IETF Logo Mail Archive

Re: [Ace] Secdir last call review of draft-ietf-ace-coap-est-15

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 02 December 2019 05:37 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0F901200B3; Sun, 1 Dec 2019 21:37:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -12.6
X-Spam-Level:
X-Spam-Status: No, score=-12.6 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=DIODU85x; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=Cw7W7OjB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MpxOX6Pd8Cxn; Sun, 1 Dec 2019 21:37:11 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57B1F12002F; Sun, 1 Dec 2019 21:37:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=6692; q=dns/txt; s=iport; t=1575265031; x=1576474631; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=8OrI4/o68e7BPNB0SZe+TBYj1xrdcrT53Bm+EOnZcGg=; b=DIODU85xPmwn6pcwEiExnrGyWDC5nq+aXRKWVP60tVqM7NdBn3WDmaiG WhcxDavyN5apmYrPeH/oBe04BZeynyc8tY1u4tHTqR/MmgykzmYXEiXpt pCtr3FaAkcukWP1Bzl3dC5MQkJf4obmGKFUYlhURj4x3QK0+6bqoAb/om Q=;
IronPort-PHdr: 9a23:egv+jhdX5z0ZaS+75ojij6Q7lGMj4e+mNxMJ6pchl7NFe7ii+JKnJkHE+PFxlwGQD57D5adCjOzb++D7VGoM7IzJkUhKcYcEFnpnwd4TgxRmBceEDUPhK/u/dy8zGdxLUlZN9HCgOk8TE8H7NBXf
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AeAAAmouRd/4ENJK1lDgsBAQEBAQEBAQEBAQEBAQEBAREBAQEBAQEBAQEBAYFtAQEBAQEBCwGBSiknBWxYIAQLKodxA4pzgl+JW44pgUKBEANUCQEBAQwBARgNCAIBAYRAAoIKJDcGDgIDDQEBBAEBAQIBBQRthQsIJAyFUgEBAQEDAQEQKAYBASwLAQsEAgEIEQQBAQEeECEGCx0IAgQOBQgagjVMgkYDLgECDKQQAoE4iGCCJ4J+AQEFgTUBg0sNC4IXAwaBNgGMFRqBQT+BEUeCHi4+ghtJAQGBHRMBEgEJGINAgiytUi5CCoIuhx6KIIQ2gkGHbY4RgWSXBoIUj0cCBAIEBQIOAQEFgWgjRCNxcBU7gmxQERSGQoYkDBeDUIUUhQQ7dAqBHosiDRcBghoBAQ
X-IronPort-AV: E=Sophos;i="5.69,268,1571702400"; d="scan'208";a="374824912"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 02 Dec 2019 05:37:09 +0000
Received: from XCH-ALN-008.cisco.com (xch-aln-008.cisco.com [173.36.7.18]) by alln-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id xB25b90Q022638 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 2 Dec 2019 05:37:09 GMT
Received: from xhs-aln-002.cisco.com (173.37.135.119) by XCH-ALN-008.cisco.com (173.36.7.18) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 1 Dec 2019 23:37:09 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Sun, 1 Dec 2019 23:37:08 -0600
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Sun, 1 Dec 2019 23:37:08 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fGKH3S1CEAwKnQRHbV587nESAqF3Esbe3+w5t31z7Rpvpba2Ojtp99UcHRxJuninWEH0DXk2KCoOroCas+rUCihJl/JqGPtXBbpo0+JH2fzu9YJF3sutdzpSNGqzl7SszmeSaZqQgZaxsI+SIBhfd3P1mnCbEAPNtU9XnQ0vxOBTOXQ+AtA0nCF5vnz0ahWNRCDuZiRc/mNL6+ZQ75y0cAprogP9ujmyb4EkXTxaH4rY1qTiD6+B5PQ4Rkf6lVhrvcOanhnwK+IFwqa8/KGC9rxd0dZdwxBfqMenPhVtQebzVtZ7CTeEjUejRZShXLR83jl25A80cnFhYqAjSuieDQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mSCuRdeiJ0rgVvQzKcXGLToNcoibR1vNylxYzlgA8m0=; b=G9D4rVPpQ85oH4YW/JC4kngylRgx9CusFu2O7s9fhREa5vBfQT7hLfnsd6ttIvpcChn/nXYHDBQidr4mcpsMpXn2eSfeGXrLNGT9gE8hKcr2UqJUPsqezFdfRPPRePJrT/NtCBcaUjWfEUQLZOm+iqACYhyJPTxLDQtc2RK38SOW0elHEAm3Dnih6uXiXtYrme6u2y17l515SrIarNUB5jGMBean/2HXfAoG6ZRuVi28eQMpqbqAlUkgSr3RYEneyMEX6+v53jGzABTyF7vnp9gypcIVxFnRD/bj0oRO+G7ZsS+4PZz+0qmP2UsMWmlgMDR1zcgDhX5Z+IrGzhdXJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mSCuRdeiJ0rgVvQzKcXGLToNcoibR1vNylxYzlgA8m0=; b=Cw7W7OjBVPenfs0ndWUX1U2NJy8KVPoh0r7r8u+UqlgUn5ga5eI8cR2AEx1L2WsDlSUbRwV+HXEnzrLgXnb1CUhBTaJFnLO7ENsuOjwe3u4wrIMme70Rs3Q3kp1HTaMz9dy0Iab5T8TDVgATgJAnpi4gkONLsaLgNteVsh9Wt+8=
Received: from BN7PR11MB2547.namprd11.prod.outlook.com (52.135.255.146) by BN7PR11MB2676.namprd11.prod.outlook.com (52.135.254.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.22; Mon, 2 Dec 2019 05:37:07 +0000
Received: from BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802]) by BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802%6]) with mapi id 15.20.2495.014; Mon, 2 Dec 2019 05:37:07 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Benjamin Kaduk <kaduk@mit.edu>
CC: Yaron Sheffer <yaronf.ietf@gmail.com>, "draft-ietf-ace-coap-est.all@ietf.org" <draft-ietf-ace-coap-est.all@ietf.org>, "ace@ietf.org" <ace@ietf.org>
Thread-Topic: [Ace] Secdir last call review of draft-ietf-ace-coap-est-15
Thread-Index: AQHVgcaC5NivFu6vxkuLEqSa/tiqS6ddYSVAgCr2zQCACSCUsIAVKBPA
Date: Mon, 02 Dec 2019 05:37:07 +0000
Message-ID: <BN7PR11MB2547FBBCEBBA7A91CE981C50C9430@BN7PR11MB2547.namprd11.prod.outlook.com>
References: <157097172245.20767.1326966836276837764@ietfa.amsl.com> <BN7PR11MB2547FDB1F0D64569496CEDAAC9920@BN7PR11MB2547.namprd11.prod.outlook.com> <20191112230600.GJ32847@kduck.mit.edu> <BN7PR11MB2547EF1967DB0D86AD6810BEC94D0@BN7PR11MB2547.namprd11.prod.outlook.com>
In-Reply-To: <BN7PR11MB2547EF1967DB0D86AD6810BEC94D0@BN7PR11MB2547.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c4:1001::10c]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a47d7af3-8a45-470a-1cfe-08d776e9ab9c
x-ms-traffictypediagnostic: BN7PR11MB2676:
x-microsoft-antispam-prvs: <BN7PR11MB267693BDBA0CA61F671397B0C9430@BN7PR11MB2676.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0239D46DB6
x-forefront-antispam-report: SFV:NSPM; SFS:(10001)(10009020)(4636009)(366004)(39860400002)(396003)(136003)(346002)(376002)(51444003)(199004)(189003)(13464003)(2906002)(2171002)(229853002)(9686003)(6246003)(66574012)(6306002)(478600001)(102836004)(14454004)(7736002)(86362001)(6916009)(66476007)(66556008)(64756008)(66446008)(4326008)(14444005)(76176011)(7696005)(6506007)(53546011)(966005)(25786009)(74316002)(71200400001)(71190400001)(256004)(186003)(52536014)(6436002)(54906003)(55016002)(6116002)(46003)(305945005)(446003)(8936002)(11346002)(76116006)(8676002)(5660300002)(81166006)(81156014)(33656002)(316002)(66946007)(99286004); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2676; H:BN7PR11MB2547.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Kv2EPC7uB+kdzHYacHcKwgdudFwzQ99TmJGdUIEN5vppkMxStSvd4GoOm6857FudC+jaOaj4B54EVHlnwaOusdgB8pNlcuCqgn3cPc3cgLHqwJDcXRyFvL1OkfnXBDbJLvU7xOmkmxNdo4HJCGzD5Gf7cSiSTFqXcxPcSNh7uBTixSSvwvtXnUmn61EcfmQaXR04kStw9+VLrYlwNhTW/pTPNNG8IQv5XR5R/Ko5VTlMJ9lT3oIfmh7w5Q2iv4GRj2DTkG/+ii4X8DYhI4u8rodiqydr7x55Jg8pPRLerCLzDezKDUI4rM3vWwocWT9VFIX4l350tNTexRy/sDXSI1tniobG3ZO/cb3TPitrjmJ4XDK2eJWfw/xhFZHEwpUh4PQciLctV8YOVjW1n0Vx8EuUfdMnFM5UEUHkxNiT9RNVwzG8rkVWXu+bwWqzHWUUjII8O7zQlVhG9esjySYHlZKOO7sxVvdu4n8DXV/byJKjwDx+wzY6imnxoyZqhmUCVemjFG2dUOGCxHRskiRB8ztolM8xvqSngCXmbw5f9amfCkpteoYFjFHrO80kH7fX
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: a47d7af3-8a45-470a-1cfe-08d776e9ab9c
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2019 05:37:07.2098 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KAPUys3nCbe1o1ed00sTy14O3JCFiArGjuOn8V18aitZ1In/FByo4KWYacxvBVu/pFaEJXmiCeGjzhcGuLSJIw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2676
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.18, xch-aln-008.cisco.com
X-Outbound-Node: alln-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/E7RA4v6tN6kx51fdu1l5RUH6XHE>
Subject: Re: [Ace] Secdir last call review of draft-ietf-ace-coap-est-15
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Dec 2019 05:37:14 -0000

Hi Ben,

Can you confirm if the diff https://github.com/SanKumar2015/EST-coaps/commit/53933bb9f93657955555f2302baef2e39709ae05 addresses your feedback? I will then re-upload it.  

Thanks,
Panos

-----Original Message-----
From: Ace <ace-bounces@ietf.org> On Behalf Of Panos Kampanakis (pkampana)
Sent: Monday, November 18, 2019 2:07 PM
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>; draft-ietf-ace-coap-est.all@ietf.org; ace@ietf.org
Subject: Re: [Ace] Secdir last call review of draft-ietf-ace-coap-est-15

Hi Ben,

All addressed, except for the last one. The diff is here https://github.com/SanKumar2015/EST-coaps/commit/53933bb9f93657955555f2302baef2e39709ae05 

My responses below in Pk> 

I will wait for your confirmation before I upload version 17.

Panos


-----Original Message-----
From: Benjamin Kaduk <kaduk@mit.edu>
Sent: Tuesday, November 12, 2019 6:06 PM
To: Panos Kampanakis (pkampana) <pkampana@cisco.com>
Cc: Yaron Sheffer <yaronf.ietf@gmail.com>; draft-ietf-ace-coap-est.all@ietf.org; ace@ietf.org
Subject: Re: [Ace] Secdir last call review of draft-ietf-ace-coap-est-15

Hi Panos,

On Wed, Oct 16, 2019 at 03:06:01PM +0000, Panos Kampanakis (pkampana) wrote:
> Hi Yaron,
> 
> Thank you for the thorough review and feedback. 
> 
> To make sure I don't miss any of your comments over an email thread, I track all your feedback in git issue 152 https://github.com/SanKumar2015/EST-coaps/issues/152 There I tried to address all your comments and question and clarify some points. 
> 
> I also pushed minor changes to fix a few of the issues you brought up. 
> The diff of the changes pushed is here 
> https://github.com/SanKumar2015/EST-coaps/commit/86d785f2122596f28674f
> e8e403d30467c98abfb
> 
> Please review the git issue and let us know if there are pending concerns. Otherwise I am planning to reupload a new iteration next week. 

Thanks for uploading the -16, and thanks again to Yaron for the very thoughtful review.

Sadly, I seem to have not looked at the github diff closely enough/in a timely fashion, so I think we'll need to publish a -17 before I can move this into IESG evaluation.  Here's my remaining notes:

Section 4

   Private keys can be transported as responses to a server-side key
   generation request as described in Section 4.4 of [RFC7030] and
   discussed in Section 5.8 of this document.

I think that, since Yaron brought it up, we should say "Section 4.4 of [RFC7030] (and subsections)".

PK> Fixed. 

   curve.  After the standardization of [RFC7748], support for
   Curve25519 will likely be required in the future by (D)TLS Profiles
   for the Internet of Things [RFC7925].

Sorry I missed this before -- "standardization" is a bit of a bugbear (7748 is Informational, not even Standards-Track, let alone full Internet Standard).

Pk> Replaced "standardization" with "publication". 

   In a constrained CoAP environment, endpoints can't always afford to
   establish a DTLS connection for every EST transaction.
   Authenticating and negotiating DTLS keys requires resources on low-
   end endpoints and consumes valuable bandwidth.  To alleviate this
   situation, an EST-coaps DTLS connection MAY remain open for
   sequential EST transactions.  For example, an EST csrattrs request
   that is followed by a simpleenroll request can use the same
   authenticated DTLS connection.  However, when a cacerts request is

I think we can also clarify that this "MAY remain open" is changing expectations from RFC 7030, where the expectation was that the TLS connection did not remain open.

Pk> I added " which was not the case in [RFC7030]"

Section 10.1

   the first DTLS exchange.  Alternatively, in a case where a /sen
   request immediately follows a /crts, a client MAY choose to keep the
   connection authenticated by the Implicit TA open for efficiency
   reasons (Section 4).  A client that interleaves EST-coaps /crts
   request with other requests in the same DTLS connection SHOULD
   revalidate the server certificate chain against the updated Explicit
   TA from the /crts response before proceeding with the subsequent
   requests.  If the server certificate chain does not authenticate
   against the database, the client SHOULD close the connection without
   completing the rest of the requests.  The updated Explicit TA MUST
   continue to be used in new DTLS connections.

I think Yaron was saying that "even if the optimization of keeping the DTLS connection open is useful in the general case, it is very risky and prone to misimplementation when combined with /crts".  So, if I can rephrase the propsal to be that we say something more like "even though in general the DTLS connection can remain open for efficiency (Section 4), after a /crts response, the client MUST close the DTLS connection and establish a new DTLS connection for subsequent EST exchanges", are there reasons that we shouldn't use that behavior?

Pk> I am not sure it is worth to add more complexity specific to /crts. 
Pk> We would be adding more complexity for the client to track if this 
Pk> TLS connection is a cacerts connection then I need to close it, if 
Pk> it is any other connection then I can interleave requests. I am not 
Pk> convinced that the risk is that big either. A malicious user that 
Pk> was authenticated by the Implicit DB could easily craft a cacerts 
Pk> response that allows him to be authenticated by the Explict DB. In 
Pk> other words an active attacker would have no problems of fooling the 
Pk> Explicit DB if he was allowed in by the Implicit DB. I think the 
Pk> whole issue here is conceptual. The moment we get a new Trust DB we 
Pk> need to trust it and not use the old one, but I don't think that 
Pk> keeping the connection open for one or two more requests is that 
Pk> risky. Even RFC7030 allows for it in the event that the client does 
Pk> not have an Implicit DB when it is starting
" The client MAY
   provisionally continue the TLS handshake to completion for the
   purposes of accessing the /cacerts or /fullcmc method. "
I think the language as it is now is pretty clear on what we are trying to do. And the Security Considerations spells out clearly. Of course, as always, some implementer could make a mistake, but that could happen with RFC7030 and any other RFC as well.  

_______________________________________________
Ace mailing list
Ace@ietf.org
https://www.ietf.org/mailman/listinfo/ace

v2.23.0 | Report a Bug | By Email