IETF Logo Mail Archive

Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 16 July 2019 17:55 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EAA0120C00; Tue, 16 Jul 2019 10:55:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m1-82cltp8nv; Tue, 16 Jul 2019 10:55:36 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D8AA120BEE; Tue, 16 Jul 2019 10:55:33 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id B51C33808A; Tue, 16 Jul 2019 13:55:29 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 60A0BB52; Tue, 16 Jul 2019 13:55:32 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Adam Roach <adam@nostrum.com>
cc: draft-ietf-anima-bootstrapping-keyinfra@ietf.org, Toerless Eckert <tte+ietf@cs.fau.de>, anima@ietf.org, The IESG <iesg@ietf.org>, anima-chairs@ietf.org
In-Reply-To: <4679fba2-fdc9-e5ed-3474-12f4e26eca05@nostrum.com>
References: <156282703648.15280.17739830959261983790.idtracker@ietfa.amsl.com> <17580.1562874933@localhost> <4679fba2-fdc9-e5ed-3474-12f4e26eca05@nostrum.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 16 Jul 2019 13:55:32 -0400
Message-ID: <6413.1563299732@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/1wOb0xToUILkwI33qzPfdF24cog>
Subject: Re: [Anima] Adam Roach's Discuss on draft-ietf-anima-bootstrapping-keyinfra-22: (with DISCUSS and COMMENT)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 17:55:39 -0000

Adam Roach <adam@nostrum.com> wrote:
    mcr> *** but manufacturers have to want to do it ***


    adam> I completely agree with everything you just said, and sincerely
    adam> thank you for the work you've done in this area. I think where our
    adam> perspectives might diverge is our beliefs about what *we*, the
    adam> IETF, can do about it in this specific case.

    adam> The IETF, as a matter of practice, includes normative statements in
    adam> documents all the time regarding processes that conformant
    adam> implementations "MUST" follow for the sake of security. In many
    adam> cases, the protocol works just fine if implementors ignore these
    adam> requirements, which means that implementation of them resolves to
    adam> exactly one thing:  manufacturers have to want to do it.

...

    adam> The smallest change that would satisfy my concern would be a statement
    adam> that says that devices conformant to this specification MUST contain a
    adam> local means of bootstrapping that does not rely on any specific server
    adam> being available.

I propose to add text to section 9:
  Applicability to the Autonomic Control Plane

that makes implementing something from 7.2 a normative MUST.

      <t>
        As specified in the ANIMA charter, this work "..focuses on
        professionally-managed networks."  Such a network has an operator
        and can do things like install, configure and operate the
        Registrar function.  The operator makes purchasing decisions
        and is aware of what manufacturers it expects to see on it's
        network.
      </t>
      <t>
        Such an operator is also capable of performing bootstrapping of a
        device using a serial-console (craft console). The zero-touch
        mechanism presented in this and the ACP document represents a
        significiant efficiency: in particular it reduces the need to
        put senior experts on airplanes to configure devices in person.
      </t>
      <t>
        There is a recognition as the technology evolves that not every
        situation may work out, and occasionally a human may still have to
        visit.  In recognition of this, some mechanisms are presented in
        <xref target="pledgeReductions" />. The manufacturer MUST provide at
        least one of the one-touch mechanisms described that permit
        enrollment to be proceed without availability of any manufacturer
        server (such as the MASA).
      </t>

I have additionally, added a fourth example to section 7.2:

   4.  A craft/serial console COULD include a command such as "est-
       enroll [2001:db8:0:1]:443" that begins the EST process from the
       point after the voucher is validated.  This process SHOULD
       include server certificate verification using an on-screen
       fingerprint.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [



--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email