Re: [Trans] Fwd: Certificate Transparency with Russian GOST algorithms

Ben Laurie <benl@google.com> Tue, 18 March 2014 14:20 UTC

Return-Path: <benl@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9913C1A044F for <trans@ietfa.amsl.com>; Tue, 18 Mar 2014 07:20:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.926
X-Spam-Level:
X-Spam-Status: No, score=-1.926 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HQPDPrjllkJy for <trans@ietfa.amsl.com>; Tue, 18 Mar 2014 07:20:57 -0700 (PDT)
Received: from mail-ve0-x22c.google.com (mail-ve0-x22c.google.com [IPv6:2607:f8b0:400c:c01::22c]) by ietfa.amsl.com (Postfix) with ESMTP id B40741A02F9 for <trans@ietf.org>; Tue, 18 Mar 2014 07:20:57 -0700 (PDT)
Received: by mail-ve0-f172.google.com with SMTP id jx11so7035022veb.17 for <trans@ietf.org>; Tue, 18 Mar 2014 07:20:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=EgYbT4NZBdsIt/UuwIj2ZoIK9e5eI5MSzjDhMFZBRUo=; b=XGX7JMOaz4KMsild/t/TusdPJBDlDqcfqBzSuVZpkgpwyEEou4DhO+RcJp0t01Wttj svGrN6z6neD3k+EXA4PHfmxaeSzXWYJcYr6woinTTz75LU8YhQe92uT3Ldd9dIxi/rlA o3V+84z+5ijuj/cOAbkFpaF1KtpStFllbGKu1tB1DbOdNbsPRaLmKx5ua2hWF4sKgH+E UEX79v1u4Cg6M5ho8H4laljo+u+ePmr3UUiczUEirrjp3bN/q1iE6fsXFnQTQkpUSz/K XAZCsfxhOgaAjsQcpu1q6W9n/swv1IvJH5azSws0/WCqkNHdRIAzxhJgDUfOX6cSYxiP wXkg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=EgYbT4NZBdsIt/UuwIj2ZoIK9e5eI5MSzjDhMFZBRUo=; b=effKs7iGLpIAgYPP/Y9/HDI0eieDdMuXmHIRC4niAiDP7yQsKEPaz5WRv+kSb64kd3 p1uSa7ssTgzAJ5ZxeUQFlJSn9M2EBk6mu2vMerE0aGszoymOCZ2H2Ma/NikWNbJtEY0f 2Ys/QNZgmyjwQSM9H9XY29BEUaaGp/h3AymxkVK2tT5P3Ok4mWVCOjgGqT3YsX3V9RPv /ctS98XZNZ2WcxdFdEw0chBH0wImSWggaYgruW+MvcwhwPKmlW5I9cqh7qcA1UZs0rMp DfxvM6JSJBY5OHmplVUoExeeKD6Of4TdZ/qEoR8XGq/W5Z2R7o8LrUzf4pW0POOO8HBk u0Yg==
X-Gm-Message-State: ALoCoQmOVEbp99VisFRiQb2rpXcrFDKVjbM5DM1yybqzBZpJD2szj9XYNSTQyhHV/ZK4LqNErzpML35K5mEpISaY2e72eUBQrzb/crsoeng3jhDpSG7YseG7eY0CLQSed/A2IXQhM3xRifDzC6WQJxd6e1EUOcykizDdR2M9YiQvnoRNq96vjH1aBW6JHS/FTc86w0BupIAY
MIME-Version: 1.0
X-Received: by 10.220.67.18 with SMTP id p18mr25311972vci.14.1395152449233; Tue, 18 Mar 2014 07:20:49 -0700 (PDT)
Received: by 10.52.230.105 with HTTP; Tue, 18 Mar 2014 07:20:49 -0700 (PDT)
In-Reply-To: <531F57B2.6030505@gmail.com>
References: <531F530B.4040703@tcinet.ru> <531F57B2.6030505@gmail.com>
Date: Tue, 18 Mar 2014 14:20:49 +0000
Message-ID: <CABrd9SSOwGC8LKF5viuwoFsjcTMQjra-TJdyWU6g2mVNk_5WOA@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Melinda Shore <melinda.shore@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/e50_kIfD2PxOx151C-Y77KjgJH8
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Fwd: Certificate Transparency with Russian GOST algorithms
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Mar 2014 14:20:59 -0000

On 11 March 2014 18:36, Melinda Shore <melinda.shore@gmail.com> wrote:
> For some reason Dmitry's mail is not arriving at the
> IETF server, so I thought I would forward it myself.
>
> Melinda
>
>
> -------- Original Message --------
> Subject: Certificate Transparency with Russian GOST algorithms
> Date: Tue, 11 Mar 2014 22:16:47 +0400
> From: Dmitry Belyavsky <beldmit@tcinet.ru>
> To: trans@ietf.org
> CC: melinda.shore@gmail.com
>
> Hi all!
>
> Here are some thoughts about using CT in Russia with Russian
> cryptographic algorithms (GOST). They were discussed with Ben Laurie
> during the IETF meeting in London. I am not sure which mailing list is
> the right place to post to, so I post it to the WG mailing list.
>
> Laws and practice in Russia requires using of the GOST hash and digital
> signature in X.509 certificates for government services. These
> certificates are signed by Russians CAs which are not in lists of
> trusted CAs in major browsers. It is not a problem to create an
> installation of log server in Russia containing the list of Russian CAs.
> But Russia-based service should use the GOST hash algorithm in the
> Merkle tree and GOST signature algorithm for signing SCT. It seems to be
> not a problem because if GOST-based certificates are submitted to
> GOST-based log, browsers not understanding the GOST algorithms will not
> have to verify GOST-based SCTs. But also it means that the hashing
> algorithm of Merkle tree should become the config-time parameter of the
> log instance instead of being hardcoded. Also it should be possible to
> find out which algorithm is used in this or that log instance and it
> should be strictly prohibited to change this algorithm after start of
> the log instance. It seems to be a good idea anyway because of the
> requirements of cryptographic algorithms agility.

As I mentioned elsewhere, in our view you change algorithm by starting
a new log.

The hash/signing algorithms are fixed properties of the log.

It seems to me there shouldn't be any difficulty accommodating GOST
like this - I guess we'd have to add the rule that non-GOST
certificates MUST NOT use GOST logs. Not sure whether we should
require the opposite, though (i.e. GOST certificates MUST NOT use
EC/SHA logs)?