IETF Logo Mail Archive

Re: [lamps] examples in lamps-rfc7030-csrattrs

Michael Richardson <mcr+ietf@sandelman.ca> Sun, 09 April 2023 02:39 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A18B7C15153E for <spasm@ietfa.amsl.com>; Sat, 8 Apr 2023 19:39:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FHrq_x1suXet for <spasm@ietfa.amsl.com>; Sat, 8 Apr 2023 19:39:29 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E740C151532 for <spasm@ietf.org>; Sat, 8 Apr 2023 19:39:29 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 4B14D3898C; Sat, 8 Apr 2023 22:56:17 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id E56trC6ckZcJ; Sat, 8 Apr 2023 22:56:16 -0400 (EDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:1c14:eaff:fec3:b3c7]) by tuna.sandelman.ca (Postfix) with ESMTP id 018913898B; Sat, 8 Apr 2023 22:56:16 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1681008976; bh=jhotiFRziIusXYP1Cdi5dVlpXqSaw/eUifeZlP7SKFo=; h=From:To:cc:Subject:In-Reply-To:References:Date:From; b=MiZWAqa7Qw/v9SCTGPw2B5RcebE9BfCEuwpyQXeoDzR5LPHXAPEFQ3B54ys5/1+sH B7wqG12uos0HRb7GU3GtL7itFy2SnRM8BgXGW4DmjZSs+vibL8WXY9HJqhKblo8TyK T0iVoDkYHceArqe0MsVSceGPrQFjqNqXfzoF6znu9wHKjjGAJ7+++YfEPbIouYcBwD ovupfMdwlvKVDdssW951pEON30ROB4jAtieop8SKgv1Q6XOuE/DXtOTHhFHX08OjLb VZHNwtxesWuPdh7GHymqSUtoVdnXiFsj3LOHwRJhj8HSOuSwOsu8WvRKN68tZ2QCou f4sZKP1Hy+qXA==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 55446199C; Sat, 8 Apr 2023 22:39:26 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Corey Bonnell <Corey.Bonnell=40digicert.com@dmarc.ietf.org>, LAMPS WG <spasm@ietf.org>
cc: David von Oheimb <David.von.Oheimb@siemens.com>
In-Reply-To: <DM6PR14MB21867A3B153FEC78FEE4C18192569@DM6PR14MB2186.namprd14.prod.outlook.com>
References: <12352.1657505901@localhost> <ada963a796ca3fafb42a29751020ff4326fd2a1e.camel@von-Oheimb.de> <563732.1659120308@dooku> <36c409c2-ab92-4ec2-6f1e-235652a243d9@siemens.com> <56a8af3a-63f2-5f19-62d9-59469ab678bf@siemens.com> <811228.1664555888@dooku> <DM6PR14MB21867A3B153FEC78FEE4C18192569@DM6PR14MB2186.namprd14.prod.outlook.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 08 Apr 2023 22:39:26 -0400
Message-ID: <28080.1681007966@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/yJ8EcbBRN6Uzn5_4QigJ6PvEOZA>
Subject: Re: [lamps] examples in lamps-rfc7030-csrattrs
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Apr 2023 02:39:33 -0000

I'm sorry to take so long to get back to you.
other priorities have kept me away from this work.
I very much appreciate your time to help me get this right.

Corey Bonnell <Corey.Bonnell=40digicert.com@dmarc.ietf.org> wrote:
    > Hi Michael, It appears that the example in the -01 draft has a few
    > issues, mainly surrounding implicit/explicit tagging and level of
    > nesting of SET/and SEQUENCE elements.

Yes.

    >   0 104: SET { 2 102: SEQUENCE { 4 9: OBJECT IDENTIFIER

I'm finding the top-level SET confusing.
I implemented a parser for your example, but...

However, it's not at all consistent with the examples we have in RFC7030, or
the ASN.1.  Section 4.3.2 has some encodings that we said we wanted to
maintain.

The document has a SEQUENCE of CsrAttrs, while you have a SET at the top.
Is there something I'm missing, or is this a typo?

(The document has expired, alas, so I've reposted it again, mostly unchanged.
Well, it might not even reflect all the discussions as yet.  Maybe I have
unpushed changes somewhere)

--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email