Re: [Anima] Clarification reg old reference in the BRSKI draft to IEEE 802_1AR-2009
"Mendelson, Tsippy" <tsippy.mendelson@intel.com> Tue, 23 July 2019 09:27 UTC
Return-Path: <tsippy.mendelson@intel.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDA5F120182 for <anima@ietfa.amsl.com>; Tue, 23 Jul 2019 02:27:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Skk5Xfrf5Yzw for <anima@ietfa.amsl.com>; Tue, 23 Jul 2019 02:27:00 -0700 (PDT)
Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8CC0120177 for <anima@ietf.org>; Tue, 23 Jul 2019 02:27:00 -0700 (PDT)
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Jul 2019 02:26:59 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.64,298,1559545200"; d="jpg'145?scan'145,208,217,145";a="180682104"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga002.jf.intel.com with ESMTP; 23 Jul 2019 02:26:59 -0700
Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 23 Jul 2019 02:26:58 -0700
Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 23 Jul 2019 02:26:57 -0700
Received: from hasmsx107.ger.corp.intel.com (10.184.198.27) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 23 Jul 2019 02:26:57 -0700
Received: from HASMSX109.ger.corp.intel.com ([169.254.3.134]) by hasmsx107.ger.corp.intel.com ([169.254.2.129]) with mapi id 14.03.0439.000; Tue, 23 Jul 2019 12:26:54 +0300
From: "Mendelson, Tsippy" <tsippy.mendelson@intel.com>
To: "tte+ietf@cs.fau.de" <tte+ietf@cs.fau.de>, "anima@ietf.org" <anima@ietf.org>
CC: "Ruan, Xiaoyu" <xiaoyu.ruan@intel.com>, "Jayanna, Prabhu" <prabhu.jayanna@intel.com>, "kwatsen@juniper.net" <kwatsen@juniper.net>, "Michael.H.Behringer@gmail.com" <Michael.H.Behringer@gmail.com>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>
Thread-Topic: Clarification reg old reference in the BRSKI draft to IEEE 802_1AR-2009
Thread-Index: AdUvGpUo2g/H2b+cQWiZ9uaJTHYs9ASHR2sA
Date: Tue, 23 Jul 2019 09:26:54 +0000
Message-ID: <27D27ED4408AA64998F40FB212076767DC282548@hasmsx109.ger.corp.intel.com>
References: <27D27ED4408AA64998F40FB212076767DC26B25F@hasmsx109.ger.corp.intel.com>
In-Reply-To: <27D27ED4408AA64998F40FB212076767DC26B25F@hasmsx109.ger.corp.intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOTVmYzE2MzktM2U1Yy00ZjJhLWJiZGYtZmQ1OTBlNzVhZWNlIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiSUZ1WmV2QlI1S1UxemZ2T01ybTB1aFJHMmhHUVpzc1BHV04wK0lzQkl0NE5pbDRiSWRJR1FPam9MK05rb0czbiJ9
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.600.7
dlp-reaction: no-action
x-originating-ip: [10.184.70.10]
Content-Type: multipart/related; boundary="_004_27D27ED4408AA64998F40FB212076767DC282548hasmsx109gercor_"; type="multipart/alternative"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/cdp0uN5nY1FJSZASAl2KpE5Rjas>
X-Mailman-Approved-At: Tue, 30 Jul 2019 00:51:07 -0700
Subject: Re: [Anima] Clarification reg old reference in the BRSKI draft to IEEE 802_1AR-2009
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 09:27:03 -0000
Hi, Sending again to wider ANIMA audience - as I received no response. Thanks, Tsippy From: Mendelson, Tsippy Sent: Sunday, June 30, 2019 11:18 To: tte+ietf@cs.fau.de Cc: Ruan, Xiaoyu <xiaoyu.ruan@intel.com>; Jayanna, Prabhu <prabhu.jayanna@intel.com>; Mendelson, Tsippy <tsippy.mendelson@intel.com> Subject: Clarification reg old reference in the BRSKI draft to IEEE 802_1AR-2009 Hello, We have identified a reference to an old spec in BRSKI draft draft-ietf-anima-bootstrapping-keyinfra-22. The draft refers to: [IDevID] "IEEE 802.1AR Secure Device Identifier", December 2009, <http://standards.ieee.org/findstds/ standard/802.1AR-2009.html>. However there is a later spec: https://standards.ieee.org/standard/802_1AR-2018.html The specific quote from 802.1AR-2009 that we would like to ask about is in section 2.3.1 "Identification of the Pledge": The following fields are defined in [IDevID] and [RFC5280]: o The subject field's DN encoding MUST include the "serialNumber" attribute with the device's unique serial number. (from [IDevID] section 7.2.8, and [RFC5280] section 4.1.2.4's list of standard attributes) In 802_1AR-2018 we could not find that the "serialNumber" attribute MUST be included rather we found SHOULD: [cid:image002.jpg@01D54150.D86DC7C0] Here it says: An IDevID certificate subject field shall be non-null and should include a unique device serial number. We would be happy for a clarification. Thanks, Tsippy Tsippy Mendelson, Manageability Chief Architect, IP Technologies Group, SecIP - CSE FW Architect Intel Israel Design Center Phone: +972-2-589-2468 Cellular: +972-54-7885061 --------------------------------------------------------------------- Intel Israel (74) Limited This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
- Re: [Anima] Clarification reg old reference in th… Mendelson, Tsippy
- Re: [Anima] Clarification reg old reference in th… Toerless Eckert
- Re: [Anima] Clarification reg old reference in th… Michael Richardson
- Re: [Anima] Clarification reg old reference in th… Toerless Eckert
- Re: [Anima] Clarification reg old reference in th… Brian E Carpenter
- Re: [Anima] Clarification reg old reference in th… Mendelson, Tsippy
- Re: [Anima] Clarification reg old reference in th… Toerless Eckert
- Re: [Anima] Clarification reg old reference in th… Toerless Eckert