Re: [TLS] (question on ANSI X9.62-2005) Re: Ecdsa-sig-value in TLS 1.3 – need for erratum?

Dan Brown <danibrown@blackberry.com> Tue, 01 October 2019 14:18 UTC

Return-Path: <danibrown@blackberry.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 981EF12021C for <tls@ietfa.amsl.com>; Tue, 1 Oct 2019 07:18:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.489
X-Spam-Level:
X-Spam-Status: No, score=-2.489 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id waEzJr-xKA_K for <tls@ietfa.amsl.com>; Tue, 1 Oct 2019 07:18:33 -0700 (PDT)
Received: from smtp-p01.blackberry.com (smtp-p01.blackberry.com [208.65.78.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FF45120835 for <TLS@ietf.org>; Tue, 1 Oct 2019 07:18:19 -0700 (PDT)
Received: from xct106cnc.rim.net ([10.65.161.206]) by mhs212cnc.rim.net with ESMTP/TLS/DHE-RSA-AES256-SHA; 01 Oct 2019 10:18:12 -0400
Received: from XCT115CNC.rim.net (10.65.161.215) by XCT106CNC.rim.net (10.65.161.206) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 1 Oct 2019 10:18:12 -0400
Received: from XMB116CNC.rim.net ([fe80::45d:f4fe:6277:5d1b]) by XCT115CNC.rim.net ([::1]) with mapi id 14.03.0415.000; Tue, 1 Oct 2019 10:18:11 -0400
From: Dan Brown <danibrown@blackberry.com>
To: Rene Struik <rstruik.ext@gmail.com>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, Hubert Kario <hkario@redhat.com>, "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: (question on ANSI X9.62-2005) Re: [TLS] Ecdsa-sig-value in TLS 1.3 – need for erratum?
Thread-Index: AQHVeFxIhkIbnWQYYkq4BSiWK0uouKdFzvrQ
Date: Tue, 01 Oct 2019 14:18:10 +0000
Message-ID: <810C31990B57ED40B2062BA10D43FBF501E453DE@XMB116CNC.rim.net>
References: <20191001104718.8626261.12105.36904@blackberry.com> <3f715f6a-f660-f2e4-544f-583063aa6238@gmail.com>
In-Reply-To: <3f715f6a-f660-f2e4-544f-583063aa6238@gmail.com>
Accept-Language: en-US, en-CA
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.2.27.110]
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_00CE_01D57841.861024F0"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/FmFqFLDiyf4s5PbE9Ftn8hQ3GnM>
Subject: Re: [TLS] (question on ANSI X9.62-2005) Re: Ecdsa-sig-value in TLS 1.3 – need for erratum?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Oct 2019 14:18:39 -0000

Sorry to TLS-WG if this getting out of TLS scope.  (Let me know, and I will be happy to cease this thread.)

Hi Rene,

Did you mean to ask me about the ANSI X9.62 expiration off-list? I’ll assume not, and answer on-list.  

1.	I was told often by X9 admin and chairs that ANSI X9.62 was withdrawn.  Are you doubting the withdrawal?
2.	When I visited ANSI just to confirm 62 expiration, https://webstore.ansi.org/Search/Find?in=1 <https://webstore.ansi.org/Search/Find?in=1&st=X9.62> &st=X9.62 reports nothing found.
3.	​​​​​The globalspec site you mention is news to me, though I never bother to search the whole web for X9.62.  I sympathize with others that need to: sorry to you.
4.	I imagine that there many reasons for the expiration, many beyond my grade, but, as you say, I (unlike some) often nap, so it’d be fair to grade me at 50%.  Am I to infer that you are more baffled about all this than I am?
5.	Yes, “revival” is my term, and in no way an official, so it’s sensible to quote me on it.

	Dan

From: Rene Struik <rstruik.ext@gmail.com> 
Sent: Tuesday, October 1, 2019 9:29 AM
To: Dan Brown <danibrown@blackberry.com>; John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>; Peter Gutmann <pgut001@cs.auckland.ac.nz>; Hubert Kario <hkario@redhat.com>; TLS@ietf.org
Subject: (question on ANSI X9.62-2005) Re: [TLS] Ecdsa-sig-value in TLS 1.3 – need for erratum?

 

Hi Dan:
 
Just curious about the fate of ANSI X9.62-2005: On the website below, this specification is still listed as "active" (whereas ANSI X9.62-1998 is labelled historic).
I purchased that spec for a project on Nov 22, 2016 from the ANSI webstore (when, surely, it was not labelled as expired) [see purchase info below].
 
What happened? Was someone sleeping at the wheel? Why would there be a completely differently named "revival", ANSI X9.142, with almost the same content, under way, and why would its fate, 4 years after 2015, be unsure? Is there a technical reason ANSI did not wish to pursue this, or admin mishaps?
 
Rene
 
Note: purchase info RS from ansi store below: 
Subject: Your Order Confirmation for X_458150
From: ess@ansi.org <mailto:ess@ansi.org> 
Date: 11/22/2016, 2:57 PM
To: [snip]
25 West 43 Street
New York, NY 10036
Tel: 212.642.4900
Fax: 212.398.0023
Sold To
Rene Struik
[snip]
CANADA
Order ID X_458150
Card Received Mastercard
Charged to Account ****[snip]
Date 11/22/2016
Quantity Product Unit Price Total Price
1 ANSI X9.62:2005 $100.00 $100.00 Download
Total $100.00
THANK YOU FOR USING THE ANSI STANDARDS STORE.
The American National Standards Institute (ANSI) is a private non-profit organization that administers and
coordinates the U.S. voluntary standardization and conformity assessment system.
The standards you purchased were added to your Alerts Profile, which will allow you to receive an automatic
notification via email when the documents are revised or amended. You may manage your alerts at any time.
 
https://standards.globalspec.com/std/1955141/ANSI%20X9.62 <https://urldefense.proofpoint.com/v2/url?u=https-3A__standards.globalspec.com_std_1955141_ANSI-2520X9.62&d=DwMDaQ&c=yzoHOc_ZK-sxl-kfGNSEvlJYanssXN3q-lhj0sp26wE&r=mf6j6fOClApRsArWE9wqI1rEGUVkfxZ0aXWmn35nK_c&m=GWxp2Bkr_PO-b6yqjHlSg6UyHEqtMmHRuBwfpqchO7c&s=jYe-ABDhTsOLtk6YVz_62-Hc3mixZpwqMVoyCllAYOE&e=> 
 
 

On 10/1/2019 6:47 AM, Dan Brown wrote:

Re ECDSA specs and paywells:
ANSI X9.62-2005 was withdrawn in 2015, expiring automatically after 10 years, despite my weak effort.
A revival, ANSI X9.142, with almost the same content is under way, though even its fate is unsure.
Also, I expect FIPS 186-5 is nearly ready, and will specify much of ECDSA and EdDSA (not ASN.1?), which many may like (even better than ANSI).
Meanwhile, SEC1, versions 1.0 and 2.0, are available, fortunately or not, despite my weak effort.
IETF has specs for sigs and their formats already, no?
Then there's ISO, IEEE, ...
 
 
  Original Message  
From: John Mattsson
Sent: Tuesday, October 1, 2019 5:25 AM
To: Peter Gutmann; Hubert Kario; TLS@ietf.org <mailto:TLS@ietf.org> 
Subject: Re: [TLS] Ecdsa-sig-value in TLS 1.3 – need for erratum?
 
Hubert Kario  <mailto:hkario@redhat.com> <hkario@redhat.com> wrote:
 

Now, I don't have access to X9.62-2005, but there's a possibility of confusion.

 
I think references to specifications behind paywalls and other types of limited access is a major problem. Not only for the standardization process, but also for researchers and implementors. In general, I think people should be able to implement and analyze IETF standards without having to pay for access.
 
Open-access is even more important for security specifications. ANSI X.62 is hopefully quite well-studied, but for other references, the lack of analysis often leads to mistakes and unknown weaknesses.
 
I would like the IETF to take a much stronger stance against normative references to paywalls. 
 
Cheers,
John
 
_______________________________________________
TLS mailing list
TLS@ietf.org <mailto:TLS@ietf.org> 
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_tls <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_tls&d=DwICAg&c=yzoHOc_ZK-sxl-kfGNSEvlJYanssXN3q-lhj0sp26wE&r=qkpbVDRj7zlSRVql-UonsW647lYqnsrbXizKI6MgkEw&m=A-9JTBh7dU_hCbOrrx-iACEmGPbjipnEohllYGLju6I&s=p2p9Y_hh-jb_qBNaNqTbSTYE2tAuJo-BaKDbemFVLxU&e=> &d=DwICAg&c=yzoHOc_ZK-sxl-kfGNSEvlJYanssXN3q-lhj0sp26wE&r=qkpbVDRj7zlSRVql-UonsW647lYqnsrbXizKI6MgkEw&m=A-9JTBh7dU_hCbOrrx-iACEmGPbjipnEohllYGLju6I&s=p2p9Y_hh-jb_qBNaNqTbSTYE2tAuJo-BaKDbemFVLxU&e=
 





_______________________________________________
TLS mailing list
TLS@ietf.org <mailto:TLS@ietf.org> 
https://www.ietf.org/mailman/listinfo/tls <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_tls&d=DwMDaQ&c=yzoHOc_ZK-sxl-kfGNSEvlJYanssXN3q-lhj0sp26wE&r=mf6j6fOClApRsArWE9wqI1rEGUVkfxZ0aXWmn35nK_c&m=GWxp2Bkr_PO-b6yqjHlSg6UyHEqtMmHRuBwfpqchO7c&s=CSGRJ6MtwYWjiDpT8RI38oPqbcrfDOYA_Yi5hBFv_Sk&e=> 

 

-- 
email: rstruik.ext@gmail.com <mailto:rstruik.ext@gmail.com>  | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 690-7363