[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: New draft - NULL Public Key Signatures

To: "Stephen Kent" <kent@xxxxxxxxxxx>
Subject: RE: New draft - NULL Public Key Signatures
From: "Phillip M Hallam-Baker" <pbaker@xxxxxxxxxxxx>
Date: Tue, 26 Oct 1999 10:52:14 -0400
Cc: <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>

Steve,

	Yes, I agree that the joke is pretty funny. I don't think turning
it into an RFC would improve the joke, and we may well find that the
joke ends up being on us.

	Given the ability of companies to mess up big time I can well imagine
some company selling a product claiming to be PKIX compliant, offering only
the NULL signature, export rules, licensing restrictions already mean that
many products ship requiring a crypto engine to be obtained elsewhere.

	If the product runs without security it is inevitable that someone will
use it without. I remember a while back when I persuaded a company that they
had a problem with a crypto implementation, sent them extensive
documentation
on the changes needed. A year later the product was broken with great media
fanfare. Turns out my memo had made it to the documentation but not the
code.

	Or it may just be that I am in a particularly humourless mood given
that there are a couple of nuclear plants in the vicinity and I have been
assured via the television that the events which occurred in Japan could
not occur in the US by 'experts' who clearly lack the level of knowledge of
nuclear processes taught at UK high schools.


	This thing we are building has to be usable by folk who _have_ a
degree in Nuclear Physics :-)


	Folk who need a NULL signature for Test purposes will probably find
that SHA-1 or MD5 can be used to the same effect, with the significant
advantage that integrity problems are revealled. I have a serious concern
that applying NULL in the context envisaged by Marc may remove an integrity
check which in the pure SSL context is not significant but which becomes
significant in a hybrid SSL/message passing system.

	The overhead of SHA-1 is low, we already have the OID. Ergo no need
for a NULL draft to confuse the befuddled holders of doctorates in nuclear
physics.


		Phill


> -----Original Message-----
> From: Stephen Kent [mailto:kent@po1.bbn.com]
> Sent: Monday, October 25, 1999 10:15 PM
> To: Phillip M Hallam-Baker
> Cc: ietf-pkix@imc.org
> Subject: RE: New draft - NULL Public Key Signatures
>
>
> Phill & Marc,
>
> This draft, which Ambarish and I discussed months ago, is written in the
> same spirit as RFC 2410, the NULL encryption algorithm and its use in ESP.
> Maybe we can clue in the otherwise clusless in the security considerations
> section, but we have precedent for this style of RFC. I didn't think of it
> as anything but a fun document which serves a very minimal (technical)
> purpose, but maybe my co-conspirator had more ambitious plans.
>
> Steve
>

Follow-Ups:
- Re: New draft - NULL Public Key Signatures
  - From: Marc Branchaud
- RE: New draft - NULL Public Key Signatures
  - From: Paul Koning

References:
- RE: New draft - NULL Public Key Signatures
  - From: Stephen Kent

Prev by Date: I-D ACTION:draft-ietf-pkix-roadmap-04.txt
Next by Date: RE: New draft - NULL Public Key Signatures
Previous by thread: Re: New draft - NULL Public Key Signatures
Next by thread: RE: New draft - NULL Public Key Signatures
Index(es):
- Date
- Thread