Re: [Spasm] certspec work (draft-seantek-certspec-06.txt)
Wei Chuang <weihaw@google.com> Wed, 15 June 2016 21:21 UTC
Return-Path: <weihaw@google.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9311312DBE3 for <spasm@ietfa.amsl.com>; Wed, 15 Jun 2016 14:21:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 72naUd_Q04kw for <spasm@ietfa.amsl.com>; Wed, 15 Jun 2016 14:21:31 -0700 (PDT)
Received: from mail-oi0-x231.google.com (mail-oi0-x231.google.com [IPv6:2607:f8b0:4003:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6F0C12D9A5 for <spasm@ietf.org>; Wed, 15 Jun 2016 14:21:31 -0700 (PDT)
Received: by mail-oi0-x231.google.com with SMTP id d132so40044310oig.1 for <spasm@ietf.org>; Wed, 15 Jun 2016 14:21:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=VUSuOwItjKBTcstNBmrQSGBK1y8ZeOPz9ajo2+ubf8U=; b=fOzpltVuIQIEk9aGzx2ZZnUzRJA20+zRg77ziZhRLL3TtoXLiWBQrCHtPfFgnYBcq0 hMztP5AhnxCA7Gr//BH5XT6SVsWnuZy3hcLorPgBk8klUiLryDX0QofFzsofHjQhilQr IQRW+lJ+cETbn0D6MaOPCgnUqua30iBR7/DEuzstxOlSIWbUjkmySf571ymD8BXpNndm 2ZlLVku+dy4D+g78eTK/8holo2c3Qp5Wav3ZDTbeqGukR3Jj3z5ZqDKFKA5DgpUKOFmB 1a/Ve35gzcaeOmZrzO7vzMz4w3yGt6/E9YuF3K1RSv8KImoGIJ6gw9QdQQ0oRl0+JWdo Z4kA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=VUSuOwItjKBTcstNBmrQSGBK1y8ZeOPz9ajo2+ubf8U=; b=PhuIrQoZSpUYh2cgUgX2gj9EPJbwkT7Pc3LD9wpWnqwoABSA3hkhlO6HLOe3pT/aaI qZqN5CzmwQwyWOYJrArycbeZQvJC5IqUbi3p3Z19oIU3KNrS1c+ku9X87r+x7VU0nwFk WT23ZtHDYwYt73e+Z/FJh7RL0TZJKbmt6lmfAuQe2TJUa/KHGjl3sYPnf4/JiHGrcDVQ UqwYjueMcTRL+JbRXoLVtdg0jCT0E3Rnj0mC6kkSZK0olWiuosn73EwgrRbCcuITdScg LDryhvJT3/Q6QzkmTmcuwcuVZY90FLtKJqb1HfT+d20VrmRrqO64RjaChEE07c6M/oFl J41g==
X-Gm-Message-State: ALyK8tKZntbG/tcysW33Vlyq46xoLqo0+YqV9hm2nUqQpxOQw1V+WGH9TsAbWaXfGy80ZR8inS68s2nIMSUJP0G5
X-Received: by 10.157.11.9 with SMTP id a9mr524952ota.10.1466025690562; Wed, 15 Jun 2016 14:21:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.27.139 with HTTP; Wed, 15 Jun 2016 14:21:29 -0700 (PDT)
In-Reply-To: <ad9589bf-1e63-cb93-4ed9-613e7299a53c@seantek.com>
References: <20160608161629.19935.86198.idtracker@ietfa.amsl.com> <f7c50b01-9d68-11ac-c343-9ffff7dbf143@seantek.com> <CAAFsWK1C4n-9rx+zCr+ig6of3XA=shE1HnvkTyJ6wfVp=BOJPw@mail.gmail.com> <ad9589bf-1e63-cb93-4ed9-613e7299a53c@seantek.com>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 15 Jun 2016 14:21:29 -0700
Message-ID: <CAAFsWK0btFp4N3q_WYV0_snvWh6CO-HEBhPqDy=tCfJ6WY4ovg@mail.gmail.com>
To: Sean Leonard <dev+ietf@seantek.com>
Content-Type: multipart/alternative; boundary="001a113ddce284dc10053557b4ee"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ukDf7bbGWpNYu4FRhMgfdQ4SnAw>
Cc: spasm@ietf.org
Subject: Re: [Spasm] certspec work (draft-seantek-certspec-06.txt)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 21:21:33 -0000
On Tue, Jun 14, 2016 at 2:03 AM, Sean Leonard <dev+ietf@seantek.com> wrote: > Thank you for the feedback. Based on time, I will respond in multiple > e-mails, and out of order... > > On 6/9/2016 10:49 AM, Wei Chuang wrote: > > Just some thoughts about this draft: > > > 5. Can more motivation be provided for attribute section 8? > > > Okay. Well I am not sure if more motivation needs to be provided than the > first paragraph: > > A certificate can have additional attributes (i.e., metadata) > operatively associated with--but not intrinsic to--it. For example, > the additional attributes may represent preferences. The syntax is > intended primarily to convey certificate metadata such as attributes > found in PKCS #9 [RFC2985], PKCS #11 [PKCS11], PKCS #12 [RFC7292], > and particular implementations of cryptographic libraries. > > However, I suppose that I can provide some backstory. > > Many certificate owners (taken broadly, I mean users and systems that > actually use certificates on a semi-regular basis, and that hold the > corresponding private keys) have preferences attached to those > certificates, much like SSH key owners attach metadata to their keys. > "friendlyName" is the obvious example. I'm pretty sure all of us around > here name our SSH keys certain things, like "use this with foo server" or > "generated on my Mac Mini in June". An SSH key's filename also constitutes > metadata; ditto for certificates, although certificates with private keys > tend to get serialized as PKCS #12. I needed a way to store the friendly > name of a certificate, which is a piece of information that people care > about but can change more-or-less at will. It has security implications to > the extent that it's shown to users, or used as a basis for certificate > selection. Some Mozilla NSS-based workflows identify certificates based on > the friendly name (NSS calls it "nickname", but uses the same construct). > > For S/MIME purposes, there's also smimeCapabilities. Smart clients are > supposed to cache smimeCapabilities and track them over time: see RFC 5751 > for discussion. Of course, not many actually do this. But for tracking > purposes, associating smimeCapabilities with the corresponding signing and > encryption certificates of messages makes sense. > > Manipulating X.690 (BER, CER, DER) is not practical, so we need a textual > format for these attributes that does not reinvent the wheel. friendlyName > is straightforward: it's just a string, suitably escaped. LDAP string > encoding provides some escapes so why not use that. smimeCapabilities is > more complicated, so in order not to reinvent the wheel, one can just use > ASN.1 value notation directly to get the job done. I threw in the other two > from PKCS #9 (localKeyId and signingDescription) for completeness and > because they have trivial LDAP string representations. Other attributes are > in use, particularly in PKCS #12 blobs, but those attributes tend to be > vendor-specific. > > What draft-06 calls "certattrs" could easily just be "pkixattrs" or > "cmsattrs", since they all are drawing from the same attribute space. I > suppose one could go even further and specify an LDAP string format that > applies to any SET SIZE (1..MAX) OF Attribute. I thought about doing it but > didn't go that far in certspec-06. > Thanks. > > > 4. Another naming method I'm aware of is CRLSets used in Chromium: > https://dev.chromium.org/Home/chromium-security/crlsets > This might be something to consider and possibly mention in section 6 "Other > Certificate Specifications". > > > Wei, can you provide more specifics on what you mean when you say "another > naming method": do you want a way to identify CRLSets, or are you asking > for documentation on how CRLSets identify certificates? > This is another technique for identifying a certificate. I point it out for completeness in case its useful. I believe its advantage is that its supposed to be compact, and general. > > I am only somewhat familiar with CRLSets, but I was under the impression > that an entry in a (the) CRLSet identifies a certificate by one of: SHA-256 > fingerprint, SHA-256 hash of the public key (SPKI), or SHA-256 hashes of > one of the former two split up into a Merkle tree. > I believe its simpler than that. Its the SHA-256 hash of the issuer SPKI and the certificate serial number. I don't recall it being tied to Json (but I could be wrong). -Wei > I also was under the impression that CRLSets are encoded in JSON and do > not have a canonical encoding form: because of this, it's difficult to say > that a CRLSet can be identified by a cryptographic fingerprint in any > reliable way. > > Best regards, > > Sean >
- Re: [Spasm] certspec work (draft-seantek-certspec… Wei Chuang
- Re: [Spasm] certspec work (draft-seantek-certspec… Sean Leonard
- Re: [Spasm] certspec work (draft-seantek-certspec… Sean Leonard
- Re: [Spasm] certspec work (draft-seantek-certspec… Wei Chuang
- Re: [Spasm] certspec work (draft-seantek-certspec… Wei Chuang
- Re: [Spasm] certspec work (draft-seantek-certspec… Sean Leonard
- Re: [Spasm] certspec work (draft-seantek-certspec… Sean Leonard
- [Spasm] certspec work (draft-seantek-certspec-06.… Sean Leonard
- Re: [Spasm] certspec work (draft-seantek-certspec… Stephen Farrell
- Re: [Spasm] certspec work (draft-seantek-certspec… Wei Chuang