IETF Logo Mail Archive

Re: [Ace] WGLC for draft-ietf-ace-coap-est

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Fri, 22 February 2019 21:00 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 048E9130E5F for <ace@ietfa.amsl.com>; Fri, 22 Feb 2019 13:00:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.502
X-Spam-Level:
X-Spam-Status: No, score=-14.502 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q5bRBcjM94d1 for <ace@ietfa.amsl.com>; Fri, 22 Feb 2019 13:00:23 -0800 (PST)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97AD3130E5E for <ace@ietf.org>; Fri, 22 Feb 2019 13:00:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17474; q=dns/txt; s=iport; t=1550869223; x=1552078823; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=HyC3sRAQKh7nIFnvRwPlIDTObJbKjECVC2IAeac3cF8=; b=O6og4ZolupFEkNM9J1wdiq7S86blwkQOYR/W14hWnY78iVOcHphKKT5G 6/xShq4aesk73k4/FSiVnhyFHpYVijdwc/Mcq+hvyjvdN7hTF3E1Ij3YQ Mu6/njqRJ56/hPrIj3uuRsyAurUGOnMHhV/DI29i/egQVEXih9oA7qtRk Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ADAABiYnBc/5FdJa1kGQEBAQEBAQEBAQEBAQcBAQEBAQGBUQQBAQEBAQsBgVkqZ4EDJwqMF41nfJciFIFnCwEBGA2ERwKDfiI0CQ0BAwEBAgEBAm0cDIVKAQEBAQIBAQE4LQcLBQcEAgEIEQQBAQEeECcLHQgBAQQOBQiDGYFqCA+tAoQvAYV7BYxIF4FAP4ERgl01gx4BAQIYgS8ChXcCigaZUwkChzyDb4crIYFxhVuCPIEFhkiBOol+hiCMPgIRFIEoHziBVnAVO4JsgiUDF4EAAQiCQoUUhT9BMY0+B4EngR8BAQ
X-IronPort-AV: E=Sophos;i="5.58,401,1544486400"; d="scan'208";a="519676832"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 22 Feb 2019 21:00:12 +0000
Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x1ML06o8023097 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 22 Feb 2019 21:00:11 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Fri, 22 Feb 2019 15:00:05 -0600
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com ([173.36.7.20]) with mapi id 15.00.1395.000; Fri, 22 Feb 2019 15:00:05 -0600
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Klaus Hartke <hartke@projectcool.de>
CC: "ace@ietf.org" <ace@ietf.org>, Jim Schaad <ietf@augustcellars.com>
Thread-Topic: [Ace] WGLC for draft-ietf-ace-coap-est
Thread-Index: AdSrvXSIvNnigqRdTGScym0guMdeAQXbpEIAACaWOEA=
Date: Fri, 22 Feb 2019 21:00:05 +0000
Message-ID: <9c257f8ffa27435fbe8a24a8c7c25c31@XCH-ALN-010.cisco.com>
References: <003701d4abbe$0cfab580$26f02080$@augustcellars.com> <CAAzbHvYwEY8TGgNbVPpwo03gQ-j6M4xkVLTZJaSYiLYhZhKMaQ@mail.gmail.com>
In-Reply-To: <CAAzbHvYwEY8TGgNbVPpwo03gQ-j6M4xkVLTZJaSYiLYhZhKMaQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.82.252.40]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Outbound-SMTP-Client: 173.37.102.20, xch-rcd-010.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/ATfnFCeX-PNTwDqSoIKYfQ_jG6w>
Subject: Re: [Ace] WGLC for draft-ietf-ace-coap-est
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Feb 2019 21:00:27 -0000

Hi Klaus,

Thanks for the thorough review. 

All your issues identified are tracked here https://github.com/SanKumar2015/EST-coaps/issues?utf8=%E2%9C%93&q=is%3Aissue+%22Klaus+WGLC%22 . We tried to address all of them. The fixes we are putting in are spelled out in the github issues themselves. The actual latest version of the draft is https://github.com/SanKumar2015/EST-coaps/blob/master/draft-ietf-ace-coap-est.txt 

After proof reading the draft one more time we will upload early next week. 

Below I am answering some of the questions you asked in your review. 

> 4. -- Is this section about the generated certificates or the DTLS connection between the client and the server? If the latter, this section is weird, because RFC 7252 already does define MTI cipher suites and extensions, and I see no reason why an application layered on top of CoAP needs to restate all of that.

This section describes how the (D)TLS profile defined in RFC7925 is used by EST-coaps. It was asked by the original ACE co-chair to show conformance with ACE profiles.  It touches on the client server authentication, the tunnel ciphersuites. It explains how the EST-coaps data exchange is secured thereby preventing eavesdropping, tampering, and message forgery. We wanted to spell out for implementers which parts of RFC7925 they should take into consideration instead of just pointing them to RFC7925 or RFC7252 etc. 

> 4. "The authentication of the EST-coaps client MUST be with a client certificate in the DTLS handshake." -- Why? Why can't a client communicate with a server using any other secure mechanism with client authentication? Or is this just the MTI mechansim?

The issue is that EST mandates HTTP Basic or Digest Auth and/or client cert auth. HTTP Auth is not defined for COAP application as far as we know. So, for EST-coaps, the only viable authentication method is mutual cert auth. Other client auth methods could be defined, but are outside the scope of this draft. 
 
> 5.1. "Arbitrary Labels are usually defined and used by EST CAs in order to route client requests to the appropriate certificate profile." -- I assume that a client needs to construct URIs from the well-known path "/.well-known/est", the Arbitrary Label and one of the suffixes. How does a client determine which Arbitrary Label to use?

That is configured on the client out of band depending on the CA that generates the certs. It is outside the scope of EST or EST-coaps. 

> 5.1. "The EST-coaps server URIs, obtained through discovery of the EST-coaps root resource(s) as shown below, are of the form:" -- If a client discovers the URIs from "/.well-known/core" (annotated with "ace.est.crts", "ace.est.sen", etc.), is this table 1 still needed? If not, I would recommend that only the 'rt'  values are standardized ("ace.est.crts", "ace.est.sen", etc.) and all paths are left to the implementation, in accordance with BCP 190.

We intend to require /.well-known URIs so that resource discovery is not mandatory for pre-configured client deployments. Discovery is optional when non-default URIs are needed to save URI space. Feel free to check the text in https://github.com/SanKumar2015/EST-coaps/issues/123 where I edited the resource discovery text to make it clearer. 

> 5.1. "Discoverable port numbers MAY be returned in the <href> of the payload [I-D.ietf-core-resource-directory]." -- What does this mean?
> And what does Resource Directory have to do with EST?

We needed a way to be able tell the client that the resource is hosted on another port but the reference to  I-D.ietf-core-resource-directory is removed after Jim last WGLC We no longer use anchors, just an href in the payload. Check out https://github.com/SanKumar2015/EST-coaps/issues/136  

> 5.2. "Table 2 specifies the mandatory-to-implement or optional implementation of the est-coaps functions." -- How does a client discover which functions are implemented?

Client pre-configuration or optionally resource discovery. We added a reference to the discovery section. 

> 5.3. "Content-Format TBD287 can be used in place of 281" -- It's a bit difficult to see what TBD287 and 281 mean without scrolling all the way down and scrolling back up. Maybe include the table here to make the section easier to read?

I don't think that is necessary as we are stating that TBD287 and 281 "to carry a single certificate instead of a PKCS#7 container in a /crts, /sen, /sren or /skg response ". Also there is a reference to the IANA section in the paragraph above. 

> 5.7. "After a delay of Max-Age, the client SHOULD resend the identical CSR to the server." -- Just for my understanding: Does the submission of a specific CSR always lead to the same output, or can it happen (e.g., if the client submits an identical CSR weeks or months later) that the client would get a different output?

Submitting the same CSR will likely give the client a different output. The reason is that the server cert profile may have changed, but more importantly the issued certificate will have a different lifetime and thus signature value. 

> 5.7. "... or the client abandons for other reasons." -- Does the client need to signal in some way when it wants to abandon?

When the server asks the client to come back in x amount of time, it does not keep state of the client and thus will not care if he returns or not. So, we don't need to require the client to signal that he is giving up. 

> 5.8. "containing a CBOR array with four items Section 5.3" -- Do the two representations (each consisting of two CBOR array items) have to be in a particular order or can they appear in any order?

Any order is fine, since the you can tell what format each representation carries. 

> 6. "In a constrained CoAP environment, endpoints can't always afford to establish a DTLS connection for every EST transaction." -- I'm not aware of any requirement that says CoAP clients must establish a new DTLS connection for every request...

EST mandates using a new truststore after a cacerts request which most usually means a new TLS connection. We can't always require the client to do that in a constrained environment and thus this text. 

> I didn't review the appendices.

Pity, we are sure you could still uncover nits in there. 

Rgs,
Panos



-----Original Message-----
From: Ace <ace-bounces@ietf.org> On Behalf Of Klaus Hartke
Sent: Tuesday, February 12, 2019 12:38 PM
To: Jim Schaad <ietf@augustcellars.com>
Cc: ace@ietf.org
Subject: Re: [Ace] WGLC for draft-ietf-ace-coap-est

Jim Schaad wrote:
> The chairs believe that the EST over CoAP draft is nearing the point 
> it should be sent to the IESG for publication.  We are therefore going 
> to have a Working Group Last Call on this document.  WGLC will until 
> 29th of this month.  Please review the document and send comments both 
> positive and negative to the list about its state.

I've performed a quick review of draft-ietf-ace-coap-est-08. Sorry for being late to the party.

2. "Therefore, this specification utilizes DTLS [RFC6347], CoAP [RFC7252] and UDP instead of TLS [RFC8446], HTTP [RFC7230] and TCP."
-- Is there a technical reason why EST could not be done over CoAP over TCP, TLS, WebSockets, or SMS?

I understand that it was fashionable at some point to fork a protocol like HTTP, layer some stuff on top of it and call it a new protocol.
However, I would strongly recommend that EST-coaps is presented as an application that is strictly layered on top of CoAP and doesn't define its own custom protocol stack.

4. -- Is this section about the generated certificates or the DTLS connection between the client and the server? If the latter, this section is weird, because RFC 7252 already does define MTI cipher suites and extensions, and I see no reason why an application layered on top of CoAP needs to restate all of that.

4. "The authentication of the EST-coaps client MUST be with a client certificate in the DTLS handshake." -- Why? Why can't a client communicate with a server using any other secure mechanism with client authentication? Or is this just the MTI mechansim?

5.1. The use of the well-known path "/.well-known/est" seems to follow the letter of BCP 190 but not the spirit. I don't see any reason why a well-known path is needed here. In fact, as the section emphasizes, short paths are important and an implementation will there likely want to do the "/.well-known/core"-based discovery of URIs. I would recommend that the entire use of "/.well-known/est" is dropped.

5.1. "Arbitrary Labels are usually defined and used by EST CAs in order to route client requests to the appropriate certificate profile." -- I assume that a client needs to construct URIs from the well-known path "/.well-known/est", the Arbitrary Label and one of the suffixes. How does a client determine which Arbitrary Label to use?

5.1. "The EST-coaps server URIs, obtained through discovery of the EST-coaps root resource(s) as shown below, are of the form:" -- If a client discovers the URIs from "/.well-known/core" (annotated with "ace.est.crts", "ace.est.sen", etc.), is this table 1 still needed? If not, I would recommend that only the 'rt'  values are standardized ("ace.est.crts", "ace.est.sen", etc.) and all paths are left to the implementation, in accordance with BCP 190.

5.1. "Clients and servers MUST support the short resource URIs. The corresponding longer URIs from [RFC7030] MAY be supported." -- Does this provide any benefit or is it just to annoy implementers? Like, we can have short paths, we can have long paths, we cannot decide, so let's have ALL OF THEM!

5.1. "In the context of CoAP, the presence and location of (path to) the management data are discovered by sending a GET request to "/.well-known/core" including a resource type (RT) parameter with the value "ace.est" -- I understand that EST defines the operations on the resources labeled with annotated with "ace.est.crts", "ace.est.sen", etc. but I don't understand what I can do with a resource that is annotated with "ace.est".

5.1. "The first line of the discovery response above MUST be included.
The five consecutive lines after the first MAY be included." -- When would I include what?

5.1. "The return of the content types allows the client to choose the most appropriate one." -- Does the example actually match what a server returns? E.g., does ct="62 280 284 281 TBD287" mean that a server actually returns a TBD287 representation or would it always be a 62 (multipart) representation that happens to contain a TBD287 representation?

5.1. "Port numbers, not returned in the example, are assumed to be the default numbers 5683 and 5684 for CoAP and CoAPS respectively" -- No need to make any assumptions. This is exactly what RFC 7252 specifies.
Please don't make any normative statements that just repeat (or
contradict) what RFC 7252 says.

5.1. "Discoverable port numbers MAY be returned in the <href> of the payload [I-D.ietf-core-resource-directory]." -- What does this mean?
And what does Resource Directory have to do with EST?

5.1. " The server MUST support the default /.well-known/est server root resource and port 5684." -- As said above, I would drop this entirely.

5.1. "Resource discovery is necessary when the IP address of the server is unknown to the client." -- Assuming that "resource directory" refers to "/.well-known/core"-based discovery of URIs, then this is wrong. If the IP address of a server is not known, then a client cannot retrieve the "/.well-known/core" of that server.

5.2. "Table 2 specifies the mandatory-to-implement or optional implementation of the est-coaps functions." -- How does a client discover which functions are implemented?

5.3. "Content-Format TBD287 can be used in place of 281" -- It's a bit difficult to see what TBD287 and 281 mean without scrolling all the way down and scrolling back up. Maybe include the table here to make the section easier to read?

5.3. "If an Accept Option is not included in the request, the client is not expressing any preference and the server SHOULD choose format 281.  If the preferred Content-Format cannot be returned, the server MUST send a 4.06 (Not Acceptable) response, unless another error code takes precedence for the response [RFC7252]." -- Please don't make any normative statements that repeat (or contradict) what RFC 7252 says.

5.3. "*application/multipart-core*" -- Formatting missing?

5.3. "The collection is encoded as a CBOR array [RFC7049] with an even number of elements. ..." -- This is already described in [I-D.ietf-core-multipart-ct]. Is there any reason why the text needs to be duplicated?

5.4. "All EST-coaps messages expect a response from the server, thus the client MUST send the requests over confirmable CON CoAP messages."
-- The use of confirmable messages for requests is completely unrelated to whether a response is expected or not. Also, it is entirely inappropriate for an application layered on top of CoAP to mandate the message type.

5.4. "The Ver, TKL, Token, and Message ID values of the CoAP header are not affected by EST." -- And it would be entirely inappropriate if they were. So I'm not sure what to do with this information.

5.4. "The CoAP Options used are Uri-Host, Uri-Path, Uri-Port, Content-Format, Accept and Location-Path." -- Of course, a server must be prepared to receive requests that include other kinds of options (such as "ETag" or "If-Match") and handle these in accordance to RFC 7252.

5.4. "The CoAP Options used are Uri-Host, Uri-Path, Uri-Port, Content-Format, Accept and Location-Path." -- The Block options seem to be missing.

5.4. "The Uri-Host and Uri-Port Options are optional." -- No, these options are not optional. They just can be encoded very efficiently (in 0 bytes) if they happen to have their default value.

5.4. "They are usually omitted as the DTLS destination and port are sufficient." -- No. The default values of the options are the IP destination address and UDP port, respectively (in CoAP-over-UDP).

5.4. "Alternatively, if a UDP port to a server is blocked, someone could send the DTLS packets to a known open port on the server and use the Uri-Port to convey the intended port he is attempting to reach."
-- Where is that coming from? Sounds extremely weird.

5.5. "Response code HTTP 202 Retry-After that existed in EST" -- HTTP doesn't have response codes. And there is no status code named "Retry-After" in HTTP.

5.5. "Moreover, if the Content-Format requested in the client Accept Option, is not supported the server MUST return a 4.06 (Not Acceptable), unless another error code takes precedence for the response." -- Please don't make any normative statements that repeat (or contradict) what RFC 7252 says.

5.7. "In particular, a slow server can respond to an EST-coaps enrollment request with an empty ACK with code 0.00, before sending the certificate to the server after a short delay." -- ...before sending the certificate to the *client*?

5.7. "After a delay of Max-Age, the client SHOULD resend the identical CSR to the server." -- Just for my understanding: Does the submission of a specific CSR always lead to the same output, or can it happen (e.g., if the client submits an identical CSR weeks or months later) that the client would get a different output?

5.7. "... or the client abandons for other reasons." -- Does the client need to signal in some way when it wants to abandon?

5.8. "containing a CBOR array with four items Section 5.3" -- Missing word between 'items' and 'Section'

5.8. "containing a CBOR array with four items Section 5.3" -- Do the two representations (each consisting of two CBOR array items) have to be in a particular order or can they appear in any order?

6. "DTLS Transport Protocol" -- This section seems to have the same topic as section 4. Merge section 4 into section 6?

6. "In a constrained CoAP environment, endpoints can't always afford to establish a DTLS connection for every EST transaction." -- I'm not aware of any requirement that says CoAP clients must establish a new DTLS connection for every request...

6. "To alleviate this situation, an EST-coaps DTLS connection MAY remain open for sequential EST transactions." -- An application layered on top of CoAP shouldn't mandate a particular way in which DTLS is used.

8. "Parameters" -- An application layered on top of CoAP shouldn't mandate CoAP congestion control parameters.

10.2. "This EST resource is used to query and return the supported EST resources of a CoAP server." -- Is there any specification for how to query and return the supported EST resources?

I didn't review the appendices.

Klaus

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email