Re: [Last-Call] Last Call: <draft-gutmann-testkeys-04.txt> (Standard PKC Test Keys) to Informational RFC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all,

If this document is to be published, it should list the SHA1/SHA256/SHA512 hashes of the keys for easier identification.

A completeness issue is the lack of key-pairs: many digital signature operations in context of PKI hierarchies require more than one key-pair to form chains. Should the document include tens of keys of each type?

I am not entirely sure what the purpose is of publishing keys which should not be used. Special casing information weakens the processing pipeline, and specifying “don’t use this information” is a form of distraction.

I very much question the usefulness of eicar.

In the security section the authors themselves anticipate the document might result in CVEs, which might be a reason not to publish this internet-draft as RFC.

Kind regards,

Job

On Thu, 15 Jun 2023 at 15:02, The IESG <iesg-secretary@xxxxxxxx> wrote:

The IESG has received a request from an individual submitter to consider the
following document: - 'Standard PKC Test Keys'
  <draft-gutmann-testkeys-04.txt> as Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@xxxxxxxx mailing lists by 2023-07-13. Exceptionally, comments may
be sent to iesg@xxxxxxxx instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   This document provides a set of standard PKC test keys that may be
   used wherever pre-generated keys and associated operations like
   digitial signatures are required.  Like the EICAR virus test and
   GTUBE spam test files, these publicly-known test keys can be detected
   and recognised by applications consuming them as being purely for
   testing purposes without assigning any security properties to them.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-gutmann-testkeys/



No IPR declarations have been submitted directly on this I-D.





_______________________________________________
IETF-Announce mailing list
IETF-Announce@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf-announce
-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux