IETF Logo Mail Archive

Re: [stir] Choice of STIR signature algorithm

Chris Wendt <chris-ietf@chriswendt.net> Tue, 10 May 2016 15:23 UTC

Return-Path: <chris-ietf@chriswendt.net>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C725812D726 for <stir@ietfa.amsl.com>; Tue, 10 May 2016 08:23:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=chriswendt-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CJh2nJFoYzpm for <stir@ietfa.amsl.com>; Tue, 10 May 2016 08:23:27 -0700 (PDT)
Received: from mail-qg0-x236.google.com (mail-qg0-x236.google.com [IPv6:2607:f8b0:400d:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D599E12D728 for <stir@ietf.org>; Tue, 10 May 2016 08:23:12 -0700 (PDT)
Received: by mail-qg0-x236.google.com with SMTP id 90so8235369qgz.1 for <stir@ietf.org>; Tue, 10 May 2016 08:23:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chriswendt-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=t49TVAJ6f6Ishln7Hlte8hm53KJcmYmCJTz23oyLPoY=; b=qszNPkWoA3Nb9jOHhM9+NZ4Wn0vCgn1kS0djMTV1EdXowYyCUoXQuB7K1T7Mf0wwPu 0Byxrcg0j/F4QnHoCH+D8Zu/M1UvvCPEYmlI6tVgu9jFGA0bg9sZkswwmlKg8vqepfSC +Obh9Y3PHA6YhT0DxmGx+V9RUwnQeiPJrvGsUoZXV1oqf25XLedgrsi3DzYpt/vd/KzA hN88HTX5gNbpJ/3sVn3bZpep4EdvS2soh4p5ICyrsjssJcea+uaEqfi/+NZ7fD7++oq1 glOO6zdwRz1LR+9cFtKzJocuk8v9mcVQ3EJl1Rm7JhNvl5GofX3lG3BF2Omng2/Jk1BU 2EpQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=t49TVAJ6f6Ishln7Hlte8hm53KJcmYmCJTz23oyLPoY=; b=mCO87cdFhbwePUME58nsRL/Hcva/kk+qK9CIZNWH/jxNPMl8hVf6lSGLXGYYNOaNVD L05ayYlFLogMrSTS0NQRi37jsa+kQltj8Iw08tYWPnPiORsoGCech2gwTsPwAn/wC9HS 1hnFeO+dfAHMBCQClMImue7MYiW1UiZmM+WWDjsP2O6LODsDj6LgEqIFacTJcwzyZUvg /lOlTxtWsXfhfOxWQ9vGa1Tz3i9YQX4gKUr3uU3+utyjawHjKcfOhd6rxAglmvHQU0Nm /o8D03lVrZmh4YdeknDuKOkYuomSlAmAfA7gXNwzLELjbAvE7J4j9lGxgFQdItK3ok3e JE4A==
X-Gm-Message-State: AOPr4FVFYbI7mgAu0upTspX7wGl1ODGF83ZIN4SSM7NvHQVJeWOPBTzG1AD/h7Trt1PHIw==
X-Received: by 10.140.174.86 with SMTP id u83mr42480845qhu.35.1462893792002; Tue, 10 May 2016 08:23:12 -0700 (PDT)
Received: from ?IPv6:2601:a40:100:d3:a8fa:c4a3:35b2:fe64? ([2601:a40:100:d3:a8fa:c4a3:35b2:fe64]) by smtp.gmail.com with ESMTPSA id o130sm1112199qho.17.2016.05.10.08.23.10 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 10 May 2016 08:23:11 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Chris Wendt <chris-ietf@chriswendt.net>
In-Reply-To: <F8402E76-F28D-4B3D-8490-B773CD9A96F3@standardstrack.com>
Date: Tue, 10 May 2016 11:23:09 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <C1273626-EB98-4D20-8198-611143D31E76@chriswendt.net>
References: <D32953D1.4770F%john.mattsson@ericsson.com> <1A843300-AEB7-4EC6-8256-C88F6847B82E@neustar.biz> <D329995E.477D9%john.mattsson@ericsson.com> <A3723DBB-476C-4F22-95E0-37AE0872FBBD@shockey.us> <F4F09888-780B-4725-9A74-AD2EF661C5C0@vigilsec.com> <0DD82221-E79D-4F15-B2B5-93165EC98919@shockey.us> <570534D4.6010707@nostrum.com> <5195FEBC-8395-4E77-B768-2B2D81144121@shockey.us> <56DF2D20-9381-45CB-8057-6B1AB99B05E9@chriswendt.net> <BB4B8171-BF3E-4D3F-B81B-73AC9768ED75@shockey.us> <D3316C0C.485E4%john.mattsson@ericsson.com> <2EC06927-2614-491E-A499-C86ABB30573C@chriswendt.net> <26AE9662-B919-4B22-AFF8-45CF351AA03F@vigilsec.com> <2C466A8A-D638-49AE-9698-699D67762FF1@standardstrack.com> <EED4C512-B57C-47EC-9CE4-07C64365D246@vigilsec.com> <F8402E76-F28D-4B3D-8490-B773CD9A96F3@standardstrack.com>
To: Eric Burger <eburger@standardstrack.com>
X-Mailer: Apple Mail (2.3124)
Archived-At: <http://mailarchive.ietf.org/arch/msg/stir/fIe3qj5ciIUhBPYBB2qtxzDdF6w>
Cc: IETF STIR Mail List <stir@ietf.org>
Subject: Re: [stir] Choice of STIR signature algorithm
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 May 2016 15:23:30 -0000

+1

> On May 9, 2016, at 5:31 PM, Eric Burger <eburger@standardstrack.com> wrote:
> 
> Sounds good.
> 
>> On May 9, 2016, at 4:37 PM, Russ Housley <housley@vigilsec.com> wrote:
>> 
>> I would rather be a bit more granular.
>> 
>> 	MUST support ECDSA for PASSporT signatures
>> 	SHOULD support RSA PKCS#1 v1.5 for PASSporT signatures
>> 
>> and
>> 
>> 	MUST support ECDSA for certificate signatures
>> 	MUST support RSA PKCS#1 v1.5 for certificate signatures
>> 
>> Then, we should say something to product planners that at some point in the future, we expect support for RSA to be downgraded.
>> 
>> Russ
>> 
>> 
>> On May 6, 2016, at 10:18 AM, Eric Burger <eburger@standardstrack.com> wrote:
>> 
>>> FINALLY, a cogent *engineering* reason for needing RSA.
>>> 
>>> How about:
>>> 	MUST support ECDSA
>>> 	SHOULD support RSA unless you know you will not need it
>>> 
>>> Rationale:
>>> ECDSA is ubiquitous today. ECDSA has lots of deployment advantages. Pretty much everything else s*cks in comparison.
>>> 
>>> However, especially for delegated certificates, there is a chance that one of the intermediate certificates will not be signed with ECDSA but with RSA. As such, if you know you will be deployed in such an environment, RSA is OK.
>>> 
>>> I would also suggest putting in a toxic waste warning in the document that the support of RSA is *not* a built-in downgrade attack. This is something that is covered by policy, not necessarily engineering. As such, a note to the implementor suggesting that if they know they should only see ECDSA (or better) signatures, they can feel free to reject an INVITE signed with RSA, even if it looks legitimate.
>>> 
>>>> On Apr 12, 2016, at 4:57 PM, Russ Housley <housley@vigilsec.com> wrote:
>>>> 
>>>> 
>>>>> I don’t know why so much of the discussion during the Tuesday meeting was
>>>>> about root certificates. As Eric pointed out on the mail, it is not hard
>>>>> to get a ECDSA certificate as Digicert, Entrust, Globalising, Symantec,
>>>>> Certicom, Comodo, and soon Let’s encrypt will happily give you one. As
>>>>> Russ pointed out most (or all) of these ECDSA certificates will be signed
>>>>> by a RSA root certificate. But root certificates and verification of the
>>>>> credentials seems to be out of scope of STIR and does not affect the
>>>>> PASSporT object. As far as I understand, the only thing STIR should
>>>>> specify is verification of the PASSporT object.
>>>> 
>>>> We will need to say that the validation will include RFC 5280 path validation to a trust anchor.  This means that the signature on each certificate will be validated.  So, for quite some time we will need to be able to validate RSA PKCS#1 v1.5 signatures, either on the PASSporT object or on a certificate, even if we state a strong preference for ECDSA.
>>>> 
>>>> Russ
>>>> 
>>>> _______________________________________________
>>>> stir mailing list
>>>> stir@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/stir
>>> 
>>> _______________________________________________
>>> stir mailing list
>>> stir@ietf.org
>>> https://www.ietf.org/mailman/listinfo/stir
>> 
> 
> _______________________________________________
> stir mailing list
> stir@ietf.org
> https://www.ietf.org/mailman/listinfo/stir

v2.40.4 | Report a Bug | By Email | System Status