Re: [TLS] Updated EdDSA/Ed25519 PKIX document

Thu, 24 Sep 2015 04:05:35 -0700 

"Manger, James" <james.h.man...@team.telstra.com> writes:

> Hi Simon, two technical typos:
>
> The example cert in 8.2 has the wrong OID for the signature.
> Cert has { 1 3 101 100 1 } [encoding 06 04 2B656401]
> Text has { 1 3 101 101 }   [encoding 06 03 2B6565]   for id-EdDSASignature

Hi James.  Good catch -- I believe that is a typo in the implementation.
I'll let Nikos fix that, but we'll update the examples in the document.

> OIDs use space-separated (not dot-separated) numbers in ASN.1.
> Section 4:
> Wrong { 1.3.101.100 }
> Right { 1 3 101 100 }
> Section 7
> Wrong { 1.3.101.101 }
> Right { 1 3 101 101 }

Fixed, thank you.

> The cert's notBefore field is a UTCTime value (2-digit year), while
> the notAfter field is a GeneralizedTime value (4-digit year). I don't
> think I has seen that before, but it is valid.

I suspect the logic in GnuTLS to pick one encoding over the other looks
at the date to see if it fits in a UTCTime value or not.  It shouldn't
be related to EdDSA.

/Simon

> --
> James Manger
>
>
> -----Original Message-----
> From: pkix [mailto:pkix-boun...@ietf.org] On Behalf Of Simon Josefsson
> Sent: Wednesday, 23 September 2015 6:33 PM
> To: p...@ietf.org; tls@ietf.org
> Subject: [pkix] Updated EdDSA/Ed25519 PKIX document
>
> Hi all,
>
> I have pushed out a new version of the document describing EdDSA public keys, 
> signatures and certificates for PKIX.  The change in -03 include the addition 
> of the prehash mode, test vectors generated by GnuTLS, and a section 
> recommending certain human readable names.
>
> https://tools.ietf.org/html/draft-josefsson-pkix-eddsa-03
>
> I've started a thread to discuss whether it is wortwhile to be able to use 
> the same Ed25519 key for both PureEdDSA mode and HashEdDSA signing, and I'd 
> appreciate feedback on whether people are interested in this and generally if 
> it is a good idea or not.  The complexity involved make me shy away a bit 
> from it, but it is fun to consider.  The thread is here:
> https://moderncrypto.org/mail-archive/curves/2015/000630.html
>
> /Simon
>
> _______________________________________________
> pkix mailing list
> p...@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix
>

Attachment: signature.asc
Description: PGP signature

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to