
Received: from AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d10f:2627:bd2d:f3b4]) by AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM ([fe80::d10f:2627:bd2d:f3b4%6]) with mapi id 15.20.4195.030; Fri, 11 Jun 2021 13:21:55 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Russ Housley <housley@vigilsec.com>, Lijun Liao <lijun.liao@gmail.com>, LAMPS WG <spasm@ietf.org>
CC: "david.von.oheimb@siemens.com" <david.von.oheimb@siemens.com>
Thread-Topic: [lamps] [CMP Updates] Hash algorithm to us for calculating certHash
Thread-Index: AddceUVg9PxwdNejS6OabHeKscwR6QABS1KAADHFalAAX7CF8A==
Date: Fri, 11 Jun 2021 13:21:55 +0000
Message-ID: <AM0PR10MB24180B8830DE52C665D631D9FE349@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
References: <AM0PR10MB24188C86D787842B2C7D9DD6FE379@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM> <783FEFC2-CE5C-430C-8243-F4B80290C80A@vigilsec.com> <AM0PR10MB2418EB88CECDE3315B7388B1FE369@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <AM0PR10MB2418EB88CECDE3315B7388B1FE369@AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2021-06-11T13:21:54Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=6416507e-8699-4543-bd9f-eefbc1a3820f; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=siemens.com;
x-originating-ip: [147.161.169.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 330fc941-caf4-42a5-26c3-08d92cdbe282
x-ms-traffictypediagnostic: AM9PR10MB4198:
x-ld-processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM9PR10MB4198A109B7DADFE4051B2B81FE349@AM9PR10MB4198.EURPRD10.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NCK3aeYbSVVjWAWFiHDNRDZE9SGch7fLNEwUh+fzAK5RmUrqtcEVqB+oJhop5fuoLKqjevbv0qPFijCg3bf7eCEzILgCdqZrcDjKYQlb+r71PJYNg6NKdIVAAXxhjnHD8FVx0J43lswIHiyILml7c1p8d1xsqVhlUhdLMQwNWP9wRJeS1/rNXJ3pP74bnA7yPKnE6ag6Z7gF1zw65Nd8SIEq1Hwu4o4vQOoipavLdvTzx1A6sqS8z3vzNuiDBVNvZklDt2UwiLv7sG3hiJ9noNjRi+HbKQDhHwZcAYCWik1a3ZJ8HVYfz8DlGAMhZS04bD94hOBG2GJjtccGhJl5vwpvKMmvYb1xnLNfnxyWyWcF89/AMGHMUHdzRW4iHyzoI+g6LKAKVl2iVNAs79DVgN6EBUg0wckozF2p80Mi5CdM02eLJZrAd0y3li8AuuBs0ASuUZrh/PplU8yX1jvV5D5XvXNgjZ9v3m9r3RFzo11bTnDfhfBb61rEBKmRvlHx2XdIcVteZkSpnc5w/lNZmnZ+hu+Lhmq6WsvV3fjTutZERQGpkA04jeIWjzpKMBKPXMLkKARawMD5U6r3V6owkVhtagqzhmQwtUSApvUuFkWsbqxq0UCzyjIRmCpWjgbEQCP0VamGsDYcqeNzdpbMgalnCQyuQCmTGx1UyRYo4nhTlIVzQmfOu6I+MvtFf1VWdFm2MFDF9rkp/2LgU77iXiq8aNuKaD+kvKs3lubII20=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(366004)(396003)(39860400002)(15650500001)(83380400001)(2906002)(186003)(4326008)(122000001)(66476007)(8676002)(33656002)(110136005)(316002)(55016002)(86362001)(52536014)(966005)(107886003)(5660300002)(8936002)(7696005)(478600001)(26005)(66946007)(64756008)(66446008)(9686003)(76116006)(66556008)(6506007)(45080400002)(38100700002)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: DfKEPeXpke/ASxZkQH6eTrVdqx3I+69CZo47l5r1lpf3m7aglpDaYB9txe5w+kQRn1HorS2ZDI9F6afLlMktBoiVUPel/PprOSUAG2ozRFHDslbatVACdIUIxJt7BBoD+RB0PdJaY42Hp11CEnoVEybOsStwQ6LD4wmftKwij+IKOKYKtW1uWi1Vd+3kfL0qb8mI4sWn/OJy+F4tweXPcedDEoiUPXJQ/TfNshSYAAOrmcb8plohxPvdqrF1MeD14Oigp/ll/WHlF4VxSlxQ0BwFP2a/FD44Zhxw5sxLPX03K3Qdh4khRJ8ayf9cS8tLY9CO/tAca7rs067aya1o11k2awYzsvSWV22DLymstWVOvqcngg0Ir+scZd9Gqi93GjK44vjxzNnxlQPDzOYdJFxAifM4Hpjg0JgQgEmJT9bxOy8XER/2dnJ7mBS3I/D21UONgiTZkbjX/p11v7OqIZCXkkOIGtJ0WRQ767gZNlUTnaKtzyti6yRapobJm/py5KQZxYQI/AV2sezDhwZa8e6K4lxrfVbuKYtElTmjrJjGwZSjYPm+Y23F6m8fWWSbg/ZGv2t00o26/COHsb4rVRKKJoeaCMrNlSLQIj9WDsIUMTj0eTPYzKut4V5MKb2Iq3pT31DmvONbzY7Qn/VNoEjEu8k+Dvlosy8mGk1MIcVsMkHN4gn64EMwEe+Vtm2l+99xMTEZufpy6sbZgQB6E/JpQaD6WWGSwGhaWGmBhVyj58GoUTymdjsjTXZAhhNubxn0SzHAk60Fcx+qD9JOV3eWU/PEWwrVTTDn6NuqS0SzaZ5p76H48hGNzvUMiJ/RWECYZGxyqe41+IYF3YIlhKq9NZG3Dw6IHDcs+69FXlIcF9bOPvR/jLBYqzi2Jf6n7PuLpfTB7AuzjyS1J0h6pSEyd8Ag71ETWYHnuLvuqoV1RR7I/EjCBj+RvRqGdFJ+lzmTBpTSWSeImm/xctpIOGfXHwk/M/TMn9/2AXkjtZhOSXacDrVRGzkjdhecd/2cg99ioH+hv3pwkX/uuy/WDPUm2SVvLAtWjeYduz3bcA+k3CwuCHR0cS3DBE06sVi8eVqx/JPWpfAbJ7HX0QzDf9peb4KoOOmweCrXqYfhlLdmT7dZdUTqmuoS1SAmjYRL+HxSsQ+bk64iOKTuPJopsGjwC/tsigPwLILx47c3wqM/sTvpQIWS+YF7OoMwLcAbbKbteUXYlotcaqPRsfDgJqhMlmSySGmmVk6Dos+zYlY7kNwkClD3QfHrY5iahtuCDVFlV96k7kVG8E1lEWEhLUF2AbRkd/e47SWuJAbhXPNfMYHfNaU2MbzO/LzGPalP
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR10MB2418.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 330fc941-caf4-42a5-26c3-08d92cdbe282
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jun 2021 13:21:55.8636 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vcRTfK4yhVNwr76SklmCGbDQr152R9XY6juL3fR5wMFC1LvjfNi2zHDB5BdnlsQA/dSrLbdGx8+ujBuH6BAQkrjRcVYXxmuPbGmqe73pAIg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR10MB4198
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/srEdf2IsIc0wIqQMm-wROxshPiQ>
Subject: Re: [lamps] [CMP Updates] Hash algorithm to us for calculating certHash
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jun 2021 13:22:05 -0000
If there is any further feedback to this from the WG, please let me know. If not, I would include the section into the draft and submit an updated version. Hendrik > Von: Spasm <spasm-bounces@ietf.org> Im Auftrag von Brockhaus, Hendrik > > Russ > > Thank you for this suggestion. In the meantime, David tested the backward > compatibility of this approach. It works fine. > > > Von: Russ Housley <housley@vigilsec.com> > > > > The 3rd choice seems to be the most future proof. You can add something > like: > > > > CertStatus ::= SEQUENCE { > > hashFunc [0] AlgorithmIdentifier DEFAULT sha256Identifier, > > ... > > This was the solution David and I discussed as well. But we called the field > hashAlg, like in OOBCertHash. > We feel the DEFAULT is in conflict with the CMP V2, that determines the hash > algorithm from the signatureAlgorithm field of the certificate to be confirmed. > We also tried to prevent to specify fixed algorithms in CMP to be crypto agile > and prevent future updates. Therefore, we propose not to use the DEFAULT. > @Liao, using this approach, you would need to specify SHA-512 for certificate > signed with Ed25519 and SHAKE256 for Ed448. I would add a note on this to > CMP Algorithms. > > > > > That said, this would introduce another place where the CMP protocol > > version comes into play with the ASN.1 parsing. > > You are absolutely right. > > > To introduce the hashAlg field, we propose to add the following section to CMP > Updates: > > ---------------------------snip--------------------------- > 2.10. Update Section 5.3.18. - Certificate Confirmation Content > > This section introduces an optional hashAlg field to the CertStatus type used in > certConf messages to explicitly specify the hash algorithm for those certificates > where no hash algorithm is specified in the signatureAlgorithm field. > > Replace the ASN.1 Syntax of CertStatus with the following text: > > CertStatus ::= SEQUENCE { > hashAlg [0] AlgorithmIdentifier OPTIONAL, > certHash OCTET STRING, > certReqId INTEGER, > statusInfo PKIStatusInfo OPTIONAL > } > > The hashAlg field SHOULD be used only in exceptional cases where the > signatureAlgorithm of the certificate to be confirmed does not specify a hash > algorithm, neither in the OID nor in the parameters. In such cases, e.g., for > EdDSA, the hashAlg MUST be used to specify the hash algorithm to be used for > calculating the certHash value. Otherwise, the certHash value SHALL be > computed using the same hash algorithm as used to create and verify the > certificate signature. If hashAlg is used, the CMP version indicated by the > certConf message header must be cmp2021(3). > ---------------------------snip--------------------------- > > Any comments and feedback on this proposal from the WG is welcome! > > Hendrik > > _______________________________________________ > Spasm mailing list > Spasm@ietf.org > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf > .org%2Fmailman%2Flistinfo%2Fspasm&data=04%7C01%7Chendrik.brockha > us%40siemens.com%7C8a0703abedbe44504c8d08d92b5fec60%7C38ae3bcd957 > 94fd4addab42e1495d55a%7C1%7C0%7C637588513262560559%7CUnknown%7 > CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ > XVCI6Mn0%3D%7C1000&sdata=PTvMzW780CJ3gNrZVhPiRZX%2BwzA7LXIo > LQcLQkgJk%2Bk%3D&reserved=0
- [lamps] [CMP Updates] Hash algorithm to us for ca… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Lijun Liao
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… David von Oheimb
- [lamps] Fwd: [CMP Updates] Hash algorithm to us f… David von Oheimb
- Re: [lamps] Fwd: [CMP Updates] Hash algorithm to … Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Brockhaus, Hendrik
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… Russ Housley
- Re: [lamps] [CMP Updates] Hash algorithm to us fo… David von Oheimb