Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-08.txt
Hauke Mehrtens <hauke@hauke-m.de> Sat, 20 July 2013 15:29 UTC
Return-Path: <hauke@hauke-m.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BF2921E80A6 for <tls@ietfa.amsl.com>; Sat, 20 Jul 2013 08:29:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vW0PqLkGkF9n for <tls@ietfa.amsl.com>; Sat, 20 Jul 2013 08:29:31 -0700 (PDT)
Received: from hauke-m.de (Hauke-2-pt.tunnel.tserv6.fra1.ipv6.he.net [IPv6:2001:470:1f0a:465::2]) by ietfa.amsl.com (Postfix) with ESMTP id 0953321E80A3 for <tls@ietf.org>; Sat, 20 Jul 2013 08:29:30 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by hauke-m.de (Postfix) with ESMTP id 9EE658F61; Sat, 20 Jul 2013 17:29:28 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at hauke-m.de
Received: from hauke-m.de ([127.0.0.1]) by localhost (hauke-m.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DmYZp7ysmytA; Sat, 20 Jul 2013 17:27:17 +0200 (CEST)
Received: from [IPv6:2001:470:1f0b:447:878:d37a:98c:1fb1] (unknown [IPv6:2001:470:1f0b:447:878:d37a:98c:1fb1]) by hauke-m.de (Postfix) with ESMTPSA id 55D0C857F; Sat, 20 Jul 2013 17:27:17 +0200 (CEST)
Message-ID: <51EAAC53.6080704@hauke-m.de>
Date: Sat, 20 Jul 2013 17:27:15 +0200
From: Hauke Mehrtens <hauke@hauke-m.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
References: <20130715231127.14144.44003.idtracker@ietfa.amsl.com> <51E5338F.9030100@hauke-m.de> <74975B22-61CB-47AD-AEFF-A273C8F6ECC8@gmx.net>
In-Reply-To: <74975B22-61CB-47AD-AEFF-A273C8F6ECC8@gmx.net>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-08.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jul 2013 15:29:32 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Hannes, On 07/18/2013 02:19 PM, Hannes Tschofenig wrote: > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > > Hi Hauke, > > thanks for your quick review. > > >> Thanks for the new draft. > >> I have some comments to this version: > >> RFC 5480 defines a lot more OIDs which could be used as an >> algorithm OID than listen in Figure 3. ECDSA defines a different >> OID for every standardized curve. I think naming the OID in >> Figure 3 should be removed and there should just be a pinter to >> the RFC. It should also be made clear that there could be further >> RFC than RFC 3279, RFC3279 and RFC5480 defining OIDs used in the >> SubjectPublicKeyInfo, like RFCs defining a new public key type. > > You are right that (a) there may be more OIDs defined in the future > and that (b) RFC 5480 defines more OIDs than the single one listed > in the table. However, the table just lists examples to illustrate > common cases for the reader. I could, however, add a sentence to > point out that these are just examples and more OIDs exist. Thanks for adding the sentence that makes it clear. > >> Could you add some list definition where the numbers assigned by >> the IANA should be added later. I like how it is done in >> draft-mcgrew-tls-aes-ccm-ecc-06 for the CipherSuites [0]. > > The above-mentioned draft uses a different registry but I guess you > are asking for a snapshot of the current registry. For example, > something like this: > > - ------------------------------------------------------ Value > Description Reference 0 X.509 > [RFC6091] 1 OpenPGP [RFC6091] 3 Raw > Public Key [This RFC] 3-223 Unassigned 224-255 Reserved for > [RFC6091] Private Use - > ------------------------------------------------------ > > Is this correct? Isn't the final number in the end of the standardization process added to the draft? I was just thinking about adding a placeholder for that number in the draft. For the Certificate Type there is already the excepted number added in the draft, but for the server_certificate_type and client_certificate_type there is a placeholder missing. >> Are there some intermediate version of this draft available, like >> a public readable svn repository where the work on this draft is >> happening? > > Yes; here is the git repository: > https://github.com/hannestschofenig/tschofenig-ids/tree/master/raw-public-keys Thanks > for the link. Hauke -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBAgAGBQJR6qxSAAoJEIZ0px9YPRMyh5cP/3BF6Mwbf7qT9Ra8rtFhvoll VJDWKtD2s6efgPHFXUA/mqELmCgy1v/TaZv4CzYvy1GWdneAQ6wTclzA+wsDbZ+0 RzD9Gd6uM3fPd3yYvfdXR+y9hM+5352aJMSeY2k30kpqJHaOCt0pTkBfgBsa9d/0 eXm6sdD4hRx9w47FlNltZOmbG93dSL7qBxc+43fFl/77DVS1KoLNmPkXLpxgP4oj KFJCZ+OiXm5hRdP4+tPn/DgUUzL9YQC4rkmR1Seo+Ttoql9UFTpjJ5j4otbeYnGZ h42Smk5rpyMQ+hbmuujiid6k3bTV2DK9fM6+CfMBGwE0O9DaXi/d/w6Nt3j1zRCe hT2r/plROzHvJESB7PFnI4oUWdJAz/hNs8idx8VX/pd3dj5y0IVL1sNDrNS0IziJ wUd91PJLKv/tb3qxtERX7Mu3aYN3HVAw4isRJidVr5nm/nvFnlX/jPdIEC0ZB+k6 LLPCiEv6neO4ACKB32B967o+cMWpHUiaWZ0sQaeMAWY8blmKcBDk/0x/2D7zYOgu 0unfajW/EwthSPVqdzS7tuZATwksa4Wg0WdHpZPHOW0MMR6C4YADIAMBEdFMCOFW NR6gi5GvTF22KOQ8rinjvNZ3d0BrZbU3tLbgJZ9CIVa2j4dCHfE3xy5mifSyI8uh +N0s2EHMHOoD8+9QDngo =Bx3l -----END PGP SIGNATURE-----
- [TLS] I-D Action: draft-ietf-tls-oob-pubkey-08.txt internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-0… Hauke Mehrtens
- Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-0… Hannes Tschofenig
- Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-0… Hauke Mehrtens
- Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-0… Hannes Tschofenig
- Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-0… Hauke Mehrtens