IETF Logo Mail Archive

Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Joe Hildebrand <joe.hildebrand@webex.com> Fri, 05 August 2011 04:34 UTC

Return-Path: <Joe.Hildebrand@webex.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6864D21F8754 for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 21:34:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pIa-czb-DKl3 for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 21:34:31 -0700 (PDT)
Received: from gw1.webex.com (gw1.webex.com [64.68.122.208]) by ietfa.amsl.com (Postfix) with SMTP id 479C521F8757 for <woes@ietf.org>; Thu, 4 Aug 2011 21:34:31 -0700 (PDT)
Received: from SRV-EXSC03.webex.local ([192.168.252.197]) by gw1.webex.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 4 Aug 2011 21:34:48 -0700
Received: from 10.21.145.209 ([10.21.145.209]) by SRV-EXSC03.webex.local ([192.168.252.200]) with Microsoft Exchange Server HTTP-DAV ; Fri, 5 Aug 2011 04:34:47 +0000
User-Agent: Microsoft-Entourage/12.24.0.100205
Date: Fri, 05 Aug 2011 00:34:32 -0400
From: Joe Hildebrand <joe.hildebrand@webex.com>
To: Hal Lockhart <hal.lockhart@oracle.com>, Paul Hoffman <paul.hoffman@vpnc.org>, "woes@ietf.org" <woes@ietf.org>
Message-ID: <CA60EB18.D5CF%joe.hildebrand@webex.com>
Thread-Topic: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
Thread-Index: AcxTKPiCY31VNWvFEkWx62Jkc6M+og==
In-Reply-To: <b9332337-4efa-4355-93a9-7866a5506bb5@default>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
X-OriginalArrivalTime: 05 Aug 2011 04:34:48.0101 (UTC) FILETIME=[021B4D50:01CC5329]
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 04:34:32 -0000

On 8/4/11 4:48 PM, "Hal Lockhart" <hal.lockhart@oracle.com> wrote:

>> 3) A Standards Track document specifying how to encode public
>> keys as JSON-structured objects.
>> 
> 
> I would like to push back on the idea of only supporting naked public keys. It
> is my understanding that common cryto libraries, e.g. OpenSSL, expect public
> keys to be in certificates and the coding to get them to accept a naked key as
> input is ugly. I don't think they care if the cert is self signed or even
> signed at all, its just a format issue.

Just doing the math yourself, from scratch, is pretty easy if you have the
bare key.  It's nigh-on trivial if you have a bigint library.  Solution:
don't use OpenSSL.  I propose we don't get bogged down in the certificate
problem for the moment.

-- 
Joe Hildebrand

v2.23.0 | Report a Bug | By Email