IETF Logo Mail Archive

Re: [Anima] RFC 8995, Voucher Signing, MASA Certificate Chain provisioning

"Fries, Steffen" <steffen.fries@siemens.com> Fri, 08 March 2024 13:47 UTC

Return-Path: <steffen.fries@siemens.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED924C14F5F3 for <anima@ietfa.amsl.com>; Fri, 8 Mar 2024 05:47:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id udPq1SRf-h9I for <anima@ietfa.amsl.com>; Fri, 8 Mar 2024 05:47:15 -0800 (PST)
Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2069.outbound.protection.outlook.com [40.107.241.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A617DC14F5F2 for <anima@ietf.org>; Fri, 8 Mar 2024 05:47:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jDrqcHkBmVBen92ykrUv3601D3M9hWclOiaXkj4PObSqcfsLcriR+0/9LVoTiyexo+A7Y3puWPDKD5sfYXgE9i840h6roEguejLkjfI6sp0Rw4KlsIL+PsY2X7HLFVNO1/ISccQVH18YYfOzDzBJI0qY08JmldaV7z5Dnxwib+zNqe/HQ9mYjhPsU8I/gqLE00xyHKCJT59KXUU0P0XRAeLd3rjS7t+MvJbLd7Z6Ab4LSIqc2ps80V2tpDMFYIrGnIYD5j+V5rNH101bweiFnw3prp9g5EKl8muM8YyBQWXQLgj5Cs1/lCo9Ydqcojg5QtXw6N3oEnWOdEr6VhL/7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=leurpUJNwf41iTknj0izSiY6VVNS+Df0xGmRfZ3VQHw=; b=bYKUhtdo+s0EfRD9lXVioU3VQ9VUGfuukdWmuTSfVk1uYQ2jwZQ4tdA/I/jo1GjrBf88X1Gx625foefU7oo03nJjOLRxNbRcEs9nhhEkKQ5AiF+R/SejTwQ6aeyDsW9Oh5ExmVFEBh3QtpYgTt1GucD+1TLq516mGLD+gisdQwVP+4+ARuh5BPA/sX86/64YicO1DGgVAZoL4mbOOyGAVfULts+Zh7yd5m7c4pfnEIiNXywZgbDHCxUdEFBI+5L3vhHOvoHdyGHUjypVf6ha/5ipMbbGoQV1lfYLCRPQTS2jRZz+KeGf8M1Ek+IKlA5gb8BQSX5x6xF5jQOo9JHMUA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=leurpUJNwf41iTknj0izSiY6VVNS+Df0xGmRfZ3VQHw=; b=MGbu6i88tA5+v8JUUteDC92hRkJefJfwyop62xvPlMDkXMkrn/lSC1M1/ui4qHsC/L32iczPR2AJ9Eos5lKDT+9D99SPfw0EkkVTOKNxZ9DKjq6O8pu56CW14UENyGYu8mZSsUjmlSj4KHLODe5DgC8wi0EFnTb2FkLO32pLACP9KwPCQdokZemBq25U8h8TDZwiPTb6ULnmDZV6//5qCakV2v2gS90WvDBB588D2JRnC+y5zd5ILws0FxZrxZp9oAlOuSDo+2XgqfJ5+CL1W0so3Gqkay6jOMDaqPGJchUUyH4jtkU7humeY/iRlbYlNeFLivzdFgLtpdhWnPkERg==
Received: from DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:3c6::22) by DB4PR10MB7445.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:10:3f7::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.28; Fri, 8 Mar 2024 13:47:11 +0000
Received: from DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM ([fe80::57b2:15e6:d4b7:db1c]) by DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM ([fe80::57b2:15e6:d4b7:db1c%4]) with mapi id 15.20.7362.019; Fri, 8 Mar 2024 13:47:10 +0000
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>, "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [Anima] RFC 8995, Voucher Signing, MASA Certificate Chain provisioning
Thread-Index: Adpv3K+TPoDqaeexTk+xGPLlI930RgBbsp/gAAR0A7A=
Date: Fri, 08 Mar 2024 13:47:10 +0000
Message-ID: <DB9PR10MB63548C6EBD9BB6143E5154F0F3272@DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM>
References: <DB9PR10MB6354C2A6F6C4D5B3E0CA5C8CF3212@DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM> <DU0P190MB197821318310FEF4AAEA6633FD272@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
In-Reply-To: <DU0P190MB197821318310FEF4AAEA6633FD272@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=a555394d-cc01-4a75-ade6-a0bd9b848907; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2024-03-06T15:14:11Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR10MB6354:EE_|DB4PR10MB7445:EE_
x-ms-office365-filtering-correlation-id: 81726663-e258-41bd-59c0-08dc3f7640e1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XNuuSDktUhnApOUEd/IhalJKxBfW+80M9+RDUKgOpqPXEI/e6qN2kfA7XGv+otMd/BMCS0cRLVHPCBMSDtcku/kU+8OW3+CF22lWL6wtr9QDH4na/InQ/ccVyU+V/ZXRe7RGQ7fOpud5WwWylZYB188TEynbSNyTedQzPyAQ1z73NgSxNA3Ci9tlcjpzEViDvZoZ/LjRuvZxGJYLr41tecyFiJPBn2xcuTAiavTK3fTJ/jAHj7tWDgtgpB1MKe9em5pPWkNpo/6hAfIENNmp6QIdIuWYbgKO0cWxW7exifgDIm0JLQm7KvOEq+FtoBJsqzSPIF+123ZoWwh1nXrzWrMiM7EhpKLksBiWCvv+xqcCXfRwgUSeKTDMPNZe8xDxU1LyHZZRicUYkgSUGcAeT3iYc9m76jBezZtJGyl26J2+ZZlcORpfQukLZ+Sw3zU3F6+kBPfU56txXVDwx1MIaz5W29+mmz4zq0sZ8B7QY4jmecjNUJlNwqErKlnuYJvcxluAiIWgpNuZt9n77HZOij1SkmGxOc+UFnu+4YbnfMRKzanZD1RpSDX/qnC1pCFrWsfbqrsnoL3or90fCsq6TyQOZ+kpjHoGaMLdMJSjhH1O0pshBe4mUBVmcxnwHPv2rZR667q1YxW8reOInU4KN/qFvjz31yM+JeaJ3ErbrIc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(376005)(1800799015)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nUH9C2XV5V4jmDxkMxrcnyjU3izJuiW1Ilj1/tBBZseMHXiYJfLaAvjuUm8nOCg11XmnFW4xXioDyy9NyrA5l5A/coapGwdj6fLdVuwa5w4Wxd898ut4OhHTTfcATmuL29dXIgapLuTzd6IDAoinq9I56ITjVOnvb8sCNS6crYNMMfX4RJwjWXWjHwtoyaxFthO7VRKBAtx/CTwYkbUx1JE7CSX8AQTlw8BNAtfeEyfA5mD1yK2g1Th7XZeF3l8fsggayaYIAMKS68NmsB2tJQpdhD3u7N2WxiRdaBoIKJVhWp+76mmvYSbX11Vi5XrzD5Rtx3LIPKcPEv6JLk7oaPFp7VwBwnvKHVwZVC7P3E83WWG1jWbCsRN310ampjlq/lDhplHkno+bRo0V8jg6EyrkSbTwEgv/UMBGKDRxHq4Vi9mbPWGyajvOHG/mvcPbcpJ3kPk+BYkDahkKQC10cTeKj6f2iS4UMjQjSDvbgK6unjvr5ZaAmq2q6vCR5QEOgx0jar18u0KJR5cg3OADMS9jlPpckmx/C3ru5GotAkNRV4yQNRBYZokP4S5p0+BTwnxpZrr7gTYweqv7yGci5KtdcFhBEgNUq+XLm+xwbklKJiC6731MTY4enPS4JhFB1pMCfgNW1OUXr6LkD2Fr3kgmjiyO7wrQlNG9BakyHujQXXvBJbyEJge5P1ADQCRgZVcOZMGg4nuJI31692aS1PVUvNok2oSGBBEk7AhhScpB2GSBaxzASkR3MNVsj4eYovyiDAn5i8dhzZULlSGcyVUKx+o9AyLNm6/Ud/XFI+pQqsHoIWtdj/t54FhfVJ3+NKJ5CqpfvlWiaZVqKzULU2J2OI4UnQ5bulCwxBrvIjipI24tisbQ4Bf47eGMlXiP6nYQNiwc0Axj73YvyktWNw/c1ybIyIVWbKdNhsTCBWkA9xRIiOSS1Z2zaRtUv/kKBIoGOF77v8ceeBqUEbsH7lVdkio2rITyYmrIHe4pbSPCxLQ4Si/BYCYGD+h8IUjLXMnda52UT8GkIOA0ho2n8CZUdEQryBH19HK/lrNPNBXsxtCYw4Zzpoja2mpX0N3ubqlaRAY2MBVWfD/vlZ8y228GXoA4D6UUMi1bZZNYl+J8kuYFxuqLvgTc7M56T1TJiVk09uL08VQyfK8BsOYO+LEYcKiVM21ZvRb0Aa+16GkOSmodfUF5OLYcagv0mdQkQ11K4xbOTn3+i7NsG5a8OoqutiZKNdqtmA9t4Hqq6i0zXrmiL2ALOia0fKknxwS6t+msIEOiJOR+lD4rJMHzKoQI/nzwjG0t72YdO5REq0xdxEFCgtGQLXCAjetCOAyzk9cB0xe3E2K07VSFbig8NhmdCV/mV0g06QLBThd+fnavaTzEHnemHQQzSdDUsww+FRJofJBKVZSpbswyCrpyVX99u3Cp1ukgMTcvkgAi6Otd8RwK3h6VxfYewmzv7TFviF2zYt3rKQaCdzRmjVNChLZKF/ooJazFk82Vq+FqHe8yMu8YOEfEL4Kr2QicmoIHcLJEIU+lEhN4VQYWc7QtTdrOsvTyntul2cAUdVzZVQ5ehKNMc1lsuK73DSi9EgBSjpNTaNYl85O1wEhzWqZ4xw==
Content-Type: multipart/alternative; boundary="_000_DB9PR10MB63548C6EBD9BB6143E5154F0F3272DB9PR10MB6354EURP_"
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR10MB6354.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 81726663-e258-41bd-59c0-08dc3f7640e1
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2024 13:47:10.6730 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tMja5ku4l4caPbJZ/Xhjo7u5BHU4E6jXhCEIsPSvIzq2yGG2jhfuHouucqp5iXKlkgNfYwUdPQ6CFLryMbZA1LXUqjAs3FuCqGSXQh3vJqc=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR10MB7445
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/MEz26NXfpO5sQvtbKN7EdN5P63A>
Subject: Re: [Anima] RFC 8995, Voucher Signing, MASA Certificate Chain provisioning
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2024 13:47:19 -0000

Hi Esko,

Thank you for your thoughts. I agree to your statements. I was merely thinking about the flexibility that is provided by BRSKI for the pledge/MASA interface.
After rethinking my comments based on your answer, this flexibility is something which relates only to the relation between the pledge and the MASA. With that the potential interoperability question can directly be addressed by the manufacturer to ensure interworking between his MASA and his produced pledges.

Thanks also for the pointer to section 11.6. The paragraph you cited is exactly the one I was looking for. The inclusion of the certificate chain in the CMS container is mentioned there. I was looking in 9.1.1 for this statement, but missed to check the security considerations.

Regards
Steffen


From: Anima <anima-bounces@ietf.org> On Behalf Of Esko Dijk
Sent: Friday, March 8, 2024 12:41 PM

> it would mean to provide the MASA certificate chain also in the pledge firmware

This is one way to do it. The simplest solution is only include the public key of the signer (MASA), also allowed by the 9.1.1 text. In this case, it's less flexible: the MASA service can't go sign with another identity/private-key: it MUST sign with the private key associated with the public key that's already baked into the Pledge.
In case a whole chain is included in the Pledge firmware as you propose, the validation can be a bit more flexible I think.

The requirement for the Pledge in RFC 8995 is (5.6.1):
The pledge MUST verify the voucher signature using the manufacturer-installed trust anchor(s) associated with the manufacturer's MASA

This leaves quite some vendor flexibility I think on how exactly to verify: against 1 public key, against multiple public keys, against a chain baked into the device, against a single root CA cert, against a single root CA cert taken from the chain baked into the device, etc etc.

> I would propose to also allow the submission of the certificate chain of the MASA signing certificate in the SignedData part of the CMS container of the voucher.

I expect this is already allowed by RFC 8995, given the text in 11.6:

There are good cryptographic hygiene reasons why a manufacturer would not want to maintain access to a private key for many decades. A manufacturer in that situation can leverage a long-term CA anchor, built-in to the pledge, and then a certificate chain may be incorporated using the normal CMS certificate set. This may increase the size of the voucher artifacts, but that is not a significant issue in non-constrained environments.¶<https://datatracker.ietf.org/doc/html/rfc8995#section-11.6-3>
So this effectively says a vendor may want to not use the "simplest solution" for security reasons, and include a cert chain of the signer.

Regards
Esko


From: Anima <anima-bounces@ietf.org<mailto:anima-bounces@ietf.org>> On Behalf Of Fries, Steffen
Sent: Wednesday, March 6, 2024 16:41
To: anima@ietf.org<mailto:anima@ietf.org>
Subject: [Anima] RFC 8995, Voucher Signing, MASA Certificate Chain provisioning

Hi Michael,

I've got a question regarding the MASA voucher signing or better the certificate chain provisioning for the MASA certificate to the pledge.

RFC 8995 states in section 91.1. (https://www.rfc-editor.org/rfc/rfc8995.html#section-9.1.1)
"The online service MUST have access to a private key with which to sign voucher artifacts [RFC8366<https://www.rfc-editor.org/rfc/rfc8995.html#RFC8366>]. The public key, certificate, or certificate chain MUST be built into the device as part of the firmware."

I had the assumption that the pledge only knows its IDevID and with that his own certificate, public/private key pair and the certificate chain from the issuing CA to the trust anchor.
In operational environments the issuing CA for the IDevID may not be the same as the issuing CA for the MASA signing certificate. From the requirement above, it would mean to provide the MASA certificate chain also in the pledge firmware, if it is different than the IDevID issuing CA. As the voucher is a CMS container that allows to convey the certificate chain of the signer in the SignedData, I would have expected it is contained there. This would be similar to the voucher request, in which the registrar-voucher-request also contains the certificate chain according to section 5.5.2 (https://www.rfc-editor.org/rfc/rfc8995.html#section-5.5.2), which states:
"A certificate chain is extracted from the registrar's signed CMS container. "

I would propose to also allow the submission of the certificate chain of the MASA signing certificate in the SignedData part of the CMS container of the voucher.
Any thoughts?

Best regards
Steffen
--
Steffen Fries

v2.23.0 | Report a Bug | By Email