Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Leif Johansson <leifj@mnt.se> Sun, 07 August 2011 09:59 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3197021F8588 for <woes@ietfa.amsl.com>; Sun, 7 Aug 2011 02:59:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aDUrlZXaWErJ for <woes@ietfa.amsl.com>; Sun, 7 Aug 2011 02:59:06 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [IPv6:2001:948:4:1::66]) by ietfa.amsl.com (Postfix) with ESMTP id 35FBD21F8511 for <woes@ietf.org>; Sun, 7 Aug 2011 02:59:02 -0700 (PDT)
Received: from [10.0.0.11] (ua-83-227-179-169.cust.bredbandsbolaget.se [83.227.179.169]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id p779xIDV014015 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 7 Aug 2011 11:59:21 +0200 (CEST)
Message-ID: <4E3E61F6.7020009@mnt.se>
Date: Sun, 07 Aug 2011 11:59:18 +0200
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.18) Gecko/20110617 Lightning/1.0b2 Thunderbird/3.1.11
MIME-Version: 1.0
To: Joe Hildebrand <joe.hildebrand@webex.com>
References: <CA62F260.D797%joe.hildebrand@webex.com>
In-Reply-To: <CA62F260.D797%joe.hildebrand@webex.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "woes@ietf.org" <woes@ietf.org>
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Aug 2011 09:59:07 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/06/2011 07:30 PM, Joe Hildebrand wrote:
> On 8/6/11 7:43 AM, "Leif Johansson" <leifj@mnt.se> wrote:
> 
>> So in that case I still support having the spec explain (very carefully)
>> how you do "raw keys" - i.e keys with no intrinsic semantics - and then
>> also adding the cryptographers caveat to that.
> 
> To be clear, when I was talking about raw keys, I didn't mean keys with no
> intrinsic semantics.  I just meant something along the lines of PKCS1; a
> modulus, an exponent, some algorithm info, and that's about it (I'd be ok
> with defining private keys in the same format as well).  It would have
> defined semantic, it just wouldn't be tied to an identity.

OK that was more or less what I was trying to say aswell.

> 
> A definite goal for me that is NOT met by PKCS1 however, is to *limit* the
> choices and extensibility in certain directions to reduce the overall
> complexity.
> 
> Of course, once you've got primitives for sign and encrypt and you've got a
> key format, doing something like PKIX is possible.  Perhaps we could sketch
> that out as potential follow-on work in the charter, so we can make progress
> on some of the shorter-term stuff first?
> 

indeed

	Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEUEARECAAYFAk4+YfYACgkQ8Jx8FtbMZnflfgCYp2qanBmDLi4O5FTqFvo/u6ar
kgCfQmV6tssu3aXHYbOcKTBPs5RKv6A=
=x4eF
-----END PGP SIGNATURE-----