Re: [Suit] Fwd: New Version Notification for draft-housley-suit-cose-hash-sig-03.txt

Russ Housley <housley@vigilsec.com> Mon, 02 July 2018 16:14 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23366130ECA for <suit@ietfa.amsl.com>; Mon, 2 Jul 2018 09:14:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rpv5r-T2UHE8 for <suit@ietfa.amsl.com>; Mon, 2 Jul 2018 09:14:44 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BFCC130DFC for <suit@ietf.org>; Mon, 2 Jul 2018 09:14:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 5D1FC300A2F for <suit@ietf.org>; Mon, 2 Jul 2018 12:14:42 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 6wZoTnAfP-KH for <suit@ietf.org>; Mon, 2 Jul 2018 12:14:41 -0400 (EDT)
Received: from a860b60074bd.home (pool-71-127-50-4.washdc.fios.verizon.net [71.127.50.4]) by mail.smeinc.net (Postfix) with ESMTPSA id 65C833002C6; Mon, 2 Jul 2018 12:14:41 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <140080C241BAA1419B58F093108F9EDC1E3CD428@UK-MAL-MBOX-01.dyson.global.corp>
Date: Mon, 02 Jul 2018 12:14:41 -0400
Cc: suit <suit@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <46953690-8BA5-476E-885F-8E8D850A0946@vigilsec.com>
References: <153046889224.27492.15820564704742618394.idtracker@ietfa.amsl.com> <BA07CDB6-CF77-4D68-9B00-601B69380085@vigilsec.com> <140080C241BAA1419B58F093108F9EDC1E3CD29B@UK-MAL-MBOX-01.dyson.global.corp> <B9E594C9-8C61-4F61-A634-3F289F8A0064@vigilsec.com> <140080C241BAA1419B58F093108F9EDC1E3CD428@UK-MAL-MBOX-01.dyson.global.corp>
To: Tony Putman <Tony.Putman@dyson.com>
X-Mailer: Apple Mail (2.3445.8.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/m6FqwGMcKQPSZf3EjZvw_oH2S0w>
Subject: Re: [Suit] Fwd: New Version Notification for draft-housley-suit-cose-hash-sig-03.txt
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2018 16:14:47 -0000

I think I understand now.

How about:

      o  If the 'kid' field is present, and it MAY be used to identify
           the top of the HSS tree.  In [HASHSIG], this identifier is
           called 'I', and it is the 16-byte identifier of the LMS
           public key for the tree.

Russ


> On Jul 2, 2018, at 11:59 AM, Tony Putman <Tony.Putman@dyson.com> wrote:
> 
> Russ,
> 
> You say:
>> I think the kid would identify a tree, not a node in the tree.  The signature value itself contains the information necessary to locate the node within the tree.
> 
> Which I fully agree with, so I guess my text was off. How about:
>  "If the 'kid' field is present, then it MAY contain the identity of the top-level HSS tree. This is called 'I' in [HASHSIG] and is contained in the public key which corresponds to this tree."
> 
> Without this hint, the verifier would potentially have to try the verification step for each of the trust anchors that it knows of (though only as far as verifying the next public key in the chain); there is no direct way to obtain 'I' from the signature and it is a parameter in the verification process. 'I' is present in the public key, but you're right that it's not the identity of the key, but rather the identity of the tree as a whole. 
> 
> Tony
> 
> Dyson Technology Limited, company number 01959090, Tetbury Hill, Malmesbury, SN16 0RP, UK.
> This message is intended solely for the addressee and may contain confidential information. If you have received this message in error, please immediately and permanently delete it, and do not use, copy or disclose the information contained in this message or in any attachment.
> Dyson may monitor email traffic data and content for security & training.
>