[kitten] SPAKE key usage and padata type assignments

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[kitten] SPAKE key usage and padata type assignments

Greg Hudson
I have assigned the following key usage numbers to SPAKE preauth:

65  KEY_USAGE_SPAKE_TRANSCRIPT
66  KEY_USAGE_SPAKE_FACTOR

Those assignments are sufficient to generate test vectors.  We also need
to assign a padata type.  RFC 6113 established an IANA registry for
padata types with new registrations subject to expert review.

I think it would be reasonable to ask for a padata type registration at
this time.  Aside from the addition of the edwards25519 group (which
would benefit from another non-coauthor +1), I am not aware of any open
questions which could lead to non-interoperable changes in the protocol.

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten
Reply | Threaded
Open this post in threaded view
|

Re: [kitten] SPAKE key usage and padata type assignments

Benjamin Kaduk-2
On Wed, Sep 13, 2017 at 12:57:28PM -0400, Greg Hudson wrote:
> I have assigned the following key usage numbers to SPAKE preauth:
>
> 65  KEY_USAGE_SPAKE_TRANSCRIPT
> 66  KEY_USAGE_SPAKE_FACTOR
>
> Those assignments are sufficient to generate test vectors.  We also need
> to assign a padata type.  RFC 6113 established an IANA registry for
> padata types with new registrations subject to expert review.

Subject to expert review, provided that they only authenticate clients
authenticate KDCs, and/or establish the reply key, which does appear to
be the case here.

> I think it would be reasonable to ask for a padata type registration at

I concur.  Would you like me to make the request with my chair hat?

> this time.  Aside from the addition of the edwards25519 group (which
> would benefit from another non-coauthor +1), I am not aware of any open
> questions which could lead to non-interoperable changes in the protocol.

Me, neither.

And yes, it would be very nice to have another no-coauthor +1.
Though my current inclination is that we should go ahead with that
change anyway, in the absence of any objections.

-Ben

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten
Reply | Threaded
Open this post in threaded view
|

Re: [kitten] SPAKE key usage and padata type assignments

Greg Hudson
On 09/13/2017 09:47 PM, Benjamin Kaduk wrote:
>> I think it would be reasonable to ask for a padata type registration at
>
> I concur.  Would you like me to make the request with my chair hat?

Sure, please do so.

_______________________________________________
Kitten mailing list
[hidden email]
https://www.ietf.org/mailman/listinfo/kitten