Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt

Michel Veillette <Michel.Veillette@trilliantinc.com> Tue, 01 November 2016 15:30 UTC

Return-Path: <Michel.Veillette@trilliantinc.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9763C129AA6; Tue, 1 Nov 2016 08:30:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.903
X-Spam-Level:
X-Spam-Status: No, score=-1.903 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=trilliant.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FBQBLqb9BRzn; Tue, 1 Nov 2016 08:30:29 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0137.outbound.protection.outlook.com [104.47.38.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CFBD129AB6; Tue, 1 Nov 2016 08:30:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Trilliant.onmicrosoft.com; s=selector1-trilliantinc-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=rlUHUzknxgNVNW+HFnXmDyPGJX8X9lKgKDCNFJVwq4U=; b=QQfH4mDVVN5xhRtSD4eW0Fbchl2ihyFHkab1EKoSYKL/xi2zDF5JYO/s0TBenv7qMeQE7YKPOP7qzVEZARMC6/4uHjl3RJSobv79k8u7mzZmKG24OYnyZ329OaMC0+HYTqgjzhnHlALSndLH1KPbeyITbiow8LYwhAXYXSNEjbk=
Received: from BN6PR06MB2308.namprd06.prod.outlook.com (10.173.19.139) by BN6PR06MB2611.namprd06.prod.outlook.com (10.173.145.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.693.12; Tue, 1 Nov 2016 15:30:27 +0000
Received: from BN6PR06MB2308.namprd06.prod.outlook.com ([10.173.19.139]) by BN6PR06MB2308.namprd06.prod.outlook.com ([10.173.19.139]) with mapi id 15.01.0679.015; Tue, 1 Nov 2016 15:30:26 +0000
From: Michel Veillette <Michel.Veillette@trilliantinc.com>
To: "consultancy@vanderstok.org" <consultancy@vanderstok.org>, Anima-bootstrap <anima-bootstrap@ietf.org>, Core <core@ietf.org>
Thread-Topic: [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
Thread-Index: AQHSMfbT9L6wtjR1qUmGz/IT6U8mBaDEQd4g
Date: Tue, 1 Nov 2016 15:30:26 +0000
Message-ID: <BN6PR06MB23085179D4DE382A6E21C125FEA10@BN6PR06MB2308.namprd06.prod.outlook.com>
References: <147775346922.30618.14590857285848221161.idtracker@ietfa.amsl.com> <e191cf557b00e7003048fac4e72ba59c@xs4all.nl>
In-Reply-To: <e191cf557b00e7003048fac4e72ba59c@xs4all.nl>
Accept-Language: fr-CA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michel.Veillette@trilliantinc.com;
x-originating-ip: [207.96.192.122]
x-microsoft-exchange-diagnostics: 1; BN6PR06MB2611; 7:B7fYQN55Pn5Q8pLf3MApLWHjyW1bBoshhLdSY0U3ck5lmUvUv2uCNZzy35XShCT8WWsQFMgTx2JVoGmxniSp0c574hDlutqTyayAPn8nlncPMBVLcRQMd33g9ZBrhE0eJhEHF5oG+rDvOXPc0G7+4ZRgmzwVmxt2KVVLKDcy6jUvMx9oF/hiZwkBLt+k9pyBJCWhZWLhiY9/yMSrbtZAEFbm30xhw2xbzentIermciwYPk/FS/Kc1dVNQIpz1ZJTqpeH11qsYJl2/nISPJsuRX4n/OOURGNP1k90zwCcWy+pVzx9qotu17Kl06L7GeLfD2bdLA7f3yYZzoFZKz/HS1M9nnsGNx+kByqj1iC9EOY=
x-forefront-antispam-report: SFV:SKI; SCL:-1SFV:NSPM; SFS:(10019020)(6009001)(7916002)(199003)(377454003)(377424004)(13464003)(189002)(2950100002)(7736002)(54356999)(15975445007)(5002640100001)(2900100001)(77096005)(76176999)(15650500001)(8676002)(50986999)(81166006)(86362001)(230783001)(81156014)(8936002)(3660700001)(101416001)(92566002)(2501003)(586003)(122556002)(74316002)(3280700002)(33656002)(9686002)(31430400001)(68736007)(2906002)(305945005)(107886002)(5660300001)(99286002)(105586002)(66066001)(189998001)(5001770100001)(3846002)(106116001)(6116002)(76576001)(102836003)(7846002)(19580405001)(7696004)(97736004)(19580395003)(87936001)(4001150100001)(10400500002)(106356001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR06MB2611; H:BN6PR06MB2308.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
x-ms-office365-filtering-correlation-id: 5a183daa-99a4-4415-4fc9-08d4026c011d
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN6PR06MB2611;
x-microsoft-antispam-prvs: <BN6PR06MB261191F38D0F99B8E137A3B0FEA10@BN6PR06MB2611.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105)(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:BN6PR06MB2611; BCL:0; PCL:0; RULEID:; SRVR:BN6PR06MB2611;
x-forefront-prvs: 01136D2D90
received-spf: None (protection.outlook.com: trilliantinc.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: trilliantinc.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Nov 2016 15:30:26.2392 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4f6fbd13-0dfb-4150-85c3-d43260c04309
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR06MB2611
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/feJyyot7hZWx503WGIjMsmpYgok>
Subject: Re: [Anima-bootstrap] [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 15:30:31 -0000

Hi Peter

In section 3 of "draft-vanderstok-core-coap-est-00", "Server-generated key" is listed as supported.
This service returns two components, a PKCS8 containing the private key material and a PKCS7 containing the device certificate chain.
In RFC7030, this information is returned using a Content-Type: multipart/mixed.
How this is supported in "draft-vanderstok-core-coap-est-00"?

     REQ: POST /.well-known/est/serverkeygen (Content-Format: application/pkcs10)
     <ASN.1 CertificationRequest>  // Certificate request carry in a PKCS10
  
    RES: 2.05 Content (Content-Format: ???)
    <ASN.1 ContentSet>            // Private key material for this node carry in a PKCS8
    <ASN.1 ContentInfo>           // Certificate and associated PKI for this node carry in a PKCS7

Regards,
Michel

-----Original Message-----
From: core [mailto:core-bounces@ietf.org] On Behalf Of peter van der Stok
Sent: Saturday, October 29, 2016 11:12 AM
To: Anima-bootstrap <anima-bootstrap@ietf.org>rg>; Core <core@ietf.org>
Subject: [core] Fwd: New Version Notification for draft-vanderstok-core-coap-est-00.txt

Dear all,

we have submitted a new draft  Enrollment over Secure Transport (EST) over coaps to make BRSKI over coap possible.
We expect (parts of) this draft to be integrated with coap-bootstrap draft of pritikin and Kampanakis.
This draft removes EST functionality not absolutely needed within the context we expect the BRSKI deployment for low-resource devices.

Greetings,

Peter

-------- Oorspronkelijke bericht --------
Onderwerp: New Version Notification for draft-vanderstok-core-coap-est-00.txt
Datum: 2016-10-29 17:04
Afzender: internet-drafts@ietf.org
Ontvanger: "Peter van der Stok" <consultancy@vanderstok.org>rg>, "Peter Van der Stok" <consultancy@vanderstok.org>rg>, "Sandeep Kumar" 
<ietf@sandeep.de>de>, "Sandeep S. Kumar" <ietf@sandeep.de>

A new version of I-D, draft-vanderstok-core-coap-est-00.txt
has been successfully submitted by Peter van der Stok and posted to the IETF repository.

Name:		draft-vanderstok-core-coap-est
Revision:	00
Title:		EST based on DTLS secured CoAP (EST-coaps)
Document date:	2016-10-29
Group:		Individual Submission
Pages:		15
URL:            
https://www.ietf.org/internet-drafts/draft-vanderstok-core-coap-est-00.txt
Status:         
https://datatracker.ietf.org/doc/draft-vanderstok-core-coap-est/
Htmlized:       
https://tools.ietf.org/html/draft-vanderstok-core-coap-est-00


Abstract:
    Low-resource devices in a Low-power and Lossy Network (LLN) can
    operate in a mesh network using the IPv6 over Low-power Personal Area
    Networks (6LoWPAN) and IEEE 802.15.4 link-layer standards.
    Provisioning these devices in a secure manner with keys (often called
    security bootstrapping) used to encrypt and authenticate messages is
    the subject of Bootstrapping of Remote Secure Key Infrastructures
    (BRSKI) [I-D.ietf-anima-bootstrapping-keyinfra].  Enrollment over
    Secure Transport (EST) [RFC7030], based on TLS and HTTP, is used for
    BRSKI.  This document defines how low-resource devices are expected
    to use EST over DTLS and CoAP. 6LoWPAN fragmentation management and
    minor extensions to CoAP are needed to enable EST over DTLS-secured
    CoAP (EST-coaps).




Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat

_______________________________________________
core mailing list
core@ietf.org
https://www.ietf.org/mailman/listinfo/core