Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Eric Rescorla <ekr@rtfm.com> Thu, 04 August 2011 20:50 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC3DA21F866A for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 13:50:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wXtIqOQNwXGK for <woes@ietfa.amsl.com>; Thu, 4 Aug 2011 13:50:48 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by ietfa.amsl.com (Postfix) with ESMTP id 337AF21F8663 for <woes@ietf.org>; Thu, 4 Aug 2011 13:50:48 -0700 (PDT)
Received: by wyg8 with SMTP id 8so801428wyg.31 for <woes@ietf.org>; Thu, 04 Aug 2011 13:51:03 -0700 (PDT)
Received: by 10.227.172.73 with SMTP id k9mr1145494wbz.30.1312491063147; Thu, 04 Aug 2011 13:51:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.227.63.11 with HTTP; Thu, 4 Aug 2011 13:50:43 -0700 (PDT)
In-Reply-To: <b9332337-4efa-4355-93a9-7866a5506bb5@default>
References: <4F25253E-A870-4956-AAB1-20890B655984@vpnc.org> <b9332337-4efa-4355-93a9-7866a5506bb5@default>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 4 Aug 2011 13:50:43 -0700
Message-ID: <CABcZeBP_Nv2JeSe5r3kG5nBA6GsBVS19oXLapx6VJTX4axrT7Q@mail.gmail.com>
To: Hal Lockhart <hal.lockhart@oracle.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: woes@ietf.org, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2011 20:50:49 -0000

This is true for TLS, but in general you can get OpenSSL to accept keys that are
in PKCS #1 format.

Best,
-Ekr


On Thu, Aug 4, 2011 at 1:48 PM, Hal Lockhart <hal.lockhart@oracle.com> wrote:
>
>> 3) A Standards Track document specifying how to encode public
>> keys as JSON-structured objects.
>>
>
> I would like to push back on the idea of only supporting naked public keys. It is my understanding that common cryto libraries, e.g. OpenSSL, expect public keys to be in certificates and the coding to get them to accept a naked key as input is ugly. I don't think they care if the cert is self signed or even signed at all, its just a format issue.
>
> Hal
> _______________________________________________
> woes mailing list
> woes@ietf.org
> https://www.ietf.org/mailman/listinfo/woes
>