Re: [TLS] Certificate keyUsage enforcement question (new in RFC8446 Appendix E.8)
Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 08 November 2018 23:31 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7725B130DD5 for <tls@ietfa.amsl.com>; Thu, 8 Nov 2018 15:31:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9oc2ZrOe1XNF for <tls@ietfa.amsl.com>; Thu, 8 Nov 2018 15:31:40 -0800 (PST)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18E33127B92 for <tls@ietf.org>; Thu, 8 Nov 2018 15:31:39 -0800 (PST)
Received: from [10.200.18.148] (unknown [38.27.161.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by straasha.imrryr.org (Postfix) with ESMTPSA id 5ADBC301B85 for <tls@ietf.org>; Thu, 8 Nov 2018 18:31:38 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <1541716036588.29769@cs.auckland.ac.nz>
Date: Thu, 08 Nov 2018 18:31:35 -0500
Content-Transfer-Encoding: quoted-printable
Reply-To: "<tls@ietf.org>" <tls@ietf.org>
Message-Id: <62FC16EB-9567-408E-B3A1-62B868F5A2BB@dukhovni.org>
References: <79CF87E7-E263-4457-865E-F7BE8251C506@dukhovni.org> <m236seg80v.fsf@localhost.localdomain> <DE213706-285A-4FF4-BA25-3DFC69966BE6@dukhovni.org> <m2y3a4ebau.fsf@localhost.localdomain> <FF305E4A-B304-4C72-9D70-0D65116DD8B9@dukhovni.org> <F04642CF-132E-48EF-B17F-36CC57F245FC@ll.mit.edu> <1541716036588.29769@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>
X-Mailer: Apple Mail (2.3445.101.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Q0z_48slRxun5n3660XLsIxr89Q>
Subject: Re: [TLS] Certificate keyUsage enforcement question (new in RFC8446 Appendix E.8)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2018 23:31:41 -0000
> On Nov 8, 2018, at 5:27 PM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > >> Always enforce peer certificate key usage (separation) for ECDSA. ECDSA keys >> are more brittle when misused. > > Since ECDSA can only do signing, isn't this a bit redundant? In other words > you can't really not enforce keyUsage for a signature-only algorithm. Well, ECDH keys (not really ECDSA) can do key agreement, and EC keys can be used for encryption with ECIES. In any case, it seems that other libraries are already requiring digitalSignature in keyUsage (when present) for ECDSA that don't yet do so for RSA, and I'm willing to go along with that. Trying to make a pragmatic choice... -- Viktor.
- [TLS] Certificate keyUsage enforcement question (… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Geoffrey Keating
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Martin Rex
- Re: [TLS] Certificate keyUsage enforcement [whose… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… David Benjamin
- Re: [TLS] Certificate keyUsage enforcement questi… Geoffrey Keating
- Re: [TLS] Certificate keyUsage enforcement [whose… Peter Gutmann
- Re: [TLS] Certificate keyUsage enforcement [whose… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Certificate keyUsage enforcement questi… Peter Gutmann
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Peter Gutmann
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Yoav Nir
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Tony Putman
- Re: [TLS] Certificate keyUsage enforcement questi… Viktor Dukhovni
- Re: [TLS] Certificate keyUsage enforcement questi… Andrei Popov
- Re: [TLS] Certificate keyUsage enforcement questi… Nikos Mavrogiannopoulos