Re: [perpass] PKCS#12 needs fix'n

2013-10-16 Thread Richard Barnes
CBOR does this pretty well: On Tue, Oct 15, 2013 at 4:18 PM, Phillip Hallam-Baker wrote: > > > > On Tue, Oct 15, 2013 at 5:18 AM, Paul Bakker wrote: > >> On Oct 15, 2013 Phillip Hallam-Baker wrote: >> >> > As for getting rid of Assanine 1, I wou

Re: [perpass] PKCS#12 needs fix'n

2013-10-15 Thread Phillip Hallam-Baker
On Tue, Oct 15, 2013 at 5:18 AM, Paul Bakker wrote: > On Oct 15, 2013 Phillip Hallam-Baker wrote: > > > As for getting rid of Assanine 1, I would love to get rid of it > completely. But as > > a pragmatic matter, there is just too much ASN.1 already. I have even had > to > > reluctantly write a ke

Re: [perpass] PKCS#12 needs fix'n

2013-10-15 Thread Paul Bakker
On Oct 15, 2013 Phillip Hallam-Baker wrote: > As for getting rid of Assanine 1, I would love to get rid of it completely. But as > a pragmatic matter, there is just too much ASN.1 already. I have even had to > reluctantly write a key signing format in Assanine.1 because having the cert > and key s

Re: [perpass] PKCS#12 needs fix'n

2013-10-14 Thread Phillip Hallam-Baker
On Fri, Oct 11, 2013 at 10:56 AM, Richard Barnes wrote: > I would note that the JSON Web Key [1] spec from the JOSE WG provides a > similar, much simpler format than PKCS#12. Just have JWK Set with one > public, unencrypted member, and one encrypted member: > > [ > { "kty": "RSA", "n": "...",

Re: [perpass] PKCS#12 needs fix'n

2013-10-11 Thread Richard Barnes
On Fri, Oct 11, 2013 at 2:26 PM, Carl Wallace wrote: > > From: Richard Barnes > Date: Friday, October 11, 2013 10:56 AM > To: Russ Housley > Cc: perpass , "Moriarty, Kathleen" < > kathleen.moria...@emc.com> > Subject: Re: [perpass] PKCS#12 needs fix'n

Re: [perpass] PKCS#12 needs fix'n

2013-10-11 Thread Carl Wallace
From: Richard Barnes Date: Friday, October 11, 2013 10:56 AM To: Russ Housley Cc: perpass , "Moriarty, Kathleen" Subject: Re: [perpass] PKCS#12 needs fix'n > I would note that the JSON Web Key [1] spec from the JOSE WG provides a > similar, much simpler format tha

Re: [perpass] PKCS#12 needs fix'n

2013-10-11 Thread Richard Barnes
ide an update without the right language in the document for the > transfer, since this would happen soon.**** > ** ** > Thank you, > Kathleen > ** ** > *From:* perpass-boun...@ietf.org [mailto:perpass-boun...@ietf.org] *On > Behalf Of *Phillip Hallam-Baker >

Re: [perpass] PKCS#12 needs fix'n

2013-10-10 Thread Russ Housley
etf.org [mailto:perpass-boun...@ietf.org] On Behalf Of > Phillip Hallam-Baker > Sent: Thursday, October 10, 2013 5:20 PM > To: perpass > Subject: [perpass] PKCS#12 needs fix'n > > Looking at some comments from Peter Guttman from way back he reports having a > large coll

Re: [perpass] PKCS#12 needs fix'n

2013-10-10 Thread Moriarty, Kathleen
without the right language in the document for the transfer, since this would happen soon. Thank you, Kathleen From: perpass-boun...@ietf.org [mailto:perpass-boun...@ietf.org] On Behalf Of Phillip Hallam-Baker Sent: Thursday, October 10, 2013 5:20 PM To: perpass Subject: [perpass] PKCS#12 needs fix&#

[perpass] PKCS#12 needs fix'n

2013-10-10 Thread Phillip Hallam-Baker
Looking at some comments from Peter Guttman from way back he reports having a large collection of PKCS#12 files with private keys and no password. Ooops So I am wondering if this might be one of the holes being exploited? It would be consistent with a lot of what we have heard. There seem to be