Re: [TLS] regd. signature algorithm 0x0804 (rsa_pss_rsae_sha256) use in TLSv1.2 CertificateVerify

M K Saravanan <mksarav@gmail.com> Tue, 20 November 2018 18:46 UTC

Return-Path: <mksarav@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A493130DD8 for <tls@ietfa.amsl.com>; Tue, 20 Nov 2018 10:46:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7oUxR5b6BxST for <tls@ietfa.amsl.com>; Tue, 20 Nov 2018 10:46:02 -0800 (PST)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF5EC130DCF for <tls@ietf.org>; Tue, 20 Nov 2018 10:46:01 -0800 (PST)
Received: by mail-lj1-x236.google.com with SMTP id u6-v6so2579158ljd.1 for <tls@ietf.org>; Tue, 20 Nov 2018 10:46:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=h5cetwDlNHa/0qYnBnZkby/bKKoWNPwHeOaUCwRgqO4=; b=IsvvhT7fMk3uH7CZWFfF8Npyx0h4eONJu73I98ptTkvTiurT/WS278i3zm3jeFYNt5 SdEYZvZMlfxfP/NN6k6X50fS71lNRIRmp70669blcbNs+4A2pqxu1TjbTSH6mYFdXKsf vO+GPul6bHF3xw//9W1QcoACs2SnG0yEHI0Ez0FNtTQz5zWlFGdU3nA9obpNxuAjdVZg v8YdpCG96C3Ke5BwF4Bl4WcengBTSbZOLlIy9I1Bx8eOdpmOE8u1RqV+OmSoOAFTT+XE dHuL53OKmoEPVCEX42QfyO2+wTKBff0jGCkDjTkVriI7ak31zYXIBoeyG736DoEieEXn xAug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=h5cetwDlNHa/0qYnBnZkby/bKKoWNPwHeOaUCwRgqO4=; b=DuAJODlboZrNTuMHdrfo4iBM4/MynfmKbIZSt8uMKtFJ1xukEqF9M69tKZF8f+m2BR kaNjlSB7+YI/k7RQLBwJlQObvjAz+pnggjWDYavuZmauQEcxhZwnM2gSKOSPcEnmtxvF EHUXnvviEm9Fp74F5l6EhTjTiv5EHR8kOGemIFhNUvKnFFcbgB90GdJ+/aEyenQBdowh zvHKFKkDhieInJX8StCBrpqOWTd8/LftnMZ4qpeJTi/LsyxY0jNqrCmGyfdEnRrLQFIk 5LNzXutL5MQ60f888xrea9xQdDbzmAFMqPxuk3b5IUStBo9QH9dyhfveWBQlWOP9z63G TFdw==
X-Gm-Message-State: AA+aEWaPZo8FwwtXLU3InKmztpcQ1copIbBbEljqGueOSZ/qkWKnVgyI rIfiEpPl0aymIincwdB9Ji+5bfMavxep9KcJxg4=
X-Google-Smtp-Source: AFSGD/V/XIw0Ps1RsC/xQXMz7nWLeDWW8gmcnJK6vZ2QVRIOI4tYuiKXZmocKuBhYPH0NOoNQdFXyggmsL4xMZi7Bu8=
X-Received: by 2002:a2e:8643:: with SMTP id i3-v6mr1644610ljj.43.1542739559916; Tue, 20 Nov 2018 10:45:59 -0800 (PST)
MIME-Version: 1.0
References: <CAG5P2e8SY8JsraV9R5MPe35hr2t5TWFmPZ=3gh0vrDW=i-AjDw@mail.gmail.com> <CAG5P2e9vA0X1jAh+s_JKBCC6aYE_8SZ2kFvH2gO3Z4e8CEP6yA@mail.gmail.com> <CAF8qwaByvv51SrKdxVwjfecGvtSEvfpqqdWur8Rsdig7P8Jh2g@mail.gmail.com>
In-Reply-To: <CAF8qwaByvv51SrKdxVwjfecGvtSEvfpqqdWur8Rsdig7P8Jh2g@mail.gmail.com>
From: M K Saravanan <mksarav@gmail.com>
Date: Wed, 21 Nov 2018 02:45:48 +0800
Message-ID: <CAG5P2e9z0G7FjhdTUZAWUdcebiwYAROwdTknxhzhkaW3m7hTpA@mail.gmail.com>
To: davidben@chromium.org
Cc: tls@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Gwf2TXMsQoysS-kF6XnVrCrwgZY>
Subject: Re: [TLS] regd. signature algorithm 0x0804 (rsa_pss_rsae_sha256) use in TLSv1.2 CertificateVerify
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Nov 2018 18:46:04 -0000

Thanks David.

with regards,
Saravanan.
On Wed, 21 Nov 2018 at 02:07, David Benjamin <davidben@chromium.org>; wrote:
>
> Yes, this is correct.
>
> On Tue, Nov 20, 2018 at 10:35 AM M K Saravanan <mksarav@gmail.com>; wrote:
>>
>> Hi,
>>
>> RFC8446:
>> =================================================
>> 4.2.3.  Signature Algorithms
>>
>> [...]
>> -  Implementations that advertise support for RSASSA-PSS (which is
>>       mandatory in TLS 1.3) MUST be prepared to accept a signature using
>>       that scheme even when TLS 1.2 is negotiated.  In TLS 1.2,
>>       RSASSA-PSS is used with RSA cipher suites.
>>
>> =================================================
>>
>> The above paragraph gives me an impression that, in TLSv1.2, if
>> CertificateRequest message advertise 0x0804, then the client can sign
>> the CertificateVerify message with 0x0804 if client cert is RSA.
>>
>> 0x0804 = rsa_pss_rsae_sha256
>>
>> Can some one please confirm whether my understanding is correct?
>>
>> with regards,
>> Saravanan
>>
>> On Wed, 21 Nov 2018 at 00:27, M K Saravanan <mksarav@gmail.com>; wrote:
>> >
>> > Hi,
>> >
>> > If a TLSv1.2 Certificate Request message contains 0x0804
>> > (rsa_pss_rsae_sha256) as one of the supported signature algorithms,
>> > can a client sign the CertificateVerify message using that algorithm?
>> > (client cert is RSA).  Is it allowed in TLSv1.2?
>> >
>> > with regards,
>> > Saravanan
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls