On Wed, Mar 23, 2016 at 03:50:57AM -0400, Sharon Goldberg wrote:
>
> a) What certificate authority (CA) infrastructure will NTS use? The
> same one as is used for TLS?
>
> According to Hugo, today's TLS CA infrastructure makes it easier to
> obtain certificates for *signing keys* (that can be used for
> public-key (PK) signatures) than for *encryption keys* (that can be
> used for PK encryption). Also, most CAs only offer RSA keys for PK
> encryption, which has performance some issues for NTS's current KE,
> see * below.
An RSA key should have:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
If you don't have the "Key Encipherment" you wouldn't be able to
do an RSA key exchange.
An ECDSA certificate can only be used to sign.
A related question is if we should have special requirements for
certificates. For instance, is a domain validated certificate
good enough? Should we do OCSP? Can we staple the OCSP or should
the CAs support OCSP with a nonce?
Kurt
_______________________________________________
TICTOC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tictoc
