ssh, x.509v3 certificates, and PKCS-7 ?

To: IETF ssh WG <ietf-ssh%netbsd.org@localhost>
Subject: ssh, x.509v3 certificates, and PKCS-7 ?
From: "RL 'Bob' Morgan" <rlmorgan%washington.edu@localhost>
Date: Fri, 18 Jan 2002 13:39:41 -0800 (PST)

The message below seems to be the last one on the list on this topic.  I
seem to also recall consensus at the August 2001 meeting to use PKCS-7
format for this.  But transport-11 doesn't mention this; its language
appears unchanged from that in transport-09 (and maybe before).  Does the
issue Joseph raises below remain unaddressed?

 - RL "Bob"

---------- Forwarded message ----------
Date: Tue, 7 Aug 2001 14:29:43 +0100
From: Joseph Galbraith <galb%vandyke.com@localhost>
To: ietf-ssh%netbsd.org@localhost
Subject: x.509v3 certificates...

****
**** I've included the algorithm string
**** in key packet clarification here even though we
**** forgot to talk about it in the meeting.  Please,
**** comment!
****
**** That's the part where it says:
****   string "x509v3-*"
****   string x.509v3 compatible der encoded certificate data
****

In the meeting we talked about x.509v3 certificates --
the problem is that when using smart cards, you
don't always have control over the hash algorithm
used.

So, we decided to change x.509v3 certificates to
use pkcs7 signatures, because otherwise, there
is no way to know what hashing algorithm was used.

As promised, here is the text.

Please comment on the changes -- silence means everyone
agrees with me, right?

Thanks,

Joseph Galbraith
galb-list%vandyke.com@localhost


--------- Transport draft, Section 4.6

(We might want to number the different sections
of this, so that ssh-dss becomes 4.6.1, ssh-rsa
becomes 4.6.2, and x509v3-* becomes 4.6.3)

    4.6.3 x.509v3 certificates

      The "x509v3-*" methods indicate that the certificates, the
      public key, and the resulting signature are in X.509v3 compatible
      DER-encoded format.  The formats used in X.509v3 are described in
      [RFC2459].  The formats used for signatures are described in
      [PKCS7].

      Note, that there is no such algorithm as "x509v3-*", but the
      * is used only in this document to denote all algorithms
      beginning with x509v3.

      There are currently two such algorithms defined:
        x509v3-sign-rsa      RECOMMENDED  sign    X.509 certificates (RSA
key)
        x509v3-sign-dss      RECOMMENDED  sign    X.509 certificates (DSS
key)

      The "x509v3-*" key format has the following generic encoding:

        string    "x509v3-*"
        string    x.509v3 compatible der encoded certificate data

      The resulting signature is encoded as follows:

        string    "pkcs7"
        string    PKCS-7 signature, DER encoded

      The "x509v3-sign-rsa" method indicates that the key
      (or one of the keys in the certificate) is an RSA-key.

      The "x509v3-sign-dss".  As above, but indicates that the key (or
      one of the keys in the certificate) is a DSS-key.

Prev by Date: Re: Section 3.2 of secsh-auth-kbdinteract-01
Next by Date: Re: [PATCH] Using TCP_NODELAY unconditionally
Previous by Thread: Re: Section 3.2 of secsh-auth-kbdinteract-01
Next by Thread: Re: [PATCH] Using TCP_NODELAY unconditionally
Indexes:

Home | Main Index | Thread Index | Old Index