[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [xmpp] draft-hildebrand-dna-00

From: Sean Turner <turners at ieca.com>
To: Dirk Balfanz <balfanz at google.com>
Cc: xmpp at ietf.org
Date: Wed, 28 Oct 2009 15:11:52 -0400
In-reply-to: <60c552b80910281112u76bd45f1h572c73df0c43914a at mail.gmail.com>
References: <60c552b80910281112u76bd45f1h572c73df0c43914a at mail.gmail.com>

Dirk Balfanz wrote:

Hi guys,I wanted to give some feedback on draft-hildebrand-dna-00. I just joinedthe mailing list, so I probably missed a bunch of the discussionregarding this topic. I'm new to XMPP, but have been helping out theWave folks at Google with some crypto/PKI bits.

The discussion on the list has actually been pretty minimal.Technically, it's not even a working group document.

My biggest question is why you're tangling up this spec with AttributeCertificates. I've never seen an RFC 3281-style AC in the wild, andhadn't heard of draft-ietf-pkix-3281update until I read this spec. Is3281update real? Are there parsers out there that understand this stuff?It makes sense to stand on the shoulders, so to speak, of other specs ifthere is wide-spread adoption out there and code that can process thesethings, but you don't want to depend on specs that nobody is using - itjust complicates things.

I'm not sure what you mean by real? That ID fixes some errata and someminor bugs, so it's not a big update. It's in the RFC editor's queue.The document it was pinned on just got approved. It ought to bepublished soon.

There are some code bits from bouncy castle, though I have to admit Ihaven't used them. I'm sure there are others.

Ok, now for more detailed, turn-by-turn comments:
- it says "The issuer's certificate MUST NOT have abasicConstraints extension with the cA BOOLEAN set to TRUE." Why?

The statement is for compliance with RFC 3281/3281bis section 4.5. Itsays: "The AC issuer's PKC MUST conform to [PKIXPROF], and the keyUsageextension in the PKC MUST NOT explicitly indicate that the AC issuer'spublic key cannot be used to validate a digital signature. In order toavoid confusion regarding serial numbers and revocations, an AC issuerMUST NOT also be a PKC Issuer. That is, an AC issuer cannot be a CA aswell. So, the AC issuer's PKC MUST NOT have a basicConstraintsextension with the cA BOOLEAN set to TRUE."

- The holder field MUST be the baseCertificateID. This seems to meanthat it points to a issuer/serial number in some other PKC. Hows doesthe validating entity get hold of that PKC? How did the issuer of the ACknow what to put there?

The AC issuer will include their name in the issuer field (taken fromtheir PKC's subject field) and the issuer's serial # (taken from theirPKC's serial number field). Then the path for the AC would be includedalong with the AC (see Section 5.5). I proposed a "certs-only" message.It would include one attribute certificate and any public keycertificates necessary to validate them. "certs-only" message have beenaround a while and are most recently documented indraft-ietf-smime-3851bis-11.

- http://www.ietf.org/id/draft-ietf-pkix-3281update-05.txtsays "Conforming implementations MUST NOT use thex400Address, ediPartyName, or registeredID options [wherever the specasks for a GeneralName]" Your spec says to use registeredId, so youseem to be advocating a non-3281update-compliant AC.

That's my bad. We wouldn't want to be non-compliant. Joe suggestedjust using OIDs for id-xmpp and another one forid-xmpp-client/id-xmpp-server so I stuck it in there. If we can't useregisterdID, then we need to pick another one or define an other-name.I guess I lean towards a new other-name. Thoughts?

- For encoding the AC, issuer cert and potential intermediate certs,you're depending on yet anotherRFC (http://tools.ietf.org/html/draft-ietf-smime-3851bis-11)for encoding the cert chain, which seems like overkill. Why not just saythat proof-type attribute-cert has sub-elements, like<proof xmlns='urn:ietf:params:xml:ns:dna'
          from='asserted.tld'
          type='urn:ietf:params:dna:proof:attribute-cert'>
     <ac>
       (base64 of AC)
     </ac>
     <pkc>
       (base64 of issuer PKC)
     </pkc>
     <pkc>
       (base64 of intermediate PKC that issued issuer PKC)
     </pkc>
   </proof>

We could do that, but it's not like what we picked is new. certs-onlyhas been around since before '99 (see RFC 2633). I guess I don't reallyhave a strong opinion one way or another. If we're not going to usePKCS#7 should we use <X509Certificate> from XMLDSig?

What do you guys think? You probably discussed all these things to deathand i'm just late to the party...


Cheers,
spt

Dirk.


------------------------------------------------------------------------

_______________________________________________
xmpp mailing list
xmpp at ietf.org
https://www.ietf.org/mailman/listinfo/xmpp

Follow-Ups:
- Re: [xmpp] draft-hildebrand-dna-00
  - From: Bernard Aboba

References:
- Re: [xmpp] draft-hildebrand-dna-00
  - From: Dirk Balfanz

Prev by Date: Re: [xmpp] draft-hildebrand-dna-00
Next by Date: Re: [xmpp] the stream negotiation process
Previous by thread: Re: [xmpp] draft-hildebrand-dna-00
Next by thread: Re: [xmpp] draft-hildebrand-dna-00
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.