Hi, As Eliot writes it would have been better to talk about CertificateType, but it hard to see this as an RFC 9190 errata when RFC 8446 which RFC 9190 builds on says:
“If the RawPublicKey certificate type was negotiated”. I would strongly agree that RPK is not a certificate at all. The fact that it is not also has severe security implications. TLS 1.3 with a certificate is SIGMA-I while TLS with RPK is not SIGMA-I at all and vulnerable to more identity misbinding attacks. Maybe an errata should be filed on RFC 8446 instead? Cheers, John From: Paul Wouters <paul.wout...@aiven.io> Date: Wednesday, 4 September 2024 at 19:36 To: Eliot Lear <l...@lear.ch> Cc: Mohit Sethi <mo...@iki.fi>, RFC Errata System <rfc-edi...@rfc-editor.org>, John Mattsson <john.matts...@ericsson.com>, debcool...@gmail.com <debcool...@gmail.com>, j...@salowey.net <j...@salowey.net>, pe...@akayla.com <pe...@akayla.com>, emu@ietf.org <emu@ietf.org> Subject: Re: [Technical Errata Reported] RFC9190 (8094) On Wed, Sep 4, 2024 at 1:26 PM Eliot Lear <l...@lear.ch<mailto:l...@lear.ch>> wrote: On 04.09.2024 19:24, Paul Wouters wrote: But a raw key is in SPKI format isn't it? I would call that X.509 as well? Would you? I wouldn't. I might be biased as the author of RFC 7250, but it states: This document introduces the use of raw public keys in TLS/DTLS. With raw public keys, only a subset of the information found in typical certificates is utilized: namely, the SubjectPublicKeyInfo structure of a PKIX certificate that carries the parameters necessary to describe the public key. Other parameters found in PKIX certificates are omitted. By omitting various certificate-related structures, the resulting raw public key is kept fairly small in comparison to the original certificate, and the code to process the keys can be simpler. Only a minimalistic ASN.1 parser is needed; code for certificate path validation and other PKIX-related processing is not required. Note, however, the SubjectPublicKeyInfo structure is still in an ASN.1 format. Regardless, I don't think the errata for 9190 adds much value to am implementer who needs to read 7250 anyway. Paul
_______________________________________________ Emu mailing list -- emu@ietf.org To unsubscribe send an email to emu-le...@ietf.org
