@izaya
-
@izaya @Gaelan @theresnotime I have an SSH CA kept on a Yubikey in a drawer which signs keys kept on the Yubikey I carry with me, the one which sits in my desktop USB hub, and in my MacBook secure enclave
Notice that all of these are held in hardware :3 -
@erincandescent @Gaelan @theresnotime @izaya Oh no, not an CA
-
-
@erincandescent @Gaelan @theresnotime @izaya EDIT: I misremebered actually, OpenSSH uses its own format and not X.509. Yay!
-
@dequbed @erincandescent @Gaelan @theresnotime @izaya the IETF was discussing X.509 for SSH at the last meeting though
-
@q @dequbed @erincandescent @theresnotime @izaya no wtf stop
-
@Gaelan @dequbed @erincandescent @theresnotime @izaya something something CA/BF
-
@q @Gaelan @dequbed @theresnotime @izaya there have been patches with X.509 support for a long time
in fact it might even be an RFC
-
@q @Gaelan @dequbed @izaya @theresnotime tbh it would be fine, let people reuse their existing CA infrastructure
-
@q @erincandescent @Gaelan @theresnotime @izaya oh really? Given that secsh has concluded a few years ago, under what wg? Or wg-independent?
-
@erincandescent @Gaelan @theresnotime @dequbed @izaya the room was seemingly not aware that was already an RFC
-
@q @Gaelan @theresnotime @dequbed @izaya Anyway X.509 is fiiine and it would sure be convinient to not have to run multiple PKIs.
-
@erincandescent @Gaelan @theresnotime @dequbed @izaya OpenSSH was in violent disagreement
-
@q @Gaelan @theresnotime @dequbed @izaya skill issue
-
@q @Gaelan @dequbed @izaya @theresnotime Lets be honest the main objection is βASN.1 hard and ickyβ and
- ASN.1 is friend
- BER/DER is just not that hard
-
@erincandescent @Gaelan @theresnotime @q @dequbed @izaya I've worked with LDAP and I'm in maybe not violent but quite firm disagreement about ASN.1 being friend.
-
@viq @Gaelan @theresnotime @q @dequbed @izaya Iβm not so sure how much this is about ASN.1 vs about LDAP which is this horrible stringly typed thing half-pretending to be ASN.1, giving the worst of both worlds
I was looking at an LDAP server the other day wondering what the OID defining a specific attribute was and IT WAS A STRING. WHY IS THAT POSSIBLE?!
-
@erincandescent @Gaelan @theresnotime @q @izaya Speaking with my cryptographer hat on, X.509 is not fine. And no, it's not about DER. ASN.1/DER is fine, it's about as horrible as all other binary formats.
-
@dequbed @Gaelan @theresnotime @q @izaya cryptographically theyβre basically identical. Heck, I expected to be conceding βOK, SSH CAs use RSA with PSS instead of PKCS#1 v1.5 padding but no, weβre still using PKCS#1 v1.5 padding in a standard defined in 2018! :drgn_knife_angry:
So cryptographically thereβs no difference between SSH
rsa-sha2-256
and X.509{iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) sha256WithRSAEncryption(11)}