Re: [Anima] sending raw public key over the wire
Jim Schaad <ietf@augustcellars.com> Fri, 15 June 2018 18:21 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFEF8130E37 for <anima@ietfa.amsl.com>; Fri, 15 Jun 2018 11:21:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-NBmjN5KFNz for <anima@ietfa.amsl.com>; Fri, 15 Jun 2018 11:21:08 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9031130E4A for <anima@ietf.org>; Fri, 15 Jun 2018 11:21:07 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Fri, 15 Jun 2018 11:18:05 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: 'Michael Richardson' <mcr+ietf@sandelman.ca>
CC: anima@ietf.org
References: <030601d3de6e$2760f1f0$7622d5d0$@augustcellars.com> <24823.1525115896@obiwan.sandelman.ca> <042801d3e0c2$8ba4d8b0$a2ee8a10$@augustcellars.com> <25514.1529085385@localhost>
In-Reply-To: <25514.1529085385@localhost>
Date: Fri, 15 Jun 2018 11:21:00 -0700
Message-ID: <001901d404d5$9e7c2bf0$db7483d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQLCkQGC20XMmbNAiHDKQUp73z+Q4wKjAcVIAh09EIYBmem3CKJRtrXw
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/QpsUeSZeoJFwIkqEaUcIi7xPy48>
Subject: Re: [Anima] sending raw public key over the wire
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2018 18:21:10 -0000
> -----Original Message----- > From: Michael Richardson <mcr+ietf@sandelman.ca> > Sent: Friday, June 15, 2018 10:56 AM > To: Jim Schaad <ietf@augustcellars.com> > Cc: anima@ietf.org > Subject: sending raw public key over the wire > > > Jim, in the situation where a COSE/CBOR voucher has been signed by a Raw > Public Key (whether ECDSA or EdDSA), and the signing (public) key needs to > be transfered, would you recommend: > > 1) use RFC8152, section 7.1 to describe the key. > Same as you use in your Examples git tree. > What MIME-TYPE would you use to transfer such a thing? Per RFC8152 section 16.9.2 - application/cose-key or application/cose-key-set depending on which of the COSE key structure that are to be used. > > 2) use (Subject-)Public-Key-Info encoded > as specified in RFC7250, section 3. > What MIME-TYPE would you use to transfer such a thing? The RPK is transferred as part of the DTLS negotiation. As such it is transferred, but not trusted in DTLS. If you do FUD then that is sufficient. If it is not sufficient then you could use the answer to 1 as one of many different ways to transfer keys. Keys can be transferred as COSE_Keys, JOSE_keys, PEMs or Certificates each of which defines a Media-Type. Of course the PRK could also be baked into the device as well. Jim > > > -- > Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > >
- Re: [Anima] sending raw public key over the wire Jim Schaad
- [Anima] sending raw public key over the wire Michael Richardson
- Re: [Anima] draft-richardson-anima-ace-constraine… Michael Richardson
- [Anima] draft-richardson-anima-ace-constrained-vo… Jim Schaad
- Re: [Anima] draft-richardson-anima-ace-constraine… peter van der Stok
- Re: [Anima] draft-richardson-anima-ace-constraine… Michael Richardson
- Re: [Anima] draft-richardson-anima-ace-constraine… Jim Schaad
- Re: [Anima] draft-richardson-anima-ace-constraine… Jim Schaad
- Re: [Anima] draft-richardson-anima-ace-constraine… peter van der Stok
- Re: [Anima] draft-richardson-anima-ace-constraine… peter van der Stok