IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-08.txt

Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 18 July 2013 12:20 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B105A21E80DA for <tls@ietfa.amsl.com>; Thu, 18 Jul 2013 05:20:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.592
X-Spam-Level:
X-Spam-Status: No, score=-102.592 tagged_above=-999 required=5 tests=[AWL=0.007, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KRCQGM-BqjR0 for <tls@ietfa.amsl.com>; Thu, 18 Jul 2013 05:20:02 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) by ietfa.amsl.com (Postfix) with ESMTP id C0EA621E80DE for <tls@ietf.org>; Thu, 18 Jul 2013 05:20:01 -0700 (PDT)
Received: from [172.16.254.104] ([80.92.116.207]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0Lz3JU-1U4PJ00PIm-014CsW; Thu, 18 Jul 2013 14:19:59 +0200
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <51E5338F.9030100@hauke-m.de>
Date: Thu, 18 Jul 2013 14:19:57 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <74975B22-61CB-47AD-AEFF-A273C8F6ECC8@gmx.net>
References: <20130715231127.14144.44003.idtracker@ietfa.amsl.com> <51E5338F.9030100@hauke-m.de>
To: Hauke Mehrtens <hauke@HAUKE-M.DE>
X-Pgp-Agent: GPGMail 1.4.1
X-Mailer: Apple Mail (2.1085)
X-Provags-ID: V03:K0:1ygPRba77Lv7B/YQ1NUqpVb2sSp6HUwN7g/yj+IUCI6v+rG4hCu rDOgMvvMJEQAYUgOqLXACUyOjUvs1VHmmyWzvAq3TQ/yoi3qJYjKoZQXvDx5M+5ous0rouh 1uVAARIMalOfMpzCKxZBpLwoM9naalKpX2i901wHH0qTAhObemhtZjyCgm2Rket/3P5qYSu Omtb+GTFyePQC0LUgUz2w==
Cc: tls@ietf.org
Subject: Re: [TLS] I-D Action: draft-ietf-tls-oob-pubkey-08.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 12:20:06 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi Hauke, 

thanks for your quick review. 

> 
> Thanks for the new draft.
> 
> I have some comments to this version:
> 
> In section 3. New TLS Extension the link to Section 2.3.5 of RFC 5480
> is wrong, this should be just Section 2.
You are unfortunately correct. Fixed it. 

> 
> RFC 5480 defines a lot more OIDs which could be used as an algorithm OID
> than listen in Figure 3. ECDSA defines a different OID for every
> standardized curve. I think naming the OID in Figure 3 should be removed
> and there should just be a pinter to the RFC. It should also be made
> clear that there could be further RFC than RFC 3279, RFC3279 and RFC5480
> defining OIDs used in the SubjectPublicKeyInfo, like RFCs defining a new
> public key type.

You are right that (a) there may be more OIDs defined in the future and that (b) RFC 5480 defines more OIDs than the single one listed in the table. 
However, the table just lists examples to illustrate common cases for the reader. I could, however, add a sentence to point out that these are just examples and more OIDs exist. 

> 
> Could you add some list definition where the numbers assigned by the
> IANA should be added later. I like how it is done in
> draft-mcgrew-tls-aes-ccm-ecc-06 for the CipherSuites [0].

The above-mentioned draft uses a different registry but I guess you are asking for a snapshot of the current registry. 
For example, something like this: 

- - ------------------------------------------------------
Value 	Description 	          Reference 
 0	           X.509	                  [RFC6091]
 1	         OpenPGP	          [RFC6091]
 3             Raw Public Key    [This RFC]
 3-223	 Unassigned	
224-255	 Reserved for         [RFC6091] 
                Private Use	
- - ------------------------------------------------------

Is this correct? 

> 
> Are there some intermediate version of this draft available, like a
> public readable svn repository where the work on this draft is happening?

Yes; here is the git repository:
https://github.com/hannestschofenig/tschofenig-ids/tree/master/raw-public-keys

Ciao
Hannes

> 
> Hauke
> 
> 
> [0]: https://tools.ietf.org/html/draft-mcgrew-tls-aes-ccm-ecc-06#section-2
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBCgAGBQJR591UAAoJEGhJURNOOiAtVEYIAIFfPz+HEK4lBLNSe/2l2EYS
0GPWUduNo8/GcU/uiVxWEpFmKG0gvgTstj6AT2ima3JAgoWfglOdAh1N3/RJCNsf
+1Tyh91SUGH40v6ctdfuKalzfb8DOcSBiZ3DRVLI4FiuSBXUFK6Ru5mpNTSELvgF
2rY8kDd/UUIlrRSIq9Zb1B88k6ElP5vxrtZV5x4OGZaD63UfitHMZpXCJqFDpNyb
8HTqxrHrJeNURh8HH7RDfkw4I/Hrkw1hMuMmADQoYCCEADBRDSRW6QFL2bVewjr2
EAlyHNrK4c1BosEzXhInIA/2WY4CUdd6/PwNa50p6md0dJxgZnZy7RG1kA73ny4=
=JH/F
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBCgAGBQJR591tAAoJEGhJURNOOiAtwD0H/jmCbbdyGewFqCQ9FIcd3MZi
uVHa80cfCsUQ9Z3w3UyLfV8qYmVxdXIaM4BK+/TdPpX44jPqfC+bNahTAmMT+Bha
T0IRsEcetN24yYBf/Wth+st9V+TmER8t79S6iKxmmYVElvUdrxqR8bYISFB4Cpaw
isWG4SKAooSdmnJVMGS3betCDvGJH1Q35HjLL22UlHDDCJggoQly16Cbgr2vGcFV
sCpWWWD6X+ISgZ6hrhV7JP+UtV93SeoYuWmCSVBNiRInXXrQwy4LpJFHH5AEeg+t
CCvQaHr/VWyTIJBKoaFleAsL0cMwCVQDEoVl/kvvUbld6ALA3+QcY0MBdbcmnt8=
=z/51
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email