[rfc-i] draft-iab-rfc-use-of-pdf-01

Leonard Rosenthol lrosenth at adobe.com
Wed Feb 24 14:16:38 PST 2016


Thanks for the links, Russ.

However, it seems that this proposal is very US-centric and does not align with modern signature techniques as mandated by the EU and other countries such as CAdES (<https://en.wikipedia.org/wiki/CAdES_(computing)>). 

Is there a reason to “re-invent the wheel” instead of using existing standards? 

Leonard



On 2/24/16, 1:57 PM, "rfc-interest on behalf of Russ Housley" <rfc-interest-bounces at rfc-editor.org on behalf of housley at vigilsec.com> wrote:

>A new version of I-D, draft-housley-rfc-and-id-signatures-01.txt
>has been successfully submitted by Russell Housley and posted to the
>IETF repository.
>
>Name:		draft-housley-rfc-and-id-signatures
>Revision:	01
>Title:		Digital Signatures on RFC and Internet-Draft Documents
>Document date:	2016-02-24
>Group:		Individual Submission
>Pages:		17
>URL:            https://www.ietf.org/internet-drafts/draft-housley-rfc-and-id-signatures-01.txt
>Status:         https://datatracker.ietf.org/doc/draft-housley-rfc-and-id-signatures/
>Htmlized:       https://tools.ietf.org/html/draft-housley-rfc-and-id-signatures-01
>Diff:           https://www.ietf.org/rfcdiff?url2=draft-housley-rfc-and-id-signatures-01
>
>Abstract:
>  This document specifies the conventions for digital signatures on
>  RFCs and Internet-Draft documents.  For Internet-Drafts, the
>  Cryptographic Message Syntax (CMS) is used to create a detached
>  signature, which is stored in a separate companion file so that no
>  existing utilities are impacted by the addition of the digital
>  signature.  For RFCs, an embedded digital signature is included in
>  Portable Document Format (PDF) files types in addition to the
>  detached signature in a separate companion file.
>
>  This document (once approved) obsoletes RFC 5485.
>
>
>On Feb 24, 2016, at 4:50 PM, Leonard Rosenthol wrote:
>
>> The editor/IETF is doing the signing and not the author, correct?  If so, is this really the functional requirements?  Command line, I would assume, in order to integrate into the production workflow system - yes?   Why the multiple platforms - isn’t the production system in use a single entity?
>> 
>> However, to the question, there are numerous open source and commercial solutions that can be used for this purpose.
>> 
>> Leonard
>> 
>> 
>> 
>> 
>> On 2/24/16, 1:37 PM, "Joe Hildebrand (jhildebr)" <jhildebr at cisco.com> wrote:
>> 
>>> Can you point us to the tools that others are using for doing their signing?  We need something command-line based that works on a variety of platforms.
>>> 
>>> -- 
>>> Joe Hildebrand
>>> 
>>> 
>>> 
>>> 
>>> 
>>> On 2/24/16, 2:34 PM, "Leonard Rosenthol" <lrosenth at adobe.com> wrote:
>>> 
>>>> External Signing of PDFs is _NOT_ supported by any existing international standard.  All existing standards - from PDF (ISO 32000-1) to the various EU and ISO signature standards (PAdES, CAdES and XAdES) all align on the use of internal/embedded signatures inside of PDF.
>>>> 
>>>> So unless the IETF is willing to go against the rest of the world - including build their own tools for creation and validation of these signatures - I would STRONGLY advise against this direction.
>>>> 
>>>> Leonard
>>>> PDF Architect · Principal Scientist  |  Adobe Systems Incorporated  |  p. 408.536.2433  |  c. 215.808.4978  |  leonardr at adobe.com
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> On 2/24/16, 12:57 PM, "rfc-interest on behalf of Joe Hildebrand (jhildebr)" <rfc-interest-bounces at rfc-editor.org on behalf of jhildebr at cisco.com> wrote:
>>>> 
>>>>> Russ, Robert and I just had a quick chat about this.  Note that this is not an IAB opinion, just three individuals.  What we discussed:
>>>>> 
>>>>> 1- draft-iab-rfc-use-of-pdf, section 3.3 should remove its recommendation about signing I-Ds.  The use case we're worried about is someone submitting both a .txt and a .pdf containing a signature to the automated tools.  If the tools have to replace the existing author signature with one from the secretariat, the tools are going to be somewhat complex, and the document will change while it is in the repository, which is currently unprecedented.  If we're going to go down that road, we'll need to do some more careful analysis and ensure that the IESG and tools team are onboard.
>>>>> 
>>>>> 2- because of this, we think that doing an external signature for the I-Ds in the same way that we do them for the other formats (except for whitespace normalization) is still probably a good idea, even if we eventually do internal signatures.  Note: if we do both, the internal signature has to be added before the external signature is performed.
>>>>> 
>>>>> 3- For similar reasons, and because we think it might be easier to do algorithm agility with traceability later, we recommend that external signatures also be performed for PDFs of RFCs.  This is of less importance than for I-Ds, because the PDFs will almost always be produced by the RPC.
>>>>> 
>>>>> 4- draft-iab-rfc-use-of-pdf, section 3.3, paragraph 1 says "but also to lock down the visual presentation as well".  We're not sure if the current mechanism is going to do exactly that.  Can we either strike this clause or explore it with more text?
>>>>> 
>>>>> 5- Russ currently has an experiment going about how to do command-line signing of PDFs.  We really need the output of that experiment before we as a community lock down the final decisions here.  
>>>>> 
>>>>> -- 
>>>>> Joe Hildebrand
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> 
>>>>> On 2/23/16, 12:01 PM, "Joe Hildebrand (jhildebr)" <jhildebr at cisco.com> wrote:
>>>>> 
>>>>>> I think the question is whether they're signed inside the PDF doc, or after the doc is created in an external file like the ASCII files are.
>>>>>> 
>>>>>> If I recall correctly, we either decided we wanted all of the output formats signed the same way, or we decided that the XML was what needed to be signed, since the output formats might get re-rendered one day.
>>>>>> 
>>>>>> -- 
>>>>>> Joe Hildebrand
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On 2/23/16, 11:45 AM, "rfc-interest on behalf of Russ Housley" <rfc-interest-bounces at rfc-editor.org on behalf of housley at vigilsec.com> wrote:
>>>>>> 
>>>>>>> draft-iab-rfc-use-of-pdf-01 says:
>>>>>>> 
>>>>>>> Recommendation: At this time, the authors see no need for Internet-
>>>>>>> Drafts to be signed with a PDF digital signature.
>>>>>>> 
>>>>>>> The IETF Secretariat currently signs all I-Ds.  See RFC 5485.
>>>>>>> 
>>>>>>> It seems to me that the decision to sign I-Ds should be left to the IESG and IETF Secretariat.  I suggest that this be removed from the document.
>>>>>>> 
>>>>>>> Russ
>>>>>>> 
>>>>>>> _______________________________________________
>>>>>>> rfc-interest mailing list
>>>>>>> rfc-interest at rfc-editor.org
>>>>>>> https://www.rfc-editor.org/mailman/listinfo/rfc-interest
>>>>> _______________________________________________
>>>>> rfc-interest mailing list
>>>>> rfc-interest at rfc-editor.org
>>>>> https://www.rfc-editor.org/mailman/listinfo/rfc-interest
>> _______________________________________________
>> rfc-interest mailing list
>> rfc-interest at rfc-editor.org
>> https://www.rfc-editor.org/mailman/listinfo/rfc-interest
>
>_______________________________________________
>rfc-interest mailing list
>rfc-interest at rfc-editor.org
>https://www.rfc-editor.org/mailman/listinfo/rfc-interest


More information about the rfc-interest mailing list