Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Leif Johansson <leifj@mnt.se> Fri, 05 August 2011 08:26 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B53B21F8BC3 for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 01:26:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.399
X-Spam-Level:
X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[AWL=-0.800, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tv561dpvtKtD for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 01:26:45 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [IPv6:2001:948:4:1::66]) by ietfa.amsl.com (Postfix) with ESMTP id 155E921F8BB0 for <woes@ietf.org>; Fri, 5 Aug 2011 01:26:44 -0700 (PDT)
Received: from [192.36.125.212] (dhcp.pilsnet.sunet.se [192.36.125.212]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id p758Qtef018387 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <woes@ietf.org>; Fri, 5 Aug 2011 10:26:59 +0200 (CEST)
Message-ID: <4E3BA94F.7030303@mnt.se>
Date: Fri, 05 Aug 2011 10:26:55 +0200
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.18) Gecko/20110617 Lightning/1.0b2 Thunderbird/3.1.11
MIME-Version: 1.0
To: woes@ietf.org
References: <b9332337-4efa-4355-93a9-7866a5506bb5@default>
In-Reply-To: <b9332337-4efa-4355-93a9-7866a5506bb5@default>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 08:26:50 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/04/2011 10:48 PM, Hal Lockhart wrote:
>  
>> 3) A Standards Track document specifying how to encode public 
>> keys as JSON-structured objects.
>>
> 
> I would like to push back on the idea of only supporting naked public keys. It is my understanding that common cryto libraries, e.g. OpenSSL, expect public keys to be in certificates and the coding to get them to accept a naked key as input is ugly. I don't think they care if the cert is self signed or even signed at all, its just a format issue.

There is a huge difference between a crypto library and a PKIX stack.

Libraries like OpenSSL are mostly about implementing PKIX, the crypto
being a comparatively small part.

Carrying something like OpenSSL just to be able to sign stuff when
you don't require the semantics of a PKIX stack is an unnecessary
requirement.

Having the ability to do raw keys is useful.

	Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk47qUoACgkQ8Jx8FtbMZndssACgipdmK6md8DT3dWgvEnKAiwxW
ljQAnRvRR148h8f3t9ii9SVJ2sgfZ3ty
=2339
-----END PGP SIGNATURE-----