Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Eric Rescorla <ekr@rtfm.com> Fri, 05 August 2011 16:43 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4442321F8532 for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 09:43:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rj9rTMK+DVzu for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 09:43:43 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by ietfa.amsl.com (Postfix) with ESMTP id 0AE7F21F850E for <woes@ietf.org>; Fri, 5 Aug 2011 09:43:40 -0700 (PDT)
Received: by wyg8 with SMTP id 8so1452402wyg.31 for <woes@ietf.org>; Fri, 05 Aug 2011 09:43:57 -0700 (PDT)
Received: by 10.227.27.67 with SMTP id h3mr2052781wbc.45.1312562637519; Fri, 05 Aug 2011 09:43:57 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.227.63.11 with HTTP; Fri, 5 Aug 2011 09:43:37 -0700 (PDT)
In-Reply-To: <4E3C0158.1090109@mnt.se>
References: <b9332337-4efa-4355-93a9-7866a5506bb5@default> <CA60EB18.D5CF%joe.hildebrand@webex.com> <CABcZeBPWj8GC4nK7qZ_uypk+4uAPtGYhQu3rAdz+xr9AuP13rg@mail.gmail.com> <4E3C0158.1090109@mnt.se>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 5 Aug 2011 09:43:37 -0700
Message-ID: <CABcZeBOrUgX7+5aMohzO6Uq_8iHkbW0H-pHo96xTeFB3Wq+SAg@mail.gmail.com>
To: Leif Johansson <leifj@mnt.se>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: woes@ietf.org
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 16:43:44 -0000

On Fri, Aug 5, 2011 at 7:42 AM, Leif Johansson <leifj@mnt.se> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>>> Just doing the math yourself, from scratch, is pretty easy if you have the
>>> bare key.  It's nigh-on trivial if you have a bigint library.  Solution:
>>> don't use OpenSSL.  I propose we don't get bogged down in the certificate
>>> problem for the moment.
>>
>> Cryptographer's warning: do not do this. Hard hat area ahead.
>>
>
> That is advice for implementors and not for spec writers, right?

Correct. Getting the implementation right is tricky.

-Ekr